URL: https://b-moneyfactual-com.pages.dev/
Submission: On September 25 via automatic, source certstream-suspicious — Scanned from US

Summary

This website contacted 18 IPs in 2 countries across 13 domains to perform 29 HTTP transactions. The main IP is 172.66.47.6, located in United States and belongs to CLOUDFLARENET, US. The main domain is b-moneyfactual-com.pages.dev.
TLS certificate: Issued by WE1 on September 21st 2024. Valid for: 3 months.
This is the only time b-moneyfactual-com.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 172.66.47.6 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:27c... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
4 209.85.201.94 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 99.84.191.44 16509 (AMAZON-02)
1 3.162.125.37 16509 (AMAZON-02)
2 2620:1ec:bdf::40 8075 (MICROSOFT...)
1 52.88.213.189 16509 (AMAZON-02)
1 3.162.125.35 16509 (AMAZON-02)
3 20.114.189.70 8075 (MICROSOFT...)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 35.208.249.213 15169 (GOOGLE)
1 2 68.67.160.114 29990 (ASN-APPNEX)
1 2 64.233.180.154 15169 (GOOGLE)
1 2 104.18.36.155 13335 (CLOUDFLAR...)
29 18
Apex Domain
Subdomains
Transfer
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 715
t.clarity.ms — Cisco Umbrella Rank: 6748
c.clarity.ms — Cisco Umbrella Rank: 1434
30 KB
5 pages.dev
b-moneyfactual-com.pages.dev
83 KB
4 mediago.io
cdn.mediago.io — Cisco Umbrella Rank: 6013
gtrace.mediago.io — Cisco Umbrella Rank: 4343
96 KB
4 gstatic.com
fonts.gstatic.com
102 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 688
2 KB
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 297
1 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 292
2 KB
2 newsbreak.com
static.newsbreak.com — Cisco Umbrella Rank: 39545
business.newsbreak.com — Cisco Umbrella Rank: 15968
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
2 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 225
773 B
1 improvetool.com
ip2geo.improvetool.com — Cisco Umbrella Rank: 384861
570 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
95 KB
1 ringba.com
b-js.ringba.com — Cisco Umbrella Rank: 140922
13 KB
29 13
Domain Requested by
5 b-moneyfactual-com.pages.dev b-moneyfactual-com.pages.dev
4 fonts.gstatic.com fonts.googleapis.com
3 t.clarity.ms www.clarity.ms
2 dsum-sec.casalemedia.com 1 redirects
2 cm.g.doubleclick.net 1 redirects
2 ib.adnxs.com 1 redirects
2 gtrace.mediago.io cdn.mediago.io
2 c.clarity.ms 1 redirects
2 www.clarity.ms b-moneyfactual-com.pages.dev
www.clarity.ms
2 cdn.mediago.io b-moneyfactual-com.pages.dev
cdn.mediago.io
2 fonts.googleapis.com b-moneyfactual-com.pages.dev
1 c.bing.com 1 redirects
1 business.newsbreak.com static.newsbreak.com
1 static.newsbreak.com b-moneyfactual-com.pages.dev
1 ip2geo.improvetool.com
1 www.googletagmanager.com b-moneyfactual-com.pages.dev
1 b-js.ringba.com b-moneyfactual-com.pages.dev
29 17

This site contains links to these domains. Also see Links.

Domain
moneyfactual.com
www.moneyfactual.com
Subject Issuer Validity Valid
b-moneyfactual-com.pages.dev
WE1
2024-09-21 -
2024-12-20
3 months crt.sh
upload.video.google.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.ringba.com
Amazon RSA 2048 M03
2023-11-27 -
2024-12-23
a year crt.sh
*.google-analytics.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.gstatic.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
improvetool.com
WE1
2024-09-23 -
2024-12-22
3 months crt.sh
newsbreak.com
Amazon RSA 2048 M02
2024-05-25 -
2025-06-22
a year crt.sh
*.mediago.io
Amazon RSA 2048 M03
2024-07-07 -
2025-08-04
a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh

