think2money.com Open in urlscan Pro
168.119.64.244 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://think2money.com/
Submission: On January 03 via automatic, source certstream-suspicious (January 3rd 2022, 5:11:10 pm UTC) — Scanned from DE

Summary HTTP 94 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 14 domains to perform 94 HTTP transactions. The main IP is 168.119.64.244, located in Germany and belongs to HETZNER-AS, DE. The main domain is think2money.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 19th 2021. Valid for: 3 months.

This is the only time think2money.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	168.119.64.244 168.119.64.244	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	35.190.90.202 35.190.90.202	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:27::... 2620:1ec:27::cafe:1746	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:211e:2e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	40.76.174.66 40.76.174.66	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
12	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
94	20

26 168.119.64.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: out29.keliweb.com

think2money.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.90.202 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 202.90.190.35.bc.googleusercontent.com

steadfastsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1746 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:2e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 40.76.174.66 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

d.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

p4-bcpkd6nkxxery-34rpjthjfvtmb4jj-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	think2money.com think2money.com	484 KB
24	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	346 KB
11	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	62 KB
7	clarity.ms 1 redirects www.clarity.ms d.clarity.ms c.clarity.ms	25 KB
7	gstatic.com fonts.gstatic.com p4-bcpkd6nkxxery-34rpjthjfvtmb4jj-if-v6exp3-v4.metric.gstatic.com	98 KB
6	google-analytics.com www.google-analytics.com	57 KB
5	google.com 2 redirects adservice.google.com www.google.com	2 KB
3	googletagmanager.com www.googletagmanager.com	139 KB
2	googletagservices.com www.googletagservices.com	74 KB
2	google.de adservice.google.de www.google.de	1 KB
2	steadfastsystem.com steadfastsystem.com	27 KB
1	bing.com 1 redirects c.bing.com	553 B
1	adsafeprotected.com static.adsafeprotected.com	481 B
1	googleadservices.com partner.googleadservices.com	646 B
94	14

	Domain	Requested by
26	think2money.com	think2money.com
12	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	pagead2.googlesyndication.com	think2money.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com think2money.com
5	fonts.gstatic.com	think2money.com
4	d.clarity.ms	www.clarity.ms d.clarity.ms
4	www.google.com	2 redirects think2money.com tpc.googlesyndication.com
3	www.googletagmanager.com	think2money.com www.googletagmanager.com
2	p4-bcpkd6nkxxery-34rpjthjfvtmb4jj-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-bcpkd6nkxxery-34rpjthjfvtmb4jj-if-v6exp3-v4.metric.gstatic.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	c.clarity.ms	1 redirects think2money.com
2	steadfastsystem.com	think2money.com steadfastsystem.com
1	c.bing.com	1 redirects
1	www.google.de	think2money.com
1	static.adsafeprotected.com	think2money.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.clarity.ms	think2money.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
94	21

This site contains links to these domains. Also see Links.

