moneymatteronline.com Open in urlscan Pro
2606:4700:3033::6815:3e14 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://topglinks.xyz/pyPDGWK
Effective URL:
https://moneymatteronline.com/
Submission: On December 07 via api (December 7th 2024, 8:11:54 pm UTC) from US — Scanned from NZ

Summary HTTP 48 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 13 domains to perform 48 HTTP transactions. The main IP is 2606:4700:3033::6815:3e14, located in United States and belongs to CLOUDFLARENET, US. The main domain is moneymatteronline.com.
TLS certificate: Issued by WE1 on December 5th 2024. Valid for: 3 months.

This is the only time moneymatteronline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a02:4780:49:... 2a02:4780:49:ef39:d1ea:e471:f0c0:b1dc	47583 (AS-HOSTIN...) (AS-HOSTINGER Hostinger International Limited)
2 3	172.67.187.94 172.67.187.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3033::6815:3e14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2404:6800:400... 2404:6800:4006:810::2008	15169 (GOOGLE) (GOOGLE)
1 10	172.217.167.98 172.217.167.98	15169 (GOOGLE) (GOOGLE)
1 7	172.67.217.233 172.67.217.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4006:814::200a	15169 (GOOGLE) (GOOGLE)
2	142.250.217.132 142.250.217.132	15169 (GOOGLE) (GOOGLE)
10	2404:6800:400... 2404:6800:4006:814::2001	15169 (GOOGLE) (GOOGLE)
3	142.250.71.66 142.250.71.66	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4006:80a::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4006:810::2003	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4006:812::200a	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4006:80a::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.66.194 142.250.66.194	15169 (GOOGLE) (GOOGLE)
48	15

1 2a02:4780:49:ef39:d1ea:e471:f0c0:b1dc (Cyprus) 1 redirects

ASN47583 (AS-HOSTINGER Hostinger International Limited, CY)

topglinks.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.187.94 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

teraboxlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:3e14 (United States)

ASN13335 (CLOUDFLARENET, US)

moneymatteronline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4006:810::2008 (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.167.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.67.217.233 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

moneymatteronline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:814::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.217.132 (United States)

ASN15169 (GOOGLE, US)
PTR: lax31s19-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4006:814::2001 (Sydney, Australia)

ASN15169 (GOOGLE, US)

a53c5a32935b7fe20033ce28b9dee029.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.71.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:80a::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:810::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:812::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4006:80a::2001 (Sydney, Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.66.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218	264 KB
9	googlesyndication.com a53c5a32935b7fe20033ce28b9dee029.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 173	75 KB
9	moneymatteronline.com 1 redirects moneymatteronline.com	75 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 527	104 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	321 KB
3	teraboxlinks.com 2 redirects teraboxlinks.com	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36
2	google.com www.google.com — Cisco Umbrella Rank: 3	968 B
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 415 fonts.googleapis.com — Cisco Umbrella Rank: 29	32 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 96	20 B
1	gstatic.com www.gstatic.com	216 KB
1	topglinks.xyz 1 redirects topglinks.xyz	704 B
48	13

	Domain	Requested by
10	securepubads.g.doubleclick.net	1 redirects moneymatteronline.com securepubads.g.doubleclick.net
9	moneymatteronline.com	1 redirects moneymatteronline.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	tpc.googlesyndication.com	moneymatteronline.com
3	a53c5a32935b7fe20033ce28b9dee029.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.googletagmanager.com	moneymatteronline.com www.googletagmanager.com
3	teraboxlinks.com	2 redirects
2	ep2.adtrafficquality.google	securepubads.g.doubleclick.net ep2.adtrafficquality.google
2	www.google-analytics.com	www.googletagmanager.com
2	pagead2.googlesyndication.com	moneymatteronline.com
2	www.google.com	moneymatteronline.com ep2.adtrafficquality.google
1	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
1	www.googleadservices.com	moneymatteronline.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	www.gstatic.com	www.google.com
1	ajax.googleapis.com	moneymatteronline.com
1	topglinks.xyz	1 redirects
48	17

This site contains links to these domains. Also see Links.

Domain
generatepress.com

Subject Issuer	Validity	Valid
teraboxlinks.com WE1	`2024-11-10` - `2025-02-08`	3 months	crt.sh
moneymatteronline.com WE1	`2024-12-05` - `2025-03-05`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
misc-sni.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
adtrafficquality.google WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://moneymatteronline.com/
Frame ID: 0FD903EBC76E810C390BD23DD7FB7804
Requests: 29 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 7C200F53B5F4BE9789EA8E0B49C1047C
Requests: 1 HTTP requests in this frame

Frame: https://a53c5a32935b7fe20033ce28b9dee029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0137FEF8C2A39C9B64BA0C40DABF1DF6
Requests: 1 HTTP requests in this frame

Frame: https://a53c5a32935b7fe20033ce28b9dee029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3688A50250A2E626D5CC35557E90424A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012410292120000/amp4ads-v0.mjs
Frame ID: 1D26E9F78F92720F49424E0F110DD288
Requests: 14 HTTP requests in this frame

Frame: https://a53c5a32935b7fe20033ce28b9dee029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CF965245A1F9CD69732370D114DBE37A
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 0B16D42716D6FD61C8F9C391B4762416
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6DFD3AECE661837CA28BC2C193113D10
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

moneymatteronlie

Page URL History Show full URLs

http://topglinks.xyz/pyPDGWK HTTP 307
https://topglinks.xyz/pyPDGWK HTTP 307
https://teraboxlinks.com/st?api=c04a0abe37319796fd23522c71bb449789c90f1b&url=https://mypowerlinks.org... Page URL
https://teraboxlinks.com/st?api=c04a0abe37319796fd23522c71bb449789c90f1b&url=https://mypowerlinks.org... HTTP 301
https://teraboxlinks.com/9RRW5T HTTP 307
https://moneymatteronline.com/safe.php?link=9RRW5T Page URL
https://moneymatteronline.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

48
Requests

92 %
HTTPS

60 %
IPv6

13
Domains

17
Subdomains

15
IPs

3
Countries

1109 kB
Transfer

3295 kB
Size

19
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://topglinks.xyz/pyPDGWK HTTP 307
https://topglinks.xyz/pyPDGWK HTTP 307
https://teraboxlinks.com/st?api=c04a0abe37319796fd23522c71bb449789c90f1b&url=https://mypowerlinks.org/st?api=eee9255b7902ec1d44ece08ef2cf7f50f2791f0d&url=https://nanolinks.in/st?api=0003d8171fe1ed8503bdb5a069b12a671d15b51c&url=https://topglinks.xyz/pyPDGWK Page URL
https://teraboxlinks.com/st?api=c04a0abe37319796fd23522c71bb449789c90f1b&url=https://mypowerlinks.org/st?api=eee9255b7902ec1d44ece08ef2cf7f50f2791f0d&url=https://nanolinks.in/st?api=0003d8171fe1ed8503bdb5a069b12a671d15b51c&url=https://topglinks.xyz/pyPDGWK HTTP 301
https://teraboxlinks.com/9RRW5T HTTP 307
https://moneymatteronline.com/safe.php?link=9RRW5T Page URL
https://moneymatteronline.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://topglinks.xyz/pyPDGWK HTTP 307
https://topglinks.xyz/pyPDGWK HTTP 307
https://teraboxlinks.com/st?api=c04a0abe37319796fd23522c71bb449789c90f1b&url=https://mypowerlinks.org/st?api=eee9255b7902ec1d44ece08ef2cf7f50f2791f0d&url=https://nanolinks.in/st?api=0003d8171fe1ed8503bdb5a069b12a671d15b51c&url=https://topglinks.xyz/pyPDGWK

