URL: https://moneyheistseason4.com/url/230qcaeyu7+
Submission: On July 06 via api from BE

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3033::ac43:d82f, located in United States and belongs to CLOUDFLARENET, US. The main domain is moneyheistseason4.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 8th 2020. Valid for: a year.
This is the only time moneyheistseason4.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 192.243.59.12 39572 (ADVANCEDH...)
2 192.0.76.3 2635 (AUTOMATTIC)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
23 8
Domain Requested by
13 moneyheistseason4.com moneyheistseason4.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 p64gk2yhba0p.com 1 redirects moneyheistseason4.com
1 pixel.wp.com moneyheistseason4.com
1 www.google.com moneyheistseason4.com
1 google.com 1 redirects
1 stats.wp.com moneyheistseason4.com
1 www.googletagmanager.com moneyheistseason4.com
1 fonts.googleapis.com moneyheistseason4.com
23 10

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-10-08 -
2021-10-08
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-06-07 -
2021-08-30
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-06-07 -
2021-08-30
3 months crt.sh
p64gk2yhba0p.com
R3
2021-07-04 -
2021-10-02
3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA
2020-04-02 -
2022-07-05
2 years crt.sh
www.google.com
GTS CA 1C3
2021-06-22 -
2021-09-14
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-06-07 -
2021-08-30
3 months crt.sh

This page contains 1 frames:

Primary Page: https://moneyheistseason4.com/url/230qcaeyu7+
Frame ID: 36D7D54103A88BE97D23C9A9F8C04538
Requests: 23 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

23
Requests

100 %
HTTPS

75 %
IPv6

8
Domains

10
Subdomains

8
IPs

2
Countries

249 kB
Transfer

579 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://p64gk2yhba0p.com/66/63/30/6663306336343239623734393337343638653163363637336330363030376561.js HTTP 301
  • https://google.com/ HTTP 301
  • https://www.google.com/

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 230qcaeyu7+
moneyheistseason4.com/url/
20 KB
5 KB
Document
General
Full URL
https://moneyheistseason4.com/url/230qcaeyu7+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:d82f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
0e7afc03c1f7cfd8a80570b9fb8aa40897341989c4b934ba6d93c97f3de36c55

Request headers

:method
GET
:authority
moneyheistseason4.com
:scheme
https
:path
/url/230qcaeyu7+
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 04:48:08 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.2.34
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
link
<https://moneyheistseason4.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control
public,max-age=3600
x-litespeed-tag
783_HTTP.404,783_PGSRP,783_404,783_URL.6b02c376c1fd0cdc0646aeedea67ff0d,783_
x-litespeed-cache
miss
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=d8rbmj4EBsfB8e9BROaw0AkZUsKsfWakTsvQym%2BCIbirm2rW7ihLy34XtRYXFtcb05xm3RK6hCrQFMWhawSq1R%2FvemNt2JDP7vexiKgm8OwlzqjvL1RSLYmA6412fCTxgoAPQKyBDVTMzvK%2FexEM"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
66a632eb2c3a145a-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
style.min.css
moneyheistseason4.com/wp-includes/css/dist/block-library/
57 KB
8 KB
Stylesheet
General
Full URL
https://moneyheistseason4.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Requested by
Host: moneyheistseason4.com
URL: https://moneyheistseason4.com/url/230qcaeyu7+
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d82f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
moneyheistseason4.com
referer
https://moneyheistseason4.com/url/230qcaeyu7+
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://moneyheistseason4.com/url/230qcaeyu7+
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 04:48:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2171
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 15 Apr 2021 03:58:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=d7weBCu1V7ou2YgG%2F7knx2%2FJndVwwTlDaoXzXkTRt8Xri5AzxsvY0cEQtO1ZAoysgntu9QOQ%2FZ4Ph%2BTMgCCPdlW5iXKMH88h16FOx%2F0D9buxBFTsj2wHCpVvgsyFndkPRiUjy%2FgS8aoeYp3z1zcG"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
66a632f25fad535d-FRA
expires
Tue, 13 Jul 2021 04:11:57 GMT
theme.min.css
moneyheistseason4.com/wp-includes/css/dist/block-library/
3 KB
1 KB
Stylesheet
General
Full URL
https://moneyheistseason4.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.7.2
Requested by
Host: moneyheistseason4.com
URL: https://moneyheistseason4.com/url/230qcaeyu7+
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d82f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d