Domain
www.think2money.com

Subject Issuer	Validity	Valid
think2money.com cPanel, Inc. Certification Authority	`2021-10-19` - `2022-01-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
steadfastsystem.com R3	`2021-12-11` - `2022-03-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2021-06-01` - `2022-06-01`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://think2money.com/
Frame ID: 4B1EC2DCF34BF42DA9EA9D62B080C63E
Requests: 63 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: A8C030292AC896FFEE9D840F0117AD4B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731104385596521&output=html&adk=3826760629&adf=1341073466&lmt=1641229864&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fthink2money.com%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641229864760&bpp=17&bdt=118&idt=190&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2395777676232&frm=20&pv=2&ga_vid=1890550927.1641229865&ga_sid=1641229865&ga_hid=1422575891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824&oid=2&pvsid=3821999356165986&pem=268&tmod=590&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=208
Frame ID: 6ECD1A95521AF5732F3D8006C0628B0C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731104385596521&output=html&h=90&slotname=8781160927&adk=1082742915&adf=3072990261&pi=t.ma~as.8781160927&w=728&lmt=1641229865&psa=0&format=728x90&url=https%3A%2F%2Fthink2money.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641229864777&bpp=10&bdt=135&idt=247&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2395777676232&frm=20&pv=1&ga_vid=1890550927.1641229865&ga_sid=1641229865&ga_hid=1422575891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=629&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824&oid=2&pvsid=3821999356165986&pem=268&tmod=590&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HxCMn4ioCp&p=https%3A//think2money.com&dtd=250
Frame ID: 2D978CFABE4E22F1742689B781231AC4
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731104385596521&output=html&h=333&slotname=7152384480&adk=375129656&adf=3243134834&pi=t.ma~as.7152384480&w=326&lmt=1641229865&rafmt=11&psa=0&format=326x333&url=https%3A%2F%2Fthink2money.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641229864813&bpp=2&bdt=171&idt=223&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2395777676232&frm=20&pv=1&ga_vid=1890550927.1641229865&ga_sid=1641229865&ga_hid=1422575891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824&oid=2&pvsid=3821999356165986&pem=268&tmod=590&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yU8E2jYAcS&p=https%3A//think2money.com&dtd=226
Frame ID: ADD5718F2FF22AED1A63FE864929C811
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4CD28C171A3646E0D9D9A3A9A5DD0ED9
Requests: 2 HTTP requests in this frame

Frame: https://p4-bcpkd6nkxxery-34rpjthjfvtmb4jj-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 813E72F1AB034E54BD0875D8C4AA964C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E22129AE4319EE57E1A772EA9C041EFC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
Frame ID: A3825DEC43E9A26EFD683580C00DC3A0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
Frame ID: 3F3C69FC610352303F56C45541D50DAD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FC5945280FE1E579DC4458141B5D7B06
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FC0B8317754B0F97EFA1263691471C89
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Think2Money.com - i consigli per i tuoi investimenti

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

94
Requests

99 %
HTTPS

70 %
IPv6

14
Domains

21
Subdomains

20
IPs

4
Countries

1316 kB
Transfer

3000 kB
Size

15
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.think2money.com/privacy/
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.think2money.com/
Title: Mappa

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=A72AE155B4C247A4B293EDFC31A6F3EC&RedC=c.clarity.ms&MXFR=3F56CEE17B3767862347DFC07F3769D2 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=A72AE155B4C247A4B293EDFC31A6F3EC&MUID=137D82E5F0DD63A4197D93C4F1B662D0

Request Chain 66

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 78

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

94 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
think2money.com/ 103 KB
17 KB 201ms
159ms Document
text/html 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://think2money.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: out29.keliweb.com
Software: Apache /
Resource Hash: 3f415df90093023ccab2c21a4465ad42a56af00d4fb3c2eed552a007156c3750

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-cache-enabled: True
link: <https://think2money.com/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
content-length: 17366
content-type: text/html; charset=UTF-8
date: Mon, 03 Jan 2022 17:11:04 GMT
server: Apache

GET
H2 200 siteground-optimizer-combined-css-e8f474a672983a85be1ff0db45ccb1c3.css
think2money.com/wp-content/uploads/siteground-optimizer-assets/ 221 KB
37 KB 20ms
20ms Stylesheet
text/css 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://think2money.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-e8f474a672983a85be1ff0db45ccb1c3.css
Requested by: Host: think2money.com
URL: https://think2money.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: out29.keliweb.com
Software: Apache /
Resource Hash: 7026eec556aa1fdbb0264f8a533696fba77e4b66dea8c8837f711b74c3c24345

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:04 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 16:38:06 GMT
server: Apache
accept-ranges: bytes
content-length: 37101
content-type: text/css