Request Chain 1

https://teraboxlinks.com/st?api=c04a0abe37319796fd23522c71bb449789c90f1b&url=https://mypowerlinks.org/st?api=eee9255b7902ec1d44ece08ef2cf7f50f2791f0d&url=https://nanolinks.in/st?api=0003d8171fe1ed8503bdb5a069b12a671d15b51c&url=https://topglinks.xyz/pyPDGWK HTTP 301
https://teraboxlinks.com/9RRW5T HTTP 307
https://moneymatteronline.com/safe.php?link=9RRW5T

Request Chain 38

https://securepubads.g.doubleclick.net/pagead/adview?ai=CaX9YBaxUZ7PgEP6SmsMPkf7q8A2PiJr5e_qavd3IE-OHg6ujRRABIJSj7qMBYKvssYXgGKABnKuV0wPIAQngAgCoAwHIAwqqBMICT9CUJ9fF4BdyUAsYPtJKkVbdK0UuWYhiWKYM4CbBTgJLmxE-Xm1OBJHDjLT1Eqt-ZDrkjnxnD3xiNEJeWhvTChIS7tlPh9H6PSb7A_1GF0XNzuv87M1Sj0TWCajJSOYCa4hntlGk3VmpL2su1ad9_AuLkScgfNDeLKb3KVigw_7ACggOhF4R7_OqKwtFyfFKdMsgUI5kjN1Km5_C4tJ43K4OvPC3eT0yBxiq4ePns-Oct47qjH9E9j29HSwZRcRI8grQG75tUKST5efhzJ1hNnwpt_FnZUARZrsuTHHnFzaAFwVJqJTH8I62za_D0sF2jb60huRT7VNQuk2oCCJkiIhx0Oxtu4ni1iWO4DLzLUPt43kjuTUdEGVWTXeaqbdkqYVRAA2Hpdzyy1RUPDekSAQlncHyhgoofprjj_XnJjBJQMAEzcGb2PEE4AQBiAWc5YXjUZIFBAgEGAGSBQQIBRgEoAYu2AYCgAfM1OosqAfVyRuoB9m2sQKoB6a-G6gHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAPIHBRChwZwfoAj0yawEsAgC0ggmCIBhEAEYHTICigI6C4BAgMCAgICAqIACSL39wTpY2-Wx7ruWigOaCegCaHR0cHM6Ly93d3cuY2hhcmdlYmVlLmNvbS9jdXN0b21lcnMvamFuZS8_Y3Ffc3JjPWdvb2dsZV9hZHMmY3FfY21wPTIxOTUwOTg0ODYwJmNxX2Nvbj0xNjc5NTcxNjAxNDEmY3FfcGxhYz1tb25leW1hdHRlcm9ubGluZS5jb20mY3FfbmV0PWQmY3FfcGx0PWdwJnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09YWR3b3JkcyZ1dG1fY2FtcGFpZ249R0ROX1JldGVudGlvbl9BUEFOWl9UT0ZVJnV0bV90ZXJtPSZ1dG1fY29udGVudD0ma2V5d29yZD0mbWF0Y2h0eXBlPSZkZXZpY2U9bSZjYW1wYWlnbmlkPTIxOTUwOTg0ODYwJmFkZ3JvdXBpZD0xNjc5NTcxNjAxNDEmbmV0d29yaz1kJl9idD03MjMwMTkxMDM2NjMmZ2FkX3NvdXJjZT01gAoDyAsB2gwRCgsQoK6Nx9ypjpC6ARICAQPiDRMI2ZOy7ruWigMVfolmAh0Rvxre6g0TCOTmsu67looDFX6JZgIdEb8a3rgT5APYEwKCFBcaFW1vbmV5bWF0dGVyb25saW5lLmNvbdAVAZgWAYAXAbIXIQodCAASFHB1Yi0yNDk3NDMxNDkzMDE0MzQ5GLSTmAEYAboXAjgBshgJEgK4UBguIgEA0BgB6BgB&sigh=tjaCT6X-krY&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSTgCa7L7d2sVq6WooVpeDXD0bsLIy1TkVVIJme4rUCafz_ZFLDWN84KsLEV5zYBW9l1Hyx2MJ2b4xkYm9_1J4GakCbAmZ1duItbGEhwFpjRgB&template_id=484&ebtr=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x642e369cf7fbcae30000000000000000%22,%222%22:%220xfa04e0d83fff50840000000000000000%22,%223%22:%220x3c6f9d7ff6dffc0d0000000000000000%22,%224%22:%220x34b447f691dfad200000000000000000%22,%225%22:%220x1ceee0b9b56a759d0000000000000000%22},%22debug_key%22:%226953883548943805353%22,%22debug_reporting%22:true,%22destination%22:%22https://chargebee.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22979719580%22],%2222%22:[%22true%22],%224%22:[%2212-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216783776587876764097%22}&andc=true

Request Chain 42

https://moneymatteronline.com/favicon.ico HTTP 302
https://moneymatteronline.com/wp-includes/images/w-logo-blue-white-bg.png

48 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

st Show response
teraboxlinks.com/
Redirect Chain

http://topglinks.xyz/pyPDGWK
https://topglinks.xyz/pyPDGWK
https://teraboxlinks.com/st?api=c04a0abe37319796fd23522c71bb449789c90f1b&url=https://mypowerlinks.org/st?api=eee9255b7902ec1d44ece08ef2cf7f50f2791f0d&url=https://nanolinks.in/st?api=0003d8171fe1ed8...

2 KB
2 KB

680ms
630ms

Document
text/html

172.67.187.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://teraboxlinks.com/st?api=c04a0abe37319796fd23522c71bb449789c90f1b&url=https://mypowerlinks.org/st?api=eee9255b7902ec1d44ece08ef2cf7f50f2791f0d&url=https://nanolinks.in/st?api=0003d8171fe1ed8503bdb5a069b12a671d15b51c&url=https://topglinks.xyz/pyPDGWK

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.187.94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

162c93fee4149ab46679800b88c9314c0e41ab50f87fb5f68e1dc5702c2551f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8ee72aa6eca3d9ba-AKL
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Sat, 07 Dec 2024 20:11:45 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HKw9jv%2Bi9CYJzjlwzpnS3TwXeF76geuy1gnDiFzKGIwbBIL%2Fe5Slh5zX%2FBaqRnYTrzHiIVHw7L%2BgNPLbEbjDO5KkltCGdSQO0ttjsKtww2J2kZZvE9Shs9WqR9EFAtgZS%2BBU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=30568&min_rtt=30446&rtt_var=4936&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4224&recv_bytes=4671&delivery_rate=501&cwnd=12000&unsent_bytes=0&cid=87827b3773267972&ts=636&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 6
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 07 Dec 2024 20:11:35 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://teraboxlinks.com/st?api=c04a0abe37319796fd23522c71bb449789c90f1b&url=https://mypowerlinks.org/st?api=eee9255b7902ec1d44ece08ef2cf7f50f2791f0d&url=https://nanolinks.in/st?api=0003d8171fe1ed8503bdb5a069b12a671d15b51c&url=https://topglinks.xyz/pyPDGWK
panel: hpanel
platform: hostinger
pragma: no-cache
server: hcdn
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-hcdn-cache-status: DYNAMIC
x-hcdn-request-id: affcf9a890a3f653aee61f8383454599-syd-edge2
x-hcdn-upstream-rt: 0.493
x-powered-by: PHP/7.4.33
x-xss-protection: 1; mode=block

GET
H2

200

safe.php Show response
moneymatteronline.com/
Redirect Chain

https://teraboxlinks.com/st?api=c04a0abe37319796fd23522c71bb449789c90f1b&url=https://mypowerlinks.org/st?api=eee9255b7902ec1d44ece08ef2cf7f50f2791f0d&url=https://nanolinks.in/st?api=0003d8171fe1ed8...
https://teraboxlinks.com/9RRW5T
https://moneymatteronline.com/safe.php?link=9RRW5T