Request headers

:path
/wp-includes/css/dist/block-library/theme.min.css?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
moneyheistseason4.com
referer
https://moneyheistseason4.com/url/230qcaeyu7+
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://moneyheistseason4.com/url/230qcaeyu7+
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 04:48:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2171
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 16 Mar 2021 03:13:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WCm%2BT0r1RTG99Ms6B8yerfE1kqktkP1OBb3SalFRep1aGTl2D6j07NWNmQRIk4AJyihiYPrK%2Fk2dQstE9e%2B40rqDZJ3kyJ8qTY5HrkWMdSAqMGZaWtsZGmVb8wn8MbQML8Ob6FBJyKTiM4Pbesem"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
66a632f25fae535d-FRA
expires
Tue, 13 Jul 2021 04:11:57 GMT
style.min.css
moneyheistseason4.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/
438 B
808 B
Stylesheet
General
Full URL
https://moneyheistseason4.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.16
Requested by
Host: moneyheistseason4.com
URL: https://moneyheistseason4.com/url/230qcaeyu7+
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d82f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b88fca268e1352a0922f301c6b88f0499606c01faa8d0718de11a8153a5edc3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.16
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
moneyheistseason4.com
referer
https://moneyheistseason4.com/url/230qcaeyu7+
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://moneyheistseason4.com/url/230qcaeyu7+
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 04:48:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2171
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 06 Mar 2021 03:14:44 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KszVJm5Eaw7AgBqrizHrgraGrwcThPryKCR0Vp4I00bEfaiFV9JuY5QNHeRwUxVEcQRltWxif26MqJk1hIcKAsGuxEykO1mstfwy7BAd88sl71y7b28VXselFCU5TmzImxKWxU1I8Q%2BMM92wnK8B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cache-control
max-age=14400
cf-ray
66a632f25fbd535d-FRA
screen.min.css
moneyheistseason4.com/wp-content/plugins/easy-table-of-contents/assets/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://moneyheistseason4.com/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.16
Requested by
Host: moneyheistseason4.com
URL: https://moneyheistseason4.com/url/230qcaeyu7+
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d82f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22af5d3bf749542c2d95975186991b7b8c1e0766449c3fdeab55d57eb0d1ffdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.16
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
moneyheistseason4.com
referer
https://moneyheistseason4.com/url/230qcaeyu7+
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://moneyheistseason4.com/url/230qcaeyu7+
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 04:48:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2171
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 06 Mar 2021 03:14:44 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FO25RpTGqqUvp1%2B5rveRFR4pb8BQflt44XMtPlJONRsGuugBNDhtqzXB17trbf9X6K5W86JPoFVGHBqSMo6sUuVCLLG2Pe1X0bOkQk48lCo8onprh7DEy4AWyDVsHnEnLKtzb5%2Fi6CVd0LV8RVdp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cache-control
max-age=14400
cf-ray
66a632f25fbb535d-FRA
style.css
moneyheistseason4.com/wp-content/themes/schema-lite/
38 KB
9 KB
Stylesheet
General
Full URL
https://moneyheistseason4.com/wp-content/themes/schema-lite/style.css?ver=5.7.2
Requested by
Host: moneyheistseason4.com
URL: https://moneyheistseason4.com/url/230qcaeyu7+
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d82f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36c6b5707db99f944478fbe7f53d488b7f1e56f5c37cb54448eb27f5f8c3883a

Request headers

:path
/wp-content/themes/schema-lite/style.css?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
moneyheistseason4.com
referer
https://moneyheistseason4.com/url/230qcaeyu7+
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://moneyheistseason4.com/url/230qcaeyu7+
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 04:48:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2171
cf-polished
origSize=44042
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Fri, 06 Mar 2020 07:19:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LSpUCvgaL8GhbSlbkY6D%2FWM73cCwnOkHLwFHDxRImzk9Qj6ymzB8KFgqqMaWFuiLC93o%2FwTqvM9uYf%2FQyBP604lXbpsd3%2BSgd19PmcAoW8GH%2BjxaCILihn72kNFglESDQnvKejau4FM17sVrVrgh"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
66a632f25fa6535d-FRA
expires
Tue, 13 Jul 2021 04:11:57 GMT
css
fonts.googleapis.com/
9 KB
837 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%20Slab%3A300%2C400%7CRaleway%3A400%2C500%2C700&subset=latin-ext
Requested by
Host: moneyheistseason4.com
URL: https://moneyheistseason4.com/url/230qcaeyu7+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eddd52e1ced3cee1b01aa6e087fade21dd97a481f5a949ca99750e864a1ae19b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://moneyheistseason4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 04:48:08 GMT
server
ESF
date
Tue, 06 Jul 2021 04:48:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Jul 2021 04:48:08 GMT
jetpack.css
moneyheistseason4.com/wp-content/plugins/jetpack/css/
72 KB
13 KB
Stylesheet
General
Full URL
https://moneyheistseason4.com/wp-content/plugins/jetpack/css/jetpack.css?ver=9.8.1
Requested by
Host: moneyheistseason4.com
URL: https://moneyheistseason4.com/url/230qcaeyu7+
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d82f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eb617d2a6ca2d38a79a95f481bac4b49942689efb2419a1cc9676b8a72d1d67