GET
H2 200 jquery.min.js Show response
think2money.com/wp-includes/js/jquery/ 87 KB
30 KB 15ms
15ms Script
application/javascript 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://think2money.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: think2money.com
URL: https://think2money.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: out29.keliweb.com
Software: Apache /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:04 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 14:40:07 GMT
server: Apache
accept-ranges: bytes
content-length: 30908
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
37 KB 52ms
29ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-173213886-1

Requested by

Host: think2money.com
URL: https://think2money.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0fe02db00a8ac32375a09c5db32623c315e84991382f73f46d79a6addea03309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:04 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37127
x-xss-protection: 0
expires: Mon, 03 Jan 2022 17:11:04 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 49ms
27ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1731104385596521

Requested by

Host: think2money.com
URL: https://think2money.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55bc08b200bdc05544627d344592fa1af1821b2ba959dd310950dc7088b960d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://think2money.com/
Origin: https://think2money.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51731
x-xss-protection: 0
server: cafe
etag: 2054483880467003741
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 17:11:04 GMT

GET
H2 200 cropped-logo.png
think2money.com/wp-content/uploads/2020/10/ 3 KB
3 KB 17ms
17ms Image
image/png 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://think2money.com/wp-content/uploads/2020/10/cropped-logo.png
Requested by: Host: think2money.com
URL: https://think2money.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: out29.keliweb.com
Software: Apache /
Resource Hash: d78c6d2891e892baae7ec4e0ac089c055deadd6a1bb6cf946bb666e63ec3555a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:04 GMT
last-modified: Tue, 19 Oct 2021 14:11:28 GMT
server: Apache
accept-ranges: bytes
content-length: 2655
content-type: image/png

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 66ms
50ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: think2money.com
URL: https://think2money.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7385909ed2ab7e0bebb621d42fe68f3b8c12af95e9910a5eb575c67d4d8bbb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51751
x-xss-protection: 0
server: cafe
etag: 16118021851169625240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 17:11:04 GMT

GET
H2 200 analisi-tecnica-300x162.jpg
think2money.com/wp-content/uploads/2020/11/ 8 KB
8 KB 13ms
11ms Image
image/jpeg 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://think2money.com/wp-content/uploads/2020/11/analisi-tecnica-300x162.jpg
Requested by: Host: think2money.com
URL: https://think2money.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: out29.keliweb.com
Software: Apache /
Resource Hash: b6261e51f9f64ec57caa7d8b5ebd08a5475ce7af8c03429afd0f3a7be60b4360

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:04 GMT
last-modified: Tue, 19 Oct 2021 14:13:40 GMT
server: Apache
accept-ranges: bytes
content-length: 8006
content-type: image/jpeg

GET
H2 200 siteground-optimizer-combined-js-50da99b6abdfa2bcf0399d9a88e50bc7.js Show response
think2money.com/wp-content/uploads/siteground-optimizer-assets/ 122 KB
33 KB 16ms
14ms Script
application/javascript 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://think2money.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-50da99b6abdfa2bcf0399d9a88e50bc7.js
Requested by: Host: think2money.com
URL: https://think2money.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: out29.keliweb.com
Software: Apache /
Resource Hash: 188b35c7860433b9b410f4f8c742ec66ee35232b254a17ec0a41005475160c1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:04 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 16:38:06 GMT
server: Apache
accept-ranges: bytes
content-length: 33982
content-type: application/javascript

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 276 KB
99 KB 52ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1731104385596521&plah=think2money.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1731104385596521

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101734
x-xss-protection: 0
server: cafe
etag: 4507154694380913909
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 17:11:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame A8C0 11 KB
5 KB 33ms
8ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1731104385596521

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 02 Jan 2022 18:37:20 GMT
expires: Sun, 16 Jan 2022 18:37:20 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 81224
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 111 KB
42 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MVKNB6H

Requested by

Host: think2money.com
URL: https://think2money.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac51b7fcd68594c83c801985d3201a1b9edfb4bfd092fbe1afec311946556626

