urlscan.io logo urlscan.io
SecurityTrails logo

affiliate.moneymax.ph Open in urlscan Pro
65.9.66.22  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hn92k4jr.r.ap-southeast-1.awstrack.me/L0/https://pixel.ekosconnect.com/px?a=3&c=781&p=8&ev=affclk&k=288018cc0fe4460f/1/020e00005d6lbl5...
Effective URL: https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&addrs=true&utm_sourc...
Submission: On April 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 38 HTTP transactions. The main IP is 65.9.66.22, located in United States and belongs to AMAZON-02, US. The main domain is affiliate.moneymax.ph.
TLS certificate: Issued by Amazon on January 27th 2022. Valid for: a year.
This is the only time affiliate.moneymax.ph was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    3.1.86.90 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-86-90.ap-southeast-1.compute.amazonaws.com
hn92k4jr.r.ap-southeast-1.awstrack.me
1    18.140.179.248 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-179-248.ap-southeast-1.compute.amazonaws.com
pixel.ekosconnect.com
8    65.9.66.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-22.fra56.r.cloudfront.net
affiliate.moneymax.ph
3    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    3.1.38.220 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-38-220.ap-southeast-1.compute.amazonaws.com
product-new.moneymax.ph
4    23.36.163.228 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-228.deploy.static.akamaitechnologies.com
analytics.tiktok.com
7    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    151.101.194.217 (United States)

ASN54113 (FASTLY, US)
images.contentstack.io
Apex Domain
Subdomains		 Transfer
10 moneymax.ph
affiliate.moneymax.ph
product-new.moneymax.ph
754 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
59 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 1203
69 KB
4 gstatic.com
fonts.gstatic.com
97 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
3 KB
2 contentstack.io
images.contentstack.io — Cisco Umbrella Rank: 12897
19 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 5640
564 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
376 B
2 google.com
analytics.google.com — Cisco Umbrella Rank: 829
www.google.com — Cisco Umbrella Rank: 7
852 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
155 KB
1 ekosconnect.com
pixel.ekosconnect.com
725 B
1 awstrack.me
hn92k4jr.r.ap-southeast-1.awstrack.me
189 B
38 12
Domain Requested by
8 affiliate.moneymax.ph affiliate.moneymax.ph
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 analytics.tiktok.com affiliate.moneymax.ph
analytics.tiktok.com
4 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com affiliate.moneymax.ph
2 images.contentstack.io
2 www.google.de affiliate.moneymax.ph
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 product-new.moneymax.ph affiliate.moneymax.ph
2 www.googletagmanager.com affiliate.moneymax.ph
www.googletagmanager.com
1 www.google.com affiliate.moneymax.ph
1 analytics.google.com www.googletagmanager.com
1 pixel.ekosconnect.com 1 redirects
1 hn92k4jr.r.ap-southeast-1.awstrack.me 1 redirects
38 14

This site contains links to these domains. Also see Links.

Domain
assets.contentstack.io
www.moneymax.ph
Subject Issuer Validity Valid
*.moneymax.ph
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
moneymax.ph
Amazon		 2022-03-08 -
2023-04-06		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.contentstack.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-08 -
2023-03-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&addrs=true&utm_source=pinpoint&utm_campaign=NL_PH_20220404_WK14_CitiDeLonghiMinor&utm_medium=email&utm_content=content
Frame ID: BB8D61B3A628E1B0AD4CCE2304C89857
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Shell Citi Card | 5% Rebates on Fuel and Tollway Fees

Page URL History Show full URLs

  1. https://hn92k4jr.r.ap-southeast-1.awstrack.me/L0/https://pixel.ekosconnect.com/px?a=3&c=781&p=8&ev=affclk&k=288018cc0fe446... HTTP 302
    https://pixel.ekosconnect.com/px?a=3&c=781&p=8&ev=affclk&k=288018cc0fe4460f HTTP 302
    https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

38
Requests

100 %
HTTPS

57 %
IPv6

12
Domains

14
Subdomains

13
IPs

4
Countries

1158 kB
Transfer

4180 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hn92k4jr.r.ap-southeast-1.awstrack.me/L0/https://pixel.ekosconnect.com/px?a=3&c=781&p=8&ev=affclk&k=288018cc0fe4460f/1/020e00005d6lbl5f-kdo8c37p-95qd-d791-fifl-jp60983p6b00-000000/B3sS9Sol3n4l7bgJATpYBPZvB_0=48 HTTP 302
    https://pixel.ekosconnect.com/px?a=3&c=781&p=8&ev=affclk&k=288018cc0fe4460f HTTP 302
    https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&addrs=true&utm_source=pinpoint&utm_campaign=NL_PH_20220404_WK14_CitiDeLonghiMinor&utm_medium=email&utm_content=content Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request citibank-shell-citi-card
affiliate.moneymax.ph/credit-card/
Redirect Chain
  • https://hn92k4jr.r.ap-southeast-1.awstrack.me/L0/https://pixel.ekosconnect.com/px?a=3&c=781&p=8&ev=affclk&k=288018cc0fe4460f/1/020e00005d6lbl5f-kdo8c37p-95qd-d791-fifl-jp60983p6b00-000000/B3sS9Sol3...
  • https://pixel.ekosconnect.com/px?a=3&c=781&p=8&ev=affclk&k=288018cc0fe4460f
  • https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&addrs=true&utm_source=pinpoint&utm_campaign=NL_PH_20220404_WK14_CitiDeLonghiMinor&utm_mediu...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&addrs=true&utm_source=pinpoint&utm_campaign=NL_PH_20220404_WK14_CitiDeLonghiMinor&utm_medium=email&utm_content=content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-22.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc1bd318a80f392d0e8a7cc2454d0f021f8f81defffcf087800613bda0466378