Request headers

:path
/wp-content/plugins/jetpack/css/jetpack.css?ver=9.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
moneyheistseason4.com
referer
https://moneyheistseason4.com/url/230qcaeyu7+
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://moneyheistseason4.com/url/230qcaeyu7+
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 04:48:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2171
cf-polished
origSize=73490
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 09 Jun 2021 03:56:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IFD%2F06zAn%2BbUEnvOst4guK3dhreE6MlOaYQR4OjylsrsjmZwtu9lO6k5FR4r62KRWGM98eZ4QYf4NHaPfbaKedAGa0up2qH5SPMID8qPeszvTVulNPVVSIB3A6H%2BqSh8VbOCnGio81HRaS7CXlPd"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
66a632f24fa4535d-FRA
expires
Tue, 13 Jul 2021 04:11:57 GMT
jquery.min.js
moneyheistseason4.com/wp-includes/js/jquery/
87 KB
30 KB
Script
General
Full URL
https://moneyheistseason4.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: moneyheistseason4.com
URL: https://moneyheistseason4.com/url/230qcaeyu7+
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d82f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
moneyheistseason4.com
referer
https://moneyheistseason4.com/url/230qcaeyu7+
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://moneyheistseason4.com/url/230qcaeyu7+
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 04:48:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2171
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Dec 2020 07:39:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uq0VrANv2pcNtrzjGGZkQs8kXL9ShWBvMBVl6deIPsiz5wDhS9WfOQLvcXm8cIYkB99vqjcrw0oQ2lPTKri5WlsXsmZogoE1T51QhnxaAAYhzBiyHYYlBbk%2BbPkrZSHMefQ5Vch%2FpkKBm9OfLnTD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cache-control
max-age=14400
cf-ray
66a632f25fbc535d-FRA
jquery-migrate.min.js
moneyheistseason4.com/wp-includes/js/jquery/
11 KB
4 KB
Script
General
Full URL
https://moneyheistseason4.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: moneyheistseason4.com
URL: https://moneyheistseason4.com/url/230qcaeyu7+
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d82f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
moneyheistseason4.com
referer
https://moneyheistseason4.com/url/230qcaeyu7+
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://moneyheistseason4.com/url/230qcaeyu7+
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 04:48:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2171
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Dec 2020 07:39:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Vj0oOjX%2FYVKS7%2BZskoH5joJUdY8e28CDjC6mtuQG%2FSuv5VFdtRwC0OOyiqcKiaiMu%2BI9daj2A%2BT5RZbEcsHVVOpADek7ycBN6QCagrIp8qAOnG0tAMlDwLilE%2Fs%2F6Dk%2BwHKHA81zeUYKvD0VsUzB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cache-control
max-age=14400
cf-ray
66a632f25fac535d-FRA
customscripts.js
moneyheistseason4.com/wp-content/themes/schema-lite/js/
5 KB
2 KB
Script
General
Full URL
https://moneyheistseason4.com/wp-content/themes/schema-lite/js/customscripts.js?ver=5.7.2
Requested by
Host: moneyheistseason4.com
URL: https://moneyheistseason4.com/url/230qcaeyu7+
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d82f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4bd28dac19c96bbdad03f6049fa34cf92c4cc53366de4fccf81cfed95ab9c0e