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42800
x-xss-protection: 0
last-modified: Mon, 03 Jan 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Jan 2022 17:11:04 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhzg.ttf
fonts.gstatic.com/s/montserrat/v18/ 47 KB
25 KB 32ms
8ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhzg.ttf

Requested by

Host: think2money.com
URL: https://think2money.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1265f5cf75bb6439cbb3a416f6e70baa95f0499466ef549c3818091467167669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://think2money.com/
Origin: https://think2money.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 02:32:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25213
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 03 Jan 2023 02:32:24 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v18/ 48 KB
25 KB 41ms
17ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD-w.ttf

Requested by

Host: think2money.com
URL: https://think2money.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5c9feb0989a20d4137b6548d92d2cba0f01fdf01df125a15d401574e8d5ef99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://think2money.com/
Origin: https://think2money.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 14:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 441066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25487
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Dec 2022 14:39:58 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 fontawesome-webfont.woff2
think2money.com/wp-content/themes/mh-magazine/fonts/ 75 KB
76 KB 15ms
15ms Font
font/woff2 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://think2money.com/wp-content/themes/mh-magazine/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: think2money.com
URL: https://think2money.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-e8f474a672983a85be1ff0db45ccb1c3.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: out29.keliweb.com
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://think2money.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-e8f474a672983a85be1ff0db45ccb1c3.css
Origin: https://think2money.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:04 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 14:08:40 GMT
server: Apache
accept-ranges: bytes
content-type: font/woff2

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlEA.ttf
fonts.gstatic.com/s/poppins/v15/ 15 KB
10 KB 30ms
12ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlEA.ttf

Requested by

Host: think2money.com
URL: https://think2money.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61c050678dd8b3f4a7a9ed2f522bdef895d70837e012a83612cdd94a8702a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://think2money.com/
Origin: https://think2money.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 09:58:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 457978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10457
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Dec 2022 09:58:06 GMT

GET
H3 200 JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf
fonts.gstatic.com/s/montserrat/v18/ 48 KB
25 KB 25ms
8ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_bZF3gnD-w.ttf

Requested by

Host: think2money.com
URL: https://think2money.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

654905eb947da8013b2e5ada4b01aac45537b950b4810122b1d877cc23028257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://think2money.com/
Origin: https://think2money.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 16:49:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25249
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 16:49:28 GMT

GET
H3 200 pxiEyp8kv8JHgFVrJJfedw.ttf
fonts.gstatic.com/s/poppins/v15/ 16 KB
10 KB 14ms
12ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfedw.ttf

Requested by

Host: think2money.com
URL: https://think2money.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e83171a76657083b9eb66e41f1fec53bf3b30fb9a15c9b9603f7ed21e3d2a6e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://think2money.com/
Origin: https://think2money.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 13:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10566
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 13:36:25 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 37ms
35ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HRM03WJQXT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-173213886-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f7a6ae0b131866614ff8d503b771467b0fcc0b2840d4ec4380272ebde35727a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:04 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61877
x-xss-protection: 0
expires: Mon, 03 Jan 2022 17:11:04 GMT

GET
H2 200 v2mfqKKzSl8P-u82WXSyMpB0DDPRxFqMGwAIbYQD0mCC64hUmYxCgM61lDAziynYNe-S6lWUT34CWEq-KgCpLkzZ00oUcnxLC3VzXLLqKGpb6syvpcM39eWcBL_hg Show response
steadfastsystem.com/ 89 KB
27 KB 341ms
300ms Script
text/javascript 35.190.90.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://steadfastsystem.com/v2mfqKKzSl8P-u82WXSyMpB0DDPRxFqMGwAIbYQD0mCC64hUmYxCgM61lDAziynYNe-S6lWUT34CWEq-KgCpLkzZ00oUcnxLC3VzXLLqKGpb6syvpcM39eWcBL_hg