691 B
1 KB

824ms
745ms

Document
text/html

2606:4700:3033::6815:3e14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://moneymatteronline.com/safe.php?link=9RRW5T
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3e14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0930b188eb44d860bc8eb76c9c5e5b07fc536358628158eb6fe13fa7b4614668

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://teraboxlinks.com
Referer: https://teraboxlinks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ee72ab00dde1c5f-AKL
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Sat, 07 Dec 2024 20:11:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3a2hbjPabn3vAN%2FYrlhEkuas0Y4xT6JR6ZziFI5hBeygW78%2FPw82sprxAGyu3oMZL3VrNgjss58fVpUykNhfMyew5jtS%2Fe4HJ3PVDkqtYcvpmGaUncnqY3WHNzxY7hCfKElHuQbEm7kGzwcla20JjWHeK0g%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=30254&min_rtt=30217&rtt_var=4839&sent=7&recv=12&lost=0&retrans=0&sent_bytes=4013&recv_bytes=2443&delivery_rate=133505&cwnd=254&unsent_bytes=0&cid=acd27f81a6c4b5e6&ts=749&x=0"
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8ee72aad4efcd9ba-AKL
content-type: text/html; charset=UTF-8
date: Sat, 07 Dec 2024 20:11:46 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://moneymatteronline.com/safe.php?link=9RRW5T
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8y5LTXZUNF3%2F%2FRa2vfbaY2b%2FREUbLBJhZmvNQgfy1G1P2S1x3Lr6p0%2BqCSRF9Vyb468%2Fl07OApjr1FkwkutJwnzzoRCmlxVuUeVMhxJVQ1epfZaWCth%2Fn%2FWccaaTcEqU08L7"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=30593&min_rtt=30446&rtt_var=2820&sent=18&recv=14&lost=0&retrans=0&sent_bytes=6954&recv_bytes=6989&delivery_rate=2230&cwnd=12000&unsent_bytes=0&cid=87827b3773267972&ts=1386&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 200 Primary Request / Show response
moneymatteronline.com/ 165 KB
46 KB 439ms
438ms Document
text/html 2606:4700:3033::6815:3e14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://moneymatteronline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3e14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2d45c37bb3bdfe4bc562a812571155fbc3dc059635aa4c9a80560822988508b

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ee72ab4e99c1c5f-AKL
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Sat, 07 Dec 2024 20:11:47 GMT
link: <https://moneymatteronline.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QwK%2F1L7U6pxklERTQNAYuovOlW5TDKzRm22oRqCWZEx7ojysSsyctjVWNcGQ8sapl7%2Bi8Ss8J9VT8ItUVGPm1kcY7GX%2Fj2zCl%2By7OqeScUNM6se2V%2BrPy%2F98mJ1a59ht2SOkEsMCiQVQdzVdjMyrb0xK1yU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=30276&min_rtt=30217&rtt_var=3674&sent=12&recv=15&lost=0&retrans=0&sent_bytes=5169&recv_bytes=2593&delivery_rate=177187&cwnd=254&unsent_bytes=0&cid=acd27f81a6c4b5e6&ts=1223&x=0"
vary: Accept-Encoding
x-ua-compatible: IE=edge

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
107 KB 431ms
200ms Script
application/javascript 2404:6800:4006:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1V14WN7SF1

Requested by

Host: moneymatteronline.com
URL: https://moneymatteronline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:810::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

173bebcdcdcabced4ecc45407a76c498867d3d2e477544f7fb9d201a10c1d21a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 07 Dec 2024 20:11:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 07 Dec 2024 20:11:48 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109704
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 104 KB
33 KB 342ms
179ms Script
text/javascript 172.217.167.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: moneymatteronline.com
URL: https://moneymatteronline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

f9f395d38dd77fbc2772162a36c9a35c8b0544bf1873e46f60d397c419bf1c2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

content-encoding: br
etag: 571 / 20064 / 31089217 / config-hash: 17564011173285401629
x-content-type-options: nosniff
expires: Sat, 07 Dec 2024 20:11:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 07 Dec 2024 20:11:48 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33462
x-xss-protection: 0
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 317 KB
106 KB 411ms
183ms Script
application/javascript 2404:6800:4006:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MT31EZG649

Requested by

Host: moneymatteronline.com
URL: https://moneymatteronline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:810::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2581cd23b6a54d1a00c404c4f4270e240a696d08ac3d980d01d5702068c7f132

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 07 Dec 2024 20:11:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 07 Dec 2024 20:11:48 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 108245
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 style.min.css
moneymatteronline.com/wp-includes/css/dist/block-library/ 52 KB
8 KB 590ms
589ms Stylesheet
text/css 172.67.217.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://moneymatteronline.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.16
Requested by: Host: moneymatteronline.com
URL: https://moneymatteronline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "d159-6202cf36ecafe-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qM9VkMrWNzwaMeY38i3RpPZWdtpLaNVM2kNfQS2FcCJ88BEma1x0XNY2PQMnUimsFpOFcWttWEYKxeVjyN%2F%2FEzs4pUuNGfmfc4MhFLCMLdi5s6u8evoA7AFXvRRvg2sMHDia6%2FgtomY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30612&min_rtt=30438&rtt_var=5095&sent=15&recv=14&lost=0&retrans=0&sent_bytes=5862&recv_bytes=5827&delivery_rate=495&cwnd=12000&unsent_bytes=0&cid=4016275e7e686727&ts=1289&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 07 Dec 2024 20:11:48 GMT
content-type: text/css
last-modified: Wed, 21 Aug 2024 08:01:35 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ee72ab97a13d9a4-AKL
accept-ranges: bytes
content-length: 7642
server: cloudflare

GET
H3 200 main.min.css
moneymatteronline.com/wp-content/themes/generatepress/assets/css/ 19 KB
5 KB 625ms
624ms Stylesheet
text/css 172.67.217.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://moneymatteronline.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.4.0
Requested by: Host: moneymatteronline.com
URL: https://moneymatteronline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "4c6c-61b74979bf280-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xLC%2BM%2BvAFtKqLiG8wAVhdn%2FZsUTRl%2BCH2xb1WXGZ9ZdfStbpEDOzBWDYGixpIQ3b6B4zCNLEvFYblNk4JMx6O6jEFkK4%2ByvhJqE7Wx3U4bMCcfbbIY0y2XZml%2BCWOiEvgC6TdL4DjcQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31463&min_rtt=30373&rtt_var=2386&sent=31&recv=19&lost=0&retrans=0&sent_bytes=22328&recv_bytes=6042&delivery_rate=17278&cwnd=13200&unsent_bytes=0&cid=4016275e7e686727&ts=1324&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 07 Dec 2024 20:11:48 GMT
content-type: text/css
last-modified: Sat, 22 Jun 2024 06:23:54 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ee72ab97a16d9a4-AKL
accept-ranges: bytes
content-length: 4683
server: cloudflare

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.7.1/ 85 KB
30 KB 298ms
67ms Script
text/javascript 2404:6800:4006:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Requested by

Host: moneymatteronline.com
URL: https://moneymatteronline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

content-encoding: gzip
age: 31092
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Sun, 07 Dec 2025 11:33:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 07 Dec 2024 11:33:36 GMT
last-modified: Tue, 12 Sep 2023 02:38:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30462
x-xss-protection: 0
server: sffe

GET
H3 200 menu.min.js Show response
moneymatteronline.com/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 616ms
615ms Script
text/javascript 172.67.217.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://moneymatteronline.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.4.0
Requested by: Host: moneymatteronline.com
URL: https://moneymatteronline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 395121e5b9981325951ef88bec68d065d23087b16a70d4459109e1dd84a10936

