tipsmoney.top Open in urlscan Pro
104.21.70.171 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.tipsmoney.top/
Effective URL:
https://tipsmoney.top/
Submission: On September 17 via automatic, source certstream-suspicious (September 17th 2021, 9:21:27 pm UTC) — Scanned from DE

Summary HTTP 83 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 13 domains to perform 83 HTTP transactions. The main IP is 104.21.70.171, located in and belongs to CLOUDFLARENET, US. The main domain is tipsmoney.top.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 13th 2021. Valid for: a year.

This is the only time tipsmoney.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.138.6 172.67.138.6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	104.21.70.171 104.21.70.171	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.250.186.170 142.250.186.170	15169 (GOOGLE) (GOOGLE)
15	172.67.217.173 172.67.217.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	142.250.74.195 142.250.74.195	15169 (GOOGLE) (GOOGLE)
2	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	172.217.16.136 172.217.16.136	15169 (GOOGLE) (GOOGLE)
11	104.236.228.144 104.236.228.144	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	142.250.185.110 142.250.185.110	15169 (GOOGLE) (GOOGLE)
4	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
2	104.21.83.66 104.21.83.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.176.43 172.67.176.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.63.194 104.21.63.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.4.73 104.21.4.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.144.209 172.67.144.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.26.3 104.21.26.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
83	16

1 172.67.138.6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.tipsmoney.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 104.21.70.171 (None, )

ASN13335 (CLOUDFLARENET, US)

tipsmoney.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.67.217.173 (United States)

ASN13335 (CLOUDFLARENET, US)

platform.foremedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.74.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

static.foremedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.236.228.144 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

content.foreshop.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

cpm.foremedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.83.66 (None, )

ASN13335 (CLOUDFLARENET, US)

nlpland.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.176.43 (United States)

ASN13335 (CLOUDFLARENET, US)

mrktngacademy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.63.194 (None, )

ASN13335 (CLOUDFLARENET, US)

be4greatness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.4.73 (None, )

ASN13335 (CLOUDFLARENET, US)

procomposting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.144.209 (United States)

ASN13335 (CLOUDFLARENET, US)

digigotech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.26.3 (None, )

ASN13335 (CLOUDFLARENET, US)

memarketeer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	tipsmoney.top 1 redirects www.tipsmoney.top tipsmoney.top	559 KB
21	foremedia.net platform.foremedia.net static.foremedia.net cpm.foremedia.net	28 KB
11	foreshop.net content.foreshop.net	115 KB
10	gstatic.com fonts.gstatic.com	171 KB
6	googleapis.com fonts.googleapis.com	7 KB
2	nlpland.net nlpland.net	119 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	memarketeer.com memarketeer.com	69 KB
1	digigotech.com digigotech.com	45 KB
1	procomposting.com procomposting.com	119 KB
1	be4greatness.com be4greatness.com	20 KB
1	mrktngacademy.com mrktngacademy.com	47 KB
1	googletagmanager.com www.googletagmanager.com	40 KB
83	13

	Domain	Requested by
25	tipsmoney.top	tipsmoney.top
15	platform.foremedia.net	tipsmoney.top platform.foremedia.net
11	content.foreshop.net	platform.foremedia.net static.foremedia.net content.foreshop.net
10	fonts.gstatic.com	fonts.googleapis.com
6	fonts.googleapis.com	tipsmoney.top content.foreshop.net
4	cpm.foremedia.net	static.foremedia.net
2	nlpland.net	content.foreshop.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	static.foremedia.net	platform.foremedia.net
1	memarketeer.com	content.foreshop.net
1	digigotech.com	content.foreshop.net
1	procomposting.com	content.foreshop.net
1	be4greatness.com	content.foreshop.net
1	mrktngacademy.com	content.foreshop.net
1	www.googletagmanager.com	platform.foremedia.net
1	www.tipsmoney.top	1 redirects
83	16

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
instagram.com
vk.com
www.flickr.com
www.tumblr.com
ok.ru
vkontakte.ru
connect.ok.ru
pinterest.com
reddit.com
telegram.me
www.linkedin.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-13` - `2022-03-12`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.foremedia.net AlphaSSL CA - SHA256 - G2	`2021-04-06` - `2022-05-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
content.foreshop.net R3	`2021-08-17` - `2021-11-15`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://tipsmoney.top/
Frame ID: 305E1B5B5C8D3148C9361B35A582DE5C
Requests: 59 HTTP requests in this frame

Frame: https://content.foreshop.net/js/native/native.js
Frame ID: 714D021B48F98C7BDF8CED1A48695D91
Requests: 1 HTTP requests in this frame

Frame: https://content.foreshop.net/js/native/native.js
Frame ID: 8345A2D7760F3DF272BB57B9AB1C5441
Requests: 1 HTTP requests in this frame

Frame: https://content.foreshop.net/js/native/native.js
Frame ID: 9587B6B08C6229B8CDE4CB15A8561FE6
Requests: 1 HTTP requests in this frame

Frame: https://content.foreshop.net/js/native/native.js
Frame ID: 11CF3BF9346DD9A91F9D5003F8FBE233
Requests: 1 HTTP requests in this frame

Frame: https://content.foreshop.net/native/nativead/8/55c2359666c16cf719e9b22e1d73ac51?u=1631913682469
Frame ID: 0998E72085955C86F4966433B280F1D1
Requests: 5 HTTP requests in this frame

Frame: https://content.foreshop.net/native/nativead/7/55c2359666c16cf719e9b22e1d73ac51
Frame ID: 2517BCAA8B4B065E2E216E97CAEA4D38
Requests: 4 HTTP requests in this frame

Frame: https://content.foreshop.net/native/nativead/7/55c2359666c16cf719e9b22e1d73ac51
Frame ID: C9ED151CF48703DCBA2F3E3A058C9B6E
Requests: 4 HTTP requests in this frame

Frame: https://content.foreshop.net/native/nativead/8/55c2359666c16cf719e9b22e1d73ac51
Frame ID: 31FF91FEB238D04E12C97A27538471A1
Requests: 5 HTTP requests in this frame

Frame: https://content.foreshop.net/native/nativeadpush/55c2359666c16cf719e9b22e1d73ac51
Frame ID: 9550188E2578AE95DEF69858B2A17EFD
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Speaking of Money - We will have several tips on money!

Page URL History Show full URLs

https://www.tipsmoney.top/ HTTP 301
https://tipsmoney.top/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

83
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

16
Subdomains

16
IPs

2
Countries

1356 kB
Transfer

3057 kB
Size

6
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/redenasocial
Title: Likes

Search URL Search Domain Scan URL

URL: https://twitter.com/sitepaginas
Title: Followers

Search URL Search Domain Scan URL

URL: https://instagram.com/dariolsjunior
Title: Followers

Search URL Search Domain Scan URL

URL: https://vk.com/72867608
Title: Members

Search URL Search Domain Scan URL

URL: https://www.flickr.com/groups/192678297@N07
Title: Followers

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/blog/sitepaginas

Search URL Search Domain Scan URL

URL: https://ok.ru/blogs.sitepaginas

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Ftipsmoney.top%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Speaking%20of%20Money%20@sitepaginas&url=https%3A%2F%2Ftipsmoney.top%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/send?link=https%3A%2F%2Ftipsmoney.top%2F&app_id=521270401588372&redirect_uri=https%3A%2F%2Ftipsmoney.top%2F

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/share/link?url=https%3A%2F%2Ftipsmoney.top%2F&name=Speaking%20of%20Money

Search URL Search Domain Scan URL

URL: https://vkontakte.ru/share.php?url=https%3A%2F%2Ftipsmoney.top%2F

Search URL Search Domain Scan URL

URL: https://connect.ok.ru/offer?url=https%3A%2F%2Ftipsmoney.top%2F&title=Speaking%20of%20Money&imageUrl=https://tipsmoney.top/wp-content/uploads/2021/05/MS-Shopping-Plus-credit-card.png

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Ftipsmoney.top%2F&media=https://tipsmoney.top/wp-content/uploads/2021/05/MS-Shopping-Plus-credit-card.png&description=Speaking%20of%20Money

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https%3A%2F%2Ftipsmoney.top%2F&title=Speaking%20of%20Money

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https%3A%2F%2Ftipsmoney.top%2F&text=Speaking%20of%20Money

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Ftipsmoney.top%2F&title=Speaking%20of%20Money

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.tipsmoney.top/ HTTP 301
https://tipsmoney.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

83 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
tipsmoney.top/
Redirect Chain

https://www.tipsmoney.top/
https://tipsmoney.top/

67 KB
15 KB

1050ms
997ms

Document
text/html

104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tipsmoney.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2266241ee24e3e2310f0b647cd893b5a75cab7878524c4a20d4cf3eed874dcbd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tipsmoney.top
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 17 Sep 2021 21:21:20 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=0
expires: Fri, 17 Sep 2021 21:21:20 GMT
last-modified: Fri, 17 Sep 2021 13:22:13 GMT
vary: Accept-Encoding,Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
expect-ct: max-age=7776000, enforce
x-frame-options: sameorigin,SAMEORIGIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwpJlKa5o%2FVDdVHW6eT3O2MwyZ7FZhElQH3w6tRRimPZhODWUZhbcIv3ScQX0DXYp2NggBTXNfJvf4ReS7iWKuieCJ9Z6IfxbSQUfI9u29ABdJR22Y4WmbRFiPanm4t8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 690562346a0d4138-PRG
content-encoding: br

Redirect headers

date: Fri, 17 Sep 2021 21:21:20 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.11
x-redirect-by: WordPress
location: https://tipsmoney.top/
cache-control: public, max-age=0
expires: Fri, 17 Sep 2021 21:21:19 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
expect-ct: max-age=7776000, enforce
x-frame-options: sameorigin,SAMEORIGIN
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1NePLcqASGRE%2FUfMF%2FzomJVGxdHdqo022SNF7trsbAgqvYZG7K5NGCdzWSOVPalbek8RRv967%2B5wEEgXlGKaNMQpTBJlDvOFLs7QpwuuQn8dB8aoz%2FxMFvCmxjmSogD9PGDfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 690562326baa42e7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.min.css
tipsmoney.top/wp-includes/css/dist/block-library/ 79 KB
11 KB 408ms
405ms Stylesheet
text/css 104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tipsmoney.top/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tipsmoney.top
referer: https://tipsmoney.top/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 25 Aug 2021 14:39:22 GMT
server: cloudflare
x-frame-options: sameorigin,SAMEORIGIN
expect-ct: max-age=7776000, enforce
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oi%2FqxUQZQgYHliEomojJibinTCWgBmXyyrb%2Ft8zMUpLIRUHnq6tZnvd5lvYlge2qSUDstubn1cit9HqngGT76H2WQivbDi2ZQYOsxybkYuaNs32ya%2F18gn089g5Q8uFB"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
vary: Accept-Encoding,Accept-Encoding
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 6905623aca084138-PRG
expires: Sat, 17 Sep 2022 21:21:21 GMT

GET
H2 200 styles.css
tipsmoney.top/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 398ms
395ms Stylesheet
text/css 104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tipsmoney.top/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tipsmoney.top
referer: https://tipsmoney.top/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 14 Jul 2021 12:29:00 GMT
server: cloudflare
x-frame-options: sameorigin,SAMEORIGIN
expect-ct: max-age=7776000, enforce
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKCqOLj%2FfE9E%2F1d2gzSQZMnTotzeNhUlLQO4z%2BSs2HuBXf%2FwfoUhzq%2FZZ2u0yVgAvg9OfAUN9sUnwxJOeF8MnkxbDky3Ic9h%2FWBqIbd7vuVSQTVdOuXnGE964Vpg5rBS"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
vary: Accept-Encoding,Accept-Encoding
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 6905623ada0b4138-PRG
expires: Sat, 17 Sep 2022 21:21:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 39ms
16ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic%7CNoto+Sans:400,700,400italic%7CRoboto:500&display=swap