Requested by

Host: think2money.com
URL: https://think2money.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-50da99b6abdfa2bcf0399d9a88e50bc7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.90.202 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

202.90.190.35.bc.googleusercontent.com

Software

Resource Hash

06036e90b0f46b2bcdcf22d487c85131723b041d6881c990ca1e5ffeba52b8cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "ff69a5a8600eb307d1d68ce91ab33168d9a821ba14ebee1c8e81cf7028a1ff26"
vary: Accept-Encoding, Accept-Language
x-hostname: c984a0b3
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Mon, 03 Jan 2022 17:11:05 GMT
timing-allow-origin: *

GET
H2 200 lo-swap-definizione-326x245.jpg
think2money.com/wp-content/uploads/2021/11/ 13 KB
14 KB 14ms
11ms Image
image/jpeg 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://think2money.com/wp-content/uploads/2021/11/lo-swap-definizione-326x245.jpg
Requested by: Host: think2money.com
URL: https://think2money.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: out29.keliweb.com
Software: Apache /
Resource Hash: 0f4a040585b96f4541dfb57a044d1482ed2bd3fd0e2dbd724daf645edaa72381

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:04 GMT
last-modified: Tue, 16 Nov 2021 16:20:26 GMT
server: Apache
accept-ranges: bytes
content-length: 13802
content-type: image/jpeg

GET
H2 200 GAFAM-326x245.jpg
think2money.com/wp-content/uploads/2021/10/ 8 KB
8 KB 14ms
12ms Image
image/jpeg 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://think2money.com/wp-content/uploads/2021/10/GAFAM-326x245.jpg
Requested by: Host: think2money.com
URL: https://think2money.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: out29.keliweb.com
Software: Apache /
Resource Hash: 4e84f893b4d2fd4b3b6429ea63085539bb47371953cf8611443b6b673ab27aba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:04 GMT
last-modified: Tue, 19 Oct 2021 14:21:22 GMT
server: Apache
accept-ranges: bytes
content-length: 7973
content-type: image/jpeg

GET
H2 200 Revolving_Credit_cards-e1632216523564-326x245.jpg
think2money.com/wp-content/uploads/2021/09/ 36 KB
36 KB 14ms
12ms Image
image/jpeg 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://think2money.com/wp-content/uploads/2021/09/Revolving_Credit_cards-e1632216523564-326x245.jpg
Requested by: Host: think2money.com
URL: https://think2money.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: out29.keliweb.com
Software: Apache /
Resource Hash: 060bed643c91a94a054032b505a566228875451a75ad131aa8e22fed10ed1ad4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:04 GMT
last-modified: Tue, 19 Oct 2021 14:21:05 GMT
server: Apache
accept-ranges: bytes
content-length: 36867
content-type: image/jpeg

GET
H2 200 carte-prepagate-minori-326x245.jpg
think2money.com/wp-content/uploads/2021/06/ 18 KB
18 KB 14ms
12ms Image
image/jpeg 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://think2money.com/wp-content/uploads/2021/06/carte-prepagate-minori-326x245.jpg
Requested by: Host: think2money.com
URL: https://think2money.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: out29.keliweb.com
Software: Apache /
Resource Hash: 46c9f7bfa1887262d688f704f9bb769c953bff810cf684b1e65f09698c171802

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:04 GMT
last-modified: Tue, 19 Oct 2021 14:20:26 GMT
server: Apache
accept-ranges: bytes
content-length: 18304
content-type: image/jpeg

GET
H2 200 tradocenter_tab.png
think2money.com/wp-content/uploads/2021/12/ 10 KB
10 KB 14ms
12ms Image
image/png 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://think2money.com/wp-content/uploads/2021/12/tradocenter_tab.png
Requested by: Host: think2money.com
URL: https://think2money.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: out29.keliweb.com
Software: Apache /
Resource Hash: ec8c733b03d937bb39f5ad1a7df802a97c63f88b534544f0d69ec834417e59ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:04 GMT
last-modified: Wed, 08 Dec 2021 19:41:32 GMT
server: Apache
accept-ranges: bytes
content-length: 10279
content-type: image/png

