orders.moneymappress.com Open in urlscan Pro
18.66.122.106 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://events-b.mb.moneymorning.com/z/h0h9xg0j4?uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&ut...
Effective URL:
https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_ei...
Submission: On September 20 via api (September 20th 2022, 9:06:48 pm UTC) from BE — Scanned from DE

Summary HTTP 261 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 46 IPs in 6 countries across 33 domains to perform 261 HTTP transactions. The main IP is 18.66.122.106, located in United States and belongs to AMAZON-02, US. The main domain is orders.moneymappress.com. The Cisco Umbrella rank of the primary domain is 814432.
TLS certificate: Issued by R3 on August 4th 2022. Valid for: 3 months.

This is the only time orders.moneymappress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6810:d03f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	161.129.26.12 161.129.26.12	11372 (14WEST-AS) (14WEST-AS)
1 7	18.66.122.106 18.66.122.106	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206e:2400:18:2d84:13c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
4	151.101.130.182 151.101.130.182	54113 (FASTLY) (FASTLY)
9	52.216.92.133 52.216.92.133	16509 (AMAZON-02) (AMAZON-02)
7	2600:9000:205... 2600:9000:2057:1a00:a:bd2b:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
27	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
10	35.80.101.90 35.80.101.90	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.91 65.9.66.91	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.122.34 18.66.122.34	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::2013	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.27.21 13.32.27.21	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 32	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1 20	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.18.22.230 104.18.22.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	18.66.147.113 18.66.147.113	16509 (AMAZON-02) (AMAZON-02)
1	34.251.196.147 34.251.196.147	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.110 18.66.112.110	16509 (AMAZON-02) (AMAZON-02)
1 27	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2620:1ec:27::... 2620:1ec:27::cafe:1835	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.202.161.146 18.202.161.146	16509 (AMAZON-02) (AMAZON-02)
3	20.84.22.197 20.84.22.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:303... 2606:4700:3035::6815:5908	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	173.199.143.227 173.199.143.227	32244 (LIQUIDWEB) (LIQUIDWEB)
1	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2606:4700:20:... 2606:4700:20::681a:316	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	18.211.120.181 18.211.120.181	14618 (AMAZON-AES) (AMAZON-AES)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2	70.42.32.127 70.42.32.127	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	2a04:4e42:200... 2a04:4e42:200::300	54113 (FASTLY) (FASTLY)
2	35.82.76.103 35.82.76.103	16509 (AMAZON-02) (AMAZON-02)
261	46

1 2606:4700::6810:d03f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

events-b.mb.moneymorning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 161.129.26.12 (United States) 2 redirects

ASN11372 (14WEST-AS, US)

pro.moneymappressinfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.66.122.106 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-106.fra60.r.cloudfront.net

orders.moneymappress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:2400:18:2d84:13c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.web-purchases.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.130.182 (United States)

ASN54113 (FASTLY, US)

core.spreedly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.216.92.133 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2057:1a00:a:bd2b:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

prd.files.irisplus.14west.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.80.101.90 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-80-101-90.us-west-2.compute.amazonaws.com

ssl.kaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-91.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebasestorage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-34.fra60.r.cloudfront.net

cdn.getblueshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

itm.itstracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.22.230 (None, )

ASN13335 (CLOUDFLARENET, US)

data.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-113.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.196.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-196-147.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:27::cafe:1835 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.161.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-161-146.eu-west-1.compute.amazonaws.com

ws12.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.84.22.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

f.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:5908 (United States)

ASN13335 (CLOUDFLARENET, US)

px.khmtrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.199.143.227 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: trkr.trklvr.com

px1.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:316 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.211.120.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-120-181.compute-1.amazonaws.com

app-14west-trackmate-dev.apps.c4.us-east-1.dev.aws.ocp.14west.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.127 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.82.76.103 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-76-103.us-west-2.compute.amazonaws.com

api.getblueshift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 pubads.g.doubleclick.net — Cisco Umbrella Rank: 437	55 KB
33	google.de www.google.de — Cisco Umbrella Rank: 6352	2 KB
33	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 5636 www.google.com — Cisco Umbrella Rank: 2	3 KB
27	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	1 MB
20	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 375 c.bing.com — Cisco Umbrella Rank: 220	16 KB
18	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	79 KB
10	kaptcha.com ssl.kaptcha.com — Cisco Umbrella Rank: 9352	33 KB
10	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 293 fonts.googleapis.com — Cisco Umbrella Rank: 40 maps.googleapis.com — Cisco Umbrella Rank: 358 firebasestorage.googleapis.com — Cisco Umbrella Rank: 4435	272 KB
9	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 557 f.clarity.ms — Cisco Umbrella Rank: 5205 c.clarity.ms — Cisco Umbrella Rank: 998	30 KB
9	amazonaws.com s3.amazonaws.com	1 MB
7	lytics.io c.lytics.io — Cisco Umbrella Rank: 5783	53 KB
7	14west.us prd.files.irisplus.14west.us	2 MB
7	moneymappress.com 1 redirects orders.moneymappress.com — Cisco Umbrella Rank: 814432	173 KB
5	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 128	77 KB
5	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 591 script.hotjar.com — Cisco Umbrella Rank: 779 vars.hotjar.com — Cisco Umbrella Rank: 852 in.hotjar.com — Cisco Umbrella Rank: 1671 ws12.hotjar.com — Cisco Umbrella Rank: 60452	69 KB
4	gstatic.com fonts.gstatic.com maps.gstatic.com	53 KB
4	spreedly.com core.spreedly.com — Cisco Umbrella Rank: 27005	94 KB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2418 tr.outbrain.com — Cisco Umbrella Rank: 2246	4 KB
3	itstracking.com itm.itstracking.com — Cisco Umbrella Rank: 723163	8 KB
3	getblueshift.com cdn.getblueshift.com — Cisco Umbrella Rank: 11738 api.getblueshift.com — Cisco Umbrella Rank: 10114	3 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 392	50 KB
2	moneymappressinfo.com 2 redirects pro.moneymappressinfo.com — Cisco Umbrella Rank: 771055	2 KB
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 697	369 B
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 215	607 B
1	14west.io app-14west-trackmate-dev.apps.c4.us-east-1.dev.aws.ocp.14west.io
1	px1.co px1.co — Cisco Umbrella Rank: 884582	661 B
1	khmtrack.com px.khmtrack.com — Cisco Umbrella Rank: 905883	1 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 326	9 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2093	257 B
1	dianomi.com data.dianomi.com — Cisco Umbrella Rank: 8910	449 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 654	30 KB
1	web-purchases.com images.web-purchases.com — Cisco Umbrella Rank: 819177	13 KB
1	moneymorning.com 1 redirects events-b.mb.moneymorning.com — Cisco Umbrella Rank: 976161	788 B
261	33

	Domain	Requested by
33	www.google.de	orders.moneymappress.com
32	www.google.com	1 redirects orders.moneymappress.com
27	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
27	www.googletagmanager.com	orders.moneymappress.com images.web-purchases.com www.googletagmanager.com itm.itstracking.com px.khmtrack.com px1.co
19	bat.bing.com	itm.itstracking.com bat.bing.com orders.moneymappress.com
18	www.google-analytics.com	images.web-purchases.com orders.moneymappress.com www.googletagmanager.com www.google-analytics.com
10	ssl.kaptcha.com	orders.moneymappress.com images.web-purchases.com ssl.kaptcha.com
9	stats.g.doubleclick.net	images.web-purchases.com orders.moneymappress.com www.googletagmanager.com
9	s3.amazonaws.com	orders.moneymappress.com
7	c.lytics.io	orders.moneymappress.com c.lytics.io
7	prd.files.irisplus.14west.us	orders.moneymappress.com
7	orders.moneymappress.com	1 redirects orders.moneymappress.com images.web-purchases.com
6	maps.googleapis.com	orders.moneymappress.com images.web-purchases.com maps.googleapis.com
5	www.googleadservices.com	www.googletagmanager.com
4	www.clarity.ms	bat.bing.com www.clarity.ms
4	core.spreedly.com	orders.moneymappress.com core.spreedly.com
3	f.clarity.ms	images.web-purchases.com
3	itm.itstracking.com	www.googletagmanager.com images.web-purchases.com
2	api.getblueshift.com	images.web-purchases.com
2	tr.outbrain.com	amplify.outbrain.com
2	c.clarity.ms	1 redirects
2	maps.gstatic.com	orders.moneymappress.com
2	fonts.gstatic.com	fonts.googleapis.com
2	firebasestorage.googleapis.com	orders.moneymappress.com firebasestorage.googleapis.com
2	cdn.jsdelivr.net	orders.moneymappress.com
2	pro.moneymappressinfo.com	2 redirects
1	trc.taboola.com
1	bam.nr-data.net	js-agent.newrelic.com
1	app-14west-trackmate-dev.apps.c4.us-east-1.dev.aws.ocp.14west.io	firebasestorage.googleapis.com
1	pubads.g.doubleclick.net
1	amplify.outbrain.com	orders.moneymappress.com
1	px1.co	orders.moneymappress.com
1	px.khmtrack.com	orders.moneymappress.com
1	c.bing.com	1 redirects
1	js-agent.newrelic.com	images.web-purchases.com
1	ws12.hotjar.com	images.web-purchases.com
1	vc.hotjar.io	images.web-purchases.com
1	in.hotjar.com	images.web-purchases.com
1	vars.hotjar.com	static.hotjar.com
1	data.dianomi.com	orders.moneymappress.com
1	region1.analytics.google.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	cdn.getblueshift.com	orders.moneymappress.com
1	static.hotjar.com	orders.moneymappress.com
1	code.jquery.com	orders.moneymappress.com
1	fonts.googleapis.com	orders.moneymappress.com
1	ajax.googleapis.com	orders.moneymappress.com
1	images.web-purchases.com	orders.moneymappress.com
1	events-b.mb.moneymorning.com	1 redirects
261	49

This site contains links to these domains. Also see Links.

Domain
moneymappress.com
privacyportal-cdn.onetrust.com

Subject Issuer	Validity	Valid
orders.moneymorninglive.com R3	`2022-08-04` - `2022-11-02`	3 months	crt.sh
images.web-purchases.com Amazon	`2022-06-16` - `2023-07-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh
*.spreedly.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-16` - `2023-01-16`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
prd.files.irisplus.14west.us Amazon	`2022-09-05` - `2023-10-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
ssl.kaptcha.com Thawte RSA CA 2018	`2021-11-01` - `2022-11-27`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.getblueshift.com Amazon	`2022-08-09` - `2023-09-07`	a year	crt.sh
itm.itstracking.com GTS CA 1D4	`2022-08-28` - `2022-11-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
dianomi.com Cloudflare Inc ECC CA-3	`2022-05-03` - `2023-05-03`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.hotjar.io Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-31` - `2023-05-31`	a year	crt.sh
px1.co cPanel, Inc. Certification Authority	`2022-09-04` - `2022-12-03`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.apps.c4.us-east-1.dev.aws.ocp.14west.io R3	`2022-09-05` - `2022-12-04`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Frame ID: 89008976001EFA352B4044751B4028A1
Requests: 249 HTTP requests in this frame

Frame: https://ssl.kaptcha.com/logo.htm?m=171440&s=5e7f220ff4184f4183dbf4b9413b1048
Frame ID: 17B540DD664DB122E2E98008C91E18A8
Requests: 6 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 05F5D69095946B4E7938077A121BD9A2
Requests: 1 HTTP requests in this frame

Frame: https://firebasestorage.googleapis.com/v0/b/trackmate-9ae7e.appspot.com/o/tmalternate.html?alt=media
Frame ID: B601AD687818B22E453A0718CB20B097
Requests: 1 HTTP requests in this frame

Frame: https://core.spreedly.com/v1/embedded/number-frame-1.92.html
Frame ID: 5F522287B8438534E72EAFC0AA88A95B
Requests: 2 HTTP requests in this frame

Frame: https://core.spreedly.com/v1/embedded/cvv-frame-1.92.html
Frame ID: 4E03F3457E63D81F3360257638016F3A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hyperdrive Portfolio

Page URL History Show full URLs

https://events-b.mb.moneymorning.com/z/h0h9xg0j4?uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&mid=15594104-50dc-48f5-... HTTP 307
https://pro.moneymappressinfo.com/m/2084035?bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8... HTTP 301
https://pro.moneymappressinfo.com/o/ZENZOMBIEQTR/EZENY9CG?bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_... HTTP 302
https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-... HTTP 302
https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

261
Requests

99 %
HTTPS

51 %
IPv6

33
Domains

49
Subdomains

46
IPs

6
Countries

5851 kB
Transfer

10140 kB
Size

51
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://moneymappress.com/contact-money-map-press-customer-service/
Title: Customer Service

Search URL Search Domain Scan URL

URL: https://moneymappress.com/terms-conditions/
Title: terms and conditions

Search URL Search Domain Scan URL

URL: https://moneymappress.com/privacy-policy/
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://moneymappress.com/
Title: https://moneymappress.com

Search URL Search Domain Scan URL

URL: https://privacyportal-cdn.onetrust.com/dsarwebform/90ddaa87-9d70-4282-9d4f-d6cbd96bd224/8e4d2e53-252b-43f9-bc34-4957710f41e7.html
Title: Do Not Sell My Information

Search URL Search Domain Scan URL

URL: https://moneymappress.com/sales-tax-information/
Title: Sales Tax Info

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://events-b.mb.moneymorning.com/z/h0h9xg0j4?uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_ek=2022-09-20T20:30:37Z&bsft_mime_type=html&bsft_tv=6&bsft_lx=2 HTTP 307
https://pro.moneymappressinfo.com/m/2084035?bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6 HTTP 301
https://pro.moneymappressinfo.com/o/ZENZOMBIEQTR/EZENY9CG?bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6 HTTP 302
https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6 HTTP 302
https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 120

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/834194545/?random=1663708001839&cv=9&fst=1663708001839&num=1&fmt=3&value=0&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dorderform%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dmmp-unknown&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/834194545/?random=1663708001839&cv=9&fst=1663707600000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dorderform%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dmmp-unknown&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&is_vtc=1&random=844877204&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/834194545/?random=1663708001839&cv=9&fst=1663707600000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dorderform%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dmmp-unknown&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&is_vtc=1&random=844877204&resp=GooglemKTybQhCsO&ipr=y

Request Chain 158

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=208D41A181F144BDA568F8371D4B1ED9&RedC=c.clarity.ms&MXFR=1C744B4AFF5C683428C7596FFB5C6678 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=208D41A181F144BDA568F8371D4B1ED9&MUID=0A03922B3AB661461529800E3B6460F3

261 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request 1 Show response
orders.moneymappress.com/journey/ZENZOMBIEQTR/
Redirect Chain

https://events-b.mb.moneymorning.com/z/h0h9xg0j4?uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_ek=2022-09-2...
https://pro.moneymappressinfo.com/m/2084035?bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=...
https://pro.moneymappressinfo.com/o/ZENZOMBIEQTR/EZENY9CG?bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_854365...
https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_...
https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_...

236 KB
48 KB

228ms
227ms

Document
text/html

18.66.122.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-106.fra60.r.cloudfront.net

Software

Kestrel /

Resource Hash

b3b30a33834f19920c21047a8ada907b6e10e7bd036c15f47a261d098909f8c0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: br
Content-Length: 48194
Content-Type: text/html
Date: Tue, 20 Sep 2022 21:06:40 GMT
Server: Kestrel
Vary: Accept-Encoding
Via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
X-Amz-Cf-Id: R9dvLapXXJzpUghJCLQgZ1vrC2lJ2OeXzswWiGwthAGEvjuhSPBADg==
X-Amz-Cf-Pop: FRA60-P2
X-Cache: Miss from cloudfront
content-security-policy: frame-ancestors 'self'
x-correlation-id: bcf216e5-e7ef-437c-b712-94807e3006c4
x-robots-tag: noindex

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Tue, 20 Sep 2022 21:06:39 GMT
Location: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Server: Kestrel
Via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 8mXBhUV5Q9-0aIpuwit8LBGjWVJ7A1j_J5j3arfqqbpGvNpYQgrH1Q==
X-Amz-Cf-Pop: FRA60-P2
X-Cache: Miss from cloudfront
content-security-policy: frame-ancestors 'self'
x-correlation-id: dca8970c-2fed-4f43-9917-7814b32cbb2d
x-robots-tag: noindex

GET
H/1.1 200
OK default.css
orders.moneymappress.com/ 3 KB
4 KB 297ms
296ms Stylesheet
text/css 18.66.122.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://orders.moneymappress.com/default.css?v=8
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-106.fra60.r.cloudfront.net
Software: Kestrel /
Resource Hash: 34eaf2ed3c40f04706492a98ad7bbb35381ddcd4507347a06aed173e6f90f17b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 21:06:40 GMT
Via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
Last-Modified: Wed, 14 Sep 2022 17:54:49 GMT
Server: Kestrel
X-Amz-Cf-Pop: FRA60-P2
ETag: "1d8c863152cb616"
X-Cache: RefreshHit from cloudfront
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3222
X-Amz-Cf-Id: Z1b7DmOyr1f_orwGxoEWepCMtiPZeYwjof5hAUFyoUrtgVfbOPTkwg==