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

10382c483339da5f477f54e1767b96e805067b393277d9bff545e5f3674d26f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 17 Sep 2021 21:21:21 GMT
server: ESF
date: Fri, 17 Sep 2021 21:21:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Sep 2021 21:21:21 GMT

GET
H2 200 jquery.min.js Show response
tipsmoney.top/wp-includes/js/jquery/ 87 KB
32 KB 511ms
508ms Script
application/x-javascript 104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tipsmoney.top/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tipsmoney.top
referer: https://tipsmoney.top/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 25 Aug 2021 14:39:24 GMT
server: cloudflare
x-frame-options: sameorigin,SAMEORIGIN
expect-ct: max-age=7776000, enforce
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z16kSYHGCtgowYmQ%2F32p9oykKM73wgeu5aHKUzEe6OknAEKU2BA8vmze9%2BAef%2BHdGL6uwcTJHemG%2BtGbHAVzLjcthCGKhWcIx%2BsOty%2BsALFwXi%2FF6Qg5zvULXVvtY0%2Ff"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=UTF-8
vary: Accept-Encoding,Accept-Encoding
cache-control: public, max-age=604800
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 6905623ada0e4138-PRG
expires: Fri, 24 Sep 2021 21:21:21 GMT

GET
H2 200 jquery-migrate.min.js Show response
tipsmoney.top/wp-includes/js/jquery/ 11 KB
5 KB 397ms
394ms Script
application/x-javascript 104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tipsmoney.top/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tipsmoney.top
referer: https://tipsmoney.top/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 20 Jan 2021 12:26:29 GMT
server: cloudflare
x-frame-options: sameorigin,SAMEORIGIN
expect-ct: max-age=7776000, enforce
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMg24aPAZI9N5LR2WjBnc%2FWfSxCaZpxFg2W92Z3yqbKV5Iori9CjE6A0B%2BtCEjvr%2F6JCv5yV1sZqd9jScVqz51jcPzbwp44EsMJbA0VHRMOSyetJ4qxLAMnl07jE3UMd"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=UTF-8
vary: Accept-Encoding,Accept-Encoding
cache-control: public, max-age=604800
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 6905623ada104138-PRG
expires: Fri, 24 Sep 2021 21:21:21 GMT

GET
H2 200 c1 Show response
platform.foremedia.net/code/5684/ 1 KB
1 KB 359ms
310ms Script
text/javascript 172.67.217.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/code/5684/c1

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.217.173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

713c7b733f11f96b2fc263d4a214b8ac8461a7d32606816fca11b9e60f06907e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:21 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24248
x-cache: cached
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 879150925 876622123
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNQFDIUKLff0L%2BLJ0iGOuqR0FagRbL%2FUmzhBAJhLL9cGwNFWx%2BQIJfdW5KohkuKQGFlICcRhbIAMt07GmLnhlw0O%2FU3V6oaxRCIceRlKCmi0o%2FMMVtPzPjtbuaqKrWpYp%2FaJG7PgPOqZ"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, private
cf-ray: 6905623b1cd1f9da-PRG

GET
H2 200 analytics Show response
platform.foremedia.net/code/5684/ 1012 B
705 B 368ms
319ms Script
text/javascript 172.67.217.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/code/5684/analytics

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.217.173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfc8ab26c1180ac157293818f98e9d09a19e29ee957f84efe586084dde2d71da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:21 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18545
x-cache: cached
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 879150927 877247829
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZuHkco6Jdu1eWJ629s8xTvyaVJZjZ2KxnQhfCL6L%2BlJsXBYh26lFcxYH9e6QDuA6tj1GeTVszRaGCuqY%2BP4MzlWwKTUbJYN9nbsVIFfiO6nx%2FHe6I6WEhfT21pn28I16wbmchwsPOkX"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, private
cf-ray: 6905623b1cd3f9da-PRG

GET
H2 200 ffa3a7a61d8b69f2ffe1e81bec8f2351.css
tipsmoney.top/wp-content/bs-booster-cache/ 952 KB
122 KB 758ms
755ms Stylesheet
text/css 104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tipsmoney.top/wp-content/bs-booster-cache/ffa3a7a61d8b69f2ffe1e81bec8f2351.css

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

601ed42838b01e950fe18f963d47426347d7b6f7ac89b3d840a9f4c61795ab96

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/bs-booster-cache/ffa3a7a61d8b69f2ffe1e81bec8f2351.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tipsmoney.top
referer: https://tipsmoney.top/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 16 Sep 2021 21:09:18 GMT
server: cloudflare
x-frame-options: sameorigin,SAMEORIGIN
expect-ct: max-age=7776000, enforce
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5QnHDwE5%2FF9dbfX47UKiLfZsPhwjHrZkCZc7o8HK%2FN4koivj7M4NrhmbFe5hJcfmUsJzYb3asF1CFc1%2BBIrRJJqFsX4mS3q0%2BnuGNElq2RWVSe2ygnlv5v2dQ5vofZ9"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
vary: Accept-Encoding,Accept-Encoding
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 6905623ada0c4138-PRG
expires: Sat, 17 Sep 2022 21:21:21 GMT

GET
H2 200 f38635c57cef44961c37d55a67b88412.css
tipsmoney.top/wp-content/bs-booster-cache/ 48 KB
7 KB 388ms
386ms Stylesheet
text/css 104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tipsmoney.top/wp-content/bs-booster-cache/f38635c57cef44961c37d55a67b88412.css

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7473dee1f9ef1f3523c838740c477898dbae91fdf4073bc9a435fd1eb48f2e22

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/bs-booster-cache/f38635c57cef44961c37d55a67b88412.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tipsmoney.top
referer: https://tipsmoney.top/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 15 Sep 2021 21:03:59 GMT
server: cloudflare
x-frame-options: sameorigin,SAMEORIGIN
expect-ct: max-age=7776000, enforce
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXPBU%2BUUUJoZ9fxvWnurVdPx4sx4wXyYAZw9Ev3jpMg4Mv8CvCnZs9ITHEB4JmlxuNF84R7c4vk9XgX35Vpd%2FCc8f3UWUspj4%2F7KCAaRFthYJE5FcyHQ1BuzGu6GVLWQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
vary: Accept-Encoding,Accept-Encoding
cache-control: public, max-age=31536000
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 6905623ada0d4138-PRG
expires: Sat, 17 Sep 2022 21:21:21 GMT

GET
H2 200 c3 Show response
platform.foremedia.net/code/5684/ 1 KB
733 B 364ms
315ms Script
text/javascript 172.67.217.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/code/5684/c3

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.217.173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af590eb31ffa3a403681a054b9b211228c69df12a99de562a121acdfa0264544

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:21 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24249
x-cache: cached
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 879292897 876202719
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yckmIbciwlzJL9cJDpcrbLdXia75BgP%2BsTpda9v289vbZWqBS%2BdOKzZ1vBW%2FxKA7IjbHTojWVgGLekm0Pb2SKbMa1blB5HLzXEd6sxOlbifMQf1Wk4%2BuVe9FVdwdkZqJ6AnjL5Ci%2BnsE"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, private
cf-ray: 6905623b1cd4f9da-PRG

GET
H2 200 c5 Show response
platform.foremedia.net/code/5684/ 1 KB
715 B 385ms
336ms Script
text/javascript 172.67.217.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/code/5684/c5
Requested by: Host: tipsmoney.top
URL: https://tipsmoney.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.217.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23c7621f45e78b431fbc4d1d1b3a5dda64418d9efb413a26f314773a8cf76e37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:21 GMT
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: uncached
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 952673280
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTDxpXw0v8habegqefj08pm5e87fgRcPgfB136UA3PXBTvwOoSGlEMiarF35ffS%2BKWBGrjs0%2BYsb9MJSwF6gunHj%2BaxlOxWsFD1M6YqIapwuiJESXD5rXrKm74VVQhgob09lB5u0N4XF"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, private
cf-ray: 6905623b1cd5f9da-PRG

GET
H2 200 footer Show response
platform.foremedia.net/code/5684/ 0
352 B 380ms
332ms Script
text/javascript 172.67.217.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/code/5684/footer
Requested by: Host: tipsmoney.top
URL: https://tipsmoney.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.217.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:21 GMT
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: uncached
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
x-varnish: 952381601
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IyV5tuASIKZBWa4wRF7Fry%2Bt2ofsp22GcyioVi7Wdtph%2BsqvoJSkWtYAdIU%2FFbTWa3Xq%2BEtlF79BhhY1iXsNXBB4vImXjwUtBFBrNaWLamfhh%2FOz7ih9xMgRwASQYOeTat2%2FXqf3ktsk"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, private
accept-ranges: bytes
cf-ray: 6905623b1cd6f9da-PRG

GET
H2 200 regenerator-runtime.min.js Show response
tipsmoney.top/wp-includes/js/dist/vendor/ 6 KB
3 KB 386ms
384ms Script
application/x-javascript 104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tipsmoney.top/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tipsmoney.top
referer: https://tipsmoney.top/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 25 Aug 2021 14:39:23 GMT
server: cloudflare
x-frame-options: sameorigin,SAMEORIGIN
expect-ct: max-age=7776000, enforce
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjgLC4u71SHBTrFfhM4BcPfg2Tm7WWzaMcg4ud3PYIaBIp0Kt41It3hRYF%2BEOIqlUSItHcczVy56O97IugslTRkKRUzPrR%2B1%2Bb8O93aFD5th8FPU2Ew9t9VRIBPBzXKW"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=UTF-8
vary: Accept-Encoding,Accept-Encoding
cache-control: public, max-age=604800
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 6905623ada114138-PRG
expires: Fri, 24 Sep 2021 21:21:21 GMT

GET
H2 200 wp-polyfill.min.js Show response
tipsmoney.top/wp-includes/js/dist/vendor/ 16 KB
6 KB 382ms
380ms Script
application/x-javascript 104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tipsmoney.top/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tipsmoney.top
referer: https://tipsmoney.top/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 25 Aug 2021 14:39:23 GMT
server: cloudflare
x-frame-options: sameorigin,SAMEORIGIN
expect-ct: max-age=7776000, enforce
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRwLVrcJD98UfPdziCmlg%2Bn5crDRdnn6OKdnM7nBaZQE2aIA5SBqgkUuxpk9b0ODO1MM0Di3eKIZvczNViWnDRfWRW9TZRnSPvZUv4tjJLc1e7i5gX4oXC7DAWCna2tn"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=UTF-8
vary: Accept-Encoding,Accept-Encoding
cache-control: public, max-age=604800
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 6905623ada124138-PRG
expires: Fri, 24 Sep 2021 21:21:21 GMT

GET
H2 200 index.js Show response
tipsmoney.top/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 393ms
392ms Script
application/x-javascript 104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tipsmoney.top/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tipsmoney.top
referer: https://tipsmoney.top/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 14 Jul 2021 12:29:00 GMT
server: cloudflare
x-frame-options: sameorigin,SAMEORIGIN
expect-ct: max-age=7776000, enforce
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jm1BqC7TlDYQqdEeGGp4KZAJR38e%2FfMVsW%2FHREhcGLq%2Bux7riP0Y61fdRMFfVwrHFhrgSV%2FTiJtTqgD29Bh2QZjIj9bDHARJkh0EG0xrkg1jgXDErFuCYXOWXbD07rdv"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=UTF-8
vary: Accept-Encoding,Accept-Encoding
cache-control: public, max-age=604800
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 6905623ada134138-PRG
expires: Fri, 24 Sep 2021 21:21:21 GMT