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
31892
content-encoding
gzip
content-type
text/html
date
Tue, 05 Apr 2022 03:43:12 GMT
etag
W/"612060e11ed3690d2427ee7ffd55ab13"
last-modified
Tue, 22 Feb 2022 04:34:33 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
x-amz-cf-id
fVe9lKzxm5giI4wdSNVokZJwJzBc8LQ8OvLrOQNxI28LaL47NbAjcg==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
null
x-cache
Error from cloudfront

Redirect headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
content-length
540
content-type
text/html; charset=utf-8
date
Tue, 05 Apr 2022 12:34:42 GMT
location
https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&addrs=true&utm_source=pinpoint&utm_campaign=NL_PH_20220404_WK14_CitiDeLonghiMinor&utm_medium=email&utm_content=content
server
openresty/1.15.8.1
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept
x-powered-by
Express
x-robots-tag
noindex, nofollow
css2
fonts.googleapis.com/ 		6 KB
591 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Signika:wght@300;400;500;515;600;700&display=swap
Requested by
Host: affiliate.moneymax.ph
URL: https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&addrs=true&utm_source=pinpoint&utm_campaign=NL_PH_20220404_WK14_CitiDeLonghiMinor&utm_medium=email&utm_content=content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
58b0996d9d4d8e19a33e98a7b63539e8defd3038cb3812234675eb2921a6cd2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 12:34:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 05 Apr 2022 12:34:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Apr 2022 12:34:43 GMT
css2
fonts.googleapis.com/ 		25 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: affiliate.moneymax.ph
URL: https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&addrs=true&utm_source=pinpoint&utm_campaign=NL_PH_20220404_WK14_CitiDeLonghiMinor&utm_medium=email&utm_content=content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
00c8eb28301cf1a0c2ff74264a1b5c80e592fb25c15391b73516823156e06ec2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 12:30:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 05 Apr 2022 12:34:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Apr 2022 12:34:43 GMT
2.7087df95.chunk.css
affiliate.moneymax.ph/static/css/ 		153 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://affiliate.moneymax.ph/static/css/2.7087df95.chunk.css
Requested by
Host: affiliate.moneymax.ph
URL: https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&addrs=true&utm_source=pinpoint&utm_campaign=NL_PH_20220404_WK14_CitiDeLonghiMinor&utm_medium=email&utm_content=content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-22.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd1ec1f6938fd36dc193067585c3fe12d1ccd10777f8488691aea27531208f76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&addrs=true&utm_source=pinpoint&utm_campaign=NL_PH_20220404_WK14_CitiDeLonghiMinor&utm_medium=email&utm_content=content
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Tue, 22 Feb 2022 04:34:33 GMT
server
AmazonS3
age
38756
etag
W/"68988d8ff86553c6192e22095cc75785"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
date
Tue, 05 Apr 2022 01:48:48 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
cu-boFnjQZtdxg-Ghdr3_G_2_43MEl4PnHN1Tu43SVfC9FAwfYwrVA==
main.edf51c1e.chunk.css
affiliate.moneymax.ph/static/css/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://affiliate.moneymax.ph/static/css/main.edf51c1e.chunk.css
Requested by
Host: affiliate.moneymax.ph
URL: https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&addrs=true&utm_source=pinpoint&utm_campaign=NL_PH_20220404_WK14_CitiDeLonghiMinor&utm_medium=email&utm_content=content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-22.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a905a93fcb835e4d1b1271a7f092747e4e54c2b6801da1223150c818bc33dcea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&addrs=true&utm_source=pinpoint&utm_campaign=NL_PH_20220404_WK14_CitiDeLonghiMinor&utm_medium=email&utm_content=content
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Tue, 22 Feb 2022 04:34:33 GMT
server
AmazonS3
age
35989
etag
W/"77bac6d99e245004552f6ed3c2d81f74"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
date
Tue, 05 Apr 2022 02:34:55 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
dZgOfhaDZuKYaO1P0F92RFWI0XDNK4cfKBRK2PliwKCc-ZTAsBEOVw==
2.90392668.chunk.js
affiliate.moneymax.ph/static/js/ 		3 MB
514 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://affiliate.moneymax.ph/static/js/2.90392668.chunk.js
Requested by
Host: affiliate.moneymax.ph
URL: https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&addrs=true&utm_source=pinpoint&utm_campaign=NL_PH_20220404_WK14_CitiDeLonghiMinor&utm_medium=email&utm_content=content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-22.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5eaa83d50bebc291fa1e91ee255c4ce7416599792611af90a5345a38a129a00d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&addrs=true&utm_source=pinpoint&utm_campaign=NL_PH_20220404_WK14_CitiDeLonghiMinor&utm_medium=email&utm_content=content
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Tue, 22 Feb 2022 04:34:33 GMT
server
AmazonS3
age
33331
etag
W/"d4142d547f2bd5f5f248b38856ffe9c0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
date
Tue, 05 Apr 2022 03:19:13 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
pLymAa4WFlFjlTZ_CToEXIMhtQsmPAHrqiIorHu8q3GfKsjcHiWrgw==
main.878ecc9d.chunk.js
affiliate.moneymax.ph/static/js/ 		199 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://affiliate.moneymax.ph/static/js/main.878ecc9d.chunk.js
Requested by
Host: affiliate.moneymax.ph
URL: https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&addrs=true&utm_source=pinpoint&utm_campaign=NL_PH_20220404_WK14_CitiDeLonghiMinor&utm_medium=email&utm_content=content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-22.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4016756fd6b7b9355dc13e9032e55a59c75ec4aed26fb43fe9a9bc8f94ec02a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&addrs=true&utm_source=pinpoint&utm_campaign=NL_PH_20220404_WK14_CitiDeLonghiMinor&utm_medium=email&utm_content=content
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Tue, 22 Feb 2022 04:34:33 GMT
server
AmazonS3
age
33331
etag
W/"dd2741d567822d580beb6941fd247aea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
date
Tue, 05 Apr 2022 03:19:13 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
JfTTWQUPhtg4EKraBO2uztoTQu8n5SFC7w6YcWeAvwY7ym6vmECx-A==
css2
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: affiliate.moneymax.ph
URL: https://affiliate.moneymax.ph/static/css/main.edf51c1e.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bfec213baca23ee06eb0f9e21044c406f41425a93aaac52347b94dfd29db4c75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 12:11:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 05 Apr 2022 12:34:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Apr 2022 12:34:43 GMT
gtm.js
www.googletagmanager.com/ 		290 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N7PLJHT&l=WhiteLabelGTM&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: affiliate.moneymax.ph
URL: https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&addrs=true&utm_source=pinpoint&utm_campaign=NL_PH_20220404_WK14_CitiDeLonghiMinor&utm_medium=email&utm_content=content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
310d831c0893e4214c6d9fced7085a625717dc49d0832d6aa1b0655bd6a9d20f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 12:34:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91698
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Apr 2022 12:34:44 GMT
mmx_logo.477e5e5d.png
affiliate.moneymax.ph/static/media/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://affiliate.moneymax.ph/static/media/mmx_logo.477e5e5d.png
Requested by
Host: affiliate.moneymax.ph
URL: https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&addrs=true&utm_source=pinpoint&utm_campaign=NL_PH_20220404_WK14_CitiDeLonghiMinor&utm_medium=email&utm_content=content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-22.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86c9b90306da97dd19bedccc0070a5327e5e5120254f2b890348ecc29dab0a6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&addrs=true&utm_source=pinpoint&utm_campaign=NL_PH_20220404_WK14_CitiDeLonghiMinor&utm_medium=email&utm_content=content
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 07:07:10 GMT
via
1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
last-modified
Tue, 22 Feb 2022 04:34:34 GMT
server
AmazonS3
age
19655
etag
"477e5e5de02c7770f927aa22defc99ae"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
image/png
content-length
63671
x-amz-cf-id
KV1_0GORG7ZieTmniazQKNhwPsR7Sl7G9Kss1b0ot8q2QG0ZR0tpsg==
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v26/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v26/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://affiliate.moneymax.ph
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 10:24:32 GMT
x-content-type-options
nosniff
age
439812
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12860
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 06:16:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 31 Mar 2023 10:24:32 GMT
graphql
product-new.moneymax.ph/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://product-new.moneymax.ph/graphql
Requested by
Host: affiliate.moneymax.ph
URL: https://affiliate.moneymax.ph/static/js/2.90392668.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.38.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-38-220.ap-southeast-1.compute.amazonaws.com
Software
istio-envoy / Express
Resource Hash
b872998d644201146bd2cd6a775a136e5b7718016a6ba58121babd60e4fecc3a