GET
H2 200 fortissio_tab1.png
think2money.com/wp-content/uploads/2020/11/ 10 KB
10 KB 14ms
12ms Image
image/png 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://think2money.com/wp-content/uploads/2020/11/fortissio_tab1.png
Requested by: Host: think2money.com
URL: https://think2money.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: out29.keliweb.com
Software: Apache /
Resource Hash: 0dfe69a8a5c331f4d65bdc1ff51a144d9411143c5908ba1d7aacbf3a6d1f17de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:04 GMT
last-modified: Tue, 19 Oct 2021 14:14:16 GMT
server: Apache
accept-ranges: bytes
content-length: 10446
content-type: image/png

GET
H2 200 xm_tab.png
think2money.com/wp-content/uploads/2020/11/ 10 KB
10 KB 14ms
12ms Image
image/png 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://think2money.com/wp-content/uploads/2020/11/xm_tab.png
Requested by: Host: think2money.com
URL: https://think2money.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: out29.keliweb.com
Software: Apache /
Resource Hash: f3584fce2faa976232d0ecbc58dce21d491b4d3e2f6e27b129a155d756c1bbac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:04 GMT
last-modified: Tue, 19 Oct 2021 14:15:15 GMT
server: Apache
accept-ranges: bytes
content-length: 10220
content-type: image/png

GET
H2 200 capitol_com_tab.png
think2money.com/wp-content/uploads/2021/04/ 8 KB
8 KB 14ms
12ms Image
image/png 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://think2money.com/wp-content/uploads/2021/04/capitol_com_tab.png
Requested by: Host: think2money.com
URL: https://think2money.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: out29.keliweb.com
Software: Apache /
Resource Hash: c0ed456ecc6de10c5e4f233a0d2d170f485a1eb82269c150f1def4188d5805cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:04 GMT
last-modified: Tue, 19 Oct 2021 14:18:52 GMT
server: Apache
accept-ranges: bytes
content-length: 8047
content-type: image/png

GET
H2 200 plus500_tab-1.png
think2money.com/wp-content/uploads/2020/11/ 6 KB
6 KB 14ms
11ms Image
image/png 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://think2money.com/wp-content/uploads/2020/11/plus500_tab-1.png
Requested by: Host: think2money.com
URL: https://think2money.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: out29.keliweb.com
Software: Apache /
Resource Hash: 4d83b6530aa41ce44fdab94a299b24d5a2e34e1f4c447ebb2f91b10c84d63f54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:04 GMT
last-modified: Tue, 19 Oct 2021 14:14:39 GMT
server: Apache
accept-ranges: bytes
content-length: 6171
content-type: image/png

GET
H2 200 etoro_w_tab.png
think2money.com/wp-content/uploads/2021/06/ 9 KB
9 KB 13ms
11ms Image
image/png 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://think2money.com/wp-content/uploads/2021/06/etoro_w_tab.png
Requested by: Host: think2money.com
URL: https://think2money.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: out29.keliweb.com
Software: Apache /
Resource Hash: aa1f98450650981eaf21e4c8127c998f9e32996792a39341f04124f265184d50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:04 GMT
last-modified: Tue, 19 Oct 2021 14:20:29 GMT
server: Apache
accept-ranges: bytes
content-length: 8979
content-type: image/png

POST
H2 200 admin-ajax.php Show response
think2money.com/wp-admin/ 5 KB
825 B 188ms
188ms XHR
application/json 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://think2money.com/wp-admin/admin-ajax.php