GET
H2 200 smush-lazy-load.min.js Show response
tipsmoney.top/wp-content/plugins/wp-smush-pro/app/assets/js/ 10 KB
4 KB 393ms
392ms Script
application/x-javascript 104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tipsmoney.top/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.6.3

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b10d4805bfd37702e61c9c03f784ed6ea227bca02c58fd8b139fbfc62f68df08

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.6.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tipsmoney.top
referer: https://tipsmoney.top/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 06 May 2021 18:06:23 GMT
server: cloudflare
x-frame-options: sameorigin,SAMEORIGIN
expect-ct: max-age=7776000, enforce
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyDvIxlVSYACXddJUN%2B6DcHRVipm%2F6l5BeeVSh%2FFxz5bu%2Fn2cr0i58govdEgWipPcmPErdM%2B4a5bKK3R3bicZzxMVks3zBsXnpKlhuo7ZgEOdR5vrSwESYSG5t4YoZ99"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=UTF-8
vary: Accept-Encoding,Accept-Encoding
cache-control: public, max-age=604800
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 6905623ada144138-PRG
expires: Fri, 24 Sep 2021 21:21:21 GMT

GET
H2 200 wp-embed.min.js Show response
tipsmoney.top/wp-includes/js/ 1 KB
1 KB 405ms
404ms Script
application/x-javascript 104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tipsmoney.top/wp-includes/js/wp-embed.min.js?ver=5.8.1

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tipsmoney.top
referer: https://tipsmoney.top/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 04 Feb 2021 01:55:14 GMT
server: cloudflare
x-frame-options: sameorigin,SAMEORIGIN
expect-ct: max-age=7776000, enforce
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4QqSMXU7Cqt4rF86AcdVGakl%2BDpcw%2BU7kTkVbH99H2R1DkPmj%2Bp3lFTuuOQbXlYsSW9IENRDxXl1yTUH3%2Fr7EU6yOABwdvfWMSv8%2B%2FDFueNUuFHbE1Q2r68TbCWx%2F3B"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=UTF-8
vary: Accept-Encoding,Accept-Encoding
cache-control: public, max-age=604800
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 6905623aea284138-PRG
expires: Fri, 24 Sep 2021 21:21:21 GMT

GET
H3 200 edf79eeab08e51b1d5de1b635428d55e.js Show response
tipsmoney.top/wp-content/bs-booster-cache/ 310 KB
92 KB 407ms
407ms Script
application/x-javascript 104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tipsmoney.top/wp-content/bs-booster-cache/edf79eeab08e51b1d5de1b635428d55e.js?ver=5.8.1

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58cde4e7d34de7a6c9a2827c26c4d2df458b189f82241e7cbd81b09f6c6f811e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/bs-booster-cache/edf79eeab08e51b1d5de1b635428d55e.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tipsmoney.top
referer: https://tipsmoney.top/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 16 Sep 2021 21:09:18 GMT
server: cloudflare
x-frame-options: sameorigin,SAMEORIGIN
expect-ct: max-age=7776000, enforce
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQ3ftuIcc2jVlwqOUIVT0DdBoCgKU8CuPi%2BZzWgQvDcAKHbz00Nkv4qjj8pHH9CO788Inb58FSn0SZ9wa1kw5xGE5X%2BtvhLCxP%2F2xmMJt4zWh%2FXEFEkpxW%2FWJLD7e5RK"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=UTF-8
vary: Accept-Encoding,Accept-Encoding
cache-control: public, max-age=604800
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 6905623e19e9f9de-PRG
expires: Fri, 24 Sep 2021 21:21:21 GMT

GET
H3 200 c1 Show response
platform.foremedia.net/getcode/5684/ 2 KB
1 KB 331ms
307ms Script
text/javascript 172.67.217.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/getcode/5684/c1

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/5684/c1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.217.173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a10219f3f76370114dd0f3df4c3130ab32e20ef6a0bf2500ff2ac213f64fe7e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:21 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24248
x-cache: cached
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 879528578 876202804
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AOjJ8OM3byIorPzJSlXYciG13x6NGchNTkGNDehCK%2Fe%2BmNe3J5KiFKhEEm0F%2FZPeHpjrXGcWASWFbuwrqZqYFkrNqL9SH53nS3cbzuuOCGn2aANJ%2FiSWfL8nmYyOLnmdbbilJbwFVqJ"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, private
cf-ray: 6905623e4b782798-PRG

GET
H3 200 analytics Show response
platform.foremedia.net/getcode/5684/ 4 KB
1 KB 365ms
341ms Script
text/javascript 172.67.217.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/getcode/5684/analytics
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/5684/analytics
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85d99f8791d48b0c61bca78ad56425ae628e21705837e009628540cf33bbd11c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:21 GMT
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: uncached
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 952765278
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9kJ12tyCl2T3iMdoN8XXIh12lbdFvi%2FqO83qP%2FXBpG4aaVb8sqReAC%2FZepTkZcjzg08a%2B65gU02CcIv4qmud69%2FdOj0cljFFYwzvzMQZrReDMOsUPDEX58Gyiy%2BjXomMegIDI05UY9H"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, private
cf-ray: 6905623e4b792798-PRG

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 bs-icons.woff
tipsmoney.top/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 14 KB
14 KB 180ms
180ms Font
application/font-woff 104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tipsmoney.top/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/bs-icons.woff

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/wp-content/bs-booster-cache/ffa3a7a61d8b69f2ffe1e81bec8f2351.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/bs-icons.woff
pragma: no-cache
origin: https://tipsmoney.top
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: tipsmoney.top
referer: https://tipsmoney.top/wp-content/bs-booster-cache/ffa3a7a61d8b69f2ffe1e81bec8f2351.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tipsmoney.top/wp-content/bs-booster-cache/ffa3a7a61d8b69f2ffe1e81bec8f2351.css
Origin: https://tipsmoney.top
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 25 Aug 2021 14:33:40 GMT
server: cloudflare
x-frame-options: sameorigin,SAMEORIGIN
expect-ct: max-age=7776000, enforce
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvdztjiGPX9CSwxp0RMnPiX3JvollTN0ckxyAXfHkpXDpbkSMqQksGAl1m2%2FOGPqGm4N8iXNFBwDcjD1L4cMKcWsN4cHWL%2FgdgR%2F0AXygGKruVukApsddiXRSkX6olJc"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
vary: Accept-Encoding
cache-control: public, max-age=2592000
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 6905623fdb88f9de-PRG
expires: Sun, 17 Oct 2021 21:21:21 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 28ms
7ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic%7CNoto+Sans:400,700,400italic%7CRoboto:500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tipsmoney.top
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 08:57:05 GMT
x-content-type-options: nosniff
age: 217456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Sep 2022 08:57:05 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 36ms
15ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic%7CNoto+Sans:400,700,400italic%7CRoboto:500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tipsmoney.top
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 15:11:30 GMT
x-content-type-options: nosniff
age: 367791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 15:11:30 GMT

GET
H3 200 fontawesome-webfont.woff2
tipsmoney.top/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 75 KB
76 KB 631ms
631ms Font
font/woff2 104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tipsmoney.top/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/wp-content/bs-booster-cache/ffa3a7a61d8b69f2ffe1e81bec8f2351.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
origin: https://tipsmoney.top
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: tipsmoney.top
referer: https://tipsmoney.top/wp-content/bs-booster-cache/ffa3a7a61d8b69f2ffe1e81bec8f2351.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tipsmoney.top/wp-content/bs-booster-cache/ffa3a7a61d8b69f2ffe1e81bec8f2351.css
Origin: https://tipsmoney.top
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 25 Aug 2021 14:33:41 GMT
server: cloudflare
x-frame-options: sameorigin,SAMEORIGIN
expect-ct: max-age=7776000, enforce
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SzF59QfmsWqblWRrLW3EwYu6AaWm88mvEgTplgjtXXBF%2BE5YxNRW%2BDz5E5jcktyqrCO7IdacLiItdyR8FqqrW8%2Bg87nsm8UGUy3gEYqSB9Qf7wTyHE3OWslo9v5eltWD"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: public, max-age=10368000
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6905623fdb89f9de-PRG
expires: Sat, 15 Jan 2022 21:21:22 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v21/ 16 KB
16 KB 39ms
18ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v21/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic%7CNoto+Sans:400,700,400italic%7CRoboto:500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tipsmoney.top
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 17:44:02 GMT
x-content-type-options: nosniff
age: 272239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16056
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 16:44:52 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Sep 2022 17:44:02 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v21/ 16 KB
16 KB 34ms
13ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v21/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic%7CNoto+Sans:400,700,400italic%7CRoboto:500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tipsmoney.top
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 17:44:02 GMT
x-content-type-options: nosniff
age: 272239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16180
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 16:43:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Sep 2022 17:44:02 GMT

GET
H3 200 c3 Show response
platform.foremedia.net/getcode/5684/ 2 KB
1 KB 311ms
310ms Script
text/javascript 172.67.217.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/getcode/5684/c3

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/5684/c3

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.217.173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

592df3e037ca31c7cc5b5a2a57c28e759a0b6d7d6bc13621ad55643354cda896

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:22 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24248
x-cache: cached
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 879292922 876111935
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i0egz4%2BDvuIJEvsNtDjqfXIAWWa5d%2BDNwIYdhZ%2Fh%2FI72Ghg%2BLgzRRw5bRc8UJzX09TJfK8jIrPDK1DbxhdBzwvz2oRKzF0klF5wg7b82aQZkW8ofnC8G6u%2BPZJBfjuS8HLedlSWzZqOY"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, private
cf-ray: 690562400df22798-PRG

GET
H3 200 c5 Show response
platform.foremedia.net/getcode/5684/ 2 KB
1 KB 342ms
342ms Script
text/javascript 172.67.217.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/getcode/5684/c5
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/5684/c5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23222853f29f8fe40b2733e70cf7cd4242a40fb4e320af680fc342fabc12d77a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:22 GMT
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: uncached
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 952707553
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ameV%2B%2BZwLIKiee9RQqaA7Q9Lwb73i%2BNQlQPy9TtDPAG4HoErMlcTTtMKC8CnqQxibUyMQ9dvEGaWaoRzFGE4bnkjM%2FmffyMZ9jRpf0bTa9q8N4WNn88W8qWwbH25NoS%2Flg4Kxsw2OA3p"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, private
cf-ray: 690562400df32798-PRG

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 37ms
14ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic%7CNoto+Sans:400,700,400italic%7CRoboto:500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tipsmoney.top
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 07:54:01 GMT
x-content-type-options: nosniff
age: 48440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Sep 2022 07:54:01 GMT

GET
H3 200 logo-tips-money.png
tipsmoney.top/wp-content/uploads/2021/03/ 4 KB
5 KB 405ms
405ms Image
image/png 104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tipsmoney.top/wp-content/uploads/2021/03/logo-tips-money.png

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25f3e6f807e305fee4285f056b63d4a327e284246ac70308d1119ebdd8b0c8e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/03/logo-tips-money.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tipsmoney.top
referer: https://tipsmoney.top/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4375
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 20 Mar 2021 11:48:19 GMT
server: cloudflare
x-frame-options: sameorigin,SAMEORIGIN
expect-ct: max-age=7776000, enforce
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NKu7LlW%2Bp850p3TiFtpprKoRvOulQDXijVFmDh7qD7mWThAJeosh7vanWWNLYsACnS70cMZmzkBY3PamfkQoGAno6j6%2FBnacVZNoaR3doymSD4%2F2aZuR3iSI8Y1KoD1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=10368000
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 690562404c09f9de-PRG
expires: Sat, 15 Jan 2022 21:21:22 GMT