Request headers

Accept
application/json, text/plain, */*
Referer
https://affiliate.moneymax.ph/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 05 Apr 2022 12:34:45 GMT
content-encoding
gzip
server
istio-envoy
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://affiliate.moneymax.ph
cache-control
max-age=60, public
x-envoy-upstream-service-time
34
content-length
1943
graphql
product-new.moneymax.ph/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://product-new.moneymax.ph/graphql
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.38.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-38-220.ap-southeast-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://affiliate.moneymax.ph
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-headers
Authorization,Content-Type
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin
https://affiliate.moneymax.ph
content-length
0
date
Tue, 05 Apr 2022 12:34:45 GMT
server
istio-envoy
js
www.googletagmanager.com/gtag/ 		176 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3NXHK2V3SJ&l=WhiteLabelGTM&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7PLJHT&l=WhiteLabelGTM&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0f7254932342cb7061cdacd1f037872e871909f5e25ec30649fdd9147dc70fdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 12:34:45 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66129
x-xss-protection
0
expires
Tue, 05 Apr 2022 12:34:45 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		123 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7N1CM96C8J4EI5HL8QG&lib=ttq
Requested by
Host: affiliate.moneymax.ph
URL: https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&addrs=true&utm_source=pinpoint&utm_campaign=NL_PH_20220404_WK14_CitiDeLonghiMinor&utm_medium=email&utm_content=content
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-228.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2bba4f6297c4d6cfeb1a9e8f2511fc1c24f93863728b216bfb213faf0fd7f669