GET
H2 200 headScriptsOF.js Show response
images.web-purchases.com/Library-13/ 39 KB
13 KB 280ms
91ms Script
application/javascript 2600:9000:206e:2400:18:2d84:13c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.web-purchases.com/Library-13/headScriptsOF.js
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:2400:18:2d84:13c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b5e7b74114eb4c41c98631217ce4a91db68916eca55e0bae8958083f2fe8df9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: _OHyYCQTw5kqMv8oV35bO6zt_1M7HVgA
content-encoding: gzip
last-modified: Thu, 21 Nov 2019 17:12:51 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1574273524/ctime:1574356272/gid:1000/gname:opiumcdn/md5:28b25bcf96dedc6d2ea9d3fdec842fc6/mode:33188/mtime:1574356272/uid:1000/uname:opiumcdn
age: 15
etag: W/"28b25bcf96dedc6d2ea9d3fdec842fc6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6c9f184c491eed5c51abd110e89bd97a.cloudfront.net (CloudFront)
date: Tue, 20 Sep 2022 21:06:26 GMT
x-amz-replication-status: FAILED
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: 6xXw1_S6oTLKa7D-WchKzcj8C7I1FkOFLpM8u8jfnEVGUihFC94lPA==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
34 KB 58ms
16ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 18:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Sep 2023 18:38:48 GMT

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 63ms
25ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;700;800&family=Oswald:wght@700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ce6a32cd1319f84cec0ed8a51752e18babb866d67aeacfff0e68054d7f6470b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 21:06:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 20 Sep 2022 21:06:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Sep 2022 21:06:40 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/css/ 190 KB
27 KB 76ms
24ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://orders.moneymappress.com/
Origin: https://orders.moneymappress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 5462259
x-jsd-version: 5.2.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 27464
etag: W/"2f88b-Yz6bIW1g1A6raHMXUTTpNbVU+JE"
x-served-by: cache-fra19130-FRA, cache-mxp6983-MXP
x-jsd-version-type: version
date: Tue, 20 Sep 2022 21:06:40 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 iframe-v1.min.js Show response
core.spreedly.com/iframe/ 54 KB
55 KB 100ms
15ms Script
application/javascript 151.101.130.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://core.spreedly.com/iframe/iframe-v1.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

890e5e5924eea088e36bae079d7b314b973225e34f5bb7cf0c83852d9aafa3bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 varnish
etag: "7dfea7b1dc1c7273ad8ea322b59a8968"
age: 1607
x-cache: HIT
content-length: 55670
x-amz-id-2: dUg2AXCjT10vTjj9fh1SLBr8pHqRMjYPIbXblL7JhnZSYDDK5mrAptRTZ9901661lOnVBU4rrzg=
x-served-by: cache-hhn4047-HHN
last-modified: Mon, 19 Sep 2022 15:01:47 GMT
server: AmazonS3
x-timer: S1663708001.568576,VS0,VE0
date: Tue, 20 Sep 2022 21:06:40 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: REQEMQKD7RSZ79CV
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 17

GET
H/1.1 200
OK ZEN%2FHD_logo_KO.png
s3.amazonaws.com/mmpwmc/ 2 KB
3 KB 356ms
128ms Image
image/png 52.216.92.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mmpwmc/ZEN%2FHD_logo_KO.png
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.92.133 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b53450950f10aa01c0ca3def059f28838e0b21eafdd5c22e03b53b5f3d709b00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 21:06:42 GMT
Last-Modified: Mon, 15 Aug 2022 19:16:37 GMT
Server: AmazonS3
x-amz-request-id: PEZTV1NHXTBJY34M
ETag: "ad28b2e424a387afc3710914d0429328"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2277
x-amz-id-2: oSS40muxq7oE3w1VmIjEt9tjpXtsAx8btSofjhUYeSeMECwniOvQSBucE4Wgsl0EpMRSuy5isZY=

GET
H2 200 ZENOF_Timebomb_TopBorder.png
prd.files.irisplus.14west.us/MMP/library/ 34 KB
34 KB 129ms
17ms Image
image/png 2600:9000:2057:1a00:a:bd2b:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.files.irisplus.14west.us/MMP/library/ZENOF_Timebomb_TopBorder.png
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1a00:a:bd2b:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 490edd451e22a63eb2a84caf0137836045bd9bc8c3363f88031074974aeaa957

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 20 Sep 2022 05:09:57 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
last-modified: Mon, 19 Sep 2022 15:23:26 GMT
server: AmazonS3
age: 57404
etag: "e3f7fd847b3035161f15049e43883464"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
content-length: 34787
x-amz-cf-id: jlyI2lIfCCAUxhOwfSCJnERSAYQH1_hDNCCRzV1R1ZRUITlOCysJgA==

GET
H2 200 ZENOF_Timebomb_BottomBorder.png
prd.files.irisplus.14west.us/MMP/library/ 35 KB
36 KB 129ms
17ms Image
image/png 2600:9000:2057:1a00:a:bd2b:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.files.irisplus.14west.us/MMP/library/ZENOF_Timebomb_BottomBorder.png
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1a00:a:bd2b:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 98b2a23c63f09f29e8cd0a82d7cd4c6ff257746b60b80d16362814193ed64221

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
etag: "d4f66a9492fa86c447b0ae7e9d14c24c"
last-modified: Mon, 19 Sep 2022 15:23:13 GMT
server: AmazonS3
age: 9343
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
date: Tue, 20 Sep 2022 18:30:58 GMT
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 36095
x-amz-cf-id: ozl-6JP2KaWtMlNqTMv48dOfpUiOfvbVCgfQQ5SBT7O5B7ibixuAXQ==

GET
H/1.1 200
OK ZEN%2Fkick_start_Briefing.png
s3.amazonaws.com/mmpwmc/ 495 KB
495 KB 357ms
129ms Image
image/png 52.216.92.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mmpwmc/ZEN%2Fkick_start_Briefing.png
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.92.133 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8d0b0d52c30e20316cea23ece21639cafdab2a1eaca03f3a555f456ce195df45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 21:06:42 GMT
Last-Modified: Tue, 16 Aug 2022 13:37:16 GMT
Server: AmazonS3
x-amz-request-id: PEZGF6QFDRZ1WBFJ
ETag: "6f3c8d40a637f47a8702399a6f2a5475"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 506385
x-amz-id-2: KhNPH5hGNB7itISmkWxkZJ55sYF2PcieLmvjeCzV/liLY+yoMB/K1AgWekMYLrcG5O+Cpnf6iYo=

GET
H2 200 5_bar_chart_1.gif
prd.files.irisplus.14west.us/MMP/library/ 182 KB
183 KB 129ms
17ms Image
image/gif 2600:9000:2057:1a00:a:bd2b:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.files.irisplus.14west.us/MMP/library/5_bar_chart_1.gif
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1a00:a:bd2b:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 386b7ce865392fe312fe74a7bd8410301ea6ee300d5f01e58588e489742eeea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
etag: "b44dedde8d50c2713e945a1a98256344"
last-modified: Thu, 18 Aug 2022 13:02:58 GMT
server: AmazonS3
age: 36243
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/gif
date: Tue, 20 Sep 2022 11:02:38 GMT
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 186512
x-amz-cf-id: VjiJHW76ZPlTQn16pSjXudsGQXlZy4Krp0LfrKAAYATERjPcujR8JA==

GET
H/1.1 200
OK ZEN%2FTrade_Alert.png
s3.amazonaws.com/mmpwmc/ 343 KB
344 KB 339ms
128ms Image
image/png 52.216.92.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mmpwmc/ZEN%2FTrade_Alert.png
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.92.133 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b751d00182816c8c523d0f9e3f0c1e5d4530aa8b6c73d9f0702cac96a431ecaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 21:06:42 GMT
Last-Modified: Tue, 16 Aug 2022 13:37:16 GMT
Server: AmazonS3
x-amz-request-id: PEZTSPW0FEH7WG1G
ETag: "b1afbe19c4a7063f3e359070c7659cef"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 351467
x-amz-id-2: 16+FWVhkCaMhkg1KNr5a7tsKbGwWfhUlAf0T3sLYAqTTA7cc3twZShTPDgS/iZZXuRquAh8CfDM=

GET
H/1.1 200
OK ZEN%2FProfit_Alert.png
s3.amazonaws.com/mmpwmc/ 321 KB
322 KB 337ms
126ms Image
image/png 52.216.92.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mmpwmc/ZEN%2FProfit_Alert.png
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.92.133 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e7f616f5df36ba638936edd79630e1d97274622dffd30e5295ecd3d33146b8be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 21:06:42 GMT
Last-Modified: Tue, 16 Aug 2022 13:37:15 GMT
Server: AmazonS3
x-amz-request-id: PEZXH417B2N80PET
ETag: "117bbc6e300937624303dadc0be7cea2"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 329001
x-amz-id-2: UmJhn2OBGdmx2i+CNbK8E3EwoaHAuMysRA6t+AkQc08zcTqQ4MOeff61UxA0DLx9KP5558lU5Ic=

GET
H2 200 ZENOF_Timebomb_IMG07.png
prd.files.irisplus.14west.us/MMP/library/ 127 KB
128 KB 54ms
54ms Image
image/png 2600:9000:2057:1a00:a:bd2b:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.files.irisplus.14west.us/MMP/library/ZENOF_Timebomb_IMG07.png
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1a00:a:bd2b:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75920b7a66cbafceb9d2e754d8f4f8da400b9fb6284e4c4b0687dd38896cb45a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
etag: "bfcae939cf677384bb7a8c120df9ded7"
last-modified: Mon, 19 Sep 2022 15:23:19 GMT
server: AmazonS3
age: 9343
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
date: Tue, 20 Sep 2022 18:30:58 GMT
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 130507
x-amz-cf-id: JeWoOx5VBFuF6QztPAaLGskTL5MW_jCmSMyxcZUWi0aiNWhDLwOSHQ==

GET
H/1.1 200
OK ZEN%2FFace1.png
s3.amazonaws.com/mmpwmc/ 96 KB
96 KB 339ms
128ms Image
image/png 52.216.92.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mmpwmc/ZEN%2FFace1.png
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.92.133 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 61364b7a305b3973cdd3b89e5b527f7fb1284afa99f373545480ddc71321b396

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 21:06:42 GMT
Last-Modified: Tue, 16 Aug 2022 15:06:50 GMT
Server: AmazonS3
x-amz-request-id: PEZY82R955T74PK3
ETag: "a70ffda493dae75ef7f9df6bdb20b194"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 98199
x-amz-id-2: EFVL+X/dQN9B3elqbIPOXlJtHYY56R1QDstklQZbw/OnsWsw0eTVOrGOJcSqy6nPKpCcaoAtfhc=

GET
H/1.1 200
OK ZEN%2Fface2.png
s3.amazonaws.com/mmpwmc/ 91 KB
92 KB 335ms
127ms Image
image/png 52.216.92.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mmpwmc/ZEN%2Fface2.png
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.92.133 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 531bf95773f8c914cdc80d184b198f4dc75ca72f4e13d2ef9a326bc9428784cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 21:06:42 GMT
Last-Modified: Tue, 16 Aug 2022 15:06:50 GMT
Server: AmazonS3
x-amz-request-id: PEZM9YHYJ0TY8WC2
ETag: "fb64957b73e028033d509d56b91da1ca"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 93407
x-amz-id-2: R/8sQaO6Zu2m2j/6K9jf+dtp0tGi2m5VZtBVOS12mERS0ni4RtohTlIqvyFvvetY1F8b4KSbewA=

GET
H/1.1 200
OK ZEN%2Fface3.png
s3.amazonaws.com/mmpwmc/ 95 KB
96 KB 127ms
127ms Image
image/png 52.216.92.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mmpwmc/ZEN%2Fface3.png
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.92.133 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 19c000fb099f848d77c1df4a6404f777b125e2473cb60c94525088be6f9d818b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 21:06:42 GMT
Last-Modified: Tue, 16 Aug 2022 15:06:51 GMT
Server: AmazonS3
x-amz-request-id: PEZVN4VQN6ZV8GYG
ETag: "09afc7e83313023c8f838a8b835e031f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 97596
x-amz-id-2: AO0U8NEw0iIBnsroasCbOL7n7OZ7jOGREjbLHDTCm+UFZccU3P9krijK3iEfDTOMs5Z2Qzlfh/Q=

GET
H/1.1 200
OK ZEN%2Fface4.png
s3.amazonaws.com/mmpwmc/ 86 KB
86 KB 116ms
116ms Image
image/png 52.216.92.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mmpwmc/ZEN%2Fface4.png
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.92.133 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 53a85d73fe1080d876c30977454c655f75d85c2ba707f5ec2ad9e2340fb4a5e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 21:06:42 GMT
Last-Modified: Tue, 16 Aug 2022 15:06:50 GMT
Server: AmazonS3
x-amz-request-id: PEZJDM3GVBAB08WB
ETag: "16f299651e6afd480f2b9d1d97c778b5"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 87662
x-amz-id-2: VcMMpafTtler1hLHCUdY8/ON9+9Wzm0uSXOLIZGsn6xL+TonJZDedRpeKjnGBHb5qe0lugNHAXs=

GET
H2 200 WYG_Package_noBG_noShadow.png
prd.files.irisplus.14west.us/MMP/library/ 1000 KB
1002 KB 30ms
30ms Image
image/png 2600:9000:2057:1a00:a:bd2b:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.files.irisplus.14west.us/MMP/library/WYG_Package_noBG_noShadow.png
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1a00:a:bd2b:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22442cb5d5a3b97439bdaac2fca06282de7c280c908daf87bfb2a81f50aa426f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
etag: "7ea4ceae4a24a1c79cf134b989c78acb"
last-modified: Thu, 18 Aug 2022 13:51:12 GMT
server: AmazonS3
age: 36243
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
date: Tue, 20 Sep 2022 11:02:38 GMT
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 1023956
x-amz-cf-id: IQUJVR8ZarV28blWYuTL6T5JoMi-XseB4mg0dWh_EaeHFkD0vNBTOg==

GET
H/1.1 200
OK Signatures%2Fshah-signature.png
s3.amazonaws.com/mmpwmc/ 3 KB
3 KB 117ms
117ms Image
image/png 52.216.92.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mmpwmc/Signatures%2Fshah-signature.png
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.92.133 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a13b913c6b37c1873e10cd062b2edc96e2f585fa6d7ceb93e9cf58ea787b732f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 21:06:42 GMT
Last-Modified: Tue, 22 Mar 2022 16:40:08 GMT
Server: AmazonS3
x-amz-request-id: PEZS6MNGZPN1R69Q
ETag: "2d7987898111c71d29bcf3c9dfdc5c0d"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2823
x-amz-id-2: W5O50+a+p6bjrzsIejUSZMWwsKXQuhmjEyfpAXokoY+RMC1dfwsKboQtThxuz3HiqutCFZF9p1Y=

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 363 KB
100 KB 79ms
41ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MT2SWBG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d924acd7441fc6dbe589249be41a8f3365bca59cd834b0893359b10c51bf757b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101830
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:41 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 169 KB
56 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBXwwfqMeYInKJStA0oNoEd9ko3HkwCDZo&libraries=places&callback=initAutocomplete

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

96abdf41fcc30dc2272ad439c043cd00d4406a079f229cb1e176769bbe7da0cf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:40 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=24
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56650
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:36:40 GMT

GET
H2 200 mmpLogo.png
prd.files.irisplus.14west.us/MMP/library/ 18 KB
18 KB 30ms
30ms Image
image/png 2600:9000:2057:1a00:a:bd2b:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.files.irisplus.14west.us/MMP/library/mmpLogo.png
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1a00:a:bd2b:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7cb126f5a9a1149221612b32adb3d7b221dcf37ce59bc973ecab9eb72d80b00a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
etag: "744c8686a3aaad5d5b5d47a7441ed65e"
last-modified: Thu, 31 Mar 2022 11:54:06 GMT
server: AmazonS3
age: 64880
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
date: Tue, 20 Sep 2022 03:05:21 GMT
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 18300
x-amz-cf-id: -1bqXLrIgckoK302OGTnnXWqXiqspw5CErsAXUWRFPilpsR56pH5Ug==

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/ 78 KB
23 KB 24ms
24ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/bootstrap.bundle.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c0c09020adb6f602b16d48374166b9e38ca92383a81650b6a9097c43cc43f31f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://orders.moneymappress.com/
Origin: https://orders.moneymappress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 5462258
x-jsd-version: 5.2.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23075
etag: W/"137ae-xmO6oFGFa2TXRmKalh4ju/D7r4w"
x-served-by: cache-fra19149-FRA, cache-mxp6983-MXP
x-jsd-version-type: version
date: Tue, 20 Sep 2022 21:06:40 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 152ms
60ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://orders.moneymappress.com/
Origin: https://orders.moneymappress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:40 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-15d84"
vary: Accept-Encoding
x-hw: 1663708000.dop149.fr8.t,1663708000.cds147.fr8.hn,1663708000.cds280.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H/1.1 200
OK countries-state-manager.256bc7646001692428a7.js Show response
orders.moneymappress.com/scripts/ 143 KB
44 KB 299ms
298ms Script
application/javascript 18.66.122.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://orders.moneymappress.com/scripts/countries-state-manager.256bc7646001692428a7.js
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-106.fra60.r.cloudfront.net
Software: Kestrel /
Resource Hash: 37fafe89266c211e75402c672af8c16840093c19b0eb06df1d183f35f3730583

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 21:06:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Sep 2022 18:00:54 GMT
Server: Kestrel
X-Amz-Cf-Pop: FRA60-P2
ETag: "1d8c863eebbe13f"
X-Cache: RefreshHit from cloudfront
Content-Type: application/javascript
Via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44607
X-Amz-Cf-Id: 2gbeywODD5KK8qleDxzQWn9mqN6__y7mytyptNAC9l9l9DTP59-xqA==

GET
H/1.1 200
OK order-form.256bc7646001692428a7.js Show response
orders.moneymappress.com/scripts/ 262 KB
74 KB 151ms
116ms Script
application/javascript 18.66.122.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://orders.moneymappress.com/scripts/order-form.256bc7646001692428a7.js
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-106.fra60.r.cloudfront.net
Software: Kestrel /
Resource Hash: 346a13c312dfbe46734f18bda17d16a1291420ebab90ff607d1f7862fcb28959