This page contains 2 frames:

Primary Page: https://b-moneyfactual-com.pages.dev/
Frame ID: 4339EF5DC68DE9BF55C5A3EEA5C3C514
Requests: 29 HTTP requests in this frame

Frame: https://cdn.mediago.io/js/h/val.html?postM=1&trackingid=
Frame ID: 65DB46D0F8F304E2A6D49C8F2C713596
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

MoneyFactual

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

29
Requests

86 %
HTTPS

33 %
IPv6

13
Domains

17
Subdomains

18
IPs

2
Countries

426 kB
Transfer

823 kB
Size

25
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=EE5E34FC3FC24DE1AACE0B0B73527D08&RedC=c.clarity.ms&MXFR=114D3224D3D56942292F2721D7D5678F HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=EE5E34FC3FC24DE1AACE0B0B73527D08&MUID=2F5B44B83E636339080151BD3F1262E8
Request Chain 23
  • https://ib.adnxs.com/setuid?entity=529&code=cd70ceeb3ce7ab2529katf00m1hub2i2 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D529%26code%3Dcd70ceeb3ce7ab2529katf00m1hub2i2
Request Chain 24
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_hm=cd70ceeb3ce7ab2529katf00m1hub2i2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_hm=cd70ceeb3ce7ab2529katf00m1hub2i2&google_tc=
Request Chain 25
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=cd70ceeb3ce7ab2529katf00m1hub2i2 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=cd70ceeb3ce7ab2529katf00m1hub2i2&C=1

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
b-moneyfactual-com.pages.dev/
19 KB
7 KB
Document
General
Full URL
https://b-moneyfactual-com.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fa492030625a266cb10a5fdf501407f61f82887386b529bd8b490d3475acc32
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8c8b017f9f0e9ae5-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 25 Sep 2024 12:27:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JfQ3LAtNSB9yYAQ5SZ01OpgT89iI%2FoJfVtBKPrqDHjmzlAQ2V2zf8erWaSJ5d4xJ6kuWFow0ZTIxAHeC%2FFT3Lj8fwkmSwgiSoK05mVRSHIYPC9%2BIGzA1fzC7HcfDkd5xwRm47aUlx9qelTwqxWlw"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
css2
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;800;900&display=swap
Requested by
Host: b-moneyfactual-com.pages.dev
URL: https://b-moneyfactual-com.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0fb0c742719aac32bb34917d73def535324211d08bbf38bba5051875a5c518b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://b-moneyfactual-com.pages.dev/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 25 Sep 2024 12:27:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 12:27:00 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 25 Sep 2024 12:27:00 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
12 KB
837 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700;800;900&display=swap
Requested by
Host: b-moneyfactual-com.pages.dev
URL: https://b-moneyfactual-com.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c567c423912c64243a60b621707559930db25d00c879f898be36adabf425c03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://b-moneyfactual-com.pages.dev/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 25 Sep 2024 12:27:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 12:27:00 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 25 Sep 2024 12:27:00 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
CAaae089a186ba4d4f960e83dfff5f9611
b-js.ringba.com/
13 KB
13 KB
Script
General
Full URL
https://b-js.ringba.com/CAaae089a186ba4d4f960e83dfff5f9611
Requested by
Host: b-moneyfactual-com.pages.dev
URL: https://b-moneyfactual-com.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27cb:8200:4:1957:6500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5160669ba1a503ef03fa22f7ad1f759504c80b42d51279808071bfe93270f274

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://b-moneyfactual-com.pages.dev/