GET
H2 200 display.js Show response
static.foremedia.net/tag/ 18 KB
6 KB 103ms
8ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://static.foremedia.net/tag/display.js
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/getcode/5684/c1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 41f54f68cf71936ecbf01c83bb90937c767b5d37a96e8f612f1c03e5fb0d70e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:22 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2020 13:38:43 GMT
server: nginx
etag: W/"5fc798e3-481a"
x-hw: 1631913682.cds150.fr8.hn,1631913682.cds011.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6229

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
40 KB 43ms
22ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-182103897-1

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/getcode/5684/analytics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

64e0179d0ee954738afe91c29a769cc3e4ad799899a5650d1213b67cb4fd65dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40291
x-xss-protection: 0
last-modified: Fri, 17 Sep 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Sep 2021 21:21:22 GMT

GET
H/1.1 200
OK native.js Show response
content.foreshop.net/js/native/ 48 KB
17 KB 280ms
89ms Script
application/javascript 104.236.228.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://content.foreshop.net/js/native/native.js
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/getcode/5684/analytics
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.236.228.144 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 8f2d42e80b39dd9228ad4e44961d1ae48572a9420e8156f58f116c2087d430cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 21:21:22 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 May 2021 15:12:38 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "c106-5c14628b70a1d-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 17513

GET
H3 200 footer_float Show response
platform.foremedia.net/code/5684/ 1 KB
1 KB 137ms
137ms Script
text/javascript 172.67.217.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/code/5684/footer_float
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/getcode/5684/analytics
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 724327dd592648e85916b6f38cf5fe0c0575a9639e2435bdc333200d0d08b0aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:22 GMT
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: uncached
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 952707550
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1v2BeWGeSJZWd%2BZvcr3sVidFR6bDe8HZbMneb4rbqd8%2Fe%2FdwInd%2B70RyDZpk8RtJ4LiQyi0qorf3Qkfk7sW3PhYOa8dKNdGuh7s8tgCRGCwO2y%2BUEbHpnxtwUH%2F%2B08QGvuElJoaKh426"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, private
cf-ray: 690562407e682798-PRG

GET
H3 200 custom2492 Show response
platform.foremedia.net/code/5684/ 1 KB
1 KB 311ms
311ms Script
text/javascript 172.67.217.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/code/5684/custom2492

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/getcode/5684/analytics

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.217.173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb23e95c47e9fe886fc0264c15510ff856ab4b9e2c492f919fb0dd9ab8a2c182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:22 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16720
x-cache: cached
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 879292927 877579566
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gDFF4oaWpqoTbUVWhwFSokKN2F074t5F7v3Yr34mO2kYbnqOTAlhQ%2FZb32SNZbgupYV86TAn8SYDH8ttMU2FTi%2FKiizJxrhBzhY4y94ygiNKQCGmzRJtmxHOGMjpR92m8LqIRVtZ1Soo"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, private
cf-ray: 690562408e6d2798-PRG

GET
H3 200 custom4112 Show response
platform.foremedia.net/code/5684/ 1 KB
1 KB 118ms
118ms Script
text/javascript 172.67.217.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/code/5684/custom4112

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/getcode/5684/analytics

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.217.173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd7c680c451cb408884ee100c24728d16ba04edbbe3303e694aa787798746bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:22 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18544
x-cache: cached
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 879292918 877247920
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4d9AheTzeehIiitBFZigiA2IU%2F1Jw490gRVJdtd%2BLYBSQd1NjPu0sjecSUT9OKQJB8Q3m9CfuxiViIRLGgtH7snqJFRlDeqGwSqAmCHRLxGpd7HJsrzjcv8DX0gDcbSQUp0lIdi7DXSk"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, private
cf-ray: 690562408e6e2798-PRG

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 29ms
6ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-182103897-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2065
date: Fri, 17 Sep 2021 20:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 17 Sep 2021 22:46:57 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/webp

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 27ms
13ms XHR
text/plain 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=462090808&t=pageview&_s=1&dl=https%3A%2F%2Ftipsmoney.top%2F&ul=en-us&de=UTF-8&dt=Speaking%20of%20Money%20-%20We%20will%20have%20several%20tips%20on%20money!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=76537426&gjid=705006954&cid=941995379.1631913682&tid=UA-182103897-1&_gid=1073037447.1631913682&_r=1&gtm=2ou9f0&z=1143158615

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 21:21:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tipsmoney.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Common-surety-bonds-you-ought-to-know-750x430.jpg
tipsmoney.top/wp-content/uploads/2021/07/ 58 KB
59 KB 621ms
621ms Image
image/jpeg 104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tipsmoney.top/wp-content/uploads/2021/07/Common-surety-bonds-you-ought-to-know-750x430.jpg

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

707696e2c7007cf266ecffce08c248e3af7e3c416711d7f127dee29094a4675b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/07/Common-surety-bonds-you-ought-to-know-750x430.jpg
pragma: no-cache
cookie: _ga=GA1.2.941995379.1631913682; _gid=GA1.2.1073037447.1631913682; _gat_gtag_UA_182103897_1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tipsmoney.top
referer: https://tipsmoney.top/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 59353
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 01 Jul 2021 14:40:33 GMT
server: cloudflare
x-frame-options: sameorigin,SAMEORIGIN
expect-ct: max-age=7776000, enforce
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bElmK%2Bbji5fRaAhKlVD5h8bE8%2BJudVP9NwKEjxnCJpl2yYA8CYlRjpvB1Dq9w0t6XnMTRuIlmIBMyHlLTvHGL8vTy8c3kAuoMylY%2FU9oEmGaCQQX1LdZw08sSuoVoFss"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=10368000
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 690562417d38f9de-PRG
expires: Sat, 15 Jan 2022 21:21:22 GMT

GET
H3 200 8-most-important-factors-when-comparing-short-term-loans-279x220.jpg
tipsmoney.top/wp-content/uploads/2021/06/ 4 KB
5 KB 409ms
409ms Image
image/jpeg 104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tipsmoney.top/wp-content/uploads/2021/06/8-most-important-factors-when-comparing-short-term-loans-279x220.jpg

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

321c77b343c5596df0d6c4290dd001fc3a384d108eadc47ed7470e4d1ba45839

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/06/8-most-important-factors-when-comparing-short-term-loans-279x220.jpg
pragma: no-cache
cookie: _ga=GA1.2.941995379.1631913682; _gid=GA1.2.1073037447.1631913682; _gat_gtag_UA_182103897_1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tipsmoney.top
referer: https://tipsmoney.top/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4543
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 18 Jun 2021 17:45:24 GMT
server: cloudflare
x-frame-options: sameorigin,SAMEORIGIN
expect-ct: max-age=7776000, enforce
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjSLwnh9qkB75VeeObh1Iv3h0DmRfVo9NZvgOo4CCeF89zrnAV2kNuvJgPgJq0lFMffg0NNpFqdiWcHqJna2GHLVrMxgtYfN78xZHnb0XQ8qXG54vlk3yGkqJ8jbZYvM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=10368000
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 690562417d39f9de-PRG
expires: Sat, 15 Jan 2022 21:21:22 GMT

GET
H3 200 Lawsuit-Loans-279x220.jpg
tipsmoney.top/wp-content/uploads/2021/06/ 12 KB
12 KB 409ms
409ms Image
image/jpeg 104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tipsmoney.top/wp-content/uploads/2021/06/Lawsuit-Loans-279x220.jpg

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73b3e672aca8aabcc480f0df8bbcb53e47b90d9e7da698c1573b9976d93ad65b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/06/Lawsuit-Loans-279x220.jpg
pragma: no-cache
cookie: _ga=GA1.2.941995379.1631913682; _gid=GA1.2.1073037447.1631913682; _gat_gtag_UA_182103897_1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tipsmoney.top
referer: https://tipsmoney.top/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11814
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 10 Jun 2021 21:07:04 GMT
server: cloudflare
x-frame-options: sameorigin,SAMEORIGIN
expect-ct: max-age=7776000, enforce
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aiHVO%2FNlfqKr9gNtDfMcHv02VYPp6j9xIiWdnC8egddnST3Ff%2FXmPR2gT4LspMdqYDIPsE36nV7W3o%2BO9zpBKWOHfOGrlcxUfIWXu7C9P3%2Bzd1%2Bi%2B6sjMgduvDgW5w6K"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=10368000
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 690562417d3bf9de-PRG
expires: Sat, 15 Jan 2022 21:21:22 GMT

GET
H3 200 Credit-card-B-279x220.jpg
tipsmoney.top/wp-content/uploads/2021/05/ 9 KB
10 KB 388ms
387ms Image
image/jpeg 104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tipsmoney.top/wp-content/uploads/2021/05/Credit-card-B-279x220.jpg

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53278160e702b9eed9571784fd3f807085b7cbcf05b5124d3c7377da15e75d1e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/05/Credit-card-B-279x220.jpg
pragma: no-cache
cookie: _ga=GA1.2.941995379.1631913682; _gid=GA1.2.1073037447.1631913682; _gat_gtag_UA_182103897_1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tipsmoney.top
referer: https://tipsmoney.top/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9499
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 02 Jun 2021 20:21:44 GMT
server: cloudflare
x-frame-options: sameorigin,SAMEORIGIN
expect-ct: max-age=7776000, enforce
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8aHOE1JWmP7az6EVq2Xgq%2BMCzrmGNI519UseLasl1nxmOAcmIVVG%2ByV9znLg8TihZ9hAmPWn3QhjFKAdDZ0bOmHfMxhQfXEE8r8N%2Fx8V0K72cRonLfvr%2BAEosezWtkM9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=10368000
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 690562417d3cf9de-PRG
expires: Sat, 15 Jan 2022 21:21:22 GMT

GET
H3 200 sainsburys-credit-card-279x220.png
tipsmoney.top/wp-content/uploads/2021/05/ 20 KB
20 KB 510ms
509ms Image
image/png 104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tipsmoney.top/wp-content/uploads/2021/05/sainsburys-credit-card-279x220.png

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

795a0ecac42f138844d52334a1a6221e72e08615b90103d037b1423c45a1579b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/05/sainsburys-credit-card-279x220.png
pragma: no-cache
cookie: _ga=GA1.2.941995379.1631913682; _gid=GA1.2.1073037447.1631913682; _gat_gtag_UA_182103897_1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tipsmoney.top
referer: https://tipsmoney.top/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19996
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 02 Jun 2021 20:21:47 GMT
server: cloudflare
x-frame-options: sameorigin,SAMEORIGIN
expect-ct: max-age=7776000, enforce
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OdHyhnZX%2FHVHt40yRkQS%2BMhzKeNvfAf4Zs%2BTC74ve4hPQd3%2FcwpjWFqfRYYT%2FcxSJ%2Fy4T73RMM4cTIAGlK17WJ30w9Z5nIeRu3aZnbmUzJ6iIm1DJqsahlLrxtjrye%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=10368000
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 690562417d3df9de-PRG
expires: Sat, 15 Jan 2022 21:21:22 GMT

GET
H3 200 All-about-the-SoFi-Personal-Loan-210x136.jpg
tipsmoney.top/wp-content/uploads/2021/05/ 10 KB
11 KB 410ms
409ms Image
image/jpeg 104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tipsmoney.top/wp-content/uploads/2021/05/All-about-the-SoFi-Personal-Loan-210x136.jpg

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1843fb720625b612a387488025ecc00ef7176304f673bc75aa60457a71e32882