Requested by

Host: think2money.com
URL: https://think2money.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

out29.keliweb.com

Software

Apache /

Resource Hash

1cf55843ed1c7586cf657f1f9f5a7a6bd032793f0d27c1baf531ea9221477cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://think2money.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 03 Jan 2022 17:11:04 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://think2money.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 573
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
646 B 90ms
53ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=think2money.com&callback=_gfp_s_&client=ca-pub-1731104385596521

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1731104385596521&plah=think2money.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

880799487bdd81f75ad11e71d4397194ebee0e5800ae9894f602da716fbf15ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 48ms
24ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=think2money.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Jan 2022 17:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 65ms
41ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=think2money.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Jan 2022 17:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
48ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fthink2money.com%2F&tn=DIV&cls=mysticky-welcomebar-fixed%20mysticky-welcomebar-position-top%20mysticky-welcomebar-showx-mobile%20mysticky-welcomebar-display-desktop%20mysticky-welcomebar-display-mobile%20mysticky-welcomebar-attention-default%20mysticky-welcomebar-entry-effect-slide-in&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: think2money.com
URL: https://think2money.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 17:11:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6ECD 0
19 B 123ms
107ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731104385596521&output=html&adk=3826760629&adf=1341073466&lmt=1641229864&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fthink2money.com%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641229864760&bpp=17&bdt=118&idt=190&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2395777676232&frm=20&pv=2&ga_vid=1890550927.1641229865&ga_sid=1641229865&ga_hid=1422575891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824&oid=2&pvsid=3821999356165986&pem=268&tmod=590&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=208

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 03 Jan 2022 17:11:05 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 03 Jan 2022 17:11:05 GMT
cache-control: private

GET
H2 200 4qyw7z1twa Show response
www.clarity.ms/tag/ 1 KB
1 KB 249ms
170ms Script
application/x-javascript 2620:1ec:27::cafe:1746
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/4qyw7z1twa
Requested by: Host: think2money.com
URL: https://think2money.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1746 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e66ad5ebfe39e47c45c1c7e86db693721e591985e0bbfd2be90cfd29c78a7448

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:04 GMT
x-powered-by: ASP.NET
x-azure-ref: 0KS7TYQAAAAArqx3SKlppS55dCeT8nBroQ1BIMzBFREdFMDQwNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
content-length: 1102
expires: -1

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2D97 70 KB
27 KB 745ms
744ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731104385596521&output=html&h=90&slotname=8781160927&adk=1082742915&adf=3072990261&pi=t.ma~as.8781160927&w=728&lmt=1641229865&psa=0&format=728x90&url=https%3A%2F%2Fthink2money.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641229864777&bpp=10&bdt=135&idt=247&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2395777676232&frm=20&pv=1&ga_vid=1890550927.1641229865&ga_sid=1641229865&ga_hid=1422575891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=629&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824&oid=2&pvsid=3821999356165986&pem=268&tmod=590&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HxCMn4ioCp&p=https%3A//think2money.com&dtd=250

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8970038901f01a1a0e025c1b2a0b9fe2061041cd6d58df13df3a6367782bdf2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 03 Jan 2022 17:11:05 GMT
server: cafe
content-length: 27563
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 03 Jan 2022 17:11:05 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ADD5 81 KB
29 KB 843ms
842ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731104385596521&output=html&h=333&slotname=7152384480&adk=375129656&adf=3243134834&pi=t.ma~as.7152384480&w=326&lmt=1641229865&rafmt=11&psa=0&format=326x333&url=https%3A%2F%2Fthink2money.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641229864813&bpp=2&bdt=171&idt=223&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2395777676232&frm=20&pv=1&ga_vid=1890550927.1641229865&ga_sid=1641229865&ga_hid=1422575891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824&oid=2&pvsid=3821999356165986&pem=268&tmod=590&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yU8E2jYAcS&p=https%3A//think2money.com&dtd=226

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a13354fe49ada4068179f0960dcef4bcaf768797d42862bfe5707840ea324f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 03 Jan 2022 17:11:05 GMT
server: cafe
content-length: 29627
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 03 Jan 2022 17:11:05 GMT
cache-control: private