Response headers

x-amz-cf-pop
IAD55-P6
access-control-max-age
300
cache-control
public
x-aspnet-version
4.0.30319
via
1.1 a6cf90963f3d761a69185cafd3ede98e.cloudfront.net (CloudFront)
expires
Wed, 25 Sep 2024 12:32:01 GMT
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
13212
x-amz-cf-id
WvCQs6oFxpM_AX6QnTG3y-7s7jLBfYgzOeLE71hIx3Jsnc4ZutZORA==
date
Wed, 25 Sep 2024 12:27:01 GMT
content-type
text/html; charset=utf-8
x-powered-by
ASP.NET
server
Microsoft-IIS/10.0
x-runtime
10.0000
app.js
b-moneyfactual-com.pages.dev/js/
158 KB
51 KB
Script
General
Full URL
https://b-moneyfactual-com.pages.dev/js/app.js
Requested by
Host: b-moneyfactual-com.pages.dev
URL: https://b-moneyfactual-com.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7757e01de3c2640bf36e9c644ecb074e7d85b70326db593dbcb0fbb12d1e2345
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://b-moneyfactual-com.pages.dev/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"43081642eb758f68deb1696df30ab3e2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R0EDL6lA6E8uT5mAWsy5DwpvavIcjR961AXbn6BDtGNvqXOdg4v3QiJDgKGLbEHGlC%2BFRyPFlw1RKDwUPO4mVoObqIo7v6Z8KnJ4sObx7veNmVx5HxjrrsBoyRA2Ccg6tUgBk4E9zGifmRvSFJG4"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c8b0182cafa9ae5-MIA
access-control-allow-origin
*
date
Wed, 25 Sep 2024 12:27:01 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
app.css
b-moneyfactual-com.pages.dev/css/
40 KB
14 KB
Stylesheet
General
Full URL
https://b-moneyfactual-com.pages.dev/css/app.css
Requested by
Host: b-moneyfactual-com.pages.dev
URL: https://b-moneyfactual-com.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d976b6b3236131b67d4756c2a6ef5b80834c2c8f771b917fe984abd84028cae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://b-moneyfactual-com.pages.dev/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"b598040d7db98e4cfab332fcf3c1c023"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zn9B5Dyu%2FoNS9dcAhYlty9jt8LC2bW9NFHX7IGT%2Fv6XF9LQhtEL49r7Sj7M%2BXJUaEEt17r9AUDBQ7cELTPjB9myd68%2Fbog7HnSfG0W7zvEE48RhQ2b9lKlDlqlCUPV0kQQnQn2FGOGl07O50%2Fmhv"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c8b018169669ae5-MIA
access-control-allow-origin
*
date
Wed, 25 Sep 2024 12:27:00 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
cloudflare
logo.png
b-moneyfactual-com.pages.dev/images/content/
4 KB
4 KB
Image
General
Full URL
https://b-moneyfactual-com.pages.dev/images/content/logo.png
Requested by
Host: b-moneyfactual-com.pages.dev
URL: https://b-moneyfactual-com.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1d4e32c89b7ddbaacb57b6f13fdfe42fb9bd7de6c5b21ca74e9572255d283da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://b-moneyfactual-com.pages.dev/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
"bed385dac4b36761761d3c885bebf071"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bjw50DIsquq2FtojMxu3xGIq8Wtz5F46UDKiGmO6bXu9lR7ca7qdZXJsGAtZBbgowVyIhsKtd3zd8sPRYQgBiywKeCdT%2B9xSM7eM5haRZu6OGSlj1avDJX3ZiZqDD%2FqdaPXOeFrj0ZTaHC0yZ0Kv"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c8b0181696a9ae5-MIA
access-control-allow-origin
*
content-length
3788
date
Wed, 25 Sep 2024 12:27:00 GMT
content-type
image/png
vary
Accept-Encoding
server
cloudflare
gtm.js
www.googletagmanager.com/
274 KB
95 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WZS6RPW
Requested by
Host: b-moneyfactual-com.pages.dev
URL: https://b-moneyfactual-com.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4b66f2df3974703361c0432871fa18226883e649ca0991d2e1bf11d938b1c114
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://b-moneyfactual-com.pages.dev/