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/05/All-about-the-SoFi-Personal-Loan-210x136.jpg
pragma: no-cache
cookie: _ga=GA1.2.941995379.1631913682; _gid=GA1.2.1073037447.1631913682; _gat_gtag_UA_182103897_1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tipsmoney.top
referer: https://tipsmoney.top/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10108
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 02 Jun 2021 20:21:34 GMT
server: cloudflare
x-frame-options: sameorigin,SAMEORIGIN
expect-ct: max-age=7776000, enforce
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nicj6wj0EHosQ%2BUDJwt5hjz%2BjRXO%2BHLHmOoLKpe4GFEZHZnjCXwpgIiG60OVC3thr9SUiMew51xlt4TvRa4u2nihTq1UfRmYNalbEZ%2FDzyJneTpfX%2FgYyT3oACnum2hk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=10368000
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 690562417d3ef9de-PRG
expires: Sat, 15 Jan 2022 21:21:22 GMT

GET
H3 200 American-express-platinum-cashback-daily-credit-card-1-210x136.png
tipsmoney.top/wp-content/uploads/2021/05/ 25 KB
26 KB 535ms
534ms Image
image/png 104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tipsmoney.top/wp-content/uploads/2021/05/American-express-platinum-cashback-daily-credit-card-1-210x136.png

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0304ab5a23a9eaa96078f402a33c19fd643c8b8e69e7fbf0e2be93e7e11be10

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/05/American-express-platinum-cashback-daily-credit-card-1-210x136.png
pragma: no-cache
cookie: _ga=GA1.2.941995379.1631913682; _gid=GA1.2.1073037447.1631913682; _gat_gtag_UA_182103897_1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tipsmoney.top
referer: https://tipsmoney.top/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 25310
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 02 Jun 2021 20:20:44 GMT
server: cloudflare
x-frame-options: sameorigin,SAMEORIGIN
expect-ct: max-age=7776000, enforce
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2A4HpB44U3NgR9FKTu6SXf0X7BZYRNm94NPpS9a9Bei5nzFSsVG8KWsmJ2WT8ooyhnl1zN3uddHPkB3epU1MFAUO1ghVca3ndp%2Fhk0qspsDssAsijYTPsxG7VUf20R40"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=10368000
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 690562417d3ff9de-PRG
expires: Sat, 15 Jan 2022 21:21:22 GMT

GET
H3 200 All-about-the-payoff-personal-loan-210x136.jpg
tipsmoney.top/wp-content/uploads/2021/05/ 7 KB
8 KB 395ms
394ms Image
image/jpeg 104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tipsmoney.top/wp-content/uploads/2021/05/All-about-the-payoff-personal-loan-210x136.jpg

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01b90a3cf0c6263774a0af888efbbc131a300822093d826d951a76fe933ddc31

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/05/All-about-the-payoff-personal-loan-210x136.jpg
pragma: no-cache
cookie: _ga=GA1.2.941995379.1631913682; _gid=GA1.2.1073037447.1631913682; _gat_gtag_UA_182103897_1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tipsmoney.top
referer: https://tipsmoney.top/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7403
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 02 Jun 2021 20:21:04 GMT
server: cloudflare
x-frame-options: sameorigin,SAMEORIGIN
expect-ct: max-age=7776000, enforce
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5B6ht81DHBKdZJNvG43ZVlIm8v8fVrLYNR6h03VpcsdCFvB%2B8V2cl1HJx5R6nPPhT3k7RaWFCT1JJYxMY3WD%2F8ax4VB%2BJTsO6Xvd7Aq3gSkuLgsUQsqaBmY7Gi%2Fq2qWj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=10368000
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 690562417d40f9de-PRG
expires: Sat, 15 Jan 2022 21:21:22 GMT

GET
H3 200 Personal-Rocket-Loan-210x136.jpg
tipsmoney.top/wp-content/uploads/2021/05/ 7 KB
8 KB 391ms
390ms Image
image/jpeg 104.21.70.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tipsmoney.top/wp-content/uploads/2021/05/Personal-Rocket-Loan-210x136.jpg

Requested by

Host: tipsmoney.top
URL: https://tipsmoney.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.70.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

683edec5ee9d3a0fea8c381caf9e531e424e562da95c03837dcc4c3f88847ebb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/05/Personal-Rocket-Loan-210x136.jpg
pragma: no-cache
cookie: _ga=GA1.2.941995379.1631913682; _gid=GA1.2.1073037447.1631913682; _gat_gtag_UA_182103897_1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tipsmoney.top
referer: https://tipsmoney.top/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7588
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 02 Jun 2021 20:20:33 GMT
server: cloudflare
x-frame-options: sameorigin,SAMEORIGIN
expect-ct: max-age=7776000, enforce
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rw4fA7HrmpRJmVFYDfeLuR9O1F3rIhyVfsQRXKO3QCuMsZNbkmqus16I2jD8hAPJ7rfY5oW%2BULbIMGjMCEb4yVOXw6ziuJm9P7N%2Frz9qlFkSKRSx67nGlMuKM4Jl%2Fo0i"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=10368000
permissions-policy: accelerometer=(*), autoplay=(*), camera=(*), document-domain=(*), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), magnetometer=(*), microphone=(*), midi=(*), payment=(*), picture-in-picture=(*), sync-xhr=(*), usb=(*)
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 690562417d41f9de-PRG
expires: Sat, 15 Jan 2022 21:21:22 GMT

GET
H3 200 4112 Show response
platform.foremedia.net/getccode/ 1017 B
2 KB 154ms
153ms Script
application/javascript 172.67.217.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/getccode/4112
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/5684/custom4112
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba782b4035e884a61098b7bb55ec440d0a3b4c80de2a3de54b16fa0d221483ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:22 GMT
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: uncached
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 952707556
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SB2Rq3wzsolV5Yq%2BVS9rrNz5LoX0x1ZvHaLcfvyst8Jl8Z1a%2B7G3TRg68GzFDj3g9fkx17i1g%2Bw8cAO9Lvtjw68mwSLuVmYI1zNdsZ8jtYKb%2Fkr%2FpJ%2F%2BbeC7LGEBI1EvA2ilYVmwbO5i"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache, private
cf-ray: 690562417fad2798-PRG

GET
H3 200 footer_float Show response
platform.foremedia.net/getcode/5684/ 2 KB
1 KB 156ms
156ms Script
text/javascript 172.67.217.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/getcode/5684/footer_float
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/5684/footer_float
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5d54c63bfb9fbde0162c7d0bb0741cb0f81bc8a41d071d57f70441172ab957a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:22 GMT
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: uncached
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 952765289
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4xHrUtr%2FfwhldoGPTqiDINaqlAUirg7vMjiyIbIRUZpvKxOS7FpfJfMBYhdxWUHFawuO5ob5G0mntYICfYzWFGaw3AyeeZGP973GSMn3z3Hx3ZptkSeqEPwAPkDp9w8XoijeyMm%2FSiP"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, private
cf-ray: 690562417fb42798-PRG

GET
H/1.1 200
OK tag Show response
cpm.foremedia.net/ 203 B
624 B 95ms
12ms XHR
application/json 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.foremedia.net/tag?ad_type=json&ver=2.0&zone_id=140145&size=728x90&vw=1&it=0&j=pu%3Dtipsmoney.top%26if%3D0&rnd=57107277
Requested by: Host: static.foremedia.net
URL: https://static.foremedia.net/tag/display.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e9cd6cf2b3a30a05c3a069bd13c6cdd14e03cfde9552db74ab05152614a2b278

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Sep 2021 21:21:22 GMT
Server: nginx
Age: 0
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://tipsmoney.top
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Type: application/json; charset=utf-8
Content-Length: 203

GET
H/1.1 200
OK tag Show response
cpm.foremedia.net/ 203 B
624 B 94ms
13ms XHR
application/json 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.foremedia.net/tag?ad_type=json&ver=2.0&zone_id=140518&size=200x200&vw=1&it=0&j=pu%3Dtipsmoney.top%26if%3D0&rnd=32124351
Requested by: Host: static.foremedia.net
URL: https://static.foremedia.net/tag/display.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: 00a3adc3ed6699c9bd6cb4a796ac13405abad17f40c5c0059b3cfed041860d90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Sep 2021 21:21:22 GMT
Server: nginx
Age: 0
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://tipsmoney.top
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Type: application/json; charset=utf-8
Content-Length: 203

GET
H/1.1 200
OK tag Show response
cpm.foremedia.net/ 203 B
624 B 69ms
13ms XHR
application/json 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.foremedia.net/tag?ad_type=json&ver=2.0&zone_id=140518&size=200x200&vw=1&it=0&j=pu%3Dtipsmoney.top%26if%3D0&rnd=44220356
Requested by: Host: static.foremedia.net
URL: https://static.foremedia.net/tag/display.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: 00a3adc3ed6699c9bd6cb4a796ac13405abad17f40c5c0059b3cfed041860d90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Sep 2021 21:21:22 GMT
Server: nginx
Age: 0
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://tipsmoney.top
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Type: application/json; charset=utf-8
Content-Length: 203

GET
H2 200 display.js Show response
static.foremedia.net/tabu/ 8 KB
4 KB 8ms
8ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://static.foremedia.net/tabu/display.js
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/getccode/4112
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 661de38d28a2da59e3cc720d817707bf0fde5c092933dc209d20c884d29902eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:22 GMT
content-encoding: gzip
last-modified: Mon, 08 Feb 2021 16:36:26 GMT
server: nginx
etag: W/"6021688a-20f0"
x-hw: 1631913682.cds150.fr8.hn,1631913682.cds274.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3492

GET
H/1.1 200
OK tag Show response
cpm.foremedia.net/ 203 B
624 B 39ms
13ms XHR
application/json 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.foremedia.net/tag?ad_type=json&ver=2.0&zone_id=140145&size=728x90&vw=1&it=0&j=pu%3Dtipsmoney.top%26if%3D0&rnd=40628713
Requested by: Host: static.foremedia.net
URL: https://static.foremedia.net/tag/display.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e9cd6cf2b3a30a05c3a069bd13c6cdd14e03cfde9552db74ab05152614a2b278

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Sep 2021 21:21:22 GMT
Server: nginx
Age: 0
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://tipsmoney.top
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Type: application/json; charset=utf-8
Content-Length: 203

GET
H3 200 2492 Show response
platform.foremedia.net/getccode/ 2 KB
2 KB 150ms
149ms Script
application/javascript 172.67.217.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.foremedia.net/getccode/2492

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/5684/custom2492

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.217.173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20a426655d7cafd4ac3b33e04e678d3c872294b6acb0008466a83d3682036aaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:22 GMT
via: 1.1 varnish (Varnish/5.2)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
cf-ray: 6905624279032798-PRG
x-cache: uncached
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: no-cache
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v1wcHin12P%2FwKYTdrWEUdNyCoxjc2WMgZb9yfk3053laF1%2Baa2kmP6WXBiwQnzNwODRu60APDZP5gsC57kVGFs7w7ipkI9J6z5q%2BAfEvgT8x8PQash0zEMLZsUkgXC2krSJjO6skLDwL"}],"group":"cf-nel","max_age":604800}
x-varnish: 879292932
cache-control: private, must-revalidate
content-type: application/javascript
expires: -1

GET
H/1.1 200
OK native.js Show response
content.foreshop.net/js/native/ Frame 714D 48 KB
17 KB 90ms
90ms Script
application/javascript 104.236.228.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://content.foreshop.net/js/native/native.js
Requested by: Host: static.foremedia.net
URL: https://static.foremedia.net/tag/display.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.236.228.144 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 8f2d42e80b39dd9228ad4e44961d1ae48572a9420e8156f58f116c2087d430cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 21:21:22 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 May 2021 15:12:38 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "c106-5c14628b70a1d-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 17513