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-akamai-request-id
37b064f.24f6bfa
date
Tue, 05 Apr 2022 12:34:45 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-105-24.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-parent-response-time
93,23.36.161.200
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=7, inner; dur=2
pragma
no-cache
server
nginx
x-tt-logid
20220405123445010113135050169E2200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
7,23.220.105.24
x-tt-trace-host
019fd80e76e1929b5b163e31a01375ecba9495b0f801043f96011b9ac27cc70835b7ee5638737f7761ebf9f0307c159b970c3751eda332effaacd89616b53f65b4179c5078648534b5f2f1076614dc440a1cd178e8a2402aac13bba621166a650b00d3d09a57f76a806c14136bdf0d4dda
expires
Tue, 05 Apr 2022 12:34:45 GMT
optimize.js
www.google-analytics.com/gtm/ 		105 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=OPT-NL8G44H&l=WhiteLabelGTM
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7PLJHT&l=WhiteLabelGTM&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
53536c827cbfac9db49e118df54156adcd3ec0af12060601e46e453dcf4ba24d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 12:34:45 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39667
x-xss-protection
0
expires
Tue, 05 Apr 2022 12:34:45 GMT
collect
analytics.google.com/g/ 		0
351 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-3NXHK2V3SJ&gtm=2oe3u0&_p=475314658&sr=1600x1200&_gaz=1&ul=en-us&cid=1179708794.1649162085&_s=1&dl=https%3A%2F%2Faffiliate.moneymax.ph%2Fcredit-card%2Fcitibank-shell-citi-card%3Fjourney_id%3DJb84feccbf6fed2da%26ad%3Dwk4shc%26addrs%3Dtrue%26utm_source%3Dpinpoint%26utm_campaign%3DNL_PH_20220404_WK14_CitiDeLonghiMinor%26utm_medium%3Demail%26utm_content%3Dcontent&dt=&sid=1649162085&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3NXHK2V3SJ&l=WhiteLabelGTM&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 12:34:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://affiliate.moneymax.ph
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
351 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3NXHK2V3SJ&cid=1179708794.1649162085&gtm=2oe3u0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3NXHK2V3SJ&l=WhiteLabelGTM&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 12:34:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://affiliate.moneymax.ph
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3NXHK2V3SJ&cid=1179708794.1649162085&gtm=2oe3u0&aip=1&z=586853105
Requested by
Host: affiliate.moneymax.ph
URL: https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&addrs=true&utm_source=pinpoint&utm_campaign=NL_PH_20220404_WK14_CitiDeLonghiMinor&utm_medium=email&utm_content=content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 12:34:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7PLJHT&l=WhiteLabelGTM&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3595
date
Tue, 05 Apr 2022 11:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 05 Apr 2022 13:34:50 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=475314658&t=pageview&ni=0&_s=1&dl=https%3A%2F%2Faffiliate.moneymax.ph%2Fcredit-card%2Fcitibank-shell-citi-card%3Fjourney_id%3DJb84feccbf6fed2da%26ad%3Dwk4shc%26addrs%3Dtrue%26utm_source%3Dpinpoint%26utm_campaign%3DNL_PH_20220404_WK14_CitiDeLonghiMinor%26utm_medium%3Demail%26utm_content%3Dcontent&dr=&dp=%2Fcredit-card%2Fcitibank-shell-citi-card%3Fjourney_id%3DJb84feccbf6fed2da%26ad%3Dwk4shc%26addrs%3Dtrue%26utm_source%3Dpinpoint%26utm_campaign%3DNL_PH_20220404_WK14_CitiDeLonghiMinor%26utm_medium%3Demail%26utm_content%3Dcontent&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YIDAAEABQAAAAC~&jid=68228025&gjid=39469800&cid=1905449160.1649162085&tid=UA-42077100-1&_gid=1880153562.1649162086&_r=1&gtm=2wg3u0N7PLJHT&cd1=1905449160.1649162085&cd17=&cd18=credit-card&cd26=Revamped&cd27=Regular&cd28=%2Fcredit-card%2Fcitibank-shell-citi-card%3Fjourney_id%3DJb84feccbf6fed2da%26ad%3Dwk4shc%26addrs%3Dtrue%26utm_source%3Dpinpoint%26utm_campaign%3DNL_PH_20220404_WK14_CitiDeLonghiMinor%26utm_medium%3Demail%26utm_content%3Dcontent&cd65=&z=352768897
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://affiliate.moneymax.ph/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 12:34:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://affiliate.moneymax.ph
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-42077100-1&cid=1905449160.1649162085&jid=68228025&gjid=39469800&_gid=1880153562.1649162086&_u=YIDAAEAAQAAAAC~&z=465042748
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://affiliate.moneymax.ph/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 05 Apr 2022 12:34:45 GMT
content-type
text/plain
access-control-allow-origin
https://affiliate.moneymax.ph
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-42077100-1&cid=1905449160.1649162085&jid=68228025&_u=YIDAAEAAQAAAAC~&z=1505191552
Requested by
Host: affiliate.moneymax.ph