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "1b2d-61b74979bf280-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4vJcuTUX7BWjBfGLDkLJguDqYjC59igM9jQE862qqSF27rJ8ZQPtglxd4bDwyI2tp%2FsIul4%2FxADObMA4EnGjHNHrN%2BB6ZSDmf%2BI1i3HXgv2rIc7XuAKgpW2RMWZDD%2FJuhuk%2B%2FQuAifg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30612&min_rtt=30438&rtt_var=5095&sent=23&recv=14&lost=0&retrans=0&sent_bytes=14382&recv_bytes=5827&delivery_rate=495&cwnd=12000&unsent_bytes=0&cid=4016275e7e686727&ts=1315&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 07 Dec 2024 20:11:48 GMT
content-type: text/javascript
last-modified: Sat, 22 Jun 2024 06:23:54 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ee72ab97a19d9a4-AKL
accept-ranges: bytes
content-length: 1693
server: cloudflare

GET
H3 200 wp-embed.min.js Show response
moneymatteronline.com/wp-includes/js/ 1 KB
2 KB 587ms
586ms Script
text/javascript 172.67.217.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://moneymatteronline.com/wp-includes/js/wp-embed.min.js?ver=5.4.16
Requested by: Host: moneymatteronline.com
URL: https://moneymatteronline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "5c6-6202cf37022c4-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LCc2f8hLhCSzNKm57MpnXjXlPKSyAgjup1zpcdJROvH7%2Fiv%2BhoK9dUhy3TU6cFAHohAEh4ji4QgjzKFQUAUVrup681zoF4LkY9Bt8rfBumYllMqvkoQSjUflkX4A4IVqWPWmV0Ig9IM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30612&min_rtt=30438&rtt_var=5095&sent=13&recv=14&lost=0&retrans=0&sent_bytes=4276&recv_bytes=5827&delivery_rate=495&cwnd=12000&unsent_bytes=0&cid=4016275e7e686727&ts=1287&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 07 Dec 2024 20:11:48 GMT
content-type: text/javascript
last-modified: Wed, 21 Aug 2024 08:01:35 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ee72ab97a1bd9a4-AKL
accept-ranges: bytes
content-length: 804
server: cloudflare

GET
H3 200 wp-emoji-release.min.js Show response
moneymatteronline.com/wp-includes/js/ 14 KB
5 KB 612ms
611ms Script
text/javascript 172.67.217.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://moneymatteronline.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.16
Requested by: Host: moneymatteronline.com
URL: https://moneymatteronline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "363c-6202cf3701324-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2FRlpKi1Ail3i3dW1y3CaLSKfMr8vXgrEHPR5RssNk6KGbJ9dJbLSHKEx4ft%2Fmm8yFGDyRRdeI9UJimkQnEH93NaNOtfC7WGG%2FmU7bI82XpEgbvOe7V1%2F3%2Fs7hMriIlAhwUHpYRLoV4%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31463&min_rtt=30373&rtt_var=2386&sent=26&recv=19&lost=0&retrans=0&sent_bytes=16859&recv_bytes=6042&delivery_rate=17278&cwnd=13200&unsent_bytes=0&cid=4016275e7e686727&ts=1320&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 07 Dec 2024 20:11:48 GMT
content-type: text/javascript
last-modified: Wed, 21 Aug 2024 08:01:35 GMT
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ee72ab98a40d9a4-AKL
accept-ranges: bytes
content-length: 4646
server: cloudflare

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
968 B 637ms
231ms Script
text/javascript 142.250.217.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: moneymatteronline.com
URL: https://moneymatteronline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.217.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax31s19-in-f4.1e100.net

Software

ESF /

Resource Hash

b2522c89afa883bef0af1e6041edc46545c40c83ecbf6315ffb46f1c4d6e54bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Sat, 07 Dec 2024 20:11:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Sat, 07 Dec 2024 20:11:48 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/ 497 KB
153 KB 67ms
66ms Script
text/javascript 172.217.167.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js?cb=31089217

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

28f6ada997873a7e073fc506b93f86b6d2be7de4cc6ae085557bc322cc6df331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

content-encoding: br
etag: 6831530709922679929
age: 10201
x-content-type-options: nosniff
expires: Sun, 07 Dec 2025 17:21:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 07 Dec 2024 17:21:47 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 157012
x-xss-protection: 0
server: cafe

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 63 KB
22 KB 160ms
159ms Other
text/plain 172.217.167.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt

Requested by

Host: moneymatteronline.com
URL: https://moneymatteronline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4443559573512225521
age: 27670
x-content-type-options: nosniff
expires: Sun, 08 Dec 2024 12:30:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 07 Dec 2024 12:30:38 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22952
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202412050101"

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 7C20 0
0 222ms
65ms Document
text/html 172.217.167.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js?cb=31089217

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://moneymatteronline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36

Response headers

accept-ranges: bytes
age: 111
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 07 Dec 2024 20:09:57 GMT
expires: Sat, 07 Dec 2024 20:59:57 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
7 KB 675ms
674ms Fetch
text/plain 172.217.167.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1535862944120081&correlator=2418565085463629&eid=31083346%2C31089348%2C31089353%2C31089217%2C31088252&output=ldjh&gdfp_req=1&vrg=202412030101&ptt=17&impl=fifs&iu_parts=22976063266%2Cheader%2Cad1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1733602308682&lmt=1733602308&adxs=650&adys=8&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=780&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmoneymatteronline.com%2F&vis=1&psz=1584x250&msz=1584x250&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733602307767&idt=881&adks=2819592357&frm=20&eoidce=1&td=1&egid=44969&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js?cb=31089217

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

998525a8adbca474c2b501df87282b6042cd7a88954ba4e15d655a653d414322

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

content-encoding: dcb
google-lineitem-id: -1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 07 Dec 2024 20:11:49 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://moneymatteronline.com
content-length: 7142
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
a53c5a32935b7fe20033ce28b9dee029.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0137 0
0 402ms
163ms Document
text/html 2404:6800:4006:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a53c5a32935b7fe20033ce28b9dee029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js?cb=31089217

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://moneymatteronline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 07 Dec 2024 20:11:49 GMT
expires: Sat, 07 Dec 2024 20:11:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
53 KB 367ms
204ms Fetch
text/javascript 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: moneymatteronline.com
URL: https://moneymatteronline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

0b2e827a0f9be8e55cba772babf41508aae59fbb755048fb0aec9924fd029424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

content-encoding: br
etag: 6045632957159749627
x-content-type-options: nosniff
expires: Sat, 07 Dec 2024 20:11:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sat, 07 Dec 2024 20:11:48 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53780
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 72 KB
12 KB 1362ms
1362ms Fetch
text/plain 172.217.167.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1535862944120081&correlator=2418565085463629&eid=31083346%2C31089348%2C31089353%2C31089217%2C31088252&output=ldjh&gdfp_req=1&vrg=202412030101&ptt=17&impl=fifs&iu_parts=22976063266%2Cheader%2Cchatnewad2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x600&fluid=height&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1733602308718&lmt=1733602308&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=780&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmoneymatteronline.com%2F&vis=1&psz=340x-1&msz=0x-1&fws=640&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733602307767&idt=881&adks=672094148&frm=20&eoidce=1&td=1&egid=44969&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js?cb=31089217

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

23fe30c8fa5b02d68ba620d23e8e6a58f6fdf847e5e4f0c65363f509420a8dfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
content-encoding: dcb
google-lineitem-id: -1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 07 Dec 2024 20:11:49 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://moneymatteronline.com
content-length: 11838
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 95 KB
36 KB 1616ms
1615ms Fetch
text/plain 172.217.167.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1535862944120081&correlator=2418565085463629&eid=31083346%2C31089348%2C31089353%2C31089217%2C31088252&output=ldjh&gdfp_req=1&vrg=202412030101&ptt=17&impl=fifs&iu_parts=22976063266%2Cheader%2Cad2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1733602308747&lmt=1733602308&adxs=650&adys=356&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=780&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmoneymatteronline.com%2F&vis=1&psz=1600x250&msz=1600x250&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733602307767&idt=881&adks=2434844886&frm=20&eoidce=1&td=1&egid=44969&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js?cb=31089217