Response headers

content-encoding
br
expires
Wed, 25 Sep 2024 12:27:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 12:27:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 25 Sep 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
96957
x-xss-protection
0
server
Google Tag Manager
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700;800;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f94.1e100.net
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://b-moneyfactual-com.pages.dev
Referer
https://fonts.googleapis.com/

Response headers

age
563556
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Sep 2025 23:54:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 23:54:25 GMT
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48444
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;800;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f94.1e100.net
Software
sffe /
Resource Hash
1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://b-moneyfactual-com.pages.dev
Referer
https://fonts.googleapis.com/

Response headers

age
156408
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 23 Sep 2025 17:00:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Sep 2024 17:00:13 GMT
last-modified
Thu, 01 Aug 2024 20:41:28 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18436
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;800;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f94.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://b-moneyfactual-com.pages.dev
Referer
https://fonts.googleapis.com/

Response headers

age
165225
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 23 Sep 2025 14:33:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Sep 2024 14:33:16 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
/
ip2geo.improvetool.com/
202 B
570 B
Fetch
General
Full URL
https://ip2geo.improvetool.com/
Requested by
Host:
URL: webpack-internal:///./src/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:94a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c141b87aac9015b2864a3e8eeab337fdf2e234d5e92cc5dd6addd2b7b62d748e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://b-moneyfactual-com.pages.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cxm0mCi2rPGJDydn7DREiqM9K1cPiTW4rz5A%2BHcNeAC2hYMrDLtcPJpmrGuom6ooLAoG%2FXlowaCJ1R7TDwOmW0uxI%2BkcrKb1bNsuLl2y%2BgxarfU2DQnad2vGiD8jf6c%2B9Vh6HfPoHuVkMORdxk7NOVmHUujf"}],"group":"cf-nel","max_age":604800}
cf-ray
8c8b01856eb574c0-MIA
access-control-allow-origin
*
date
Wed, 25 Sep 2024 12:27:01 GMT
content-type
application/json
vary
Origin
server
cloudflare
nbpixel.js
static.newsbreak.com/business/tracking/
8 KB
3 KB
Script
General
Full URL
https://static.newsbreak.com/business/tracking/nbpixel.js?t=1727308800000
Requested by
Host: b-moneyfactual-com.pages.dev
URL: https://b-moneyfactual-com.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.191.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-191-44.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://b-moneyfactual-com.pages.dev/

Response headers

access-control-max-age
86400
content-encoding
gzip
x-amz-version-id
jRibpKGpU8hDlj36OARsNwPFpjnyG6Ii
etag
W/"7d6af9a6683da50918d44e9d35360ff8"
age
3056
access-control-allow-methods
GET, POST, PUT, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
nE5BxH3AA9ffcOkMM3-pOubw8naWQjoe131stSK78aQ8XTqedU1HLg==
date
Wed, 25 Sep 2024 11:36:06 GMT
content-type
application/javascript
last-modified
Thu, 14 Oct 2021 07:49:18 GMT
vary
Accept-Encoding
via
1.1 c37f72766931ae9c3f146ffa54018d1c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD89-C2
server
AmazonS3
pixel.js
cdn.mediago.io/js/
95 KB
95 KB
Script
General
Full URL
https://cdn.mediago.io/js/pixel.js
Requested by
Host: b-moneyfactual-com.pages.dev
URL: https://b-moneyfactual-com.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-37.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eee0b11d48ea095a4dc484d65f7a2b1197c7943f25e5860a5fe5adfc6a6e4568

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://b-moneyfactual-com.pages.dev/