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 21:06:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Sep 2022 18:00:54 GMT
Server: Kestrel
X-Amz-Cf-Pop: FRA60-P2
ETag: "1d8c863eeba699e"
X-Cache: RefreshHit from cloudfront
Content-Type: application/javascript
Via: 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 75422
X-Amz-Cf-Id: -9hTWI2mmflVf-dRED3QPLCxjN6FqaEMr9ICOjV8BFzvLMUPg7p44g==

GET
H/1.1 200
OK sdk Show response
ssl.kaptcha.com/collect/ 5 KB
6 KB 602ms
175ms Script
text/javascript 35.80.101.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/collect/sdk?m=171440
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.80.101.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-80-101-90.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 0228980292ff7c813ac421d4489c8690a87104f505d4e581daed294d95253854

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 21:06:41 GMT
X-Correlation-Id: de47846e-460b-4a2c-a0bd-3d30c9ec3124
Transfer-Encoding: chunked
P3p: CP=CAO PSA OUR
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Content-Type: text/javascript
Expires: 0

GET
H/1.1 200
OK logo.gif
ssl.kaptcha.com/ 35 B
360 B 525ms
174ms Image
image/gif 35.80.101.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.kaptcha.com/logo.gif?m=171440
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.80.101.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-80-101-90.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 21:06:41 GMT
X-Correlation-Id: fe945f48-8494-4096-8d7c-6b4b452745ee
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Content-Length: 35
Expires: 0

GET
H/1.1 200
OK capture-page-script.js Show response
orders.moneymappress.com/ 893 B
1 KB 351ms
308ms Script
application/javascript 18.66.122.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://orders.moneymappress.com/capture-page-script.js
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-106.fra60.r.cloudfront.net
Software: Kestrel /
Resource Hash: 3199b959308ce123be98c154d44f291e3496792bc47a3a310fc3931af5f9b8b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 21:06:40 GMT
Via: 1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
Last-Modified: Wed, 14 Sep 2022 17:54:49 GMT
Server: Kestrel
X-Amz-Cf-Pop: FRA60-P2
ETag: "1d8c863152cb9fd"
X-Cache: RefreshHit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 893
X-Amz-Cf-Id: kYusldSpF9PlcuSfVtcF3Z035Bm8oamBTXTXfA5HzkNmJwONUWXwvg==

GET
H2 200 hotjar-3022749.js Show response
static.hotjar.com/c/ 5 KB
3 KB 91ms
18ms Script
application/javascript 65.9.66.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3022749.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-91.fra56.r.cloudfront.net

Software

Resource Hash

cd6cf2881bd3c90fbdf5e9e2c94ec99195273d4b3690b4a841f85eb97b9cac6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=604800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
age: 4
x-cache: Hit from cloudfront
date: Tue, 20 Sep 2022 21:06:41 GMT
cross-origin-resource-policy: cross-origin
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control: max-age=60
etag: W/e5b438aff579ee1cd439cffe1404f1a8
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: U30sjsxSpx8qJfaAo-Ao9b-aXKJ3qwGvZpcu7hzGoxbOoVasxkAkzA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 53ms
14ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6643
date: Tue, 20 Sep 2022 19:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 20 Sep 2022 21:15:58 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 83ms
27ms Script
text/javascript 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2772
date: Tue, 20 Sep 2022 20:20:29 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Tue, 20 Sep 2022 22:20:29 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 113 KB
39 KB 43ms
34ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KNVXK25

Requested by

Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7f14017660414f923d9bc80273a1e17ad763af00030ca5f56ae5ea1eecfe3c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40304
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:41 GMT

GET
H3 404 gtm.js
www.googletagmanager.com/ 0
0 33ms
24ms Script
text/html 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJGWP2
Requested by: Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 trackmate.js Show response
firebasestorage.googleapis.com/v0/b/trackmate-9ae7e.appspot.com/o/ 10 KB
10 KB 797ms
759ms Script
application/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://firebasestorage.googleapis.com/v0/b/trackmate-9ae7e.appspot.com/o/trackmate.js?alt=media
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fe1895864d7f2e96764b18b83f3a504e6542ba522483c15a47b2dd3010ab0de1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:41 GMT
x-guploader-uploadid: ADPycdsO0kPA5N952C_10pM4101LcJGTy6rn6_MCUigBV06HmZSBw_f5RRjBipWTybXf0CH5CKSuJIKvoGWRSduPNTgsWQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9991
last-modified: Wed, 31 Mar 2021 18:51:56 GMT
server: UploadServer
etag: "f079f5c491b47d2f1f8f2fe64749e7ca"
x-goog-hash: crc32c=A1HrAg==, md5=8Hn1xJG0fS8fjy/mR0nnyg==
x-goog-generation: 1617216716254035
cache-control: private, max-age=0
x-goog-stored-content-length: 9991
x-goog-meta-firebasestoragedownloadtokens: 3384f405-5f55-4713-96cd-d50e28c7fd05
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 20 Sep 2022 21:06:41 GMT

GET
H2 200 ZENPOPUP_ConfirmBG.png
prd.files.irisplus.14west.us/MMP/library/ 465 KB
466 KB 115ms
16ms Image
image/png 2600:9000:2057:1a00:a:bd2b:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.files.irisplus.14west.us/MMP/library/ZENPOPUP_ConfirmBG.png
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1a00:a:bd2b:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0621a3b3666de4406965fe0fca7292f91d8ed13185db618f285d9a59a39b581b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
etag: "544de97bd9fa805c4ae44834b04d1e24"
last-modified: Mon, 19 Sep 2022 15:23:27 GMT
server: AmazonS3
age: 9077
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
date: Tue, 20 Sep 2022 18:35:24 GMT
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 475780
x-amz-cf-id: LXizf4cX-x1BFqHxRZk-dCCUN2EU96RTzCdeAu5LU7m6nqtgiBgshA==

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
37 KB 56ms
19ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;700;800&family=Oswald:wght@700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://orders.moneymappress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 16:54:37 GMT
x-content-type-options: nosniff
age: 101523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 16:54:37 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 10 KB
11 KB 54ms
16ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;700;800&family=Oswald:wght@700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://orders.moneymappress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 21:09:51 GMT
x-content-type-options: nosniff
age: 86209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10172
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 21:09:51 GMT

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 859790d507acd06e12295953099b5025fc6d49d41683e0af085c5f8513f3c3c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 61ms
29ms XHR
application/json 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://orders.moneymappress.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/50/5/intl/de_ALL/ 246 KB
68 KB 46ms
15ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/50/5/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBXwwfqMeYInKJStA0oNoEd9ko3HkwCDZo&libraries=places&callback=initAutocomplete

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5df153aa4d76e55bf5adbe4e0c285a2d630715fc4660f70dfa0f1e1a987a5a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 17:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 532365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69222
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 20:19:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 17:13:56 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/50/5/intl/de_ALL/ 158 KB
58 KB 48ms
17ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/50/5/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBXwwfqMeYInKJStA0oNoEd9ko3HkwCDZo&libraries=places&callback=initAutocomplete

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe7a7b711d3ebae8f784cb25f039c4776c2e6efe94c52079e09a344840c8b1b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 17:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 532365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59716
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 20:19:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 17:13:56 GMT

GET
H3 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/50/5/intl/de_ALL/ 91 KB
27 KB 60ms
29ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/50/5/intl/de_ALL/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBXwwfqMeYInKJStA0oNoEd9ko3HkwCDZo&libraries=places&callback=initAutocomplete

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c045966220aeb40a3c997952f5ee81aa313c6f76da11ca2773aa43adb0e1931

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 17:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 532365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27675
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 20:19:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 17:13:56 GMT

GET
H3 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/50/5/intl/de_ALL/ 47 KB
18 KB 66ms
35ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/50/5/intl/de_ALL/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBXwwfqMeYInKJStA0oNoEd9ko3HkwCDZo&libraries=places&callback=initAutocomplete

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ed51ec809fe48468f7bc937aff14ea230e64bff523f45c245ac3e33019a2fed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 17:14:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 532331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17950
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 20:19:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 17:14:30 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 60ms
28ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-173717155-1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2SWBG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9dca2f89b48c2981b5e4651462171969d9baf1cebdb294fb3fda88f1b97a7091

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42228
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:41 GMT

GET
H/1.1 200
OK blueshift.js Show response
cdn.getblueshift.com/ 4 KB
2 KB 66ms
15ms Script
application/javascript 18.66.122.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getblueshift.com/blueshift.js
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-34.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f72ed2dfeef063e009cb45581ae6df3d43bd0cf04c299cbde9ed456ae594f8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 20:58:14 GMT
Content-Encoding: gzip
Age: 508
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1990
Last-Modified: Tue, 08 Feb 2022 00:38:50 GMT
Server: AmazonS3
ETag: "e180e60ec878d69551a1c449b37c6552"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
X-Amz-Cf-Pop: FRA60-P2
Accept-Ranges: bytes
X-Amz-Cf-Id: u79nGKk15kz4EoHxpXv76mC4k0mMcH04e4pgHO0nj_vLlUACN8ZnCw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
73 KB 82ms
52ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1LZXF52W1V

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2SWBG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e250178d383ef2d3639c79f60b3b7ee2d587c7b6f8b658de57b81fc62567dd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74702
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:41 GMT

GET
H2 200 ptrk.js Show response
itm.itstracking.com/ 7 KB
7 KB 183ms
142ms Script
text/javascript 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://itm.itstracking.com/ptrk.js?pageType=universal&partner=mmp
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2SWBG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: d77e0627756cbb16763a8dd01efb9159c124675b4042adeed6e87c2a34ab00ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:41 GMT
server: Google Frontend
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 0380b1dc9b21bdb828152e556c940bc3
cache-control: private
content-length: 7396
expires: Tue, 20 Sep 2022 21:06:41 GMT

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 2 KB
2 KB 63ms
24ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1616
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Tue, 20 Sep 2022 21:06:41 GMT

GET
H3 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 3 KB
3 KB 57ms
23ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3351
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Tue, 20 Sep 2022 21:06:41 GMT

GET
H2 200 modules.f4179535429bf14e77ee.js Show response
script.hotjar.com/ 252 KB
64 KB 62ms
16ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.f4179535429bf14e77ee.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3022749.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

54502058e97eaac693950652b3243bf71346305b1b3c5a2fa479c27dd8d5a73f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 16:01:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18334
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
content-length: 65420
access-control-allow-origin: *
last-modified: Tue, 20 Sep 2022 16:00:26 GMT
etag: "4a99ec558aff503901b33da3d9b4ec1b"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: GPp88YOpmNypYYo2n4aauA2pN8IcNexhC9UAKWTPDZydm37_sSk9RQ==

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 83ms
29ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-47024499-1&cid=1126632108.1663708001&jid=555746779&gjid=1514889537&_gid=358197075.1663708001&_u=IGBAgAABAAAAAE~&z=80665599

Requested by

Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://orders.moneymappress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 20 Sep 2022 21:06:41 GMT
content-type: text/plain
access-control-allow-origin: https://orders.moneymappress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 53ms
22ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1538713115&t=pageview&_s=1&dl=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%253A30%253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP&ul=en-us&de=UTF-8&dt=Hyperdrive%20Portfolio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACAABBAAAAG~&jid=1264804838&gjid=1130569577&cid=1126632108.1663708001&tid=UA-112664600-12&_gid=358197075.1663708001&_r=1&gtm=2wg9j0MT2SWBG&cd21=no&cd23=SHAH%20GILANI&cd25=ZENBS&cd34=Order%20Form&cd44=Order%20Form&cd19=1126632108.1663708001&z=794282094

Requested by

Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://orders.moneymappress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://orders.moneymappress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
15ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1538713115&t=pageview&_s=1&dl=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%253A30%253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP&ul=en-us&de=UTF-8&dt=Hyperdrive%20Portfolio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgAAB~&jid=555746779&gjid=1514889537&cid=1126632108.1663708001&tid=UA-47024499-1&_gid=358197075.1663708001&z=1686992009

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:49:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83843
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 38ms
22ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1538713115&t=pageview&_s=1&dl=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%253A30%253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP&ul=en-us&de=UTF-8&dt=Hyperdrive%20Portfolio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGHACUABBAAAAG~&jid=722739200&gjid=127019032&cid=1126632108.1663708001&tid=UA-173717155-1&_gid=358197075.1663708001&_r=1&gtm=2ou9j0&z=236704722

Requested by

Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://orders.moneymappress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://orders.moneymappress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
15ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1538713115&t=pageview&_s=2&dl=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%253A30%253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP&ul=en-us&de=UTF-8&dt=Hyperdrive%20Portfolio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGHACUABBAAAAG~&jid=&gjid=&cid=1126632108.1663708001&tid=UA-173717155-1&_gid=358197075.1663708001&gtm=2ou9j0&z=565311085

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:49:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83843
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 __utm.gif
stats.g.doubleclick.net/r/ 35 B
55 B 38ms
28ms Image
image/gif 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1901276240&utmhn=orders.moneymappress.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Hyperdrive%20Portfolio&utmhid=1538713115&utmr=-&utmp=%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%25253A30%25253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP&utmht=1663708001246&utmac=UA-2875570-29&utmcc=__utma%3D227907841.1126632108.1663708001.1663708001.1663708001.1%3B%2B__utmz%3D227907841.1663708001.1.1.utmcsr%3Dblueshift%7Cutmccn%3D20220920_ded_ze_nto_zenhot_85436551%7Cutmcmd%3Demail%7Cutmcct%3D20220920_ded_zentozenhot_85436551%3B&utmjid=1956772048&utmredir=3&utmu=qBAAAAAAAAAAAAAAAAABAAAE~

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 20 Sep 2022 21:06:41 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
353 B 65ms
23ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1LZXF52W1V&gtm=2oe9j0&_p=1538713115&_gaz=1&cid=1126632108.1663708001&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663708001&sct=1&seg=0&dl=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%253A30%253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP&dt=Hyperdrive%20Portfolio&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1LZXF52W1V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://orders.moneymappress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 29ms
28ms Ping
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1LZXF52W1V&cid=1126632108.1663708001&gtm=2oe9j0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1LZXF52W1V
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://orders.moneymappress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 64ms
26ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1LZXF52W1V&cid=1126632108.1663708001&gtm=2oe9j0&aip=1&z=1787539550

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 30ms
28ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-112664600-12&cid=1126632108.1663708001&jid=1264804838&gjid=1130569577&_gid=358197075.1663708001&_u=YGDACAABBAAAAG~&z=1747640256

Requested by

Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://orders.moneymappress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 20 Sep 2022 21:06:41 GMT
content-type: text/plain
access-control-allow-origin: https://orders.moneymappress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 28ms
28ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-173717155-1&cid=1126632108.1663708001&jid=722739200&gjid=127019032&_gid=358197075.1663708001&_u=aGHACUABBAAAAG~&z=1030839075

Requested by

Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://orders.moneymappress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 20 Sep 2022 21:06:41 GMT
content-type: text/plain
access-control-allow-origin: https://orders.moneymappress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 80ms
41ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-47024499-1&cid=1126632108.1663708001&jid=555746779&_u=IGBAgAABAAAAAE~&z=1018334404

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 81ms
39ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-47024499-1&cid=1126632108.1663708001&jid=555746779&_u=IGBAgAABAAAAAE~&z=1018334404

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 49ms
41ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-173717155-1&cid=1126632108.1663708001&jid=722739200&_u=aGHACUABBAAAAG~&z=1716019129

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 77ms
35ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-173717155-1&cid=1126632108.1663708001&jid=722739200&_u=aGHACUABBAAAAG~&z=1716019129

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 49ms
41ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-112664600-12&cid=1126632108.1663708001&jid=1264804838&_u=YGDACAABBAAAAG~&z=1372514292

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 60ms
59ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-112664600-12&cid=1126632108.1663708001&jid=1264804838&_u=YGDACAABBAAAAG~&z=1372514292

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK kasupport Show response
ssl.kaptcha.com/collect/ 2 KB
2 KB 521ms
174ms XHR
text/plain 35.80.101.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/collect/kasupport
Requested by: Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.80.101.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-80-101-90.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 23001a0ffc919fcc621dc0744b1901e0c3a24781c77c167a0032e59eab1e90d3

Request headers

Referer: https://orders.moneymappress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 21:06:41 GMT
X-Correlation-Id: abce5754-9ac4-422d-8f7a-6fe505f18f0d
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0

GET
H/1.1 200
OK logo.htm Show response
ssl.kaptcha.com/ Frame 17B5 22 KB
22 KB 175ms
175ms Document
text/html 35.80.101.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/logo.htm?m=171440&s=5e7f220ff4184f4183dbf4b9413b1048
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/collect/sdk?m=171440
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.80.101.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-80-101-90.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: bdc61666bb1988343ca25817bbb8c8dbf9fc2b5c2c7ecfeba3b8411507c60d91

Request headers

Referer: https://orders.moneymappress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache no-store must-revalidate private
Content-Type: text/html
Date: Tue, 20 Sep 2022 21:06:41 GMT
Expires: 0
Pragma: no-cache
Transfer-Encoding: chunked
X-Correlation-Id: f54708a9-b715-483c-9b60-664398215bcf

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 106ms
42ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: itm.itstracking.com
URL: https://itm.itstracking.com/ptrk.js?pageType=universal&partner=mmp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 86E09CB8A5A247F896E81A2BE3912658 Ref B: FRAEDGE1217 Ref C: 2022-09-20T21:06:41Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 20 Sep 2022 21:06:40 GMT
accept-ranges: bytes
content-length: 11367

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
46 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-372746746

Requested by

Host: itm.itstracking.com
URL: https://itm.itstracking.com/ptrk.js?pageType=universal&partner=mmp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

02493a1e0dbfb9223344e31e52d920b6baf76492da34685b9f6e59f54f23943e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46597
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:41 GMT