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

519bbf45f225e1216697842aa5dcf2024ed4f8a145e5f5855cd031283369226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

content-encoding: dcb
google-lineitem-id: -1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 07 Dec 2024 20:11:50 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://moneymatteronline.com
content-length: 36549
x-xss-protection: 0
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
107 KB 184ms
183ms Script
application/javascript 2404:6800:4006:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1V14WN7SF1&l=dataLayer&cx=c&gtm=45je4c40v9108270830za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MT31EZG649

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:810::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d367502e5374fa538b8a022eb39edc2c1c1b75ee35fc0a584dbc0529f8794ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 07 Dec 2024 20:11:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 07 Dec 2024 20:11:48 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109751
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 398ms
162ms Fetch
text/plain 2404:6800:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-MT31EZG649&gtm=45je4c40v9108270830za200&_p=1733602308054&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=753820624.1733602309&ul=en-nz&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733602308&sct=1&seg=0&dl=https%3A%2F%2Fmoneymatteronline.com%2F&dt=moneymatteronlie&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1446
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MT31EZG649
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4006:80a::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://moneymatteronline.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 07 Dec 2024 20:11:49 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 779 B
377 B 1774ms
1774ms Fetch
text/plain 172.217.167.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1535862944120081&correlator=2418565085463629&eid=31083346%2C31089348%2C31089353%2C31089217%2C31088252&output=ldjh&gdfp_req=1&vrg=202412030101&ptt=17&impl=fifs&iu_parts=22976063266%2Cheader%2Cad7&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1733602308800&lmt=1733602308&adxs=650&adys=5309&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=780&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmoneymatteronline.com%2F&vis=1&psz=1600x250&msz=1600x250&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733602307767&idt=881&adks=2768166233&frm=20&eoidce=1&td=1&egid=44969&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js?cb=31089217

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

d96210682f4ff00bdf5ab0c623c403bdab47f586c2946ee0a32d47c516e61115

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

content-encoding: dcb
google-lineitem-id: -2
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 07 Dec 2024 20:11:50 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://moneymatteronline.com
content-length: 346
x-xss-protection: 0
server: cafe

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 336ms
164ms Fetch
text/plain 2404:6800:4006:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-1V14WN7SF1&gtm=45je4c40v9188550792za200zb9108270830&_p=1733602308054&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=753820624.1733602309&ul=en-nz&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733602308&sct=1&seg=0&dl=https%3A%2F%2Fmoneymatteronline.com%2F&dt=moneymatteronlie&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1508
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1V14WN7SF1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4006:80a::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://moneymatteronline.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 07 Dec 2024 20:11:49 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 779 B
373 B 1955ms
1955ms Fetch
text/plain 172.217.167.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1535862944120081&correlator=2418565085463629&eid=31083346%2C31089348%2C31089353%2C31089217%2C31088252&output=ldjh&gdfp_req=1&vrg=202412030101&ptt=17&impl=fifs&iu_parts=22976063266%2Cheader%2Cad6&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250&ifi=5&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1733602308840&lmt=1733602308&adxs=650&adys=5559&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=780&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmoneymatteronline.com%2F&vis=1&psz=1600x250&msz=1600x250&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733602307767&idt=881&adks=2882686807&frm=20&eoidce=1&td=1&egid=44969&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js?cb=31089217

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

c6202686b7761885c1dac55f38898a707410b071df5cbb1acab072c9d1834fb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

content-encoding: dcb
google-lineitem-id: -2
observe-browsing-topics: ?1
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 07 Dec 2024 20:11:50 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://moneymatteronline.com
content-length: 342
x-xss-protection: 0
server: cafe

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/ 547 KB
216 KB 297ms
67ms Script
text/javascript 2404:6800:4006:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:810::2003 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Origin: https://moneymatteronline.com
Referer: https://moneymatteronline.com/

Response headers

content-encoding: gzip
age: 73616
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Sat, 06 Dec 2025 23:44:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 23:44:53 GMT
last-modified: Mon, 11 Nov 2024 05:00:22 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220753
x-xss-protection: 0
server: sffe

GET
H2 200 container.html
a53c5a32935b7fe20033ce28b9dee029.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3688 0
0 0ms
0ms Document
text/html 2404:6800:4006:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a53c5a32935b7fe20033ce28b9dee029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js?cb=31089217

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://moneymatteronline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 07 Dec 2024 20:11:49 GMT
expires: Sat, 07 Dec 2024 20:11:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012410292120000/ Frame 1D26 196 KB
55 KB 379ms
70ms Script
text/javascript 2404:6800:4006:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410292120000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js?cb=31089217

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31c4a9e2a42e8cafe21488e69abb8f96688a26e5db5509ef3619311c485eae5f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

content-encoding: br
etag: "f2f37e2e78f77a16"
age: 22661
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sun, 07 Dec 2025 13:54:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 07 Dec 2024 13:54:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 56191
x-xss-protection: 0
server: sffe

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012410292120000/v0/ Frame 1D26 15 KB
5 KB 532ms
223ms Script
text/javascript 2404:6800:4006:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410292120000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js?cb=31089217

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10de50050f69b2b9c126da057556fdb447a99fb0bfadeb97e41d044ff0c8797f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

content-encoding: br
etag: "981e33f595c3ea40"
age: 37805
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sun, 07 Dec 2025 09:41:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 07 Dec 2024 09:41:45 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 5211
x-xss-protection: 0
server: sffe

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012410292120000/v0/ Frame 1D26 95 KB
28 KB 506ms
197ms Script
text/javascript 2404:6800:4006:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410292120000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js?cb=31089217

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70107ffc32ad4d71cd60326200274c1e8bace923519c617881c1c26335d47f8c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

content-encoding: br
etag: "5e018091947c60fe"
age: 350646
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Wed, 03 Dec 2025 18:47:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 18:47:44 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 29021
x-xss-protection: 0
server: sffe

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012410292120000/v0/ Frame 1D26 5 KB
3 KB 376ms
67ms Script
text/javascript 2404:6800:4006:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410292120000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js?cb=31089217

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07c69616bda6f173cff340ef0153e8166faf10bcd3921fbd66ec3df89e73176b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

content-encoding: br
etag: "deab494dea0d53b6"
age: 350613
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Wed, 03 Dec 2025 18:48:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 18:48:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 1906
x-xss-protection: 0
server: sffe

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012410292120000/v0/ Frame 1D26 40 KB
13 KB 491ms
182ms Script
text/javascript 2404:6800:4006:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410292120000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js?cb=31089217

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

968987a637c231c557c786ff7c2b6dc8e3ba6466b02922602ddf6cf7f127a8d2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

content-encoding: br
etag: "f2575cb9f4cf0f6e"
age: 350616
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Wed, 03 Dec 2025 18:48:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 18:48:14 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 12953
x-xss-protection: 0
server: sffe

GET
H2 200 css
fonts.googleapis.com/ Frame 1D26 8 KB
1 KB 393ms
166ms Stylesheet
text/css 2404:6800:4006:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js?cb=31089217

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:812::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