Response headers

vary
Origin
x-amz-version-id
xuKXPtRifJoGc1vQWZ2Kzz_QxzFdYB4h
etag
"7eefe2646c9f579d22345d191511c03b"
age
81613
via
1.1 6f3ebc2cbc39563710a79620f7c154f0.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
96786
x-amz-cf-id
mtlkcUa5OtSvFylpf8AVXUOmcXh_no-g5ec92IwSN3UowsyWWAlnDQ==
date
Tue, 24 Sep 2024 13:46:49 GMT
content-type
text/javascript
last-modified
Fri, 28 Jun 2024 09:04:41 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P3
x-amz-server-side-encryption
AES256
icgrm51w94
www.clarity.ms/tag/
637 B
1001 B
Script
General
Full URL
https://www.clarity.ms/tag/icgrm51w94?ref=gtm2
Requested by
Host: b-moneyfactual-com.pages.dev
URL: https://b-moneyfactual-com.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
de4865e94141e16ce00d5e46c86bbddad0b0dbeffd5c4ecc3ad5f26aa8f98b73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://b-moneyfactual-com.pages.dev/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
637
date
Wed, 25 Sep 2024 12:27:01 GMT
content-type
application/x-javascript
x-azure-ref
20240925T122701Z-1855ff45cc6wxrbkw6npt9vses00000001gg00000000tras
clarity.js
www.clarity.ms/s/0.7.47/
64 KB
27 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.47/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/icgrm51w94?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30adbc7e799238c336b56a1e20db67910f2a114fc3bc6ced6c550b4c873318aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://b-moneyfactual-com.pages.dev/

Response headers

x-azure-ref
20240925T122701Z-1855ff45cc6wxrbkw6npt9vses00000001gg00000000trbk
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DCDCD7122C4CCC"
x-fd-int-roxy-purgeid
51562430
x-ms-request-id
f67d8080-c01e-0014-39c2-0e66b4000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Wed, 25 Sep 2024 12:27:01 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Tue, 24 Sep 2024 20:25:46 GMT
pixel.gif
business.newsbreak.com/tracking/
0
0
Ping
General
Full URL
https://business.newsbreak.com/tracking/pixel.gif?id=ID-1624099740021809154&uid=&ev=pageload&ed=&v=1&dl=https%3A%2F%2Fb-moneyfactual-com.pages.dev%2F&rl=&ts=1727267221280&de=UTF-8&sr=1600x1200&vp=1600x1200&cd=24&dt=MoneyFactual&bn=Chrome%20129&md=false&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F129.0.0.0%20Safari%2F537.36&tz=600&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=&nb_aid=&nb_fid=&nb_cid=&esourceid=&csource=&siteid=&ccreative=&cname=&placement_id=&placement_name=&icode=&promo=&uid_01=&uid_02=&uid_03=&uid_04=&uid_05=&uid_06=&uid_07=&uid_08=
Requested by
Host: static.newsbreak.com
URL: https://static.newsbreak.com/business/tracking/nbpixel.js?t=1727308800000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.88.213.189 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-213-189.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://b-moneyfactual-com.pages.dev/

Response headers

val.html
cdn.mediago.io/js/h/ Frame 65DB
0
0
Document
General
Full URL
https://cdn.mediago.io/js/h/val.html?postM=1&trackingid=
Requested by
Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-35.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://b-moneyfactual-com.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
81611
content-length
9619
content-type
text/html
date
Tue, 24 Sep 2024 13:46:51 GMT
etag
"b19d57b1d930ffeb6ce750fad83fe7fe"
last-modified
Wed, 19 Jun 2024 07:00:32 GMT
server
AmazonS3
vary
Origin
via
1.1 af08bb104c29fffb75d24691c869c256.cloudfront.net (CloudFront)
x-amz-cf-id
Z1wYmokJGXLTalF9apb-NJlQM6i2rnBjzLY76Anr8kl-1SNeZ24fjw==
x-amz-cf-pop
IAD61-P3
x-amz-server-side-encryption
AES256
x-amz-version-id
Oaanq82uoPsdCaYCvkBaR3PJCyZ8RQO_
x-cache
Hit from cloudfront
truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09a70023e5a4449a8c01cfff00062e7523c10202f26988f20540d3dfd75314c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
collect
t.clarity.ms/
0
292 B
XHR
General
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.47/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://b-moneyfactual-com.pages.dev/