POST
H2 200 px-page Show response
itm.itstracking.com//api/trk/ 3 B
101 B 146ms
145ms XHR
application/json 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://itm.itstracking.com//api/trk/px-page
Requested by: Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://orders.moneymappress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

access-control-allow-origin: https://orders.moneymappress.com
x-cloud-trace-context: bf477a1025f8e17b3d8beccf524e64f5
server: Google Frontend
date: Tue, 20 Sep 2022 21:06:41 GMT
content-length: 3
vary: Origin
content-type: application/json

GET
H2 200 pixel2
data.dianomi.com/frontend/ 68 B
449 B 107ms
43ms Image
image/png 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.dianomi.com/frontend/pixel2?shortcode=Retargeting_ITM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:41 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=2592000
content-length: 68
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 74dd86c1b8ff920b-FRA
access-control-allow-headers: dianomi-force-dmp

OPTIONS
H2 200 px-page
itm.itstracking.com//api/trk/ Frame 0
0 172ms
133ms Preflight
text/html 2a00:1450:4001:811::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://itm.itstracking.com//api/trk/px-page
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://orders.moneymappress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://orders.moneymappress.com
allow: OPTIONS, HEAD, GET, POST
content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 20 Sep 2022 21:06:41 GMT
server: Google Frontend
vary: Origin
x-cloud-trace-context: 0ce63f5304fc64f99f80f72cc955df30

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 51ms
37ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-197267367-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2SWBG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0511338c1c8726be2593f3f78bc03ab5df4c9f53232340aae609af5ea32b1d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42217
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:41 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 50ms
36ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-452500132&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2SWBG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed8b584f121964664570bfe57aa7c5dc723f3f749f30333d41ca91ccace43954

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46520
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:41 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 52ms
43ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-691150612&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2SWBG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2958f12aa9bb340f10cc0e3d52f9c763c92f113ef730dbf48f96952c785974c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46489
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:41 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 239ms
156ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-372746746

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15697
x-xss-protection: 0
server: cafe
etag: 1764007376392519731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 21:06:41 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 50ms
49ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10780855742&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2SWBG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e80512cd3d77b3b9874f402f3334ee01c2051579bbae145699be91c9dc5ed5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46449
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:41 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
46 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-834194545&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2SWBG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf1611a132ed90e3cdf1b70ae7420b4bf1b491ac2d3d6fd9bc0f1f43a198d8a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46567
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:41 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 160 KB
59 KB 62ms
61ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10844440371&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2SWBG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e5fad85322a0c3bac3a7485a018136df49b341150c5185a799aaed480caba82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60831
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:41 GMT

GET
H2 200 box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response
vars.hotjar.com/ Frame 05F5 2 KB
1 KB 71ms
15ms Document
text/html 18.66.147.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3022749.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-113.fra60.r.cloudfront.net

Software

Resource Hash

867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://orders.moneymappress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1165774
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 09:17:07 GMT
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
vary: Accept-Encoding
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
x-amz-cf-id: RF40Y_T3Qmq9BCeJNhhFikvwYEIrK6X2_LHgVQQEPYydUT0-LDSpbA==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 23ms
23ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1538713115&t=pageview&_s=1&dl=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%253A30%253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP&ul=en-us&de=UTF-8&dt=itmP&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=227907841.1126632108.1663708001.1663708001.1663708001.1&_utmz=227907841.1663708001.1.1.utmcsr%3Dblueshift%7Cutmccn%3D20220920_ded_ze_nto_zenhot_85436551%7Cutmcmd%3Demail%7Cutmcct%3D20220920_ded_zentozenhot_85436551&_utmht=1663708001565&_u=aGHCCUABBAAAAG~&jid=1744861161&gjid=1854391918&cid=1126632108.1663708001&tid=UA-197267367-1&_gid=358197075.1663708001&_r=1&gtm=2ou9j0&cd1=mmp&z=967804340

Requested by

Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://orders.moneymappress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://orders.moneymappress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 36ms
36ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-197267367-1&cid=1126632108.1663708001&jid=1744861161&gjid=1854391918&_gid=358197075.1663708001&_u=aGHCCUABBAAAAG~&z=1433915559

Requested by

Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://orders.moneymappress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 20 Sep 2022 21:06:41 GMT
content-type: text/plain
access-control-allow-origin: https://orders.moneymappress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 13018902.js Show response
bat.bing.com/p/action/ 0
119 B 204ms
204ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13018902.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5CA667B3053844CCBD51DE21135AD4C6 Ref B: FRAEDGE1217 Ref C: 2022-09-20T21:06:41Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 20 Sep 2022 21:06:41 GMT

GET
H2 200 138001041.js Show response
bat.bing.com/p/action/ 1 KB
798 B 332ms
322ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/138001041.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8c827c2f1d808c7bb3c97d23032b6e0a257623ddc3bdc0fd71a6c7becb426197

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7C42305131A444878C8F321D499C74CC Ref B: FRAEDGE1217 Ref C: 2022-09-20T21:06:41Z
date: Tue, 20 Sep 2022 21:06:41 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 668

GET
H2 200 134618217.js Show response
bat.bing.com/p/action/ 1 KB
844 B 142ms
140ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/134618217.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1bed1d8bfda1ea4ac6d55a23c718f8ce730d92935018e0ae0a017a30118710da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D3CE1C90D31743F28D531C461BCC957F Ref B: FRAEDGE1217 Ref C: 2022-09-20T21:06:41Z
date: Tue, 20 Sep 2022 21:06:40 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 668

GET
H2 204 137015898.js Show response
bat.bing.com/p/action/ 0
135 B 150ms
149ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/137015898.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4294D575CC05439DAB74C2B511134074 Ref B: FRAEDGE1217 Ref C: 2022-09-20T21:06:41Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 20 Sep 2022 21:06:40 GMT

GET
H2 200 134618177.js Show response
bat.bing.com/p/action/ 1 KB
798 B 262ms
262ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/134618177.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c5637538f5bb78f96b0795548d664b33e22320dc08052f48623dc521bead5e8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AC85E06FE0444407BF21EAA935A01105 Ref B: FRAEDGE1217 Ref C: 2022-09-20T21:06:41Z
date: Tue, 20 Sep 2022 21:06:41 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 668

GET
H2 204 134618216.js Show response
bat.bing.com/p/action/ 0
119 B 229ms
229ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/134618216.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D2DBB1598A934DD48E6580D374ADED43 Ref B: FRAEDGE1217 Ref C: 2022-09-20T21:06:41Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 20 Sep 2022 21:06:41 GMT

GET
H2 204 0
bat.bing.com/action/ 0
120 B 50ms
46ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13018902&Ver=2&mid=4684314a-1dae-47fd-b0f4-4530a9ee999e&sid=1ffd25e0392811ed981c2fc8119ad761&vid=1ffd51b0392811ed9d76693353273409&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Hyperdrive%20Portfolio&p=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%253A30%253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP&r=&lt=2967&evt=pageLoad&sv=1&rn=943016

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 68DF034F6F9C453C94BD6E31C21D0F77 Ref B: FRAEDGE1217 Ref C: 2022-09-20T21:06:41Z
date: Tue, 20 Sep 2022 21:06:40 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
120 B 51ms
47ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13018902&Ver=2&mid=4684314a-1dae-47fd-b0f4-4530a9ee999e&sid=1ffd25e0392811ed981c2fc8119ad761&vid=1ffd51b0392811ed9d76693353273409&vids=0&msclkid=N&ec=orderform&el=mmp-unknown&ev=0&ea=orderform&en=Y&sw=1600&sh=1200&sc=24&evt=custom&rn=981232

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8BAE5C1F9581498E844C4A9B53469014 Ref B: FRAEDGE1217 Ref C: 2022-09-20T21:06:41Z
date: Tue, 20 Sep 2022 21:06:40 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
174 B 46ms
42ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=138001041&Ver=2&mid=58d3de8c-66a9-4c0b-a0ec-7c70429d21ad&sid=1ffd25e0392811ed981c2fc8119ad761&vid=1ffd51b0392811ed9d76693353273409&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Hyperdrive%20Portfolio&p=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%253A30%253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP&r=&lt=2967&evt=pageLoad&sv=1&rn=87609

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 55EA8BE323E1487489F20EB9202B3E41 Ref B: FRAEDGE1217 Ref C: 2022-09-20T21:06:41Z
date: Tue, 20 Sep 2022 21:06:40 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
119 B 50ms
46ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=138001041&Ver=2&mid=58d3de8c-66a9-4c0b-a0ec-7c70429d21ad&sid=1ffd25e0392811ed981c2fc8119ad761&vid=1ffd51b0392811ed9d76693353273409&vids=0&msclkid=N&ec=orderform&el=mmp-unknown&ev=0&ea=orderform&en=Y&sw=1600&sh=1200&sc=24&evt=custom&rn=687730

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4A26E0A4DB1E47F58BA157489E4E2279 Ref B: FRAEDGE1217 Ref C: 2022-09-20T21:06:41Z
date: Tue, 20 Sep 2022 21:06:40 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
119 B 51ms
48ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134618217&Ver=2&mid=d9e02e0e-f45e-4693-a677-bdb409e252a5&sid=1ffd25e0392811ed981c2fc8119ad761&vid=1ffd51b0392811ed9d76693353273409&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Hyperdrive%20Portfolio&p=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%253A30%253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP&r=&lt=2967&evt=pageLoad&sv=1&rn=127493

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 94D6425100804E6C80A905751876F0F0 Ref B: FRAEDGE1217 Ref C: 2022-09-20T21:06:41Z
date: Tue, 20 Sep 2022 21:06:40 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
120 B 48ms
45ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134618217&Ver=2&mid=d9e02e0e-f45e-4693-a677-bdb409e252a5&sid=1ffd25e0392811ed981c2fc8119ad761&vid=1ffd51b0392811ed9d76693353273409&vids=0&msclkid=N&ec=orderform&el=mmp-unknown&ev=0&ea=orderform&en=Y&sw=1600&sh=1200&sc=24&evt=custom&rn=237259

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3CC01C1732AE4B249F58643B0E840C6B Ref B: FRAEDGE1217 Ref C: 2022-09-20T21:06:41Z
date: Tue, 20 Sep 2022 21:06:40 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
121 B 51ms
48ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137015898&Ver=2&mid=31d7f2fd-5626-4b6f-87d8-52be7c67c8f9&sid=1ffd25e0392811ed981c2fc8119ad761&vid=1ffd51b0392811ed9d76693353273409&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Hyperdrive%20Portfolio&p=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%253A30%253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP&r=&lt=2967&evt=pageLoad&sv=1&rn=71171

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 594C8D5416AC4C9E8BAB6E689FDBFB32 Ref B: FRAEDGE1217 Ref C: 2022-09-20T21:06:41Z
date: Tue, 20 Sep 2022 21:06:40 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
120 B 48ms
46ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137015898&Ver=2&mid=31d7f2fd-5626-4b6f-87d8-52be7c67c8f9&sid=1ffd25e0392811ed981c2fc8119ad761&vid=1ffd51b0392811ed9d76693353273409&vids=0&msclkid=N&ec=orderform&el=mmp-unknown&ev=0&ea=orderform&en=Y&sw=1600&sh=1200&sc=24&evt=custom&rn=521718

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 07C4720CA6E6445AB824F3AA57AAD5E3 Ref B: FRAEDGE1217 Ref C: 2022-09-20T21:06:41Z
date: Tue, 20 Sep 2022 21:06:40 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
120 B 59ms
57ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134618177&Ver=2&mid=6b1ad45b-7cd8-4699-b27f-bc6289305772&sid=1ffd25e0392811ed981c2fc8119ad761&vid=1ffd51b0392811ed9d76693353273409&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Hyperdrive%20Portfolio&p=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%253A30%253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP&r=&lt=2967&evt=pageLoad&sv=1&rn=728391

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 17F5F3EFA47342A4A969AE08526FDF3B Ref B: FRAEDGE1217 Ref C: 2022-09-20T21:06:41Z
date: Tue, 20 Sep 2022 21:06:40 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
120 B 50ms
48ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134618177&Ver=2&mid=6b1ad45b-7cd8-4699-b27f-bc6289305772&sid=1ffd25e0392811ed981c2fc8119ad761&vid=1ffd51b0392811ed9d76693353273409&vids=0&msclkid=N&ec=orderform&el=mmp-unknown&ev=0&ea=orderform&en=Y&sw=1600&sh=1200&sc=24&evt=custom&rn=644745

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2439CA9ED38041AEA23AD60FB3CDAE44 Ref B: FRAEDGE1217 Ref C: 2022-09-20T21:06:41Z
date: Tue, 20 Sep 2022 21:06:40 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
120 B 59ms
57ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134618216&Ver=2&mid=4ec6b1ad-2764-4ad1-a9cb-348ec6c02331&sid=1ffd25e0392811ed981c2fc8119ad761&vid=1ffd51b0392811ed9d76693353273409&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Hyperdrive%20Portfolio&p=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%253A30%253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP&r=&lt=2967&evt=pageLoad&sv=1&rn=463997

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0FB90D67CBE04AE0B7D31AB9313693B4 Ref B: FRAEDGE1217 Ref C: 2022-09-20T21:06:41Z
date: Tue, 20 Sep 2022 21:06:40 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
120 B 48ms
47ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134618216&Ver=2&mid=4ec6b1ad-2764-4ad1-a9cb-348ec6c02331&sid=1ffd25e0392811ed981c2fc8119ad761&vid=1ffd51b0392811ed9d76693353273409&vids=0&msclkid=N&ec=orderform&el=mmp-unknown&ev=0&ea=orderform&en=Y&sw=1600&sh=1200&sc=24&evt=custom&rn=812117

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9DA4A3D2A70E48B6A7B1ADD8677D787A Ref B: FRAEDGE1217 Ref C: 2022-09-20T21:06:41Z
date: Tue, 20 Sep 2022 21:06:40 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 78ms
41ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-197267367-1&cid=1126632108.1663708001&jid=1744861161&_u=aGHCCUABBAAAAG~&z=311831891

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 31ms
31ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-197267367-1&cid=1126632108.1663708001&jid=1744861161&_u=aGHCCUABBAAAAG~&z=311831891

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/3022749/ 148 B
322 B 164ms
40ms XHR
application/json 34.251.196.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/3022749/visit-data?sv=6
Requested by: Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.196.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-196-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 46354f041f1d15b2ef3ae63228cb7116fa498f180ea9e49e442f1a561aedf7d2

Request headers

Referer: https://orders.moneymappress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 3022749 Show response
vc.hotjar.io/sessions/ 0
257 B 128ms
42ms XHR
text/plain 18.66.112.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/3022749?s=0.25&r=0.023186782104593462
Requested by: Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-110.fra56.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:41 GMT
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: TLmLB1NfhFuwb3Zchkv5TdShU1tn1eAn7B20mKW0fU2sRrwfY631RA==

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame 17B5 0
299 B 176ms
175ms XHR
text/plain 35.80.101.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=171440&s=5e7f220ff4184f4183dbf4b9413b1048
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.80.101.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-80-101-90.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=171440&s=5e7f220ff4184f4183dbf4b9413b1048
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 20 Sep 2022 21:06:41 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: d982e512-7d13-413c-b859-faf71bead36f
Content-Length: 0
Expires: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/372746746/ 3 KB
1 KB 102ms
63ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/372746746/?random=1663708001823&cv=9&fst=1663708001823&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f9bdc36ee54d7af1281a9f045abc2c10bd60ec542c60873d59a5184d514f11a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/372746746/ 3 KB
2 KB 101ms
64ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/372746746/?random=1663708001825&cv=9&fst=1663708001825&num=1&value=0&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dorderform%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dmmp-unknown&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b44d5e69aaa75b8d8e809cdbe679a595509d87f321cb957410f7af70fd4a941e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1383
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10780855742/ 3 KB
1 KB 111ms
76ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10780855742/?random=1663708001828&cv=9&fst=1663708001828&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8b976a8c613df414a54629670f5766c99c876a5fbcf71532a04e77668e2d495

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1348
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10780855742/ 3 KB
2 KB 99ms
65ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10780855742/?random=1663708001829&cv=9&fst=1663708001829&num=1&value=0&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dorderform%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dmmp-unknown&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

970514f0f39344bb423c6dde9e4a4a0cbe59847a6a8fa20af62b5f5cb8741836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10844440371/ 3 KB
2 KB 95ms
63ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10844440371/?random=1663708001831&cv=9&fst=1663708001831&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

627478b14bd64f7ab8a2e8a7c5f964e40fb3eb201caf39c94e341ca11441c67e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1346
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10844440371/ 3 KB
2 KB 96ms
64ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10844440371/?random=1663708001832&cv=9&fst=1663708001832&num=1&value=0&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dorderform%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dmmp-unknown&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34bcb2b1f7c29f421e23014374270261603ef4be1c3d75b3bd2dab5d15af60d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1384
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/452500132/ 3 KB
1 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/452500132/?random=1663708001834&cv=9&fst=1663708001834&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

674e7f65cc5c446fb8181b587c243a65c9520fa61fe43770686b05b36d9beadd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/452500132/ 3 KB
2 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/452500132/?random=1663708001835&cv=9&fst=1663708001835&num=1&value=0&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dorderform%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dmmp-unknown&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2b526c4c9a14c8f0d5b2ffc80d36ba03462fb0f3f537585ab8097eb9d9fb2f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1382
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/691150612/ 3 KB
1 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/691150612/?random=1663708001836&cv=9&fst=1663708001836&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1044dee1219ddba847d6a44661fa1bda23484308f4814459bce5228096e200dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/691150612/ 3 KB
2 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/691150612/?random=1663708001837&cv=9&fst=1663708001837&num=1&value=0&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dorderform%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dmmp-unknown&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e584436fa6f2fdbb057715bb7556932059d5ed8d8d598a145202596f03ae025

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1384
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/834194545/ 3 KB
1 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/834194545/?random=1663708001839&cv=9&fst=1663708001839&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

989bcdf133cc9d684abc02afdd79e182f0250a4efe4af6ad4624d080dd79d241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/834194545/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/834194545/?random=1663708001839&cv=9&fst=1663708001839&num=1&fmt=3&value=0&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600...
https://www.google.com/pagead/1p-user-list/834194545/?random=1663708001839&cv=9&fst=1663707600000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&...
https://www.google.de/pagead/1p-user-list/834194545/?random=1663708001839&cv=9&fst=1663707600000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u...