53315e3465134575debc3dc6ea5f39a247bf5f88c0d42d6f1bf8d3870ee6f691

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 07 Dec 2024 20:11:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 07 Dec 2024 20:11:50 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 07 Dec 2024 19:04:39 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/9603343232289982216/ Frame 1D26 16 KB
17 KB 296ms
71ms Image
image/jpeg 2404:6800:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9603343232289982216/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: moneymatteronline.com
URL: https://moneymatteronline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9341cfe582f74b43ace69aaca8493effe6fd1cb54a908053902aced21ced4b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

age: 15885
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Sun, 07 Dec 2025 15:47:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Sat, 07 Dec 2024 15:47:05 GMT
last-modified: Mon, 25 Nov 2024 11:53:51 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 16593
x-xss-protection: 0
server: sffe

GET
H2 200 3198516534711300359
tpc.googlesyndication.com/simgad/ Frame 1D26 2 KB
2 KB 357ms
133ms Image
image/png 2404:6800:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3198516534711300359?w=100&h=100&tw=1&q=75

Requested by

Host: moneymatteronline.com
URL: https://moneymatteronline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

851310eb10549e3877f5800af8940f75a2939f5cf490b424ec5390ee18e541d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

age: 561782
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Mon, 01 Dec 2025 08:08:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Sun, 01 Dec 2024 08:08:48 GMT
last-modified: Mon, 22 May 2023 06:21:03 GMT
content-type: image/png
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 1746
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ Frame 1D26 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0455988396f18917971f8488e39d303cde4070f8a7f8ac6f02178dffbcb5dd1d

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1D26 3 KB
3 KB 285ms
68ms Image
image/png 2404:6800:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: moneymatteronline.com
URL: https://moneymatteronline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

cache-control: public, max-age=86400
timing-allow-origin: *
etag: 15880770647744369592
age: 32146
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Sun, 08 Dec 2024 11:16:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2982
x-xss-protection: 0
date: Sat, 07 Dec 2024 11:16:04 GMT
content-type: image/png
vary: Accept-Encoding
server: cafe

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1D26 344 B
448 B 287ms
70ms Image
image/png 2404:6800:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: moneymatteronline.com
URL: https://moneymatteronline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80a::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

cache-control: public, max-age=86400
timing-allow-origin: *
etag: 6766994032117382215
age: 8898
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Sun, 08 Dec 2024 17:43:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 344
x-xss-protection: 0
date: Sat, 07 Dec 2024 17:43:32 GMT
content-type: image/png
vary: Accept-Encoding
server: cafe

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1D26
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CaX9YBaxUZ7PgEP6SmsMPkf7q8A2PiJr5e_qavd3IE-OHg6ujRRABIJSj7qMBYKvssYXgGKABnKuV0wPIAQngAgCoAwHIAwqqBMICT9CUJ9fF4BdyUAsYPtJKkVbdK0UuWYhiWKYM4CbB...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x642e369cf7fbcae30000000000000000%22,%222%22:%220xfa04e0d83fff50840000000000000000%22,%223%22:%220x3c6f9d...

0
20 B

326ms
163ms

Image
text/css

142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x642e369cf7fbcae30000000000000000%22,%222%22:%220xfa04e0d83fff50840000000000000000%22,%223%22:%220x3c6f9d7ff6dffc0d0000000000000000%22,%224%22:%220x34b447f691dfad200000000000000000%22,%225%22:%220x1ceee0b9b56a759d0000000000000000%22},%22debug_key%22:%226953883548943805353%22,%22debug_reporting%22:true,%22destination%22:%22https://chargebee.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22979719580%22],%2222%22:[%22true%22],%224%22:[%2212-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216783776587876764097%22}&andc=true

Requested by

Host: moneymatteronline.com
URL: https://moneymatteronline.com/

Protocol

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

cache-control: private
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Sat, 07 Dec 2024 20:11:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Sat, 07 Dec 2024 20:11:50 GMT
x-xss-protection: 0
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x642e369cf7fbcae30000000000000000","2":"0xfa04e0d83fff50840000000000000000","3":"0x3c6f9d7ff6dffc0d0000000000000000","4":"0x34b447f691dfad200000000000000000","5":"0x1ceee0b9b56a759d0000000000000000"},"debug_key":"6953883548943805353","debug_reporting":true,"destination":"https://chargebee.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["979719580"],"22":["true"],"4":["12-07"],"6":["true"]},"priority":"500","source_event_id":"16783776587876764097"}
content-type: text/css; charset=UTF-8
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x642e369cf7fbcae30000000000000000","2":"0xfa04e0d83fff50840000000000000000","3":"0x3c6f9d7ff6dffc0d0000000000000000","4":"0x34b447f691dfad200000000000000000","5":"0x1ceee0b9b56a759d0000000000000000"},"debug_key":"6953883548943805353","debug_reporting":true,"destination":"https://chargebee.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["979719580"],"22":["true"],"4":["12-07"],"6":["true"]},"priority":"500","source_event_id":"16783776587876764097"}&andc=true
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Sat, 07 Dec 2024 20:11:50 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H2 200 container.html
a53c5a32935b7fe20033ce28b9dee029.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CF96 0
0 0ms
0ms Document
text/html 2404:6800:4006:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a53c5a32935b7fe20033ce28b9dee029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js?cb=31089217

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://moneymatteronline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 07 Dec 2024 20:11:49 GMT
expires: Sat, 07 Dec 2024 20:11:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET view
securepubads.g.doubleclick.net/btr/ Frame 1D26 0
0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 371ms
209ms XHR
application/json 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js?cb=31089217

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

56a275514167bf676f43de753e75af581e77e3d1c42a5e9567e2041ee0972a99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13270
date: Sat, 07 Dec 2024 20:11:51 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3

200

w-logo-blue-white-bg.png
moneymatteronline.com/wp-includes/images/
Redirect Chain

https://moneymatteronline.com/favicon.ico
https://moneymatteronline.com/wp-includes/images/w-logo-blue-white-bg.png

4 KB
5 KB

38ms
38ms

Other
image/png

172.67.217.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://moneymatteronline.com/wp-includes/images/w-logo-blue-white-bg.png
Protocol: H3
Server: 172.67.217.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

cf-cache-status: HIT
etag: "1017-5d0dca9a37e40"
age: 2747
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UEnYo5rBxwAr%2BQiEmiS6y59iTtRRKQzOLzB44%2FToc%2Fq7tW%2BbKcffKm6sePbwbztNo9KD0pSuwSXWYpg3IVb7OOgj3xV3%2FFy8Jd5%2FcJs%2FLVtPytnfecKoZlG1vbYeMjRZFzc8zkJxVY0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=33293&min_rtt=30373&rtt_var=3801&sent=40&recv=28&lost=0&retrans=0&sent_bytes=28712&recv_bytes=7730&delivery_rate=1280&cwnd=14400&unsent_bytes=0&cid=4016275e7e686727&ts=4413&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 07 Dec 2024 20:11:51 GMT
content-type: image/png
last-modified: Tue, 16 Nov 2021 00:04:01 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ee72ad069fed9a4-AKL
accept-ranges: bytes
content-length: 4119
server: cloudflare

Redirect headers

x-redirect-by: WordPress
link: <https://moneymatteronline.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: https://moneymatteronline.com/wp-includes/images/w-logo-blue-white-bg.png
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uGC9NaTyKRzdMNc8HzGFfTPlumDDjB5Oh1E2%2F3JLmD5Yove3Xxs3f5%2FQ9GU4zzWcEI5J0AFzSVxYGCdgqKTGv5xGy2vYe9etDbd8Ngv7NK6P5s2wB5ATn69%2Fo9RAm227l%2F4mDEeYZi4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ee72acc7ad3d9a4-AKL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=33700&min_rtt=30373&rtt_var=3984&sent=38&recv=27&lost=0&retrans=0&sent_bytes=27878&recv_bytes=7022&delivery_rate=18874&cwnd=14400&unsent_bytes=0&cid=4016275e7e686727&ts=4373&x=1", cfExtPri, cfHdrFlush;dur=0
x-ua-compatible: IE=edge
date: Sat, 07 Dec 2024 20:11:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 463ms
232ms Script
text/javascript 2404:6800:4006:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js?cb=31089217