Response headers

Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin
https://b-moneyfactual-com.pages.dev
Date
Wed, 25 Sep 2024 12:27:01 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=EE5E34FC3FC24DE1AACE0B0B73527D08&RedC=c.clarity.ms&MXFR=114D3224D3D56942292F2721D7D5678F
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=EE5E34FC3FC24DE1AACE0B0B73527D08&MUID=2F5B44B83E636339080151BD3F1262E8
42 B
464 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=EE5E34FC3FC24DE1AACE0B0B73527D08&MUID=2F5B44B83E636339080151BD3F1262E8
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://b-moneyfactual-com.pages.dev/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"bb391b5d70eeda1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Wed, 25 Sep 2024 12:27:02 GMT
content-type
image/gif
last-modified
Wed, 14 Aug 2024 17:35:32 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=EE5E34FC3FC24DE1AACE0B0B73527D08&MUID=2F5B44B83E636339080151BD3F1262E8
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2C243C8FB4A3433E89754347F7A31B60 Ref B: MIA301000108047 Ref C: 2024-09-25T12:27:02Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Wed, 25 Sep 2024 12:27:01 GMT
x-powered-by
ASP.NET
favicon.ico
b-moneyfactual-com.pages.dev/
19 KB
7 KB
Other
General
Full URL
https://b-moneyfactual-com.pages.dev/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fa492030625a266cb10a5fdf501407f61f82887386b529bd8b490d3475acc32
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://b-moneyfactual-com.pages.dev/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R4c1BKgVbXC0tlghTZtypYxOsC9sOJeEMXi8WyZYgqpeZnlSliWwm4HdjVfEolLITpBx70%2FwxLMECKO0odnU8wQvRkygjWpUGCQLkpXCDgeybPWaD9Ku%2Fgv6gp0%2Bt8xbyMihd1vvQeAz4bfpTCUE"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8c8b018879689ae5-MIA
access-control-allow-origin
*
date
Wed, 25 Sep 2024 12:27:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
pageview
gtrace.mediago.io/api/bidder/track/pixel/
0
114 B
Ping
General
Full URL
https://gtrace.mediago.io/api/bidder/track/pixel/pageview?tn=f9f2b1ef23fe2759c2cad0953029a94b&spd=&mgd=12fa51cc22524b90b3ab4f1ea79bc8c3&ptd=&tkd=&acd=&cpid=&v=162662171
Requested by
Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://b-moneyfactual-com.pages.dev/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 25 Sep 2024 12:27:02 GMT
content-type
text/plain; charset=utf-8
eplist
gtrace.mediago.io/ju/cs/
346 B
821 B
Script
General
Full URL
https://gtrace.mediago.io/ju/cs/eplist?acid=&gdpr_consent=&gdpr=0&dm=https%253A%252F%252Fb-moneyfactual-com.pages.dev&mcb=mmgg_1727267222132_961
Requested by
Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
3285ed1b5c305f2c4fe8d1bbb22ffd438409298c3a073d469c9fea4334011726

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://b-moneyfactual-com.pages.dev/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
access-control-allow-origin
https%3A%2F%2Fb-moneyfactual-com.pages.dev
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
346
date
Wed, 25 Sep 2024 12:27:02 GMT
content-type
application/javascript; charset=utf-8
access-control-allow-headers
Content-Type
bounce
ib.adnxs.com/
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=529&code=cd70ceeb3ce7ab2529katf00m1hub2i2
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D529%26code%3Dcd70ceeb3ce7ab2529katf00m1hub2i2
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D529%26code%3Dcd70ceeb3ce7ab2529katf00m1hub2i2
Protocol
H2
Server
68.67.160.114 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://b-moneyfactual-com.pages.dev/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
38.132.118.76; 38.132.118.76; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
6092c49e-b496-413a-9f87-eb4f35bf5925
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Wed, 25 Sep 2024 12:27:02 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D529%26code%3Dcd70ceeb3ce7ab2529katf00m1hub2i2
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
38.132.118.76; 38.132.118.76; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
01d3bfac-8077-469b-ad42-4d7b1c888b6d
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Wed, 25 Sep 2024 12:27:02 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_hm=cd70ceeb3ce7ab2529katf00m1hub2i2
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_hm=cd70ceeb3ce7ab2529katf00m1hub2i2&google_tc=
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_hm=cd70ceeb3ce7ab2529katf00m1hub2i2&google_tc=
Protocol
H2
Server
64.233.180.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pe-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://b-moneyfactual-com.pages.dev/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Wed, 25 Sep 2024 12:27:02 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