GET
H/1.1 200
OK native.js Show response
content.foreshop.net/js/native/ Frame 8345 48 KB
17 KB 173ms
89ms Script
application/javascript 104.236.228.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://content.foreshop.net/js/native/native.js
Requested by: Host: static.foremedia.net
URL: https://static.foremedia.net/tag/display.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.236.228.144 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 8f2d42e80b39dd9228ad4e44961d1ae48572a9420e8156f58f116c2087d430cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 21:21:22 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 May 2021 15:12:38 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "c106-5c14628b70a1d-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 17513

GET
H/1.1 200
OK native.js Show response
content.foreshop.net/js/native/ Frame 9587 48 KB
17 KB 258ms
89ms Script
application/javascript 104.236.228.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://content.foreshop.net/js/native/native.js
Requested by: Host: static.foremedia.net
URL: https://static.foremedia.net/tag/display.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.236.228.144 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 8f2d42e80b39dd9228ad4e44961d1ae48572a9420e8156f58f116c2087d430cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 21:21:22 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 May 2021 15:12:38 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "c106-5c14628b70a1d-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 17513

GET
H/1.1 200
OK native.js Show response
content.foreshop.net/js/native/ Frame 11CF 48 KB
17 KB 260ms
93ms Script
application/javascript 104.236.228.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://content.foreshop.net/js/native/native.js
Requested by: Host: static.foremedia.net
URL: https://static.foremedia.net/tag/display.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.236.228.144 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 8f2d42e80b39dd9228ad4e44961d1ae48572a9420e8156f58f116c2087d430cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 21:21:22 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 May 2021 15:12:38 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "c106-5c14628b70a1d-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 17513

GET
H/1.1 200
OK push.js Show response
content.foreshop.net/js/native/ 48 KB
17 KB 265ms
90ms Script
application/javascript 104.236.228.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://content.foreshop.net/js/native/push.js
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/getccode/2492
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.236.228.144 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: b8d96cbc73c3aa4e88fb6bf9c6ab26d6a3114daa924e18785a3d4df76cf643fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 21:21:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Jun 2021 13:11:40 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "c065-5c56ea5b7e0a8-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 17481

GET
H/1.1 200
OK Cookie set 55c2359666c16cf719e9b22e1d73ac51 Show response
content.foreshop.net/native/nativead/8/ Frame 0998 2 KB
2 KB 566ms
480ms Document
text/html 104.236.228.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://content.foreshop.net/native/nativead/8/55c2359666c16cf719e9b22e1d73ac51?u=1631913682469
Requested by: Host: content.foreshop.net
URL: https://content.foreshop.net/js/native/native.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.236.228.144 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: fa64e1f2d831d1999c5006846e6484cfa847ddf45e879ddc2a8a6bbd3abd5280

Request headers

Host: content.foreshop.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://tipsmoney.top/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/

Response headers

Date: Fri, 17 Sep 2021 21:21:22 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkdQZ3JuNEwyaFlMSzlTNTF6T05IWkE9PSIsInZhbHVlIjoidDlyZ3VRVVRUXC85eDBJMVpNeVduY2E2WEczK05ycm9oVXYzOWhJdURcL3FYRE9sZzJMU2ZqM21Odjl5aXMreDY1VTd3dlpnQmRiajRVYnJ6RTNTRzhmTUdIaWlvbWdGNkZHaEU2RTBlY2tYWGRDRm1TS2p5dXN1b3BDbGJDNWtSbSIsIm1hYyI6Ijk0YjkyYTI4YTkzNmFmYzM3NmZiZWQ0OWU2NWQ4NmE5ODRlZmQ1M2IyMWI3Y2M3MDczYTdiODIzNjQ0MWNkMDgifQ%3D%3D; expires=Fri, 17-Sep-2021 23:21:22 GMT; Max-Age=7200; path=/; secure; samesite=none laravel_session=eyJpdiI6Ikw2dUVIdUtuVVBmaSsxdFF2NUFoSkE9PSIsInZhbHVlIjoiQzRTOUIyRmtHK0k1T3p1NzVldWZcL0JPbmhTVXltRWxZSFpEbVBwSXNINzVzaGp3eXlNQmlqOXFLeUp1ZFpqXC9kU3RmRVFuSzZFVXZwN1Q1YnU0d2JqMGJxRXk1KzFJakd6K2YrWGFRN1NUNUJ4a0czTitwRER6M2phUjBaa0NKQyIsIm1hYyI6IjQ1OTUzZDcyOThmODBmZWQ2NWFjZWNiM2U1Yzk4NGZkYWI1YzVjODU2MjFhN2NkMmE0NWUxNGMyMTNhZGI1MjgifQ%3D%3D; expires=Fri, 17-Sep-2021 23:21:22 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 812
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK Cookie set 55c2359666c16cf719e9b22e1d73ac51 Show response
content.foreshop.net/native/nativead/7/ Frame 2517 1 KB
2 KB 441ms
441ms Document
text/html 104.236.228.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://content.foreshop.net/native/nativead/7/55c2359666c16cf719e9b22e1d73ac51
Requested by: Host: content.foreshop.net
URL: https://content.foreshop.net/js/native/native.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.236.228.144 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: dbb6ca6a95a492b2cbc977a03a7a071709f794ae42a1a0c14bed388df91065a2

Request headers

Host: content.foreshop.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://tipsmoney.top/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/

Response headers

Date: Fri, 17 Sep 2021 21:21:22 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6Imc1cGJ3TkJhcTVZdEp1NzFta1Q2TFE9PSIsInZhbHVlIjoiZVRXT2NndWRuQlhHdGlTSXZMZlhnUG9IVTEzOVpYTXVrOFlRR2syWkNocU1ISWRHSm9aXC81cU9HUmZVNzhQdkhSVTFOY0M4bjNlMHNzNkx0azAySG9CQ2JlOGtYZHZUXC9QQW1kbTVUbWhhUTZJSktMWmlWK0s5NFpcL0lyZTBCUzgiLCJtYWMiOiJhN2EyYWU0NDJhOGQ0NzllMThiNDg2YzU0NmU3ZDljNjgyNDRmZTZhOTZiOTNkNTA0NTVhMzExOTUzNzg5YzgzIn0%3D; expires=Fri, 17-Sep-2021 23:21:22 GMT; Max-Age=7200; path=/; secure; samesite=none laravel_session=eyJpdiI6IlwvM3h5TjBOSUhPcjhXV1dhcEl1TlN3PT0iLCJ2YWx1ZSI6ImE0emVlXC8yQzcwdld1a1wvTzFQSVNZQW1veTg4eUVZY05WdlpqZEREWGEwWG10VWphUTM4cVR6VDdtbno1bWEwbVBPMHdlWlFkUDJRVjZnUlhKMTR1MXJIR3ZHKzlyOUswMkVaOEhVMWE0aytrclkwZmR0ajhOU1BSK3RTV25nak4iLCJtYWMiOiI2NWJjNzQyZmU5Y2QyZmMzOGZjNDJmNTQ2YTlkZDEyODFhMzQ0Yzg4MWZkYWYyOGNkMzY3ODc2ZTdhYWQzNTcxIn0%3D; expires=Fri, 17-Sep-2021 23:21:22 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 734
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK Cookie set 55c2359666c16cf719e9b22e1d73ac51 Show response
content.foreshop.net/native/nativead/7/ Frame C9ED 2 KB
2 KB 479ms
479ms Document
text/html 104.236.228.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://content.foreshop.net/native/nativead/7/55c2359666c16cf719e9b22e1d73ac51
Requested by: Host: content.foreshop.net
URL: https://content.foreshop.net/js/native/native.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.236.228.144 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 9fdcefbd9b39273345793cd3cf18951afc20c8a21bf24d7187c187e6632d4bad

Request headers

Host: content.foreshop.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://tipsmoney.top/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/

Response headers

Date: Fri, 17 Sep 2021 21:21:22 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjhaUUx4MGtuOU5Ha1YrN2hFZE5QRmc9PSIsInZhbHVlIjoieVViSEVkTHFQSm1xYVhIQ1NMTHFENmpvanpHREp3YmxLMVJKVHVBbTZvMEpSNE1RUVJXd3dtY1JJblhqRkI3OUMwUDJVTkx4bjlSdE41M0pvTTNBVW1obmlGYmxWTmpLa3R0OGpmYkZ6eXlwUVFwMUI3eXFzcHFCQWhKYUU1cFgiLCJtYWMiOiIxNGUyYzgxYWM5ZDY4YzAyNzQ0YWI0MzA0NzUwMmY1MGE3OWIwOThlMjU1OWRjMDkxN2M1NGNkOGE5ZDkwNmQ4In0%3D; expires=Fri, 17-Sep-2021 23:21:23 GMT; Max-Age=7200; path=/; secure; samesite=none laravel_session=eyJpdiI6IjZcLzJXZ1pKYXI0N3piREhHRHJ6VjlnPT0iLCJ2YWx1ZSI6IjRRNktrcVd2OXFUb01aQjMwbVZISG1UVlhMNzBSR0thWG9zbFlYY1k5citTXC9EU0FUdmlGNTFBbGhjU0VudVI4MHJxVXRKb3BETVRzQktoNHZCK3B3Q2JcLytERklEZHE2Y0ZGdEFrM2NQMmU3eEhXNjlMYk4zZXdER3NPUkoxRHMiLCJtYWMiOiJhNDMyZTdmOGQ1ZjkzYzFlOWU2OGQxNDkxODkyMTI4ZjhiYjlhMGM2N2IxZjU0ODlkNGVhYTQ3YzdiOTNkZGQwIn0%3D; expires=Fri, 17-Sep-2021 23:21:23 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 787
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK Cookie set 55c2359666c16cf719e9b22e1d73ac51 Show response
content.foreshop.net/native/nativead/8/ Frame 31FF 2 KB
2 KB 543ms
543ms Document
text/html 104.236.228.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://content.foreshop.net/native/nativead/8/55c2359666c16cf719e9b22e1d73ac51
Requested by: Host: content.foreshop.net
URL: https://content.foreshop.net/js/native/native.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.236.228.144 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 293fceaa83886938b9cd229a60ccb30868438241242ef4baf293cdfe3984d6f8

Request headers

Host: content.foreshop.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://tipsmoney.top/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tipsmoney.top/

Response headers

Date: Fri, 17 Sep 2021 21:21:22 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjdnN0RjTDNkSkxBNENuYzVqK25RVWc9PSIsInZhbHVlIjoiMWxOQ1luQllUTnExZ2RWWVpsTTk3VHFCdUFKNEJualNPVXZ6K2FaWUpcL2U5UUhkRlNXTHR4ditFRXlsRHZ5eFlBWjJNSWY2MTBzRk01RSs1V214ckJ1dTQxQ2tuZHVxbXVJOFFvbjRkRmozVzFPdG1XUEk0elpGck1iZm1RQ2FkIiwibWFjIjoiN2ZlN2QwM2VhYjE3M2M1MjIxMDdmNzEzNTJjOTQ0ODQxMDVmODU3YTc2MDhhYTVmMmY4NzY4ZDdkMjE4MWI1ZCJ9; expires=Fri, 17-Sep-2021 23:21:23 GMT; Max-Age=7200; path=/; secure; samesite=none laravel_session=eyJpdiI6ImxhZTFFcmRLVGVZVlVvT0s3N3UxOWc9PSIsInZhbHVlIjoiTHB5dFRZZzI5cWsyU3ZuVnZPMTZuWEFpZ05OSUpVV000dTZvNGZUV3dydEZUNzJuSVMrNTQwS3JNTWsrTm1pK2preTBnTWxQUUJcL2Nza2c5MWhMUlBiM0VRbFFOaXFpQWs5SCtiNWU2QU55UVphWjg5SXhOclV5QW45Z3JXM1ZBIiwibWFjIjoiYmIzNjMzN2IxNzNkOTdhMGE3Mzg3ZGZlYzZkOGViYjdjNWY4NzMyNmM5YjQ5YmM4MzJhN2QyNTg3MmIyNTQ3NCJ9; expires=Fri, 17-Sep-2021 23:21:23 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 784
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK Cookie set 55c2359666c16cf719e9b22e1d73ac51 Show response
content.foreshop.net/native/nativeadpush/ Frame 9550 3 KB
3 KB 449ms
449ms Document
text/html 104.236.228.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://content.foreshop.net/native/nativeadpush/55c2359666c16cf719e9b22e1d73ac51
Requested by: Host: content.foreshop.net
URL: https://content.foreshop.net/js/native/push.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.236.228.144 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: b2ad0447de472150854bf3dce2edcba780354658435f486325e08b92f8ea91d7