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Sat, 07 Dec 2024 20:11:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 07 Dec 2024 20:11:51 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1D26 42 B
65 B 260ms
259ms Image
image/gif 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_8nRt03H4DR5VSrbQUU1-ULFJNq1cuetoj2reFUIeHT-h0JY6PRtQhhHxrMPwSALowX288fqW_iVnGnOhBeq8y5ZuCfxrhNIk8yX8tKVYzVjiIYuPLHaXUfZN_tv2aNvslRHw3ZvIURipZlYZtDG4rlZM3e_pyfKumbaWaJ8uvLGgP129YCtWCd05QBf1otf18g&sai=AMfl-YTDppxqZ7ZP26DaaNoMJnEiX8Em6NF1pt3QnGrgpmhRy0HTMopMG3F9P1pMHP_iwaHoIEJ_uYyoht_qzOFRoMmm_kB5_OuGJsB966EoDdPZeABOzmsWHG0Vf3f--RUHzfK7Y3BnTU6-nP-r9MNJ&sig=Cg0ArKJSzPPty246O8UxEAE&cid=CAQSTgCa7L7d2sVq6WooVpeDXD0bsLIy1TkVVIJme4rUCafz_ZFLDWN84KsLEV5zYBW9l1Hyx2MJ2b4xkYm9_1J4GakCbAmZ1duItbGEhwFpjRgB&id=ampim&o=650,198&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=582&tls=1582&g=100&h=100&tt=1582&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer: https://moneymatteronline.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 07 Dec 2024 20:11:51 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 0B16 0
0 290ms
65ms Document
text/html 2404:6800:4006:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://moneymatteronline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36

Response headers

accept-ranges: bytes
age: 2001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 07 Dec 2024 19:38:31 GMT
expires: Sat, 07 Dec 2024 20:28:31 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 6DFD 0
0 636ms
231ms Document
text/html 142.250.217.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.217.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax31s19-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LIZDdeAde4BGxUT_k1SHbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://moneymatteronline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 12; Oppo Find X3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-LIZDdeAde4BGxUT_k1SHbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sat, 07 Dec 2024 20:11:52 GMT
expires: Sat, 07 Dec 2024 20:11:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/btr/view?ai=CaX9YBaxUZ7PgEP6SmsMPkf7q8A2PiJr5e_qavd3IE-OHg6ujRRABIJSj7qMBYKvssYXgGKABnKuV0wPIAQngAgCoAwHIAwqqBMICT9CUJ9fF4BdyUAsYPtJKkVbdK0UuWYhiWKYM4CbBTgJLmxE-Xm1OBJHDjLT1Eqt-ZDrkjnxnD3xiNEJeWhvTChIS7tlPh9H6PSb7A_1GF0XNzuv87M1Sj0TWCajJSOYCa4hntlGk3VmpL2su1ad9_AuLkScgfNDeLKb3KVigw_7ACggOhF4R7_OqKwtFyfFKdMsgUI5kjN1Km5_C4tJ43K4OvPC3eT0yBxiq4ePns-Oct47qjH9E9j29HSwZRcRI8grQG75tUKST5efhzJ1hNnwpt_FnZUARZrsuTHHnFzaAFwVJqJTH8I62za_D0sF2jb60huRT7VNQuk2oCCJkiIhx0Oxtu4ni1iWO4DLzLUPt43kjuTUdEGVWTXeaqbdkqYVRAA2Hpdzyy1RUPDekSAQlncHyhgoofprjj_XnJjBJQMAEzcGb2PEE4AQBiAWc5YXjUZIFBAgEGAGSBQQIBRgEoAYu2AYCgAfM1OosqAfVyRuoB9m2sQKoB6a-G6gHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAPIHBRChwZwfoAj0yawEsAgC0ggmCIBhEAEYHTICigI6C4BAgMCAgICAqIACSL39wTpY2-Wx7ruWigOaCegCaHR0cHM6Ly93d3cuY2hhcmdlYmVlLmNvbS9jdXN0b21lcnMvamFuZS8_Y3Ffc3JjPWdvb2dsZV9hZHMmY3FfY21wPTIxOTUwOTg0ODYwJmNxX2Nvbj0xNjc5NTcxNjAxNDEmY3FfcGxhYz1tb25leW1hdHRlcm9ubGluZS5jb20mY3FfbmV0PWQmY3FfcGx0PWdwJnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09YWR3b3JkcyZ1dG1fY2FtcGFpZ249R0ROX1JldGVudGlvbl9BUEFOWl9UT0ZVJnV0bV90ZXJtPSZ1dG1fY29udGVudD0ma2V5d29yZD0mbWF0Y2h0eXBlPSZkZXZpY2U9bSZjYW1wYWlnbmlkPTIxOTUwOTg0ODYwJmFkZ3JvdXBpZD0xNjc5NTcxNjAxNDEmbmV0d29yaz1kJl9idD03MjMwMTkxMDM2NjMmZ2FkX3NvdXJjZT01gAoDyAsB2gwRCgsQoK6Nx9ypjpC6ARICAQPiDRMI2ZOy7ruWigMVfolmAh0Rvxre6g0TCOTmsu67looDFX6JZgIdEb8a3rgT5APYEwKCFBcaFW1vbmV5bWF0dGVyb25saW5lLmNvbdAVAZgWAYAXAbIXIQodCAASFHB1Yi0yNDk3NDMxNDkzMDE0MzQ5GLSTmAEYAboXAjgBshgJEgK4UBguIgEA0BgB6BgB&sigh=tjaCT6X-krY&uach_m=%5B%5D&ase=2&nis=4&cid=CAQSTgCa7L7d2sVq6WooVpeDXD0bsLIy1TkVVIJme4rUCafz_ZFLDWN84KsLEV5zYBW9l1Hyx2MJ2b4xkYm9_1J4GakCbAmZ1duItbGEhwFpjRgB&template_id=484&ibtr=1

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412030101&jk=1535862944120081&bg=!s7ClsP_NAAaIaF9IqGg7ADQBe5WfOHPbe-drZd2sxm014owuOkNqZIsTBz2HnevASelXS2G3h4ViEMmA2__JOEXQEVZqAgAAADpSAAAAAmgBB34ANcf1PBhUhHogGaXLpzeBrKTIVe_pqcccZThkezix8b5mJHgEVq_OTolRy77ILRuWDGt4iL-omQKx0YolZsqe6HVlcA6XIyBUsplpnc2UCgF3CDOsksH0NtAzvtA6jA4vtr7VNtEJ4M3K0eRTzky2s0Bf9ojoVLWJNC1yZIsMkM8ldwswI1D6rOUugnQQe0EUEW8l7r0_ZBlM-siZPDOHmK54qbEDxai0biLWPH7mN1Th7A7YmnEX9tIIyOrSnwpN7w8q9JSEEaDYHGN_cYAFVL9VFDI-0ob6QpjFeaHF6DCr_79E7yI1mJ_SzP3ZFeuWUoqFfNsCOd1yjo0g-mAeC5FQcRZ0rGMxcOMghrVddxZIewGFr4jQFWK9820P2Di1wx8ISPzLmTl5Rl-3kikqLuz9EJNllKE3CvpcHwT9le2wSR2dTqvI2mz1GAu52eAyrFUBHD_fCaytTHaw8y4dEbc3yBLs2rM5UYKvNikdtdpuve3LmyVREqhj-TGJqz1JyocAdwn31b3yOEZWOoBKWnqwSOtN4PUASTqJ-npsKqbCe2CcTDW863XT9p-CV8yPIM-cG8MEp34v7-DbRexJW4odqPhxMOKu0VAjpr7WAUHmewwwe3Mx6frxrEJTw_C0UKq3qN2UI79Wt84PwPa1YwPX7vtkvTFZ_nRYi-lCqGs9F46Ug4NcGBZcNYtyQXcUUXs-K87tJBhzNl3GSDwVVqZodxDdE3nlUynXK06DcgBr43O9BT8yAvi79SBIbmIHVux80zGbtqaXLwvi_iPKO57MiAUk9xqhsminm4S32lpPEpbdmlxmk9gCk8Pw71bpG0alsi7I5OkdIhSE135nshOZOF_CePOczT86cXWpToinPefscpYQN2I-eCRniSvs6DLCYJ5az1dMRXsVRB8dbvjcpwaNbVrtHWMrrOO_0DXp-AT-zoJnXvi9AGSTgrc0_Vflj9u2QEVGq2xThfsmRHfkBGz_MhjRKWU