URL: https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&addrs=true&utm_source=pinpoint&utm_campaign=NL_PH_20220404_WK14_CitiDeLonghiMinor&utm_medium=email&utm_content=content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 12:34:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-42077100-1&cid=1905449160.1649162085&jid=68228025&_u=YIDAAEAAQAAAAC~&z=1505191552
Requested by
Host: affiliate.moneymax.ph
URL: https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&addrs=true&utm_source=pinpoint&utm_campaign=NL_PH_20220404_WK14_CitiDeLonghiMinor&utm_medium=email&utm_content=content
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 12:34:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7N1CM96C8J4EI5HL8QG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-228.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-akamai-request-id
d05c893f.24f6f51
date
Tue, 05 Apr 2022 12:34:46 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-104-21.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-parent-response-time
97,23.36.161.200
server-timing
cdn-cache; desc=MISS, edge; dur=86, origin; dur=11, inner; dur=2
pragma
no-cache
server
nginx
x-tt-logid
2022040512344501011313512814185565
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
11,23.220.104.21
x-tt-trace-host
019fd80e76e1929b5b163e31a01375ecba9495b0f801043f96011b9ac27cc70835ec24e9416f33612fed2f0fcc77d8d377d2bf088954236b063060f028099b3515ea6fc6a572b67ff49716ffb84759e2f68dc08b263e4b7edd98f62acdbc9431f108c038f61412a085d28cd9b4fb480aeb
expires
Tue, 05 Apr 2022 12:34:46 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		874 B
955 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C7N1CM96C8J4EI5HL8QG&hostname=affiliate.moneymax.ph
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7N1CM96C8J4EI5HL8QG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-228.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7b6304f472f297ef97d02393cb9ae23e478a89c0896e55818bc9f96a3b2ec6cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-akamai-request-id
24f6ff6
date
Tue, 05 Apr 2022 12:34:46 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=92
content-length
350
pragma
no-cache
server
nginx
x-tt-logid
202204051234460101131352501809BD44
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
92,23.36.161.200
x-tt-trace-host
019fd80e76e1929b5b163e31a01375ecba50e4575ea4c98275c62f0005d9186e30a7bd50d53c268607ab49a809a3f41d7158d260b99ef073bc49ab2e4efd7cc44060501cd555ccd29e82e1a461fb216399cb43b8f0a7b705a2fc42bb31686db887
expires
Tue, 05 Apr 2022 12:34:46 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
709 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C7N1CM96C8J4EI5HL8QG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-228.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://affiliate.moneymax.ph/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
d30a8f57.24f7212
date
Tue, 05 Apr 2022 12:34:46 GMT
x-cache-remote
TCP_MISS from a23-220-104-7.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-)
x-parent-response-time
99,23.36.161.200
server-timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=11, inner; dur=9
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2022040512344601011300606913AB0FDE
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
11,23.220.104.7
x-tt-trace-host
019fd80e76e1929b5b163e31a01375ecba9495b0f801043f96011b9ac27cc70835559ee94e175657f00dbb4b7f0a665460d52f100437f8c0b5709501e09769eaf8dcd819568668a8b2f81419f2ff96b1dca6f08bc684c813de9c96f191838174ea9c5bbad9965a9e1a70c001689e6c2600
expires
Tue, 05 Apr 2022 12:34:46 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=475314658&t=event&ni=1&_s=2&dl=https%3A%2F%2Faffiliate.moneymax.ph%2Fcredit-card%2Fcitibank-shell-citi-card%3Fjourney_id%3DJb84feccbf6fed2da%26ad%3Dwk4shc%26addrs%3Dtrue%26utm_source%3Dpinpoint%26utm_campaign%3DNL_PH_20220404_WK14_CitiDeLonghiMinor%26utm_medium%3Demail%26utm_content%3Dcontent&dr=&dp=%2Fcredit-card%2Fcitibank-shell-citi-card%3Fjourney_id%3DJb84feccbf6fed2da%26ad%3Dwk4shc%26addrs%3Dtrue%26utm_source%3Dpinpoint%26utm_campaign%3DNL_PH_20220404_WK14_CitiDeLonghiMinor%26utm_medium%3Demail%26utm_content%3Dcontent&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=vertical&el=25%25&_u=aIDAAEABQAAAAC~&jid=&gjid=&cid=1905449160.1649162085&tid=UA-42077100-1&_gid=1880153562.1649162086&gtm=2wg3u0N7PLJHT&cd1=1905449160.1649162085&cd17=&cd18=credit-card&cd26=Revamped&cd27=Regular&cd28=%2Fcredit-card%2Fcitibank-shell-citi-card%3Fjourney_id%3DJb84feccbf6fed2da%26ad%3Dwk4shc%26addrs%3Dtrue%26utm_source%3Dpinpoint%26utm_campaign%3DNL_PH_20220404_WK14_CitiDeLonghiMinor%26utm_medium%3Demail%26utm_content%3Dcontent&cd65=&z=437264547
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 07:48:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
17157