42 B
64 B

28ms
28ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/834194545/?random=1663708001839&cv=9&fst=1663707600000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dorderform%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dmmp-unknown&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&is_vtc=1&random=844877204&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/834194545/?random=1663708001839&cv=9&fst=1663707600000&num=1&fmt=3&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dorderform%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dmmp-unknown&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&is_vtc=1&random=844877204&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 134618217 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 260ms
146ms Script
application/x-javascript 2620:1ec:27::cafe:1835
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/134618217
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/134618217.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1835 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 9393528bdf4df59453ff229a407610f1a315abdf4255c6b59ff562fb910be25f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:41 GMT
x-powered-by: ASP.NET
x-azure-ref: 0YSsqYwAAAACHwXEU1u9UTISVSR2Ab3qBV0FXMDFFREdFMDUyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
content-length: 1543
expires: -1

POST
H2 200 content Show response
ws12.hotjar.com/api/v2/sites/3022749/recordings/ 66 B
261 B 433ms
95ms XHR
application/json 18.202.161.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws12.hotjar.com/api/v2/sites/3022749/recordings/content
Requested by: Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.161.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-161-146.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7992b9267069ab3a75a5ac005d30113c86968e80f7a2ced901eeb767e0dd6e8f

Request headers

Referer: https://orders.moneymappress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 20 Sep 2022 21:06:42 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H3 200 tmalternate.html Show response
firebasestorage.googleapis.com/v0/b/trackmate-9ae7e.appspot.com/o/ Frame B601 752 B
780 B 805ms
769ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://firebasestorage.googleapis.com/v0/b/trackmate-9ae7e.appspot.com/o/tmalternate.html?alt=media
Requested by: Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/trackmate-9ae7e.appspot.com/o/trackmate.js?alt=media
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d1a3d85b2b7f51c79c24b0f9a2321f90f8b1dd647fc573e6bf746fd1ed1a9e4d

Request headers

Referer: https://orders.moneymappress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-disposition: inline; filename*=utf-8''tmalternate.html
content-length: 752
content-type: text/html
date: Tue, 20 Sep 2022 21:06:42 GMT
etag: "718d82c7114a1424d2292813fd6f45d0"
expires: Tue, 20 Sep 2022 21:06:42 GMT
last-modified: Thu, 25 Feb 2021 01:11:25 GMT
server: UploadServer
x-goog-generation: 1614215485553086
x-goog-hash: crc32c=AUAKJA== md5=cY2CxxFKFCTSKSgT/W9F0A==
x-goog-meta-firebasestoragedownloadtokens: db331da0-a903-4d1b-b415-447857325806
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 752
x-guploader-uploadid: ADPycdtaJsFymFnCu8whJKSpBR1_3KmSIi-uxqky1L6Qk31gVM0lrIYEwje-njn05Yrirg3vj3_KbKDkRz8VsMEGFyxj1g

POST
H/1.1 200
OK cookiestore Show response
ssl.kaptcha.com/collect/ 0
299 B 173ms
173ms XHR
text/plain 35.80.101.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/collect/cookiestore
Requested by: Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.80.101.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-80-101-90.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://orders.moneymappress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 20 Sep 2022 21:06:42 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 45f46b57-d015-4be2-9da0-55d16ef8ad8c
Content-Length: 0
Expires: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/372746746/ 42 B
64 B 33ms
28ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/372746746/?random=1663708001823&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=3241716127&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/372746746/ 42 B
64 B 46ms
41ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/372746746/?random=1663708001823&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=3241716127&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/372746746/ 42 B
64 B 34ms
29ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/372746746/?random=1663708001825&cv=9&fst=1663707600000&num=1&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dorderform%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dmmp-unknown&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=1494669347&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/372746746/ 42 B
64 B 32ms
28ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/372746746/?random=1663708001825&cv=9&fst=1663707600000&num=1&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dorderform%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dmmp-unknown&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=1494669347&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10844440371/ 42 B
64 B 38ms
33ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10844440371/?random=1663708001831&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=2677951618&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10844440371/ 42 B
64 B 39ms
35ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10844440371/?random=1663708001831&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=2677951618&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10844440371/ 42 B
64 B 35ms
31ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10844440371/?random=1663708001832&cv=9&fst=1663707600000&num=1&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dorderform%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dmmp-unknown&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=1116511053&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10844440371/ 42 B
64 B 36ms
30ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10844440371/?random=1663708001832&cv=9&fst=1663707600000&num=1&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dorderform%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dmmp-unknown&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=1116511053&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10780855742/ 42 B
64 B 34ms
28ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10780855742/?random=1663708001829&cv=9&fst=1663707600000&num=1&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dorderform%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dmmp-unknown&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=4007857445&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10780855742/ 42 B
64 B 35ms
29ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10780855742/?random=1663708001829&cv=9&fst=1663707600000&num=1&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dorderform%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dmmp-unknown&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=4007857445&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/452500132/ 42 B
64 B 34ms
30ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/452500132/?random=1663708001834&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=272739416&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/452500132/ 42 B
64 B 36ms
33ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/452500132/?random=1663708001834&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=272739416&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/452500132/ 42 B
64 B 33ms
31ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/452500132/?random=1663708001835&cv=9&fst=1663707600000&num=1&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dorderform%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dmmp-unknown&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=1691348259&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/452500132/ 42 B
64 B 35ms
31ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/452500132/?random=1663708001835&cv=9&fst=1663707600000&num=1&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dorderform%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dmmp-unknown&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=1691348259&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 134618177 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 165ms
147ms Script
application/x-javascript 2620:1ec:27::cafe:1835
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/134618177
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/134618177.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1835 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 456ee4977614c5600e15b88dc12004b691bd5951922c926fd63a1a2231eb5668

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:41 GMT
x-powered-by: ASP.NET
x-azure-ref: 0YSsqYwAAAABFJiUtQsgaTZUsMy3T0XngV0FXMDFFREdFMDUyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H3 200 /
www.google.com/pagead/1p-user-list/10780855742/ 42 B
64 B 36ms
34ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10780855742/?random=1663708001828&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=2914130474&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10780855742/ 42 B
64 B 33ms
31ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10780855742/?random=1663708001828&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=2914130474&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/691150612/ 42 B
64 B 34ms
32ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/691150612/?random=1663708001837&cv=9&fst=1663707600000&num=1&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dorderform%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dmmp-unknown&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=4279593664&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/691150612/ 42 B
64 B 31ms
29ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/691150612/?random=1663708001837&cv=9&fst=1663707600000&num=1&value=0&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dorderform%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dmmp-unknown&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=4279593664&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/691150612/ 42 B
64 B 34ms
32ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/691150612/?random=1663708001836&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=2788027753&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/691150612/ 42 B
64 B 36ms
34ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/691150612/?random=1663708001836&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=2788027753&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/834194545/ 42 B
64 B 30ms
28ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/834194545/?random=1663708001839&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=2124118850&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/834194545/ 42 B
64 B 31ms
30ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/834194545/?random=1663708001839&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=2124118850&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame 17B5 0
299 B 176ms
175ms XHR
text/plain 35.80.101.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=171440&s=5e7f220ff4184f4183dbf4b9413b1048
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.80.101.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-80-101-90.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=171440&s=5e7f220ff4184f4183dbf4b9413b1048
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 20 Sep 2022 21:06:42 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 5e1c5776-4041-4449-879e-7f126edccdc7
Content-Length: 0
Expires: 0

GET
H2 200 138001041 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 151ms
150ms Script
application/x-javascript 2620:1ec:27::cafe:1835
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/138001041
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/138001041.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1835 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 28361dbd0eaa36d6e0e7123e29e4e574697374c89ba15ef08d1f4c0234554fd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:41 GMT
x-powered-by: ASP.NET
x-azure-ref: 0YisqYwAAAAAVBygiNjFZTqd7ddMTqMkPV0FXMDFFREdFMDUyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
content-length: 1543
expires: -1

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame 17B5 0
299 B 175ms
175ms XHR
text/plain 35.80.101.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=171440&s=5e7f220ff4184f4183dbf4b9413b1048
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.80.101.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-80-101-90.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=171440&s=5e7f220ff4184f4183dbf4b9413b1048
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 20 Sep 2022 21:06:42 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 5992175a-1842-4175-a6cd-d3f6ffb1b7d4
Content-Length: 0
Expires: 0

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame 17B5 0
299 B 282ms
192ms XHR
text/plain 35.80.101.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=171440&s=5e7f220ff4184f4183dbf4b9413b1048
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.80.101.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-80-101-90.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=171440&s=5e7f220ff4184f4183dbf4b9413b1048
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 20 Sep 2022 21:06:42 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 3c3ec761-1c88-4c18-96df-d41921070701
Content-Length: 0
Expires: 0

POST
H/1.1 200
OK fin Show response
ssl.kaptcha.com/ Frame 17B5 0
299 B 350ms
175ms XHR
text/plain 35.80.101.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/fin
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=171440&s=5e7f220ff4184f4183dbf4b9413b1048
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.80.101.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-80-101-90.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=171440&s=5e7f220ff4184f4183dbf4b9413b1048
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 20 Sep 2022 21:06:42 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: f5dfd0bf-e818-4a82-8e34-eeb12b206397
Content-Length: 0
Expires: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-b/s/0.6.40/ 54 KB
23 KB 150ms
149ms Script
application/javascript 2620:1ec:27::cafe:1835
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-b/s/0.6.40/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/134618177
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1835 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:41 GMT
content-encoding: br
etag: "1d8c7baa5622330"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0YisqYwAAAACUZUaTEDqMSbw/8s7CE4r4V0FXMDFFREdFMDUyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

POST
H2 204 collect Show response
f.clarity.ms/ 0
182 B 529ms
302ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://orders.moneymappress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://orders.moneymappress.com
date: Tue, 20 Sep 2022 21:06:42 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 nr-885.min.js Show response
js-agent.newrelic.com/ 22 KB
9 KB 54ms
14ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-885.min.js
Requested by: Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2272ed432573b9cd73bad94fd7caf4c25bb93f83efa78036591e4c57df1d279

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "b0aa0333dcb822deb4f54bcc5aad93d0"
x-amz-request-id: 51SX01T40PEERN97
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 8879
x-amz-id-2: DY9aS4gpBa2cQJFQNWO21Odg6UQQsNtOnH3shU5ndUFuXh8Zq9senB4tV2v+Jto7CDv6+cUbs30=
x-served-by: cache-hhn4035-HHN
last-modified: Wed, 28 Feb 2018 23:33:44 GMT
server: AmazonS3
x-timer: S1663708003.793522,VS0,VE0
date: Tue, 20 Sep 2022 21:06:42 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 number-frame-1.92.html Show response
core.spreedly.com/v1/embedded/ Frame 5F52 2 KB
2 KB 16ms
16ms Document
text/html 151.101.130.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://core.spreedly.com/v1/embedded/number-frame-1.92.html

Requested by

Host: core.spreedly.com
URL: https://core.spreedly.com/iframe/iframe-v1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f678fecbb24404a67aed4559070f0f0b4f3dd26e139f88fbaaa86f6dad6ffae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://orders.moneymappress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1608
content-length: 1972
content-type: text/html
date: Tue, 20 Sep 2022 21:06:42 GMT
etag: "66d0036db511c67982cb4538464dac4c"
last-modified: Mon, 19 Sep 2022 15:01:49 GMT
server: AmazonS3
strict-transport-security: max-age=31557600
via: 1.1 varnish
x-amz-id-2: 98kmCPdbQeNsBqgOzITtc++1n388WNrjOaNNBqVwQkV0BWCzaXeFpS2JTFG0xAHXahyrTiiSC0o=
x-amz-request-id: VP8GDJE13QPEM3SQ
x-amz-version-id: null
x-cache: HIT
x-cache-hits: 4
x-served-by: cache-hhn4047-HHN
x-timer: S1663708003.765562,VS0,VE0

GET
H2 200 cvv-frame-1.92.html Show response
core.spreedly.com/v1/embedded/ Frame 4E03 5 KB
5 KB 16ms
15ms Document
text/html 151.101.130.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://core.spreedly.com/v1/embedded/cvv-frame-1.92.html

Requested by

Host: core.spreedly.com
URL: https://core.spreedly.com/iframe/iframe-v1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

614b14fb9dbc9f6655bdc677fe4dfaed8df7c9c46085acf368b597f9b29a492e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://orders.moneymappress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1608
content-length: 4842
content-type: text/html
date: Tue, 20 Sep 2022 21:06:42 GMT
etag: "023107333aa836578a0fa9f40d953431"
last-modified: Mon, 19 Sep 2022 15:01:49 GMT
server: AmazonS3
strict-transport-security: max-age=31557600
via: 1.1 varnish
x-amz-id-2: kuAFWJuop2bIogo+/y3/z147N5ZoKP4dUTiSc3PlrF8LnIAqaZ5NHx1afuP4jorNlzyE0q+4aU8=
x-amz-request-id: VP8HW5NKQ8M3XGR1
x-amz-version-id: null
x-cache: HIT
x-cache-hits: 4
x-served-by: cache-hhn4047-HHN
x-timer: S1663708003.765997,VS0,VE0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=208D41A181F144BDA568F8371D4B1ED9&RedC=c.clarity.ms&MXFR=1C744B4AFF5C683428C7596FFB5C6678
https://c.clarity.ms/c.gif?CtsSyncId=208D41A181F144BDA568F8371D4B1ED9&MUID=0A03922B3AB661461529800E3B6460F3

42 B
368 B

39ms
37ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=208D41A181F144BDA568F8371D4B1ED9&MUID=0A03922B3AB661461529800E3B6460F3
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:42 GMT
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8d3298b0aac7d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 397D94E8DF834AF4803CC3D4EDD6420B Ref B: FRAEDGE1217 Ref C: 2022-09-20T21:06:42Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=208D41A181F144BDA568F8371D4B1ED9&MUID=0A03922B3AB661461529800E3B6460F3
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 112ms
77ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2SWBG

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15697
x-xss-protection: 0
server: cafe
etag: 1764007376392519731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 21:06:42 GMT

GET
H2 200 gpx.js Show response
px.khmtrack.com/static/mmp/ 2 KB
1 KB 102ms
40ms Script
application/javascript 2606:4700:3035::6815:5908
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://px.khmtrack.com/static/mmp/gpx.js
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5908 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c9563f943393b1e4c9e89d0388c7f0abeade6cf722fb4c30694219af331304e

Request headers

Referer: https://orders.moneymappress.com/
Origin: https://orders.moneymappress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Feb 2022 03:26:15 GMT
server: cloudflare
age: 370283
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O97DWRPRjjp6zM4T%2FZipM0eBnF6QHsApoLs3xJINtUpgWaR3%2BNiR5MmRzTFU3XnIog0ZKdced%2Fi6UWmsVNQJWEAM4x92C%2FZDMw9nykgHVoXVcAfBvWYsKoxyDKd8kvT2cqkCpXPedcD5GoFm82w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74dd86c9f9a0375d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 16 Oct 2022 14:15:18 GMT

GET
H2 200 rem.js Show response
px1.co/mmp/ 1 KB
661 B 505ms
122ms Script
application/javascript 173.199.143.227
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://px1.co/mmp/rem.js
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.199.143.227 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: trkr.trklvr.com
Software: nginx /
Resource Hash: 1bbc7217946a622e61d8c14c99d14c4389e0e07fa8d20be6a675a6d14092cfa7

Request headers

Referer: https://orders.moneymappress.com/
Origin: https://orders.moneymappress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:42 GMT
content-encoding: br
last-modified: Tue, 15 Mar 2022 15:28:45 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
expires: Thu, 20 Oct 2022 21:06:42 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
4 KB 103ms
25ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: orders.moneymappress.com
URL: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 21:06:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jun 2022 14:06:31 GMT
Server: AkamaiNetStorage
ETag: "51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3249
Expires: Tue, 20 Sep 2022 21:26:42 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-192371564-1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2SWBG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a59281b22bcf6df0421e0969afc332a2d07211ac09d1e38f8bf1ee64a8b98271

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42195
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:42 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 159 KB
59 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10866187292

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2SWBG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

363507e1d16e040c252a09bbb17bdcfa01ed3f041cf77e4dcbf3e81abec89c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60811
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:42 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10883228963

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2SWBG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc6e90639d85f3f4abb43d01be75c24d49faf065d7ad3541ec29226ef318b456

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46487
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:42 GMT

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/2200a1cc146ad36be344f1b8cd5a5e64/ 64 KB
22 KB 90ms
38ms Script
application/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/2200a1cc146ad36be344f1b8cd5a5e64/latest.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71279541cb8f6527ee70f0391f29c81a5b93722e2249a366f0e9bc32207cf609

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74dd86c9ef5ebaff-MXP
date: Tue, 20 Sep 2022 21:06:42 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 20 Sep 2022 20:31:32 GMT
server: cloudflare
age: 2110
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rfBLooTtbbFAvpu3CjPC76RTPaNaA7ITS7ETPqgC%2BrgyuwOuw2Ip2A3SIue7A6IDFmbed%2BCsVEbCLKI7K4k3GCZuiFo1pp5uU%2BCwIGxW3RvdBMSkIF2%2FFBifY9SZrjBMgD02Neutbk2t"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 159 KB
58 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-401032603

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2SWBG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed79bdcac23c0b703a88cbfc3e91dd6498d1ce8ef76c76708ad4d7b32dde56f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59555
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:42 GMT