Request headers

:path
/wp-content/themes/schema-lite/js/customscripts.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
moneyheistseason4.com
referer
https://moneyheistseason4.com/url/230qcaeyu7+
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://moneyheistseason4.com/url/230qcaeyu7+
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 04:48:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2171
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Fri, 06 Mar 2020 07:19:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1H5YJjSIfIEBfdN2wANptvpKNl6K%2BWFNJ9gdwpiupvFkZjoKjlKtyMz73ff6i3X5zPPV6Kgnv%2Bz7D%2B7jxsZhiQz5jOcBWhnXzO7ip1XY2fFkxj%2BxXN48UZuZJN%2F3U82FWvadh5Y7M17DarAQ%2F2Vk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
66a632f25fa9535d-FRA
expires
Tue, 13 Jul 2021 04:11:57 GMT
js
www.googletagmanager.com/gtag/
91 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-126116097-6
Requested by
Host: moneyheistseason4.com
URL: https://moneyheistseason4.com/url/230qcaeyu7+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f204acf303aa88da5b89189f06c51de0ca11714306afcc1d220f454ffdc929ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://moneyheistseason4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 04:48:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36985
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Jul 2021 04:48:08 GMT
136cb99b599d88a60251198091b42098.js
p64gk2yhba0p.com/13/6c/b9/
0
0
Script
General
Full URL
https://p64gk2yhba0p.com/13/6c/b9/136cb99b599d88a60251198091b42098.js
Requested by
Host: moneyheistseason4.com
URL: https://moneyheistseason4.com/url/230qcaeyu7+
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://moneyheistseason4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 06 Jul 2021 04:48:08 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
wp-embed.min.js
moneyheistseason4.com/wp-includes/js/
3 KB
2 KB
Script
General
Full URL
https://moneyheistseason4.com/wp-includes/js/wp-embed.min.js?ver=5.7.2
Requested by
Host: moneyheistseason4.com
URL: https://moneyheistseason4.com/url/230qcaeyu7+
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d82f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5223c84e990e50fa2f8a311524f8f0045a7155421fab268a33b47206b79615a

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
moneyheistseason4.com
referer
https://moneyheistseason4.com/url/230qcaeyu7+
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://moneyheistseason4.com/url/230qcaeyu7+
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 04:48:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2171
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 04 Feb 2021 03:56:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=llpqon2bpDJQyhQTbuyOjLh9UTiciHTRYKbCIXuuFtASS7sp6Cz7qRfEV6dSpWyeNJJiuyT61p5F6G6WIug8h9s2CVY6wHkLko2UIAGW7fII65A6m%2BaQzAx6kqoxolWnhuqaZnukhWpc%2F20uT33k"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
66a632f25fa5535d-FRA
expires
Tue, 13 Jul 2021 04:11:57 GMT
e-202127.js
stats.wp.com/
9 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202127.js
Requested by
Host: moneyheistseason4.com
URL: https://moneyheistseason4.com/url/230qcaeyu7+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
https://moneyheistseason4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn
date
Tue, 06 Jul 2021 04:48:08 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 27 Jun 2022 03:06:32 GMT
/
www.google.com/
Redirect Chain
  • https://p64gk2yhba0p.com/66/63/30/6663306336343239623734393337343638653163363637336330363030376561.js
  • https://google.com/
  • https://www.google.com/
0
0
Script
General
Full URL
https://www.google.com/
Requested by
Host: moneyheistseason4.com
URL: https://moneyheistseason4.com/url/230qcaeyu7+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://moneyheistseason4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

bfcache-opt-in
unload
date
Tue, 06 Jul 2021 04:48:08 GMT
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
location
https://www.google.com/
cache-control
private, max-age=2592000
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
220
x-xss-protection
0
expires
Tue, 06 Jul 2021 04:48:08 GMT
wp-emoji-release.min.js
moneyheistseason4.com/wp-includes/js/
16 KB
6 KB
Script
General
Full URL
https://moneyheistseason4.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by
Host: moneyheistseason4.com
URL: https://moneyheistseason4.com/url/230qcaeyu7+
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d82f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51bbc91cdf567747fad0e26005c425c093e3ee4bfde5cec604325c565d77302f

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
moneyheistseason4.com
referer
https://moneyheistseason4.com/url/230qcaeyu7+
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://moneyheistseason4.com/url/230qcaeyu7+
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 04:48:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2170
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 04 Feb 2021 03:56:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pEibM3sawtlYWeH%2Fb21kKy8nUdA1Z0CV7Wc1fnK%2FW%2FsqzhxE8bXEIPk7UIWstqZbOTYXiK6F0Lh%2B0%2BVCyteUVSAFKRXF5qYqd4MvnqnYLw29DZFheHNoyYWBG%2BPGXpNAAI%2BWWIMXy2damdKYD5Cz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
66a632f2a853535d-FRA
expires
Tue, 13 Jul 2021 04:11:58 GMT
230qcaeyu7+
moneyheistseason4.com/url/
20 KB
20 KB
Image
General
Full URL
https://moneyheistseason4.com/url/230qcaeyu7+
Requested by
Host: moneyheistseason4.com
URL: https://moneyheistseason4.com/url/230qcaeyu7+
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d82f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
0e7afc03c1f7cfd8a80570b9fb8aa40897341989c4b934ba6d93c97f3de36c55