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=475314658&t=event&ni=1&_s=3&dl=https%3A%2F%2Faffiliate.moneymax.ph%2Fcredit-card%2Fcitibank-shell-citi-card%3Fjourney_id%3DJb84feccbf6fed2da%26ad%3Dwk4shc%26addrs%3Dtrue%26utm_source%3Dpinpoint%26utm_campaign%3DNL_PH_20220404_WK14_CitiDeLonghiMinor%26utm_medium%3Demail%26utm_content%3Dcontent&dr=&dp=%2Fcredit-card%2Fcitibank-shell-citi-card%3Fjourney_id%3DJb84feccbf6fed2da%26ad%3Dwk4shc%26addrs%3Dtrue%26utm_source%3Dpinpoint%26utm_campaign%3DNL_PH_20220404_WK14_CitiDeLonghiMinor%26utm_medium%3Demail%26utm_content%3Dcontent&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=vertical&el=50%25&_u=aIDAAEABQAAAAC~&jid=&gjid=&cid=1905449160.1649162085&tid=UA-42077100-1&_gid=1880153562.1649162086&gtm=2wg3u0N7PLJHT&cd1=1905449160.1649162085&cd17=&cd18=credit-card&cd26=Revamped&cd27=Regular&cd28=%2Fcredit-card%2Fcitibank-shell-citi-card%3Fjourney_id%3DJb84feccbf6fed2da%26ad%3Dwk4shc%26addrs%3Dtrue%26utm_source%3Dpinpoint%26utm_campaign%3DNL_PH_20220404_WK14_CitiDeLonghiMinor%26utm_medium%3Demail%26utm_content%3Dcontent&cd65=&z=637215492
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 07:48:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
17157
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=475314658&t=event&ni=1&_s=4&dl=https%3A%2F%2Faffiliate.moneymax.ph%2Fcredit-card%2Fcitibank-shell-citi-card%3Fjourney_id%3DJb84feccbf6fed2da%26ad%3Dwk4shc%26addrs%3Dtrue%26utm_source%3Dpinpoint%26utm_campaign%3DNL_PH_20220404_WK14_CitiDeLonghiMinor%26utm_medium%3Demail%26utm_content%3Dcontent&dr=&dp=%2Fcredit-card%2Fcitibank-shell-citi-card%3Fjourney_id%3DJb84feccbf6fed2da%26ad%3Dwk4shc%26addrs%3Dtrue%26utm_source%3Dpinpoint%26utm_campaign%3DNL_PH_20220404_WK14_CitiDeLonghiMinor%26utm_medium%3Demail%26utm_content%3Dcontent&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=vertical&el=75%25&_u=aIDAAEABQAAAAC~&jid=&gjid=&cid=1905449160.1649162085&tid=UA-42077100-1&_gid=1880153562.1649162086&gtm=2wg3u0N7PLJHT&cd1=1905449160.1649162085&cd17=&cd18=credit-card&cd26=Revamped&cd27=Regular&cd28=%2Fcredit-card%2Fcitibank-shell-citi-card%3Fjourney_id%3DJb84feccbf6fed2da%26ad%3Dwk4shc%26addrs%3Dtrue%26utm_source%3Dpinpoint%26utm_campaign%3DNL_PH_20220404_WK14_CitiDeLonghiMinor%26utm_medium%3Demail%26utm_content%3Dcontent&cd65=&z=1009890873
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 07:48:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
17157
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=475314658&t=event&ni=1&_s=5&dl=https%3A%2F%2Faffiliate.moneymax.ph%2Fcredit-card%2Fcitibank-shell-citi-card%3Fjourney_id%3DJb84feccbf6fed2da%26ad%3Dwk4shc%26addrs%3Dtrue%26utm_source%3Dpinpoint%26utm_campaign%3DNL_PH_20220404_WK14_CitiDeLonghiMinor%26utm_medium%3Demail%26utm_content%3Dcontent&dr=&dp=%2Fcredit-card%2Fcitibank-shell-citi-card%3Fjourney_id%3DJb84feccbf6fed2da%26ad%3Dwk4shc%26addrs%3Dtrue%26utm_source%3Dpinpoint%26utm_campaign%3DNL_PH_20220404_WK14_CitiDeLonghiMinor%26utm_medium%3Demail%26utm_content%3Dcontent&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=vertical&el=100%25&_u=aIDAAEABQAAAAC~&jid=&gjid=&cid=1905449160.1649162085&tid=UA-42077100-1&_gid=1880153562.1649162086&gtm=2wg3u0N7PLJHT&cd1=1905449160.1649162085&cd17=&cd18=credit-card&cd26=Revamped&cd27=Regular&cd28=%2Fcredit-card%2Fcitibank-shell-citi-card%3Fjourney_id%3DJb84feccbf6fed2da%26ad%3Dwk4shc%26addrs%3Dtrue%26utm_source%3Dpinpoint%26utm_campaign%3DNL_PH_20220404_WK14_CitiDeLonghiMinor%26utm_medium%3Demail%26utm_content%3Dcontent&cd65=&z=1996275368
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 07:48:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
17157
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
mmx_logo.477e5e5d.png
affiliate.moneymax.ph/static/media/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://affiliate.moneymax.ph/static/media/mmx_logo.477e5e5d.png
Requested by
Host: affiliate.moneymax.ph
URL: https://affiliate.moneymax.ph/static/js/2.90392668.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-22.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86c9b90306da97dd19bedccc0070a5327e5e5120254f2b890348ecc29dab0a6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/credit-card/citibank-shell-citi-card?journey_id=Jb84feccbf6fed2da&ad=wk4shc&addrs=true&utm_source=pinpoint&utm_campaign=NL_PH_20220404_WK14_CitiDeLonghiMinor&utm_medium=email&utm_content=content
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 07:07:10 GMT
via
1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
last-modified
Tue, 22 Feb 2022 04:34:34 GMT
server
AmazonS3
age
19658
etag
"477e5e5de02c7770f927aa22defc99ae"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
image/png
content-length
63671
x-amz-cf-id
1RpAYd1_ZNjaqR69AhuNanuHgssgkNKaik_qRsqHqQkna5SwAR9QBQ==
truncated
/ 		116 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb6e5c404a37c651f712e83ae10bd203c84c92a6726ed9fa53ea08bbf252947b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
bariol_regular.fe4c1a4b.ttf
affiliate.moneymax.ph/static/media/ 		83 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://affiliate.moneymax.ph/static/media/bariol_regular.fe4c1a4b.ttf
Requested by
Host: affiliate.moneymax.ph
URL: https://affiliate.moneymax.ph/static/css/main.edf51c1e.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-22.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9eedb03519ac74c183521ba7f4ca04cac7d98d6d79a07476ef9968d899d3dfd0