GET
H2 200 DFPAudiencePixel;ord=4641575446540964;dc_seg=7055999759
pubads.g.doubleclick.net/activity;dc_iu=/5206/ 42 B
761 B 98ms
60ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/5206/DFPAudiencePixel;ord=4641575446540964;dc_seg=7055999759?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 number-frame-1.92.min.js Show response
core.spreedly.com/iframe/ Frame 5F52 32 KB
32 KB 15ms
15ms Script
application/javascript 151.101.130.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://core.spreedly.com/iframe/number-frame-1.92.min.js?restricted=true

Requested by

Host: core.spreedly.com
URL: https://core.spreedly.com/v1/embedded/number-frame-1.92.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e81c21be1892b5c8303f6968ed08f248288204a213d45901860f3de9038f0eb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://core.spreedly.com/v1/embedded/number-frame-1.92.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 varnish
etag: "42c148a50f11e129d7b0cae3535981d7"
age: 1607
x-cache: HIT
content-length: 32681
x-amz-id-2: zdJmNr8v38wIj4ByOkx5VKvUSR5Rp4N01Rcj7juNyZxv+Y1epw772w9MT43gxWUp4fmw1xxphP4=
x-served-by: cache-hhn4047-HHN
last-modified: Mon, 19 Sep 2022 15:01:48 GMT
server: AmazonS3
x-timer: S1663708003.831193,VS0,VE0
date: Tue, 20 Sep 2022 21:06:42 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 9FVPD7PZJ03FEPT1
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 3

POST
H/1.1 200
OK events
app-14west-trackmate-dev.apps.c4.us-east-1.dev.aws.ocp.14west.io/api/v1/ 0
0 1439ms
1109ms Ping
application/json 18.211.120.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app-14west-trackmate-dev.apps.c4.us-east-1.dev.aws.ocp.14west.io/api/v1/events
Requested by: Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/trackmate-9ae7e.appspot.com/o/trackmate.js?alt=media
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.211.120.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-120-181.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://orders.moneymappress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H/1.1 200
OK NRJS-107a0763735a7bbf681 Show response
bam.nr-data.net/1/ 49 B
607 B 308ms
268ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-107a0763735a7bbf681?a=550048933&sa=1&v=885.a559836&t=Unnamed%20Transaction&rst=4373&be=2317&fe=1975&dc=644&f=%5B%22err%22,%22xhr%22,%22stn%22%5D&perf=%7B%22timing%22:%7B%22of%22:1663707998452,%22n%22:0,%22dl%22:2006,%22di%22:2961,%22ds%22:2961,%22de%22:2967,%22dc%22:4291,%22l%22:4292,%22le%22:4341,%22f%22:1766,%22dn%22:1766,%22dne%22:1766,%22c%22:1766,%22ce%22:1766,%22rq%22:1768,%22rp%22:1995,%22rpe%22:2011%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-885.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 21:06:43 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 74dd86c9f9a59076-FRA

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 23ms
23ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1538713115&t=pageview&_s=1&dl=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%253A30%253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP&ul=en-us&de=UTF-8&dt=Hyperdrive%20Portfolio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=227907841.1126632108.1663708001.1663708001.1663708001.1&_utmz=227907841.1663708001.1.1.utmcsr%3Dblueshift%7Cutmccn%3D20220920_ded_ze_nto_zenhot_85436551%7Cutmcmd%3Demail%7Cutmcct%3D20220920_ded_zentozenhot_85436551&_utmht=1663708002857&_u=aGHCCUABBAAAAG~&jid=1391712495&gjid=790365974&cid=1126632108.1663708001&tid=UA-192371564-1&_gid=358197075.1663708001&_r=1&gtm=2ou9j0&z=1975813907

Requested by

Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://orders.moneymappress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://orders.moneymappress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192371564-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6644
date: Tue, 20 Sep 2022 19:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 20 Sep 2022 21:15:58 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 28ms
28ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-192371564-1&cid=1126632108.1663708001&jid=1391712495&gjid=790365974&_gid=358197075.1663708001&_u=aGHCCUABBAAAAG~&z=2063910669

Requested by

Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://orders.moneymappress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 20 Sep 2022 21:06:42 GMT
content-type: text/plain
access-control-allow-origin: https://orders.moneymappress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-669804854

Requested by

Host: px.khmtrack.com
URL: https://px.khmtrack.com/static/mmp/gpx.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7bbb84e6665058171c1a1c0e86271142570189c18fcd9fb1503e6a9836218537

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46559
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:42 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 375ms
94ms Script
application/javascript 70.42.32.127
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=003e672d6bac1e6b44ac757ee9360a05d8
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 21:06:43 GMT
content-encoding: gzip
X-TraceId: 44913c9e0cded308d48fa72eba096ae1
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 380ms
95ms Image
image/gif 70.42.32.127
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=003e672d6bac1e6b44ac757ee9360a05d8&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%253A30%253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP&optOut=false&bust=0027536636673420656&referrer=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 21:06:43 GMT
Cache-Control: no-cache
X-TraceId: 14e98098dd74b2e36179089588d874d5
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10883228963/ 3 KB
1 KB 128ms
96ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10883228963/?random=1663708002938&cv=9&fst=1663708002938&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ee99e61cf100b0c23fedd08ff8f7051e10985f30aa4059b8a0c77cab319556d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1346
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10866187292/ 3 KB
1 KB 129ms
100ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10866187292/?random=1663708002941&cv=9&fst=1663708002941&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c73f3e15f238fe184f4f08074106805291fbfe6be51cf4f7e0b5233a7961ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1346
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/401032603/ 3 KB
1 KB 126ms
99ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/401032603/?random=1663708002943&cv=9&fst=1663708002943&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

572eaa76d230d64e2a1f671105d1afecd8c744fb2e262631279f9d8ff024684a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/401032603/ 3 KB
1 KB 200ms
175ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/401032603/?random=1663708002945&cv=9&fst=1663708002945&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ee5f02810bdc8813c9b2123b912c59bf1a24dad015b372215ce6898fcd32c76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2200a1cc146ad36be344f1b8cd5a5e64
c.lytics.io/c/ 35 B
577 B 152ms
152ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/2200a1cc146ad36be344f1b8cd5a5e64?_e=pv&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&_sesstart=1&_tz=0&_ul=en-US&_sz=1600x1200&_ts=1663708002933&_nmob=t&_device=desktop&url=orders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%253A30%253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP&_ga=227907841.1126632108&_v=3.0.27&_uid=14cb82b0-f33b-4c81-b48e-f107c4fea1a3&_getid=t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lw7ZyA202w69Ve5DWp6f4Cv6Z9ND07vqZZ5S%2B%2BR9EkvHjAnSOU8qpfJykPT3U3vZkyaXL%2FwXhBSjEDfGGNUUaZqFyHPN0OewgDGfYLKD%2B8aNpdEFNTTE67Qnd9J65GJ9b2IGnriMSDul"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 74dd86ca8884baff-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 90ms
89ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-669804854

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15697
x-xss-protection: 0
server: cafe
etag: 1764007376392519731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 21:06:43 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-99069495-30&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2SWBG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

86397a005733048a7dadd3d471fa7341a83c4dd7a7af8a9708e295403b85d409

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42238
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:42 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
46 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-696937752&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2SWBG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05c736b27d0c66630638bf2805fb6760bb025aff5aa879583daa3b913a9c0126

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46576
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:42 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-668877205&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2SWBG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9b85ca71b6b0aefd7529556348834bc24fa4ecf5289f5ab9eac29a5df519023c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46476
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:42 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 22ms
22ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1538713115&t=pageview&_s=1&dl=orders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1&ul=en-us&de=UTF-8&dt=mmpRemJS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=227907841.1126632108.1663708001.1663708001.1663708001.1&_utmz=227907841.1663708001.1.1.utmcsr%3Dblueshift%7Cutmccn%3D20220920_ded_ze_nto_zenhot_85436551%7Cutmcmd%3Demail%7Cutmcct%3D20220920_ded_zentozenhot_85436551&_utmht=1663708003059&_u=aGHCCUABBAAAAG~&jid=561257684&gjid=1505020097&cid=1126632108.1663708001&tid=UA-99069495-30&_gid=358197075.1663708001&_r=1&gtm=2ou9j0&z=1358233799

Requested by

Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://orders.moneymappress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://orders.moneymappress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-99069495-30&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6645
date: Tue, 20 Sep 2022 19:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 20 Sep 2022 21:15:58 GMT

GET
H2 200 14cb82b0-f33b-4c81-b48e-f107c4fea1a3 Show response
c.lytics.io/api/personalize/2200a1cc146ad36be344f1b8cd5a5e64/user/_uid/ 1 KB
1001 B 200ms
199ms Script
application/json 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/2200a1cc146ad36be344f1b8cd5a5e64/user/_uid/14cb82b0-f33b-4c81-b48e-f107c4fea1a3?segments=true&mergestate=true&state=%7B%22_uid%22%3A%2214cb82b0-f33b-4c81-b48e-f107c4fea1a3%22%2C%22utm_campaign%22%3A%2220220920_ded_ze_nto_zenhot_85436551%22%2C%22utm_source%22%3A%22blueshift%22%2C%22utm_medium%22%3A%22email%22%2C%22utm_content%22%3A%2220220920_ded_zentozenhot_85436551%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22orders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%253A30%253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP%22%2C%22_ga%22%3A%22227907841.1126632108%22%2C%22_v%22%3A%223.0.27%22%7D&ts=1663708003113&callback=u_171261606477002270

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2200a1cc146ad36be344f1b8cd5a5e64/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4e4c6400cf71eb435ca73d737ba40e084c33373572e52565e9a46ee2d36b724

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74dd86cb8ab5baff-MXP
date: Tue, 20 Sep 2022 21:06:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000;
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdNtD2momI4bCdtCgEEYZVPGvsjwQMiifc7SkssrhXLRP2rzPje%2Bt5IJdKC0q82rhMwGZtKsbARYxSefWSVa1%2F3Hqlb5QEcOyRtVUwO0mpEhC8SGkZWYoqUdbPU5MoqCAbJRwzj%2FQnlf"}],"group":"cf-nel","max_age":604800}
content-encoding: br
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *

GET
H2 200 2200a1cc146ad36be344f1b8cd5a5e64
c.lytics.io/c/ 35 B
313 B 156ms
156ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/2200a1cc146ad36be344f1b8cd5a5e64?_e=pv&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&_sesstart=1&_tz=0&_ul=en-US&_sz=1600x1200&_ts=1663708003075&_nmob=t&_device=desktop&url=orders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%253A30%253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP&_ga=227907841.1126632108&_uid=14cb82b0-f33b-4c81-b48e-f107c4fea1a3&_v=3.0.27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D50WYaB%2BCon4%2FuhqY8%2Bs8vbR0Um41n8GDQeJiHrkoQR%2BLjh3ZyxVLO4zNbmOWBzoPxF6wI8XdabsGOJJJYRaaW07bTqt68Dxa3atO0w9HQ1RBqM492pyGiUXMyYPx1eU1opM6blM1Vxa"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 74dd86cb8ab6baff-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 28ms
28ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-99069495-30&cid=1126632108.1663708001&jid=561257684&gjid=1505020097&_gid=358197075.1663708001&_u=aGHCCUABBAAAAG~&z=1064638095

Requested by

Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://orders.moneymappress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 20 Sep 2022 21:06:43 GMT
content-type: text/plain
access-control-allow-origin: https://orders.moneymappress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/668877205/ 2 KB
1 KB 99ms
98ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/668877205/?random=1663708003122&cv=9&fst=1663708003122&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon%3Bpage_title%3DmmpRemJS&frm=0&url=orders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

007e0a84b498a895f8a7554fc3d8f1bf4a1c9c5b9a698e1817415a2d57791dee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1084
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/669804854/ 2 KB
1 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/669804854/?random=1663708003125&cv=9&fst=1663708003125&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon%3Bpage_title%3DmmpRemJS&frm=0&url=orders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f7c2940b2217c36941a338a6df0b013c871c32e1124975ebb0e294769ab65a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1085
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/696937752/ 2 KB
1 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/696937752/?random=1663708003128&cv=9&fst=1663708003128&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon%3Bpage_title%3DmmpRemJS&frm=0&url=orders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f8de8fff29e1429bb91fc75ce60ddf816f232b5d4cf1301328a838e4a3cfe63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1084
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10883228963/ 42 B
64 B 30ms
29ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10883228963/?random=1663708002938&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=690545080&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10883228963/ 42 B
64 B 32ms
31ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10883228963/?random=1663708002938&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=690545080&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/401032603/ 42 B
64 B 28ms
27ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/401032603/?random=1663708002943&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=3177133388&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/401032603/ 42 B
64 B 31ms
30ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/401032603/?random=1663708002943&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=3177133388&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10866187292/ 42 B
64 B 29ms
29ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10866187292/?random=1663708002941&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=2817936521&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10866187292/ 42 B
64 B 30ms
29ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10866187292/?random=1663708002941&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=2817936521&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 41ms
40ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-99069495-30&cid=1126632108.1663708001&jid=561257684&_u=aGHCCUABBAAAAG~&z=2137487410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 28ms
27ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-99069495-30&cid=1126632108.1663708001&jid=561257684&_u=aGHCCUABBAAAAG~&z=2137487410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/401032603/ 42 B
64 B 28ms
28ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/401032603/?random=1663708002945&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9j0&sendb=1&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=67589319&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/401032603/ 42 B
64 B 29ms
28ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/401032603/?random=1663708002945&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9j0&sendb=1&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=67589319&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/669804854/ 42 B
64 B 30ms
30ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/669804854/?random=1663708003125&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon%3Bpage_title%3DmmpRemJS&frm=0&url=orders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=4129779433&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/669804854/ 42 B
64 B 27ms
27ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/669804854/?random=1663708003125&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon%3Bpage_title%3DmmpRemJS&frm=0&url=orders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=4129779433&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/668877205/ 42 B
64 B 30ms
30ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/668877205/?random=1663708003122&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon%3Bpage_title%3DmmpRemJS&frm=0&url=orders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=2854690820&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/668877205/ 42 B
64 B 28ms
28ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/668877205/?random=1663708003122&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon%3Bpage_title%3DmmpRemJS&frm=0&url=orders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=2854690820&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/696937752/ 42 B
64 B 28ms
28ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/696937752/?random=1663708003128&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon%3Bpage_title%3DmmpRemJS&frm=0&url=orders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=3407897084&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/696937752/ 42 B
64 B 27ms
27ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/696937752/?random=1663708003128&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon%3Bpage_title%3DmmpRemJS&frm=0&url=orders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=3407897084&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
61 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-753664851

Requested by

Host: px1.co
URL: https://px1.co/mmp/rem.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e36af090811ad9e2d89d05a409057679886e2fa52b972cc626d437a3e590dd0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62182
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:43 GMT

GET
H2 200 cm
trc.taboola.com/sg/lytics/1/ 43 B
369 B 410ms
55ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3D14cb82b0-f33b-4c81-b48e-f107c4fea1a3%26account_id%3D2200a1cc146ad36be344f1b8cd5a5e64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms: 28
pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
via: 1.1 varnish
server: nginx
x-timer: S1663708004.689800,VS0,VE28
x-served-by: cache-mxp6961-MXP
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
15ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1538713115&t=event&ni=1&_s=3&dl=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%253A30%253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP&ul=en-us&de=UTF-8&dt=Hyperdrive%20Portfolio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=lytics&ea=lytics_google_integration&_utma=227907841.1126632108.1663708001.1663708001.1663708001.1&_utmz=227907841.1663708001.1.1.utmcsr%3Dblueshift%7Cutmccn%3D20220920_ded_ze_nto_zenhot_85436551%7Cutmcmd%3Demail%7Cutmcct%3D20220920_ded_zentozenhot_85436551&_utmht=1663708003325&_u=aHHCCUABBAAAAG~&jid=&gjid=&cid=1126632108.1663708001&uid=14cb82b0-f33b-4c81-b48e-f107c4fea1a3&tid=UA-173717155-1&_gid=358197075.1663708001&gtm=2ou9j0&z=2089928403

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:49:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83845
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
15ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1538713115&t=event&ni=1&_s=2&dl=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%253A30%253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP&ul=en-us&de=UTF-8&dt=Hyperdrive%20Portfolio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=lytics&ea=lytics_google_integration&_utma=227907841.1126632108.1663708001.1663708001.1663708001.1&_utmz=227907841.1663708001.1.1.utmcsr%3Dblueshift%7Cutmccn%3D20220920_ded_ze_nto_zenhot_85436551%7Cutmcmd%3Demail%7Cutmcct%3D20220920_ded_zentozenhot_85436551&_utmht=1663708003326&_u=aHHCCUABBAAAAG~&jid=&gjid=&cid=1126632108.1663708001&uid=14cb82b0-f33b-4c81-b48e-f107c4fea1a3&tid=UA-197267367-1&_gid=358197075.1663708001&gtm=2ou9j0&z=131865828

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:49:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83845
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
15ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1538713115&t=event&ni=1&_s=2&dl=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%253A30%253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP&ul=en-us&de=UTF-8&dt=Hyperdrive%20Portfolio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=lytics&ea=lytics_google_integration&_utma=227907841.1126632108.1663708001.1663708001.1663708001.1&_utmz=227907841.1663708001.1.1.utmcsr%3Dblueshift%7Cutmccn%3D20220920_ded_ze_nto_zenhot_85436551%7Cutmcmd%3Demail%7Cutmcct%3D20220920_ded_zentozenhot_85436551&_utmht=1663708003327&_u=aHHCCUABBAAAAG~&jid=&gjid=&cid=1126632108.1663708001&uid=14cb82b0-f33b-4c81-b48e-f107c4fea1a3&tid=UA-192371564-1&_gid=358197075.1663708001&gtm=2ou9j0&z=605839956