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
topglinks.xyz/	1969-12-31 23:59:59	Name: AppSession Value: 5128b5b58885e17c759332e2d0535a98
teraboxlinks.com/	1969-12-31 23:59:59	Name: AppSession Value: jtlrttluovk7bg655uj1fod048
teraboxlinks.com/	1969-12-31 23:59:59	Name: csrfToken Value: 97a48bc4e049626391814f9755738a7dfc91614caedad1b7223eadd0f4c3e81145fd8f7015eae46635d71141eed9b0a6ac045173dc29753e1b8cf63f94af58d1
.moneymatteronline.com/	1970-01-21 11:09:22	Name: _ga_MT31EZG649 Value: GS1.1.1733602308.1.0.1733602308.0.0.0
.moneymatteronline.com/	1970-01-21 11:09:22	Name: _ga Value: GA1.1.753820624.1733602309
.moneymatteronline.com/	1970-01-21 11:09:22	Name: _ga_1V14WN7SF1 Value: GS1.1.1733602308.1.0.1733602308.0.0.0
.doubleclick.net/	1970-01-21 11:09:22	Name: IDE Value: AHWqTUnKkX9g_l3xGXi2brKMk8HU2IGz35Ka6UKZsnXWJiMdUpyVMx0mlzLq_iDG
.casalemedia.com/	1970-01-21 10:18:58	Name: CMID Value: Z1SsBYsFVnsAAG1bBVf3lAAA
.casalemedia.com/	1970-01-21 03:42:58	Name: CMPS Value: 5313
.casalemedia.com/	1970-01-21 03:42:58	Name: CMPRO Value: 5313
.doubleclick.net/	1970-01-21 05:52:34	Name: APC Value: AfxxVi46fI8TTSp3VrCQ17Vx9QsyiCC9QmG1vnSdG89HyjvLgL-HHw
.doubleclick.net/	1970-01-21 05:52:34	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 11:09:22	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 02:16:34	Name: ar_debug Value: 1
.googleadservices.com/	1970-01-21 03:42:58	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 01:33:23	Name: test_cookie Value: CheckForPermission
.moneymatteronline.com/	1970-01-21 10:54:58	Name: __gads Value: ID=bc2e929943fcedac:T=1733602308:RT=1733602308:S=ALNI_MbxJs9vGpAuX-bAN7KLIAJOf3jQ4A
.moneymatteronline.com/	1970-01-21 10:54:58	Name: __gpi Value: UID=00000f871657d9e9:T=1733602308:RT=1733602308:S=ALNI_MYfKyvFdE7Oz6f_BjAZ8CaCrdb4EA
.moneymatteronline.com/	1970-01-21 05:52:34	Name: __eoi Value: ID=8d849f00142ada47:T=1733602308:RT=1733602308:S=AA-AfjbsAhfdAEw3GWCaqYhMtx83

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a53c5a32935b7fe20033ce28b9dee029.safeframe.googlesyndication.com
ajax.googleapis.com
cdn.ampproject.org
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
moneymatteronline.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
teraboxlinks.com
topglinks.xyz
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
ep1.adtrafficquality.google
securepubads.g.doubleclick.net
142.250.217.132
142.250.66.194
142.250.71.66
172.217.167.98
172.67.187.94
172.67.217.233
2404:6800:4006:80a::2001
2404:6800:4006:80a::200e
2404:6800:4006:810::2003
2404:6800:4006:810::2008
2404:6800:4006:812::200a
2404:6800:4006:814::2001
2404:6800:4006:814::200a
2606:4700:3033::6815:3e14
2a02:4780:49:ef39:d1ea:e471:f0c0:b1dc
0455988396f18917971f8488e39d303cde4070f8a7f8ac6f02178dffbcb5dd1d
07c69616bda6f173cff340ef0153e8166faf10bcd3921fbd66ec3df89e73176b
0930b188eb44d860bc8eb76c9c5e5b07fc536358628158eb6fe13fa7b4614668
0b2e827a0f9be8e55cba772babf41508aae59fbb755048fb0aec9924fd029424
10de50050f69b2b9c126da057556fdb447a99fb0bfadeb97e41d044ff0c8797f
162c93fee4149ab46679800b88c9314c0e41ab50f87fb5f68e1dc5702c2551f7
173bebcdcdcabced4ecc45407a76c498867d3d2e477544f7fb9d201a10c1d21a
23fe30c8fa5b02d68ba620d23e8e6a58f6fdf847e5e4f0c65363f509420a8dfd
2581cd23b6a54d1a00c404c4f4270e240a696d08ac3d980d01d5702068c7f132
28f6ada997873a7e073fc506b93f86b6d2be7de4cc6ae085557bc322cc6df331
31c4a9e2a42e8cafe21488e69abb8f96688a26e5db5509ef3619311c485eae5f
395121e5b9981325951ef88bec68d065d23087b16a70d4459109e1dd84a10936
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
519bbf45f225e1216697842aa5dcf2024ed4f8a145e5f5855cd031283369226f
53315e3465134575debc3dc6ea5f39a247bf5f88c0d42d6f1bf8d3870ee6f691
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
56a275514167bf676f43de753e75af581e77e3d1c42a5e9567e2041ee0972a99
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
70107ffc32ad4d71cd60326200274c1e8bace923519c617881c1c26335d47f8c
73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116
851310eb10549e3877f5800af8940f75a2939f5cf490b424ec5390ee18e541d1
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694
968987a637c231c557c786ff7c2b6dc8e3ba6466b02922602ddf6cf7f127a8d2
998525a8adbca474c2b501df87282b6042cd7a88954ba4e15d655a653d414322
b2522c89afa883bef0af1e6041edc46545c40c83ecbf6315ffb46f1c4d6e54bd
bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
c2d45c37bb3bdfe4bc562a812571155fbc3dc059635aa4c9a80560822988508b
c6202686b7761885c1dac55f38898a707410b071df5cbb1acab072c9d1834fb8
d367502e5374fa538b8a022eb39edc2c1c1b75ee35fc0a584dbc0529f8794ac7
d96210682f4ff00bdf5ab0c623c403bdab47f586c2946ee0a32d47c516e61115
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9341cfe582f74b43ace69aaca8493effe6fd1cb54a908053902aced21ced4b9
f9f395d38dd77fbc2772162a36c9a35c8b0544bf1873e46f60d397c419bf1c2a
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

moneymatteronline.com Open in urlscan Pro 2606:4700:3033::6815:3e14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

92 %HTTPS

60 %IPv6

13 Domains

17 Subdomains

15 IPs

3 Countries

1109 kBTransfer

3295 kBSize

19 Cookies

1 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

moneymatteronline.com Open in urlscan Pro
2606:4700:3033::6815:3e14 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

92 %
HTTPS

60 %
IPv6

13
Domains

17
Subdomains

15
IPs

3
Countries

1109 kB
Transfer

3295 kB
Size

19
Cookies

48 HTTP transactions
1 data transactions