Request headers

:path
/url/230qcaeyu7+
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
moneyheistseason4.com
referer
https://moneyheistseason4.com/url/230qcaeyu7+
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://moneyheistseason4.com/url/230qcaeyu7+
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 04:48:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.2.34
x-litespeed-cache
hit
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CSRRQYY31vW8JbgcrdDV8Jl0r35CwtWfCMmzzZ70SQdALWqcSDfkLKpW5I4eUFW9evT%2BOdiY75IBvjmQnxdyUZ2oEC5nwdXmeKxftdJPCIiLSExojIkW%2FOQFYfKh2caQvJGwgB8Ps%2BkG57LiYR42"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
cf-ray
66a632f2b85f535d-FRA
link
<https://moneyheistseason4.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Slab%3A300%2C400%7CRaleway%3A400%2C500%2C700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://moneyheistseason4.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Jul 2021 21:18:35 GMT
x-content-type-options
nosniff
age
26973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 19:40:30 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Jul 2022 21:18:35 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v13/
39 KB
39 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotoslab/v13/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Slab%3A300%2C400%7CRaleway%3A400%2C500%2C700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://moneyheistseason4.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 10:09:03 GMT
x-content-type-options
nosniff
age
499145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39440
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 22:03:59 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 10:09:03 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126116097-6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://moneyheistseason4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
4942
date
Tue, 06 Jul 2021 03:25:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Tue, 06 Jul 2021 05:25:46 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=147572004&t=pageview&_s=1&dl=https%3A%2F%2Fmoneyheistseason4.com%2Furl%2F230qcaeyu7%2B&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20-%20Money%20Heist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1538666140&gjid=523047576&cid=138101972.1625546888&tid=UA-126116097-6&_gid=288279775.1625546888&_r=1&gtm=2ou6u0&z=787128901
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://moneyheistseason4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Jul 2021 04:48:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://moneyheistseason4.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.gif
pixel.wp.com/
50 B
92 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A9.8.1&blog=171769391&post=0&tz=5&srv=moneyheistseason4.com&host=moneyheistseason4.com&ref=&fcp=1254&rand=0.23074562309191848
Requested by
Host: moneyheistseason4.com
URL: https://moneyheistseason4.com/url/230qcaeyu7+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://moneyheistseason4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 04:48:08 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery object| q boolean| ndsj function| HttpClient function| rand function| token function| A function| gtag object| dataLayer object| twemoji object| wp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| _stq function| st_go function| linktracker_init object| wpcom

3 Cookies

Domain/Path Name / Value
.moneyheistseason4.com/ Name: _gat_gtag_UA_126116097_6
Value: 1
.moneyheistseason4.com/ Name: _gid
Value: GA1.2.288279775.1625546888
.moneyheistseason4.com/ Name: _ga
Value: GA1.2.138101972.1625546888

1 Console Messages

Source Level URL
Text
console-api log URL: https://moneyheistseason4.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
google.com
moneyheistseason4.com
p64gk2yhba0p.com
pixel.wp.com
stats.wp.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
192.0.76.3
192.243.59.12
2606:4700:3033::ac43:d82f
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:829::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2004
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0e7afc03c1f7cfd8a80570b9fb8aa40897341989c4b934ba6d93c97f3de36c55
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
22af5d3bf749542c2d95975186991b7b8c1e0766449c3fdeab55d57eb0d1ffdc
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
36c6b5707db99f944478fbe7f53d488b7f1e56f5c37cb54448eb27f5f8c3883a
3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d
4eb617d2a6ca2d38a79a95f481bac4b49942689efb2419a1cc9676b8a72d1d67
51bbc91cdf567747fad0e26005c425c093e3ee4bfde5cec604325c565d77302f
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
b88fca268e1352a0922f301c6b88f0499606c01faa8d0718de11a8153a5edc3a
c4bd28dac19c96bbdad03f6049fa34cf92c4cc53366de4fccf81cfed95ab9c0e
d5223c84e990e50fa2f8a311524f8f0045a7155421fab268a33b47206b79615a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eddd52e1ced3cee1b01aa6e087fade21dd97a481f5a949ca99750e864a1ae19b
f204acf303aa88da5b89189f06c51de0ca11714306afcc1d220f454ffdc929ce
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1