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:49:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83845
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
16ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1538713115&t=event&ni=1&_s=2&dl=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%253A30%253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP&ul=en-us&de=UTF-8&dt=Hyperdrive%20Portfolio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=lytics&ea=lytics_google_integration&_utma=227907841.1126632108.1663708001.1663708001.1663708001.1&_utmz=227907841.1663708001.1.1.utmcsr%3Dblueshift%7Cutmccn%3D20220920_ded_ze_nto_zenhot_85436551%7Cutmcmd%3Demail%7Cutmcct%3D20220920_ded_zentozenhot_85436551&_utmht=1663708003328&_u=aHHCCUABBAAAAG~&jid=&gjid=&cid=1126632108.1663708001&uid=14cb82b0-f33b-4c81-b48e-f107c4fea1a3&tid=UA-99069495-30&_gid=358197075.1663708001&gtm=2ou9j0&z=2026289460

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 21:49:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83845
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
22ms Ping
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://orders.moneymappress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://orders.moneymappress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
23ms Ping
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://orders.moneymappress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://orders.moneymappress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 130ms
130ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-753664851

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15697
x-xss-protection: 0
server: cafe
etag: 1764007376392519731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 21:06:43 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137602623-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2SWBG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

832539307672553015b2af5c65ec15b6e41df704f4e774a0902c2ad4eab86a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42240
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:43 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 166 KB
61 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-456578300&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2SWBG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a18df7a11a011a373dfc356cc3f8890c5894d06d325b56dde378f00aed624af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62401
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:43 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-700588147&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2SWBG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a3968098f5b5f770202b46eb33253f311da871b24eedb10b18c54bd44c28c242

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46476
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:43 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 166 KB
61 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-311444767&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2SWBG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b29bc7c7135a702b1e704ad127825ba33a15ccae1c6a81f7d879f7cbb57c7037

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62321
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:43 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/668877205/ 3 KB
1 KB 113ms
113ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/668877205/?random=1663708003378&cv=9&fst=1663708003378&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a35644a6dba827568402be774144c1c72443b08a509447f746839b62009ec9b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/696937752/ 3 KB
1 KB 95ms
95ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/696937752/?random=1663708003380&cv=9&fst=1663708003380&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22e4d6be864330ef67e631ba253d5b6238e34ac21587af44f2111da0bd6cb38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
46 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10828766220&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2SWBG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4051888ba616ba99180ace16bf2f4764fa62bf6155b53d95357eba8de8119ed8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46587
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:43 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-668474013&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT2SWBG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3328c33e49011439599abe6e5754888e5e2f194e21cb3c50c3b1a33c67cf04d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46417
x-xss-protection: 0
expires: Tue, 20 Sep 2022 21:06:43 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/668877205/ 42 B
64 B 30ms
29ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/668877205/?random=1663708003378&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=79021360&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/668877205/ 42 B
64 B 30ms
29ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/668877205/?random=1663708003378&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=79021360&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/696937752/ 42 B
64 B 32ms
31ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/696937752/?random=1663708003380&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=46855386&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/696937752/ 42 B
64 B 30ms
30ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/696937752/?random=1663708003380&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=46855386&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/753664851/ 3 KB
1 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/753664851/?random=1663708003677&cv=9&fst=1663708003677&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e35dc8a613ad5958184fed0d7483f732a66b856b445d3e92beefda17fee4403f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 22ms
22ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1538713115&t=pageview&_s=1&dl=orders.moneymappress.com%2Fhttps%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%253A30%253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP&ul=en-us&de=UTF-8&dt=mmpRemJS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=227907841.1126632108.1663708001.1663708001.1663708001.1&_utmz=227907841.1663708001.1.1.utmcsr%3Dblueshift%7Cutmccn%3D20220920_ded_ze_nto_zenhot_85436551%7Cutmcmd%3Demail%7Cutmcct%3D20220920_ded_zentozenhot_85436551&_utmht=1663708003692&_u=aHHCCUABBAAAAG~&jid=1198626602&gjid=580996859&cid=1126632108.1663708001&tid=UA-137602623-2&_gid=358197075.1663708001&_r=1&gtm=2ou9j0&z=29247121

Requested by

Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://orders.moneymappress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://orders.moneymappress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137602623-2&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6645
date: Tue, 20 Sep 2022 19:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 20 Sep 2022 21:15:58 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 129ms
129ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-700588147&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 21:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15697
x-xss-protection: 0
server: cafe
etag: 1764007376392519731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 21:06:43 GMT

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 101ms
100ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://orders.moneymappress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://orders.moneymappress.com
date: Tue, 20 Sep 2022 21:06:43 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 unity.gif Show response
api.getblueshift.com/ 42 B
235 B 188ms
187ms XHR
image/gif 35.82.76.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getblueshift.com/unity.gif?t=1663708004&e=pageload&r=&z=976670&x=4748774a7303fd9824f4d51100eb00e4&k=0c7586f9-90d3-33d4-6732-1373690a0b15&u=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%253A30%253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP
Requested by: Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.82.76.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-82-76-103.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://orders.moneymappress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
X-Api-Key: 4748774a7303fd9824f4d51100eb00e4

Response headers

access-control-allow-origin: https://orders.moneymappress.com
date: Tue, 20 Sep 2022 21:06:44 GMT
content-type: image/gif
content-length: 42
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: etag

OPTIONS
H2 200 unity.gif
api.getblueshift.com/ Frame 0
0 574ms
179ms Preflight 35.82.76.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getblueshift.com/unity.gif?t=1663708004&e=pageload&r=&z=976670&x=4748774a7303fd9824f4d51100eb00e4&k=0c7586f9-90d3-33d4-6732-1373690a0b15&u=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dhtml%26bsft_ek%3D2022-09-20T20%253A30%253A37Z%26bsft_lx%3D2%26bsft_tv%3D6%26organization-abbreviation%3DMMP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.82.76.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-82-76-103.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://orders.moneymappress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: content-type, x-requested-with, if-none-match, x-api-key, if-modified-since
access-control-allow-methods: POST, HEAD, GET, PATCH, PUT, DELETE, OPTIONS
access-control-allow-origin: https://orders.moneymappress.com
access-control-max-age: 86400
content-length: 0
date: Tue, 20 Sep 2022 21:06:44 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3 200 /
www.google.com/pagead/1p-user-list/753664851/ 42 B
64 B 30ms
29ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/753664851/?random=1663708003677&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=2308893193&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/753664851/ 42 B
64 B 28ms
27ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/753664851/?random=1663708003677&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=2308893193&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 101 KB
22 KB 53ms
53ms Script
text/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2200a1cc146ad36be344f1b8cd5a5e64/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09c2785ae9cea8dfc6146d0c226eee07480335f63de40f6eeb4c906bc342603d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74dd86d00ad1baff-MXP
date: Tue, 20 Sep 2022 21:06:43 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 20 Sep 2022 20:40:31 GMT
server: cloudflare
age: 1572
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2YlFwLabHa%2FhXlrV4c0WXUaqDxP66r73x09W9XxIaGvHyjYzwagCY6tqfv2ZFoAj5VyyuOZ9Thy1TX7T9RV6xL80oXMtaLWJqzCKbtmKJLoOmkXHI5WUe5C7WhYLoTP5yNMkColog3J"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/668474013/ 3 KB
1 KB 97ms
97ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/668474013/?random=1663708003837&cv=9&fst=1663708003837&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e45d466311db173e3e2de45c3aa1f47900eae8132e23ac1560d4f25a1fb9616

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/311444767/ 3 KB
1 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/311444767/?random=1663708003840&cv=9&fst=1663708003840&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd14f2baa7286aeccaac81d9c4997b3b2105ae5275863d7e26b9f025e097425e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/456578300/ 3 KB
1 KB 107ms
106ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/456578300/?random=1663708003843&cv=9&fst=1663708003843&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6955101ae847dd4a155f52395ece8b285d103ab072a4c8b93794a6a5bd40fe3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/700588147/ 3 KB
1 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/700588147/?random=1663708003845&cv=9&fst=1663708003845&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52176e6f797f2cfb65ccb5955f25e9b11bd1c481c261f81daa95ad48cb30b28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1346
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10828766220/ 3 KB
1 KB 104ms
103ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10828766220/?random=1663708003848&cv=9&fst=1663708003848&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&auid=1030094114.1663708001&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d881cdc6d94194e36c17913d76a1d788803e52b7e2744b6be3e40a416846983

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1346
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
4 KB 37ms
35ms Stylesheet
text/css 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74dd86d06bbabaff-MXP
date: Tue, 20 Sep 2022 21:06:43 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 20 Sep 2022 20:38:46 GMT
server: cloudflare
age: 1677
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hy6beCIpzZRgjzluEp6140YqVlWvuyfSi678Scu%2BN71wzINYNo4BHgIkMbx0becbPNHn7SVi1ZauCWReRo%2F7Zzzr7Ghdma%2Flpd%2Fzak2tGGbAVP%2BF0lT6hKXpQ4t%2FeghibFFkOcFsW%2FUW"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

GET
H2 200 config.js Show response
c.lytics.io/api/program/campaign/config/2200a1cc146ad36be344f1b8cd5a5e64/ 17 KB
3 KB 36ms
36ms Script
application/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/program/campaign/config/2200a1cc146ad36be344f1b8cd5a5e64/config.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2200a1cc146ad36be344f1b8cd5a5e64/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c9fb1f37a5c043551ad291fe8edcb5cacc60a1a452decadb983635699ca0205

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74dd86d07bcfbaff-MXP
date: Tue, 20 Sep 2022 21:06:43 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 20 Sep 2022 20:31:34 GMT
server: cloudflare
age: 2109
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VILZjE135E1kxdpB0BC63lS3n%2BSQLxLlVsIujFPaap%2BKSC3sAi3GvNNz85XLmHbFvkL89jS7cm9sle%2FW5cP8eCcojr0tuZ%2FsdJ5TDkSh5mZHoJ2Pq326GLeHR7oHyAA%2BCI4SWpiQrnru"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

GET
H3 200 /
www.google.com/pagead/1p-user-list/668474013/ 42 B
64 B 34ms
29ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/668474013/?random=1663708003837&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=2499367180&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/668474013/ 42 B
64 B 34ms
28ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/668474013/?random=1663708003837&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=2499367180&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/311444767/ 42 B
64 B 35ms
34ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/311444767/?random=1663708003840&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=1293325795&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/311444767/ 42 B
64 B 29ms
28ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/311444767/?random=1663708003840&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=1293325795&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/700588147/ 42 B
64 B 33ms
32ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/700588147/?random=1663708003845&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=4191002574&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/700588147/ 42 B
64 B 33ms
32ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/700588147/?random=1663708003845&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=4191002574&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/456578300/ 42 B
64 B 32ms
31ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/456578300/?random=1663708003843&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=2829142713&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/456578300/ 42 B
64 B 33ms
32ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/456578300/?random=1663708003843&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=2829142713&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10828766220/ 42 B
64 B 35ms
33ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10828766220/?random=1663708003848&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=775336052&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10828766220/ 42 B
64 B 32ms
31ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10828766220/?random=1663708003848&cv=9&fst=1663707600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Forders.moneymappress.com%2Fjourney%2FZENZOMBIEQTR%2F1%3Fpromocode%3DEZENY9CG%26bsft_aaid%3Daeb7bf5c-2453-429d-8e9d-131e0e0ae1b2%26bsft_eid%3D43ccdb63-8d8d-40d7-ba78-b91d94a345a1%26utm_campaign%3D20220920_ded_ze_nto_zenhot_85436551%26utm_source%3Dblueshift%26utm_medium%3Demail%26utm_content%3D20220920_ded_zentozenhot_85436551%26bsft_clkid%3D17586937-ce85-4a2e-96cc-1357fcf99040%26bsft_uid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b%26bsft_mid%3D15594104-50dc-48f5-8e5b-546c81f9a6b7%26bsft_utid%3D1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT%26bsft_mime_type%3Dht&tiba=Hyperdrive%20Portfolio&async=1&fmt=3&is_vtc=1&random=775336052&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orders.moneymappress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 21:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK publish-checkout-event Show response
orders.moneymappress.com/order/ 0
512 B 315ms
314ms XHR
text/plain 18.66.122.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://orders.moneymappress.com/order/publish-checkout-event
Requested by: Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-106.fra60.r.cloudfront.net
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://orders.moneymappress.com/journey/ZENZOMBIEQTR/1?promocode=EZENY9CG&bsft_aaid=aeb7bf5c-2453-429d-8e9d-131e0e0ae1b2&bsft_eid=43ccdb63-8d8d-40d7-ba78-b91d94a345a1&utm_campaign=20220920_ded_ze_nto_zenhot_85436551&utm_source=blueshift&utm_medium=email&utm_content=20220920_ded_zentozenhot_85436551&bsft_clkid=17586937-ce85-4a2e-96cc-1357fcf99040&bsft_uid=1159342a-18b6-4f6a-b180-b96453ff8a8b&bsft_mid=15594104-50dc-48f5-8e5b-546c81f9a6b7&bsft_utid=1159342a-18b6-4f6a-b180-b96453ff8a8b-ZENHOT&bsft_mime_type=html&bsft_ek=2022-09-20T20%3A30%3A37Z&bsft_lx=2&bsft_tv=6&organization-abbreviation=MMP
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Sep 2022 21:06:44 GMT
Via: 1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
server: Kestrel
X-Amz-Cf-Pop: FRA60-P2
X-Cache: Miss from cloudfront
x-correlation-id: 7f121676-1e1a-47ac-9eff-9b5fd850fbb1
Connection: keep-alive
Content-Length: 0
X-Amz-Cf-Id: b3wW3EqRBEjbRFOP0bjtbi83sWEQJm2rnqGMsgA-zTJQT2XKtNxfEQ==

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 100ms
100ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: images.web-purchases.com
URL: https://images.web-purchases.com/Library-13/headScriptsOF.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://orders.moneymappress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://orders.moneymappress.com
date: Tue, 20 Sep 2022 21:06:45 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pro.moneymappressinfo.com/	1970-01-20 06:37:15	Name: 2084035 Value: 2459213
pro.moneymappressinfo.com/	1969-12-31 23:59:59	Name: BIGipServerIRIS_PROD_HTTPS_POOL Value: !nvy1Xx1T+5Va50RbyhZUbYl6SkaXWlc6dbVFA6vqJEuKEn5GJfoWAaap+deKdTZ6zrOBS+K7iDn6knk=
pro.moneymappressinfo.com/	1970-01-20 15:44:27	Name: orderTrackedEZENY9CG Value: True
orders.moneymappress.com/	1969-12-31 23:59:59	Name: .AspNetCore.Culture Value: c%3Den%7Cuic%3Den
orders.moneymappress.com/	1970-01-20 06:08:49	Name: IRIS-SESSION Value: f68ccf70-438e-473b-aa9e-331c60ac410d
orders.moneymappress.com/	1969-12-31 23:59:59	Name: 6952710ac6d09358a7dc37f9e89c237f Value: ca8495400293df6b3e9913c851222061
.moneymappress.com/	1970-01-20 08:18:04	Name: _gcl_au Value: 1.1.1030094114.1663708001
.orders.moneymappress.com/	1970-01-20 15:44:28	Name: _ga Value: GA1.3.1126632108.1663708001
.orders.moneymappress.com/	1970-01-20 06:09:54	Name: _gid Value: GA1.3.358197075.1663708001
.orders.moneymappress.com/	1970-01-20 06:08:28	Name: _gat Value: 1
.moneymappress.com/	1970-01-20 06:09:54	Name: _gid Value: GA1.2.358197075.1663708001
.moneymappress.com/	1970-01-20 06:08:28	Name: _gat_UA-112664600-12 Value: 1
.moneymappress.com/	1970-01-20 06:08:28	Name: _gat_gtag_UA_173717155_1 Value: 1
.moneymappress.com/	1970-01-20 15:44:28	Name: __utma Value: 227907841.1126632108.1663708001.1663708001.1663708001.1
.moneymappress.com/	1969-12-31 23:59:59	Name: __utmc Value: 227907841
.moneymappress.com/	1970-01-20 10:31:16	Name: __utmz Value: 227907841.1663708001.1.1.utmcsr=blueshift\|utmccn=20220920_ded_ze_nto_zenhot_85436551\|utmcmd=email\|utmcct=20220920_ded_zentozenhot_85436551
.moneymappress.com/	1970-01-20 06:08:28	Name: __utmt Value: 1
.moneymappress.com/	1970-01-20 06:08:29	Name: __utmb Value: 227907841.1.10.1663708001
.moneymappress.com/	1970-01-20 15:44:28	Name: _ga_1LZXF52W1V Value: GS1.1.1663708001.1.0.1663708001.60.0.0
itm.itstracking.com/	1970-01-20 15:44:28	Name: _trk_cross Value: a860bcb0-42e3-45ad-be26-87b92a9e39d0
ssl.kaptcha.com/	1970-01-20 08:18:04	Name: k Value: f5c911a03b0448828e4794f486ff3999
.moneymappress.com/	1970-01-20 15:44:28	Name: _ga Value: GA1.2.1126632108.1663708001
.moneymappress.com/	1970-01-20 06:08:28	Name: _gat_gtag_UA_197267367_1 Value: 1
.bing.com/	1970-01-20 15:30:04	Name: MUID Value: 0A03922B3AB661461529800E3B6460F3
.dianomi.com/	1970-01-20 10:27:40	Name: session Value: 023dcfdfc1a063b1e3467689052f605a
.moneymappress.com/	1970-01-20 06:09:54	Name: _uetsid Value: 1ffd25e0392811ed981c2fc8119ad761
.moneymappress.com/	1970-01-20 15:30:04	Name: _uetvid Value: 1ffd51b0392811ed9d76693353273409
.moneymappress.com/	1970-01-20 14:54:04	Name: _hjSessionUser_3022749 Value: eyJpZCI6IjU4MTcyMzEzLTY0MTMtNTNhOC05NzgyLWVlYzQ4YTYyOTg2OSIsImNyZWF0ZWQiOjE2NjM3MDgwMDEzOTMsImV4aXN0aW5nIjpmYWxzZX0=
.moneymappress.com/	1970-01-20 06:08:29	Name: _hjFirstSeen Value: 1
orders.moneymappress.com/	1970-01-20 06:08:28	Name: _hjIncludedInSessionSample Value: 1
.moneymappress.com/	1970-01-20 06:08:29	Name: _hjSession_3022749 Value: eyJpZCI6ImQ4OGFiMDI2LTZhYWQtNGRlYy05YzJkLTBmN2JhYWFkMTMxNyIsImNyZWF0ZWQiOjE2NjM3MDgwMDE3MDMsImluU2FtcGxlIjp0cnVlfQ==
orders.moneymappress.com/	1970-01-20 06:08:28	Name: _hjIncludedInPageviewSample Value: 1
.moneymappress.com/	1970-01-20 06:08:29	Name: _hjAbsoluteSessionInProgress Value: 1
orders.moneymappress.com/	1970-01-20 14:54:04	Name: cdn.14west.171440.ka.ck Value: c6ace13e65a181c970c0ceffc4c7ddee6b91e461eee37b1fe83dbf03b8d21bc3acab58e53d0cd90cca2a95718433bd3481ade00a597ff8ba4fca5ed948b33fc14ce8a074503a709d46b48cd02df690ba6c5326654e54e60a2e96d72f2bbe94585124009fd7706374898d0d6dcb4964c7b77924ada337adde2bc9c1cca6778955b951392b1b205897918465154c7adac0e15f7d6766980e8c6984db
www.clarity.ms/	1970-01-20 14:54:04	Name: CLID Value: 337cd55728dc4e9ab8380ab023aa12be.20220920.20230920
.moneymappress.com/	1970-01-20 14:54:04	Name: _clck Value: 1g0cofq\|1\|f51\|0
.moneymappress.com/	1970-01-20 06:08:28	Name: _gat_gtag_UA_192371564_1 Value: 1
.doubleclick.net/	1970-01-20 15:30:04	Name: IDE Value: AHWqTUnXv9Rlk-cyD2Ho4QGa2yb0tBVkGMSUN3rRY2JuigFDFpq_laT-TsEiFBOzT_U
.orders.moneymappress.com/	1970-01-20 06:08:29	Name: seerses Value: e
.moneymappress.com/	1970-01-20 06:09:54	Name: _clsk Value: 4i23py\|1663708002937\|1\|1\|f.clarity.ms/collect
.orders.moneymappress.com/	1970-01-20 15:44:28	Name: seerid Value: 14cb82b0-f33b-4c81-b48e-f107c4fea1a3
.c.bing.com/	1970-01-20 15:30:04	Name: SRM_B Value: 0A03922B3AB661461529800E3B6460F3
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 15:30:04	Name: MUID Value: 0A03922B3AB661461529800E3B6460F3
.c.clarity.ms/	1970-01-20 06:08:28	Name: ANONCHK Value: 0
.moneymappress.com/	1970-01-20 06:08:28	Name: _gat_gtag_UA_99069495_30 Value: 1
.lytics.io/	1970-01-20 15:44:28	Name: seerid Value: 14cb82b0-f33b-4c81-b48e-f107c4fea1a3
orders.moneymappress.com/	1970-01-20 06:08:28	Name: outbrain_cid_fetch Value: true
.moneymappress.com/	1970-01-20 06:08:28	Name: _gat_gtag_UA_137602623_2 Value: 1
.orders.moneymappress.com/	1970-01-20 14:54:04	Name: _bs Value: 0c7586f9-90d3-33d4-6732-1373690a0b15
app-14west-trackmate-dev.apps.c4.us-east-1.dev.aws.ocp.14west.io/	1969-12-31 23:59:59	Name: 511d569813096561fe240859915624fb Value: 4a9b7033f1468b6a08011975dfaa7e5f