Request headers

Host: content.foreshop.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Fri, 17 Sep 2021 21:21:22 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkNHamIyZmU0QzNDcmFWSGpVc29ycmc9PSIsInZhbHVlIjoiM2tRcys1bDQ3OENzV01xZnFwbUZKa2JsbXFtQ1RQekM3NXdjNjhBcSt2dFI3THR0M0VwNU1yRm8ySkNiN3N2RGtVXC9QYThkZFlKQWFkdXhnWFg0ZTB2RndoTWh1M0Z4RGZadEx4eTA1NERZMFV5Y1Rma3FcL1FoZzdCSzVIOTRQQiIsIm1hYyI6ImY0MmU5YWViNjMyYjkyZjVjNzk3M2VhYjc2Y2Y3NDY5M2Q5Yjc4NWIxYzJjZWFmMGQ5Y2E2NWYzMDQyYjAyMTcifQ%3D%3D; expires=Fri, 17-Sep-2021 23:21:23 GMT; Max-Age=7200; path=/; secure; samesite=none laravel_session=eyJpdiI6IlFvdkhQXC9NMzh1YllJY1lBY0xicUhBPT0iLCJ2YWx1ZSI6InBLK3A0ZnpIQWhyQkhSamltTHg1d1h4VktZTnkwbmlRZDhuOHV1ekFDb1RTVHVzTHltcm1SSzR5dXViT3hLWlZ5TUdOOU5CSmFDMjBaNjV5aXZ2dUFTbU9JaUxUeWE1TW04WjJXR1U2MGFnaFZrS3lJaXFcL0g2RUtCWjZqOUttTyIsIm1hYyI6IjBkZThhYjA0YzEwZThjOTRhMjQ2N2I1YTg4ZjAyYTUyYTM3MjRiZjY3NTU3MzNiZjNkNzYzNWQxZmNlODIwZmUifQ%3D%3D; expires=Fri, 17-Sep-2021 23:21:23 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1413
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H3 200 css
fonts.googleapis.com/ Frame 2517 24 KB
1 KB 30ms
16ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900

Requested by

Host: content.foreshop.net
URL: https://content.foreshop.net/native/nativead/7/55c2359666c16cf719e9b22e1d73ac51

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

7742176d36a9ea889f4db0a843e62f522ba690a8d514e91dd5aa09eccf7340ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content.foreshop.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 17 Sep 2021 21:21:23 GMT
server: ESF
date: Fri, 17 Sep 2021 21:21:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Sep 2021 21:21:23 GMT

GET
H2 200 HJkJvlfa16013937731601393774.2802775.jpg
nlpland.net/wp-content/uploads/2020/09/ Frame 2517 107 KB
107 KB 788ms
730ms Image
image/jpeg 104.21.83.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlpland.net/wp-content/uploads/2020/09/HJkJvlfa16013937731601393774.2802775.jpg
Requested by: Host: content.foreshop.net
URL: https://content.foreshop.net/native/nativead/7/55c2359666c16cf719e9b22e1d73ac51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.83.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1da13fb5e2b88c6a2589a4ee3c0a1a8a5bb1eebf5688bc7e35fbbf0471a3149

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content.foreshop.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 109337
last-modified: Thu, 14 Jan 2021 14:23:14 GMT
server: cloudflare
etag: "600053d2-1ab19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0WeFExDsbeJdeEoy6xYPw%2B%2F1am7Y8tE3e2GEOijKEfbITItyhJqSM3otpBAILOze%2FQK%2FkpvtxaS5Fl4hMZVes%2FtiU4cmltnEHfRA7hmd46cwzxQVTjFnm6ZllPHKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 690562475a164113-PRG
expires: Sun, 17 Oct 2021 21:21:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0998 24 KB
1 KB 15ms
15ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900

Requested by

Host: content.foreshop.net
URL: https://content.foreshop.net/native/nativead/8/55c2359666c16cf719e9b22e1d73ac51?u=1631913682469

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

7742176d36a9ea889f4db0a843e62f522ba690a8d514e91dd5aa09eccf7340ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content.foreshop.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 17 Sep 2021 20:23:10 GMT
server: ESF
date: Fri, 17 Sep 2021 21:21:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Sep 2021 21:21:23 GMT

GET
H2 200 pexels-photo-974911.jpeg
mrktngacademy.com/wp-content/uploads/2020/01/ Frame 0998 46 KB
47 KB 540ms
495ms Image
image/jpeg 172.67.176.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrktngacademy.com/wp-content/uploads/2020/01/pexels-photo-974911.jpeg
Requested by: Host: content.foreshop.net
URL: https://content.foreshop.net/native/nativead/8/55c2359666c16cf719e9b22e1d73ac51?u=1631913682469
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.176.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 181a0d35ec86f35d6a4c3b82d60834a2da5c9890a08ce8934feaea9948bdc011

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content.foreshop.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 47062
last-modified: Mon, 28 Dec 2020 17:20:17 GMT
server: cloudflare
etag: "5fea13d1-b7d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWMHCZeyxpoNr3Olqbuz8IHzgfnn41%2FASFn9dE0tt0V1OkC6F5uH6sHEDZ3L9jzOGfCsesGngCF%2BvqRZQYbtL14WVXPjeo9lmDbZkeDcQ8FD7uO%2FzQqcgTzUMrWeuEfvz%2F64CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6905624768185c5c-FRA
expires: Sun, 17 Oct 2021 21:21:23 GMT

GET
H2 200 photo-1522202176988-66273c2fd55f.jpg
be4greatness.com/wp-content/uploads/2020/06/ Frame 0998 19 KB
20 KB 411ms
376ms Image
image/jpeg 104.21.63.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://be4greatness.com/wp-content/uploads/2020/06/photo-1522202176988-66273c2fd55f.jpg
Requested by: Host: content.foreshop.net
URL: https://content.foreshop.net/native/nativead/8/55c2359666c16cf719e9b22e1d73ac51?u=1631913682469
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.63.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4afce9d59f256911931eeec276c9e4eabdb3e02618a7ba338a0235d1146a6f86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content.foreshop.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19512
last-modified: Fri, 15 Jan 2021 09:44:04 GMT
server: cloudflare
etag: "600163e4-4c38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJdiiuuRRyRGo961HyCqRumGdT%2B1bdjsMCaehj%2BG9db3hpmm7ocq9JbqGztLdY7cBv%2F6mKAXwjsrfitVAkAnXivIrhpV51EnoFk7Uqc8dto1R4kt%2BRAn63vBJJkAmEd0SWpG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 690562475d173237-FRA
expires: Sun, 17 Oct 2021 21:21:23 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 2517 15 KB
15 KB 15ms
14ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://content.foreshop.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 10:50:07 GMT
x-content-type-options: nosniff
age: 383476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 10:50:07 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 0998 15 KB
15 KB 15ms
14ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://content.foreshop.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 10:50:07 GMT
x-content-type-options: nosniff
age: 383476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 10:50:07 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C9ED 24 KB
1 KB 16ms
15ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900

Requested by

Host: content.foreshop.net
URL: https://content.foreshop.net/native/nativead/7/55c2359666c16cf719e9b22e1d73ac51

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

7742176d36a9ea889f4db0a843e62f522ba690a8d514e91dd5aa09eccf7340ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content.foreshop.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 17 Sep 2021 20:38:56 GMT
server: ESF
date: Fri, 17 Sep 2021 21:21:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Sep 2021 21:21:23 GMT

GET
H2 200 LOmOLciWhn16090779771609077977.9567955.jpg
procomposting.com/wp-content/uploads/2020/12/ Frame C9ED 118 KB
119 KB 758ms
705ms Image
image/jpeg 104.21.4.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://procomposting.com/wp-content/uploads/2020/12/LOmOLciWhn16090779771609077977.9567955.jpg
Requested by: Host: content.foreshop.net
URL: https://content.foreshop.net/native/nativead/7/55c2359666c16cf719e9b22e1d73ac51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00e6f9c69c3b828a73ee4eca4e3797dc74cc906d346323487fb05be39df4006e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content.foreshop.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 121100
last-modified: Tue, 12 Jan 2021 16:24:29 GMT
server: cloudflare
etag: "5ffdcd3d-1d90c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yduLQHXI%2BaiaGiA2qzhea76jxgob0z7y4%2Bhu%2FXWBpxpY7Zcxqp3wUkHKYM5aWx2XMRfadWLr4Lula4pPQOeAg1fdM0rxUsqG6NdPwMlUDOlS%2FKO5tbHx85L6S6Kkpad%2BE6G%2Fpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6905624889754e74-FRA
expires: Sun, 17 Oct 2021 21:21:23 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame C9ED 15 KB
15 KB 15ms
14ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://content.foreshop.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 10:50:07 GMT
x-content-type-options: nosniff
age: 383476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 10:50:07 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9550 24 KB
1 KB 16ms
15ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900

Requested by

Host: content.foreshop.net
URL: https://content.foreshop.net/native/nativeadpush/55c2359666c16cf719e9b22e1d73ac51

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

7742176d36a9ea889f4db0a843e62f522ba690a8d514e91dd5aa09eccf7340ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content.foreshop.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 17 Sep 2021 20:46:04 GMT
server: ESF
date: Fri, 17 Sep 2021 21:21:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Sep 2021 21:21:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 31FF 24 KB
1 KB 17ms
17ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900

Requested by

Host: content.foreshop.net
URL: https://content.foreshop.net/native/nativead/8/55c2359666c16cf719e9b22e1d73ac51

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

7742176d36a9ea889f4db0a843e62f522ba690a8d514e91dd5aa09eccf7340ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content.foreshop.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 17 Sep 2021 21:21:23 GMT
server: ESF
date: Fri, 17 Sep 2021 21:21:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Sep 2021 21:21:23 GMT

GET
H2 200 bQkJw16075801261607580127.4624727.jpg
digigotech.com/wp-content/uploads/2020/12/ Frame 9550 44 KB
45 KB 687ms
630ms Image
image/jpeg 172.67.144.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://digigotech.com/wp-content/uploads/2020/12/bQkJw16075801261607580127.4624727.jpg
Requested by: Host: content.foreshop.net
URL: https://content.foreshop.net/native/nativeadpush/55c2359666c16cf719e9b22e1d73ac51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.144.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09674cd9aec6b7b7db2d1657453c1ea5707a4d2ae211667c3ff95a3eb2529453