Request headers

Referer
https://affiliate.moneymax.ph/static/css/main.edf51c1e.chunk.css
Origin
https://affiliate.moneymax.ph
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Tue, 22 Feb 2022 04:34:34 GMT
server
AmazonS3
age
51918
etag
W/"fe4c1a4b7dd202468d24660f719c9f47"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/ttf
via
1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
date
Mon, 04 Apr 2022 22:09:30 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
OTfMY5uQ5JdQz3ZeAZSLFAkn1xX3d6LdGyDJRN5OxW4THfPBw2gUEg==
vEFR2_JTCgwQ5ejvG1EmBg.woff2
fonts.gstatic.com/s/signika/v18/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/signika/v18/vEFR2_JTCgwQ5ejvG1EmBg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Signika:wght@300;400;500;515;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
493ff6ec3c4d91b5fe47f694cb2d2b76d978fe7b078a27393072d407b6a6d2a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://affiliate.moneymax.ph
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 16:38:11 GMT
x-content-type-options
nosniff
age
590196
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39900
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:24:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Mar 2023 16:38:11 GMT
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v26/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v26/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://affiliate.moneymax.ph
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 10:24:32 GMT
x-content-type-options
nosniff
age
439815
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12684
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 06:17:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 31 Mar 2023 10:24:32 GMT
vEFR2_JTCgwQ5ejvG18mBkho.woff2
fonts.gstatic.com/s/signika/v18/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/signika/v18/vEFR2_JTCgwQ5ejvG18mBkho.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Signika:wght@300;400;500;515;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0c929295fec9651c1b3495413c8536e1b3ce96f26067fa4a2ad2bed308befc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://affiliate.moneymax.ph
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 08:50:58 GMT
x-content-type-options
nosniff
age
13429
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32684
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:23:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 05 Apr 2023 08:50:58 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cfdfdff24a067f2680d5d5d376ee1c4dac21c792d0f27c7fdd160e9bed1ce847

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
CitiBank.webp
images.contentstack.io/v3/assets/bltc280070db38552b7/blte169265509bca3d5/5f4f716c2931d52510314c4a/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.contentstack.io/v3/assets/bltc280070db38552b7/blte169265509bca3d5/5f4f716c2931d52510314c4a/CitiBank.webp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5628d6f56794128ef827dabcc27f368e803515dc6457b9e572ac333a69a3594e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 12:34:47 GMT
via
1.1 varnish, 1.1 varnish
age
557968
x-cache
HIT, HIT
fastly-io-info
ifsz=9778 idim=325x250 ifmt=webp ofsz=9778 odim=325x250 ofmt=webp
content-disposition
inline; filename=CitiBank.webp
fastly-stats
io=1
content-length
9778
fastly-io-warning
Failed to shrink image
x-served-by
cache-sjc10048-SJC, cache-hhn4054-HHN
x-runtime
78ms
x-request-id
49315
x-timer
S1649162088.963587,VS0,VE1
x-contentstack-organization
bltfb145cbb0f92edb2
etag
"H8frnVCut8uZ9cmsyvuU0P1aoMjGR39lQ+4wyOn33Gw"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
shell.webp
images.contentstack.io/v3/assets/bltc280070db38552b7/blt54a04b0743826158/5f446173c982f501a32889ab/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.contentstack.io/v3/assets/bltc280070db38552b7/blt54a04b0743826158/5f446173c982f501a32889ab/shell.webp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
44750dd631e43371f2b6233bcd9a988216ec0baee8a120aaa3a8ad2aaeb3dcb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://affiliate.moneymax.ph/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 12:34:48 GMT
via
1.1 varnish, 1.1 varnish
age
229232
x-cache
HIT, MISS
fastly-io-info
ifsz=8968 idim=578x385 ifmt=webp ofsz=8968 odim=578x385 ofmt=webp
content-disposition
inline; filename=shell.webp
fastly-stats
io=1
content-length
8968
fastly-io-warning
Failed to shrink image
x-served-by
cache-sjc10058-SJC, cache-hhn4054-HHN
x-runtime
73ms
x-request-id
32550
x-timer
S1649162088.963680,VS0,VE147
x-contentstack-organization
bltfb145cbb0f92edb2
etag
"iCfz4LmibxAPQSZ+VoIO2Fm4QVTa2EpkSUsUWPR2tA8"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| webpackJsonpmmx-whitelabel object| regeneratorRuntime function| _ object| dataLayer object| WhiteLabelGTM object| google_tag_manager undefined| mui string| TiktokAnalyticsObject object| ttq function| C55 object| config55 string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaGlobal function| onYouTubeIframeAPIReady object| google_optimize object| gaplugins object| gaData function| _UA-42077100-1_originalSendTask object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge