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJGWP2 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
amplify.outbrain.com
api.getblueshift.com
app-14west-trackmate-dev.apps.c4.us-east-1.dev.aws.ocp.14west.io
bam.nr-data.net
bat.bing.com
c.bing.com
c.clarity.ms
c.lytics.io
cdn.getblueshift.com
cdn.jsdelivr.net
code.jquery.com
core.spreedly.com
data.dianomi.com
events-b.mb.moneymorning.com
f.clarity.ms
firebasestorage.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.web-purchases.com
in.hotjar.com
itm.itstracking.com
js-agent.newrelic.com
maps.googleapis.com
maps.gstatic.com
orders.moneymappress.com
prd.files.irisplus.14west.us
pro.moneymappressinfo.com
pubads.g.doubleclick.net
px.khmtrack.com
px1.co
region1.analytics.google.com
s3.amazonaws.com
script.hotjar.com
ssl.kaptcha.com
static.hotjar.com
stats.g.doubleclick.net
tr.outbrain.com
trc.taboola.com
vars.hotjar.com
vc.hotjar.io
ws12.hotjar.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.18.22.230
13.32.27.21
142.250.186.130
151.101.130.137
151.101.130.182
161.129.26.12
162.247.241.14
173.199.143.227
18.202.161.146
18.211.120.181
18.66.112.110
18.66.122.106
18.66.122.34
18.66.147.113
20.234.93.27
20.84.22.197
2001:4860:4802:34::36
2001:4de0:ac18::1:a:1a
23.35.237.86
2600:9000:2057:1a00:a:bd2b:f5c0:93a1
2600:9000:206e:2400:18:2d84:13c0:93a1
2606:4700:20::681a:316
2606:4700:3035::6815:5908
2606:4700::6810:d03f
2620:1ec:27::cafe:1835
2620:1ec:c11::200
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2013
2a00:1450:4001:812::200a
2a00:1450:4001:813::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:4001:830::200e
2a00:1450:400c:c1b::9d
2a04:4e42:200::300
2a04:4e42:200::485
34.251.196.147
35.80.101.90
35.82.76.103
52.216.92.133
65.9.66.91
70.42.32.127
007e0a84b498a895f8a7554fc3d8f1bf4a1c9c5b9a698e1817415a2d57791dee
0228980292ff7c813ac421d4489c8690a87104f505d4e581daed294d95253854
02493a1e0dbfb9223344e31e52d920b6baf76492da34685b9f6e59f54f23943e
0511338c1c8726be2593f3f78bc03ab5df4c9f53232340aae609af5ea32b1d74
05c736b27d0c66630638bf2805fb6760bb025aff5aa879583daa3b913a9c0126
0621a3b3666de4406965fe0fca7292f91d8ed13185db618f285d9a59a39b581b
09c2785ae9cea8dfc6146d0c226eee07480335f63de40f6eeb4c906bc342603d
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e45d466311db173e3e2de45c3aa1f47900eae8132e23ac1560d4f25a1fb9616
0ee99e61cf100b0c23fedd08ff8f7051e10985f30aa4059b8a0c77cab319556d
0f8de8fff29e1429bb91fc75ce60ddf816f232b5d4cf1301328a838e4a3cfe63
0f9bdc36ee54d7af1281a9f045abc2c10bd60ec542c60873d59a5184d514f11a
1044dee1219ddba847d6a44661fa1bda23484308f4814459bce5228096e200dd
19c000fb099f848d77c1df4a6404f777b125e2473cb60c94525088be6f9d818b
1bbc7217946a622e61d8c14c99d14c4389e0e07fa8d20be6a675a6d14092cfa7
1bed1d8bfda1ea4ac6d55a23c718f8ce730d92935018e0ae0a017a30118710da
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e584436fa6f2fdbb057715bb7556932059d5ed8d8d598a145202596f03ae025
22442cb5d5a3b97439bdaac2fca06282de7c280c908daf87bfb2a81f50aa426f
22e4d6be864330ef67e631ba253d5b6238e34ac21587af44f2111da0bd6cb38c
23001a0ffc919fcc621dc0744b1901e0c3a24781c77c167a0032e59eab1e90d3
28361dbd0eaa36d6e0e7123e29e4e574697374c89ba15ef08d1f4c0234554fd4
2958f12aa9bb340f10cc0e3d52f9c763c92f113ef730dbf48f96952c785974c4
2ce6a32cd1319f84cec0ed8a51752e18babb866d67aeacfff0e68054d7f6470b
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
3199b959308ce123be98c154d44f291e3496792bc47a3a310fc3931af5f9b8b1
3328c33e49011439599abe6e5754888e5e2f194e21cb3c50c3b1a33c67cf04d1
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
346a13c312dfbe46734f18bda17d16a1291420ebab90ff607d1f7862fcb28959
34bcb2b1f7c29f421e23014374270261603ef4be1c3d75b3bd2dab5d15af60d8
34eaf2ed3c40f04706492a98ad7bbb35381ddcd4507347a06aed173e6f90f17b
363507e1d16e040c252a09bbb17bdcfa01ed3f041cf77e4dcbf3e81abec89c92
37fafe89266c211e75402c672af8c16840093c19b0eb06df1d183f35f3730583
386b7ce865392fe312fe74a7bd8410301ea6ee300d5f01e58588e489742eeea8
3f7c2940b2217c36941a338a6df0b013c871c32e1124975ebb0e294769ab65a8
4051888ba616ba99180ace16bf2f4764fa62bf6155b53d95357eba8de8119ed8
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
456ee4977614c5600e15b88dc12004b691bd5951922c926fd63a1a2231eb5668
46354f041f1d15b2ef3ae63228cb7116fa498f180ea9e49e442f1a561aedf7d2
490edd451e22a63eb2a84caf0137836045bd9bc8c3363f88031074974aeaa957
52176e6f797f2cfb65ccb5955f25e9b11bd1c481c261f81daa95ad48cb30b28e
531bf95773f8c914cdc80d184b198f4dc75ca72f4e13d2ef9a326bc9428784cd
53a85d73fe1080d876c30977454c655f75d85c2ba707f5ec2ad9e2340fb4a5e4
54502058e97eaac693950652b3243bf71346305b1b3c5a2fa479c27dd8d5a73f
572eaa76d230d64e2a1f671105d1afecd8c744fb2e262631279f9d8ff024684a
5a18df7a11a011a373dfc356cc3f8890c5894d06d325b56dde378f00aed624af
5d881cdc6d94194e36c17913d76a1d788803e52b7e2744b6be3e40a416846983
5df153aa4d76e55bf5adbe4e0c285a2d630715fc4660f70dfa0f1e1a987a5a18
61364b7a305b3973cdd3b89e5b527f7fb1284afa99f373545480ddc71321b396
614b14fb9dbc9f6655bdc677fe4dfaed8df7c9c46085acf368b597f9b29a492e
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
627478b14bd64f7ab8a2e8a7c5f964e40fb3eb201caf39c94e341ca11441c67e
674e7f65cc5c446fb8181b587c243a65c9520fa61fe43770686b05b36d9beadd
6955101ae847dd4a155f52395ece8b285d103ab072a4c8b93794a6a5bd40fe3e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c9563f943393b1e4c9e89d0388c7f0abeade6cf722fb4c30694219af331304e
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
71279541cb8f6527ee70f0391f29c81a5b93722e2249a366f0e9bc32207cf609
75920b7a66cbafceb9d2e754d8f4f8da400b9fb6284e4c4b0687dd38896cb45a
7992b9267069ab3a75a5ac005d30113c86968e80f7a2ced901eeb767e0dd6e8f
7bbb84e6665058171c1a1c0e86271142570189c18fcd9fb1503e6a9836218537
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
7cb126f5a9a1149221612b32adb3d7b221dcf37ce59bc973ecab9eb72d80b00a
7e80512cd3d77b3b9874f402f3334ee01c2051579bbae145699be91c9dc5ed5c
832539307672553015b2af5c65ec15b6e41df704f4e774a0902c2ad4eab86a42
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859790d507acd06e12295953099b5025fc6d49d41683e0af085c5f8513f3c3c7
86397a005733048a7dadd3d471fa7341a83c4dd7a7af8a9708e295403b85d409
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
890e5e5924eea088e36bae079d7b314b973225e34f5bb7cf0c83852d9aafa3bc
8c73f3e15f238fe184f4f08074106805291fbfe6be51cf4f7e0b5233a7961ca4
8c827c2f1d808c7bb3c97d23032b6e0a257623ddc3bdc0fd71a6c7becb426197
8c9fb1f37a5c043551ad291fe8edcb5cacc60a1a452decadb983635699ca0205
8d0b0d52c30e20316cea23ece21639cafdab2a1eaca03f3a555f456ce195df45
8e250178d383ef2d3639c79f60b3b7ee2d587c7b6f8b658de57b81fc62567dd4
8ed51ec809fe48468f7bc937aff14ea230e64bff523f45c245ac3e33019a2fed
9393528bdf4df59453ff229a407610f1a315abdf4255c6b59ff562fb910be25f
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
96abdf41fcc30dc2272ad439c043cd00d4406a079f229cb1e176769bbe7da0cf
970514f0f39344bb423c6dde9e4a4a0cbe59847a6a8fa20af62b5f5cb8741836
989bcdf133cc9d684abc02afdd79e182f0250a4efe4af6ad4624d080dd79d241
98b2a23c63f09f29e8cd0a82d7cd4c6ff257746b60b80d16362814193ed64221
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b85ca71b6b0aefd7529556348834bc24fa4ecf5289f5ab9eac29a5df519023c
9c045966220aeb40a3c997952f5ee81aa313c6f76da11ca2773aa43adb0e1931
9dca2f89b48c2981b5e4651462171969d9baf1cebdb294fb3fda88f1b97a7091
9e5fad85322a0c3bac3a7485a018136df49b341150c5185a799aaed480caba82
9ee5f02810bdc8813c9b2123b912c59bf1a24dad015b372215ce6898fcd32c76
9f72ed2dfeef063e009cb45581ae6df3d43bd0cf04c299cbde9ed456ae594f8b
a13b913c6b37c1873e10cd062b2edc96e2f585fa6d7ceb93e9cf58ea787b732f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a35644a6dba827568402be774144c1c72443b08a509447f746839b62009ec9b5
a3968098f5b5f770202b46eb33253f311da871b24eedb10b18c54bd44c28c242
a59281b22bcf6df0421e0969afc332a2d07211ac09d1e38f8bf1ee64a8b98271
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b29bc7c7135a702b1e704ad127825ba33a15ccae1c6a81f7d879f7cbb57c7037
b3b30a33834f19920c21047a8ada907b6e10e7bd036c15f47a261d098909f8c0
b44d5e69aaa75b8d8e809cdbe679a595509d87f321cb957410f7af70fd4a941e
b53450950f10aa01c0ca3def059f28838e0b21eafdd5c22e03b53b5f3d709b00
b5e7b74114eb4c41c98631217ce4a91db68916eca55e0bae8958083f2fe8df9d
b751d00182816c8c523d0f9e3f0c1e5d4530aa8b6c73d9f0702cac96a431ecaa
b7f14017660414f923d9bc80273a1e17ad763af00030ca5f56ae5ea1eecfe3c7
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
bc6e90639d85f3f4abb43d01be75c24d49faf065d7ad3541ec29226ef318b456
bdc61666bb1988343ca25817bbb8c8dbf9fc2b5c2c7ecfeba3b8411507c60d91
c0c09020adb6f602b16d48374166b9e38ca92383a81650b6a9097c43cc43f31f
c2b526c4c9a14c8f0d5b2ffc80d36ba03462fb0f3f537585ab8097eb9d9fb2f3
c5637538f5bb78f96b0795548d664b33e22320dc08052f48623dc521bead5e8c
c8b976a8c613df414a54629670f5766c99c876a5fbcf71532a04e77668e2d495
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd6cf2881bd3c90fbdf5e9e2c94ec99195273d4b3690b4a841f85eb97b9cac6a
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
cf1611a132ed90e3cdf1b70ae7420b4bf1b491ac2d3d6fd9bc0f1f43a198d8a3
d1a3d85b2b7f51c79c24b0f9a2321f90f8b1dd647fc573e6bf746fd1ed1a9e4d
d77e0627756cbb16763a8dd01efb9159c124675b4042adeed6e87c2a34ab00ec
d924acd7441fc6dbe589249be41a8f3365bca59cd834b0893359b10c51bf757b
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
dd14f2baa7286aeccaac81d9c4997b3b2105ae5275863d7e26b9f025e097425e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e35dc8a613ad5958184fed0d7483f732a66b856b445d3e92beefda17fee4403f
e36af090811ad9e2d89d05a409057679886e2fa52b972cc626d437a3e590dd0d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f616f5df36ba638936edd79630e1d97274622dffd30e5295ecd3d33146b8be
e81c21be1892b5c8303f6968ed08f248288204a213d45901860f3de9038f0eb7
ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4
ed79bdcac23c0b703a88cbfc3e91dd6498d1ce8ef76c76708ad4d7b32dde56f2
ed8b584f121964664570bfe57aa7c5dc723f3f749f30333d41ca91ccace43954
ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2272ed432573b9cd73bad94fd7caf4c25bb93f83efa78036591e4c57df1d279
f4e4c6400cf71eb435ca73d737ba40e084c33373572e52565e9a46ee2d36b724
f678fecbb24404a67aed4559070f0f0b4f3dd26e139f88fbaaa86f6dad6ffae5
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe1895864d7f2e96764b18b83f3a504e6542ba522483c15a47b2dd3010ab0de1
fe7a7b711d3ebae8f784cb25f039c4776c2e6efe94c52079e09a344840c8b1b9

orders.moneymappress.com Open in urlscan Pro 18.66.122.106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

261 Requests

99 %HTTPS

51 %IPv6

33 Domains

49 Subdomains

46 IPs

6 Countries

5851 kBTransfer

10140 kBSize

51 Cookies

6 Outgoing links

Page URL History

Redirected requests

261 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

orders.moneymappress.com Open in urlscan Pro
18.66.122.106 Public Scan

Screenshot
Live screenshot

Full Image

261
Requests

99 %
HTTPS

51 %
IPv6

33
Domains

49
Subdomains

46
IPs

6
Countries

5851 kB
Transfer

10140 kB
Size

51
Cookies

261 HTTP transactions
1 data transactions