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content.foreshop.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45044
last-modified: Thu, 14 Jan 2021 08:49:10 GMT
server: cloudflare
etag: "60000586-aff4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKZbc246Qba%2Fp9Z6Qi1abz0pp1GkYFuIHcqOJlkgf0PglV4BgOvE21%2B%2BPxZ4XqzEep9YEsMfoh2pTC4%2B4S%2Fkj7UUAZ6nIfFku8GGlTnydDt79UpDbO32Yyx7SN4dlgqfog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 690562491b98f9d2-PRG
expires: Sun, 17 Oct 2021 21:21:23 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 9550 15 KB
15 KB 15ms
14ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://content.foreshop.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 08:46:15 GMT
x-content-type-options: nosniff
age: 218108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Sep 2022 08:46:15 GMT

GET
H2 200 pexels-photo-3183170.jpeg
memarketeer.com/wp-content/uploads/2019/12/ Frame 31FF 68 KB
69 KB 586ms
546ms Image
image/jpeg 104.21.26.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://memarketeer.com/wp-content/uploads/2019/12/pexels-photo-3183170.jpeg
Requested by: Host: content.foreshop.net
URL: https://content.foreshop.net/native/nativead/8/55c2359666c16cf719e9b22e1d73ac51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.26.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 100ed530cde2ab0b8a8cd8ae839d7a5d1db50a2c6c2ae5a052853b570ffa40ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content.foreshop.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 69637
last-modified: Wed, 30 Dec 2020 12:33:12 GMT
server: cloudflare
etag: "5fec7388-11005"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1v9ZMI7s51U7UY7Nf%2Bmw%2F%2B2iaP7loQXLUOL17Kfym4%2BXVWw3XnYWoQOvOFSrWsnbfwSVVxF%2FCbb7Xv%2FWtlsIF%2BP4MG6Tt8BflxO3DCMrRgIeGOU1Rzx8oZ2LBkK%2FaMSqNTk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 69056248feb75bf1-FRA
expires: Sun, 17 Oct 2021 21:21:23 GMT

GET
H2 200 PLANNER.jpg
nlpland.net/wp-content/uploads/2020/03/ Frame 31FF 12 KB
12 KB 316ms
316ms Image
image/jpeg 104.21.83.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlpland.net/wp-content/uploads/2020/03/PLANNER.jpg
Requested by: Host: content.foreshop.net
URL: https://content.foreshop.net/native/nativead/8/55c2359666c16cf719e9b22e1d73ac51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.83.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03f5c05c20cd539b305aa71e30285f758df849374e6248894bcc2074486695b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://content.foreshop.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:21:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11779
last-modified: Thu, 14 Jan 2021 14:23:10 GMT
server: cloudflare
etag: "600053ce-2e03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msVG8lsDiBJPzPiKY6Q3SbC7tLHV96AQVemszivq6cC5p%2FCqwA8pc8LUt9lZZ5MRq4%2FkpyR%2F8Jgr9UcIQ6mj3y3Z8kK0JS8dkAgQQKgMn29A4%2FA1%2FLtx39EipbypIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 69056248bbe14113-PRG
expires: Sun, 17 Oct 2021 21:21:23 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 31FF 15 KB
15 KB 15ms
14ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://content.foreshop.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 10:50:07 GMT
x-content-type-options: nosniff
age: 383476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 10:50:07 GMT

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tipsmoney.top/	1970-01-20 14:49:45	Name: _ga Value: GA1.2.941995379.1631913682
.tipsmoney.top/	1970-01-19 21:20:00	Name: _gid Value: GA1.2.1073037447.1631913682
.tipsmoney.top/	1970-01-19 21:18:33	Name: _gat_gtag_UA_182103897_1 Value: 1
tipsmoney.top/	1969-12-31 23:59:59	Name: test Value: test
content.foreshop.net/	1970-01-19 21:18:40	Name: XSRF-TOKEN Value: eyJpdiI6IjdnN0RjTDNkSkxBNENuYzVqK25RVWc9PSIsInZhbHVlIjoiMWxOQ1luQllUTnExZ2RWWVpsTTk3VHFCdUFKNEJualNPVXZ6K2FaWUpcL2U5UUhkRlNXTHR4ditFRXlsRHZ5eFlBWjJNSWY2MTBzRk01RSs1V214ckJ1dTQxQ2tuZHVxbXVJOFFvbjRkRmozVzFPdG1XUEk0elpGck1iZm1RQ2FkIiwibWFjIjoiN2ZlN2QwM2VhYjE3M2M1MjIxMDdmNzEzNTJjOTQ0ODQxMDVmODU3YTc2MDhhYTVmMmY4NzY4ZDdkMjE4MWI1ZCJ9
content.foreshop.net/	1970-01-19 21:18:40	Name: laravel_session Value: eyJpdiI6ImxhZTFFcmRLVGVZVlVvT0s3N3UxOWc9PSIsInZhbHVlIjoiTHB5dFRZZzI5cWsyU3ZuVnZPMTZuWEFpZ05OSUpVV000dTZvNGZUV3dydEZUNzJuSVMrNTQwS3JNTWsrTm1pK2preTBnTWxQUUJcL2Nza2c5MWhMUlBiM0VRbFFOaXFpQWs5SCtiNWU2QU55UVphWjg5SXhOclV5QW45Z3JXM1ZBIiwibWFjIjoiYmIzNjMzN2IxNzNkOTdhMGE3Mzg3ZGZlYzZkOGViYjdjNWY4NzMyNmM5YjQ5YmM4MzJhN2QyNTg3MmIyNTQ3NCJ9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin,SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

be4greatness.com
content.foreshop.net
cpm.foremedia.net
digigotech.com
fonts.googleapis.com
fonts.gstatic.com
memarketeer.com
mrktngacademy.com
nlpland.net
platform.foremedia.net
procomposting.com
static.foremedia.net
tipsmoney.top
www.google-analytics.com
www.googletagmanager.com
www.tipsmoney.top
104.21.26.3
104.21.4.73
104.21.63.194
104.21.70.171
104.21.83.66
104.236.228.144
142.250.185.110
142.250.186.170
142.250.74.195
151.139.128.11
172.217.16.136
172.67.138.6
172.67.144.209
172.67.176.43
172.67.217.173
77.245.57.72
00a3adc3ed6699c9bd6cb4a796ac13405abad17f40c5c0059b3cfed041860d90
00e6f9c69c3b828a73ee4eca4e3797dc74cc906d346323487fb05be39df4006e
01b90a3cf0c6263774a0af888efbbc131a300822093d826d951a76fe933ddc31
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03f5c05c20cd539b305aa71e30285f758df849374e6248894bcc2074486695b1
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf
09674cd9aec6b7b7db2d1657453c1ea5707a4d2ae211667c3ff95a3eb2529453
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
100ed530cde2ab0b8a8cd8ae839d7a5d1db50a2c6c2ae5a052853b570ffa40ef
10382c483339da5f477f54e1767b96e805067b393277d9bff545e5f3674d26f5
181a0d35ec86f35d6a4c3b82d60834a2da5c9890a08ce8934feaea9948bdc011
1843fb720625b612a387488025ecc00ef7176304f673bc75aa60457a71e32882
20a426655d7cafd4ac3b33e04e678d3c872294b6acb0008466a83d3682036aaf
2266241ee24e3e2310f0b647cd893b5a75cab7878524c4a20d4cf3eed874dcbd
23222853f29f8fe40b2733e70cf7cd4242a40fb4e320af680fc342fabc12d77a
23c7621f45e78b431fbc4d1d1b3a5dda64418d9efb413a26f314773a8cf76e37
25f3e6f807e305fee4285f056b63d4a327e284246ac70308d1119ebdd8b0c8e1
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
293fceaa83886938b9cd229a60ccb30868438241242ef4baf293cdfe3984d6f8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
321c77b343c5596df0d6c4290dd001fc3a384d108eadc47ed7470e4d1ba45839
41f54f68cf71936ecbf01c83bb90937c767b5d37a96e8f612f1c03e5fb0d70e9
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4afce9d59f256911931eeec276c9e4eabdb3e02618a7ba338a0235d1146a6f86
53278160e702b9eed9571784fd3f807085b7cbcf05b5124d3c7377da15e75d1e
58cde4e7d34de7a6c9a2827c26c4d2df458b189f82241e7cbd81b09f6c6f811e
592df3e037ca31c7cc5b5a2a57c28e759a0b6d7d6bc13621ad55643354cda896
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
601ed42838b01e950fe18f963d47426347d7b6f7ac89b3d840a9f4c61795ab96
64e0179d0ee954738afe91c29a769cc3e4ad799899a5650d1213b67cb4fd65dc
661de38d28a2da59e3cc720d817707bf0fde5c092933dc209d20c884d29902eb
683edec5ee9d3a0fea8c381caf9e531e424e562da95c03837dcc4c3f88847ebb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
707696e2c7007cf266ecffce08c248e3af7e3c416711d7f127dee29094a4675b
713c7b733f11f96b2fc263d4a214b8ac8461a7d32606816fca11b9e60f06907e
724327dd592648e85916b6f38cf5fe0c0575a9639e2435bdc333200d0d08b0aa
73b3e672aca8aabcc480f0df8bbcb53e47b90d9e7da698c1573b9976d93ad65b
7473dee1f9ef1f3523c838740c477898dbae91fdf4073bc9a435fd1eb48f2e22
7742176d36a9ea889f4db0a843e62f522ba690a8d514e91dd5aa09eccf7340ce
795a0ecac42f138844d52334a1a6221e72e08615b90103d037b1423c45a1579b
85d99f8791d48b0c61bca78ad56425ae628e21705837e009628540cf33bbd11c
8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8f2d42e80b39dd9228ad4e44961d1ae48572a9420e8156f58f116c2087d430cb
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9fdcefbd9b39273345793cd3cf18951afc20c8a21bf24d7187c187e6632d4bad
a10219f3f76370114dd0f3df4c3130ab32e20ef6a0bf2500ff2ac213f64fe7e9
af590eb31ffa3a403681a054b9b211228c69df12a99de562a121acdfa0264544
b10d4805bfd37702e61c9c03f784ed6ea227bca02c58fd8b139fbfc62f68df08
b2ad0447de472150854bf3dce2edcba780354658435f486325e08b92f8ea91d7
b8d96cbc73c3aa4e88fb6bf9c6ab26d6a3114daa924e18785a3d4df76cf643fe
ba782b4035e884a61098b7bb55ec440d0a3b4c80de2a3de54b16fa0d221483ad
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb23e95c47e9fe886fc0264c15510ff856ab4b9e2c492f919fb0dd9ab8a2c182
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd7c680c451cb408884ee100c24728d16ba04edbbe3303e694aa787798746bec
dbb6ca6a95a492b2cbc977a03a7a071709f794ae42a1a0c14bed388df91065a2
dfc8ab26c1180ac157293818f98e9d09a19e29ee957f84efe586084dde2d71da
e0304ab5a23a9eaa96078f402a33c19fd643c8b8e69e7fbf0e2be93e7e11be10
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e9cd6cf2b3a30a05c3a069bd13c6cdd14e03cfde9552db74ab05152614a2b278
eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19
f1da13fb5e2b88c6a2589a4ee3c0a1a8a5bb1eebf5688bc7e35fbbf0471a3149
f5d54c63bfb9fbde0162c7d0bb0741cb0f81bc8a41d071d57f70441172ab957a
fa64e1f2d831d1999c5006846e6484cfa847ddf45e879ddc2a8a6bbd3abd5280
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

tipsmoney.top Open in urlscan Pro 104.21.70.171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

100 %HTTPS

0 %IPv6

13 Domains

16 Subdomains

16 IPs

2 Countries

1356 kBTransfer

3057 kBSize

6 Cookies

17 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tipsmoney.top Open in urlscan Pro
104.21.70.171 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

16
Subdomains

16
IPs

2
Countries

1356 kB
Transfer

3057 kB
Size

6
Cookies

83 HTTP transactions
2 data transactions