14 Cookies

Domain/Path Name / Value
pixel.ekosconnect.com/px Name: route
Value: 1649162083.548.44.538086
pixel.ekosconnect.com/ Name: user
Value: 6ea56b06-f208-4c7b-a539-2e60b083e06f
pixel.ekosconnect.com/ Name: ac-afid
Value: 3
pixel.ekosconnect.com/ Name: ac-cid
Value: 781
pixel.ekosconnect.com/ Name: ac-pid
Value: 8
pixel.ekosconnect.com/ Name: ac-jid
Value: Jb84feccbf6fed2da
.moneymax.ph/ Name: cag_moneymax_utmsource
Value: pinpoint
.moneymax.ph/ Name: cag_moneymax_utmcontent
Value: content
.moneymax.ph/ Name: cag_moneymax_utmcampaign
Value: NL_PH_20220404_WK14_CitiDeLonghiMinor
.moneymax.ph/ Name: cag_moneymax_utmmedium
Value: email
.moneymax.ph/ Name: _gid
Value: GA1.2.1880153562.1649162086
.moneymax.ph/ Name: _gat__ga
Value: 1
.moneymax.ph/ Name: _ga_3NXHK2V3SJ
Value: GS1.1.1649162085.1.0.1649162086.59
.moneymax.ph/ Name: _ga
Value: GA1.1.1905449160.1649162085

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affiliate.moneymax.ph
analytics.google.com
analytics.tiktok.com
fonts.googleapis.com
fonts.gstatic.com
hn92k4jr.r.ap-southeast-1.awstrack.me
images.contentstack.io
pixel.ekosconnect.com
product-new.moneymax.ph
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
151.101.194.217
18.140.179.248
23.36.163.228
2a00:1450:4001:801::2003
2a00:1450:4001:803::2003
2a00:1450:4001:812::2008
2a00:1450:4001:813::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2004
2a00:1450:400c:c0c::9b
3.1.38.220
3.1.86.90
65.9.66.22
00c8eb28301cf1a0c2ff74264a1b5c80e592fb25c15391b73516823156e06ec2
0f7254932342cb7061cdacd1f037872e871909f5e25ec30649fdd9147dc70fdf
2bba4f6297c4d6cfeb1a9e8f2511fc1c24f93863728b216bfb213faf0fd7f669
310d831c0893e4214c6d9fced7085a625717dc49d0832d6aa1b0655bd6a9d20f
44750dd631e43371f2b6233bcd9a988216ec0baee8a120aaa3a8ad2aaeb3dcb4
493ff6ec3c4d91b5fe47f694cb2d2b76d978fe7b078a27393072d407b6a6d2a9
53536c827cbfac9db49e118df54156adcd3ec0af12060601e46e453dcf4ba24d
5628d6f56794128ef827dabcc27f368e803515dc6457b9e572ac333a69a3594e
58b0996d9d4d8e19a33e98a7b63539e8defd3038cb3812234675eb2921a6cd2b
5eaa83d50bebc291fa1e91ee255c4ce7416599792611af90a5345a38a129a00d
7b6304f472f297ef97d02393cb9ae23e478a89c0896e55818bc9f96a3b2ec6cf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86c9b90306da97dd19bedccc0070a5327e5e5120254f2b890348ecc29dab0a6b
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
9eedb03519ac74c183521ba7f4ca04cac7d98d6d79a07476ef9968d899d3dfd0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4016756fd6b7b9355dc13e9032e55a59c75ec4aed26fb43fe9a9bc8f94ec02a
a905a93fcb835e4d1b1271a7f092747e4e54c2b6801da1223150c818bc33dcea
ae0c929295fec9651c1b3495413c8536e1b3ce96f26067fa4a2ad2bed308befc
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b872998d644201146bd2cd6a775a136e5b7718016a6ba58121babd60e4fecc3a
bfec213baca23ee06eb0f9e21044c406f41425a93aaac52347b94dfd29db4c75
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
cb6e5c404a37c651f712e83ae10bd203c84c92a6726ed9fa53ea08bbf252947b
cd1ec1f6938fd36dc193067585c3fe12d1ccd10777f8488691aea27531208f76
cfdfdff24a067f2680d5d5d376ee1c4dac21c792d0f27c7fdd160e9bed1ce847
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc1bd318a80f392d0e8a7cc2454d0f021f8f81defffcf087800613bda0466378