cache-control
no-cache, must-revalidate
location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_hm=cd70ceeb3ce7ab2529katf00m1hub2i2&google_tc=
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
318
date
Wed, 25 Sep 2024 12:27:02 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
crum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=cd70ceeb3ce7ab2529katf00m1hub2i2
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=cd70ceeb3ce7ab2529katf00m1hub2i2&C=1
43 B
710 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=cd70ceeb3ce7ab2529katf00m1hub2i2&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://b-moneyfactual-com.pages.dev/

Response headers

cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sSf6Lk8EgxuGjoqpAU6EvRUep1WUaFns0dWbkhJeOFhGBz01o4TqSTGulFI4qYZaHmQ9qcS9178xuc5LTdIOkRwLcdIIe5Kd1AFZQ%2BCCXVLSwSeg13bZApa1SXtIVAaSMVzGKmYO2QMWgg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c8b018d0bd18e00-MIA
expires
0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Wed, 25 Sep 2024 12:27:03 GMT
content-type
image/gif
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
no-cache
location
/crum?cm_dsp_id=215&external_user_id=cd70ceeb3ce7ab2529katf00m1hub2i2&C=1
cf-cache-status
DYNAMIC
pragma
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=09PA3zQuz7d4cndMNVNPrRcepIwferwcGl76K2l0tFbJZcIQ2aJl2wNAH%2Bs%2BuI1b5dQiafaj0WZxlabczktM8fHgGWITx0dNJVeTBj2zaFKBelfcbe87RSGEwQoVjkPZ1imlJzeeUZUzYA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c8b018c8b5e8e00-MIA
expires
0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Wed, 25 Sep 2024 12:27:02 GMT
vary
Accept-Encoding
server
cloudflare
collect
t.clarity.ms/
0
292 B
XHR
General
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.47/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://b-moneyfactual-com.pages.dev/

Response headers

Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin
https://b-moneyfactual-com.pages.dev
Date
Wed, 25 Sep 2024 12:27:02 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;800;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f94.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://b-moneyfactual-com.pages.dev
Referer
https://fonts.googleapis.com/

Response headers

age
481989
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 19 Sep 2025 22:33:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Sep 2024 22:33:54 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
collect
t.clarity.ms/
0
292 B
XHR
General
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.47/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://b-moneyfactual-com.pages.dev/

Response headers

Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
Access-Control-Allow-Origin
https://b-moneyfactual-com.pages.dev
Date
Wed, 25 Sep 2024 12:27:05 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| _triedToInstallGlobalErrorHandler object| dataLayer function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data function| nbpix object| _megoaa function| clarity object| ringba_known_numbers object| _rgba object| ringba object| _rgba_tags function| a0a2 function| a0a1 object| megoaaEvent boolean| _mediago_pixel_status

25 Cookies

Domain/Path Name / Value
.b-moneyfactual-com.pages.dev/ Name: _gcl_au
Value: 1.1.413775460.1727267221
www.clarity.ms/ Name: CLID
Value: c15010c87d7b46a09a107d1fff69369f.20240925.20250925
.b-moneyfactual-com.pages.dev/ Name: _mg_ckp
Value: eyJja1RrZERGIjoiIn0=
.b-moneyfactual-com.pages.dev/ Name: _clck
Value: vm5pdu%7C2%7Cfph%7C0%7C1729
.b-moneyfactual-com.pages.dev/ Name: _clsk
Value: 1bunahg%7C1727267221986%7C1%7C1%7Ct.clarity.ms%2Fcollect
.b-moneyfactual-com.pages.dev/ Name: __mguid_
Value: 77c3d40d0d85482ebfeb31284c003ba8
.bing.com/ Name: MUID
Value: 2F5B44B83E636339080151BD3F1262E8
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2F5B44B83E636339080151BD3F1262E8
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2F5B44B83E636339080151BD3F1262E8
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.mediago.io/ Name: __mguid_
Value: cd70ceeb3ce7ab2529katf00m1hub2i2
gtrace.mediago.io/ Name: cst_44
Value: ts=1727267222
gtrace.mediago.io/ Name: cst_70
Value: ts=1727267222
gtrace.mediago.io/ Name: cst_78
Value: ts=1727267222
.casalemedia.com/ Name: CMID
Value: ZvQBlsAoJVkAAG0xAB5RhgAA
.casalemedia.com/ Name: CMPS
Value: 2828
.casalemedia.com/ Name: CMPRO
Value: 2828
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.adnxs.com/ Name: XANDR_PANID
Value: xT7pCnM3NC4mrr2nx79B72PxVk7MxUAqrNf-hFQO-8afmj8nx2k_yldI8--YIhhhkeuSHJGTTALQcRaQUNFHgfN7-4Y5V19jNNNrfGYuKEk.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 1650237301955698340
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2GUcH<GUC!@wnfH8KVePiSir=0LA:leWY:5=Dl@jRBW1fSN=i73c)Yced8dYKY*Dis!pQt:hVN(j#iP(Md+>)fy+1FguxV

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b-js.ringba.com
b-moneyfactual-com.pages.dev
business.newsbreak.com
c.bing.com
c.clarity.ms
cdn.mediago.io
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gtrace.mediago.io
ib.adnxs.com
ip2geo.improvetool.com
static.newsbreak.com
t.clarity.ms
www.clarity.ms
www.googletagmanager.com
104.18.36.155
172.66.47.6
20.110.205.119
20.114.189.70
209.85.201.94
2600:9000:27cb:8200:4:1957:6500:93a1
2606:4700:3037::ac43:94a7
2607:f8b0:4004:c1b::61
2607:f8b0:400d:c0d::5f
2620:1ec:bdf::40
2620:1ec:c11::237
3.162.125.35
3.162.125.37
35.208.249.213
52.88.213.189
64.233.180.154
68.67.160.114
99.84.191.44
09a70023e5a4449a8c01cfff00062e7523c10202f26988f20540d3dfd75314c7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fb0c742719aac32bb34917d73def535324211d08bbf38bba5051875a5c518b7
1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b
2eba388d8d2d74baba77c72fe5441f74422c1824a888ef7e748863a22ea7191a
30adbc7e799238c336b56a1e20db67910f2a114fc3bc6ced6c550b4c873318aa
3285ed1b5c305f2c4fe8d1bbb22ffd438409298c3a073d469c9fea4334011726
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b66f2df3974703361c0432871fa18226883e649ca0991d2e1bf11d938b1c114
5160669ba1a503ef03fa22f7ad1f759504c80b42d51279808071bfe93270f274
5d976b6b3236131b67d4756c2a6ef5b80834c2c8f771b917fe984abd84028cae
6c567c423912c64243a60b621707559930db25d00c879f898be36adabf425c03
6fa492030625a266cb10a5fdf501407f61f82887386b529bd8b490d3475acc32
7757e01de3c2640bf36e9c644ecb074e7d85b70326db593dbcb0fbb12d1e2345
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c141b87aac9015b2864a3e8eeab337fdf2e234d5e92cc5dd6addd2b7b62d748e
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
de4865e94141e16ce00d5e46c86bbddad0b0dbeffd5c4ecc3ad5f26aa8f98b73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eee0b11d48ea095a4dc484d65f7a2b1197c7943f25e5860a5fe5adfc6a6e4568
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f1d4e32c89b7ddbaacb57b6f13fdfe42fb9bd7de6c5b21ca74e9572255d283da