POST
H2 204 collect
www.google-analytics.com/g/ 0
162 B 38ms
13ms Ping
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HRM03WJQXT&gtm=2oec10&_p=1422575891&sr=1600x1200&ul=en-us&cid=1890550927.1641229865&_s=1&dl=https%3A%2F%2Fthink2money.com%2F&dt=Think2Money.com%20-%20i%20consigli%20per%20i%20tuoi%20investimenti&sid=1641229864&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HRM03WJQXT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://think2money.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 17:11:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://think2money.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-173213886-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5771
date: Mon, 03 Jan 2022 15:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 03 Jan 2022 17:34:54 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 93 KB
36 KB 46ms
31ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-WMLXQ44&t=gtag_UA_173213886_1&cid=1890550927.1641229865&aip=true

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

791c5be9ccfab03be11608cba160fff2b2f2aa17b7723dea543571dae2e8bae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:05 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37196
x-xss-protection: 0
expires: Mon, 03 Jan 2022 17:11:05 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1422575891&t=pageview&_s=1&dl=https%3A%2F%2Fthink2money.com%2F&ul=en-us&de=UTF-8&dt=Think2Money.com%20-%20i%20consigli%20per%20i%20tuoi%20investimenti&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACUADRAAAAC~&jid=1491546425&gjid=159675473&cid=1890550927.1641229865&tid=UA-173213886-1&_gid=1619337553.1641229865&_r=1&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1077816087

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://think2money.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 17:11:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://think2money.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 64ms
20ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-173213886-1&cid=1890550927.1641229865&jid=1491546425&gjid=159675473&_gid=1619337553.1641229865&_u=aCDACUACRAAAAC~&z=2023678803

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://think2money.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 03 Jan 2022 17:11:05 GMT
content-type: text/plain
access-control-allow-origin: https://think2money.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 admiral_markets_tab.png
think2money.com/wp-content/uploads/2020/11/ 20 KB
20 KB 12ms
11ms Image
image/png 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://think2money.com/wp-content/uploads/2020/11/admiral_markets_tab.png
Requested by: Host: think2money.com
URL: https://think2money.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: out29.keliweb.com
Software: Apache /
Resource Hash: 0c66145a3220206903084e3c2b907f3cb05cd243f7b963779a492b48f28c16ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:05 GMT
last-modified: Tue, 19 Oct 2021 14:13:37 GMT
server: Apache
accept-ranges: bytes
content-length: 20226
content-type: image/png

GET
H2 200 skilling_tab.png
think2money.com/wp-content/uploads/2020/11/ 8 KB
8 KB 12ms
12ms Image
image/png 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://think2money.com/wp-content/uploads/2020/11/skilling_tab.png
Requested by: Host: think2money.com
URL: https://think2money.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: out29.keliweb.com
Software: Apache /
Resource Hash: e6294c352dca2cf981e8f8c95f901c7246b2c229c7f1f9a12b2e8b015133a4f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:05 GMT
last-modified: Tue, 19 Oct 2021 14:15:07 GMT
server: Apache
accept-ranges: bytes
content-length: 8257
content-type: image/png

GET
H2 200 fxtb_trading_broker_tab.png
think2money.com/wp-content/uploads/2021/04/ 7 KB
7 KB 13ms
12ms Image
image/png 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://think2money.com/wp-content/uploads/2021/04/fxtb_trading_broker_tab.png
Requested by: Host: think2money.com
URL: https://think2money.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: out29.keliweb.com
Software: Apache /
Resource Hash: bbf855c35cf0473af92720e4b46d4a95e89ae102e308a1e6d617f816193d5932

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:05 GMT
last-modified: Tue, 19 Oct 2021 14:18:53 GMT
server: Apache
accept-ranges: bytes
content-length: 7056
content-type: image/png

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
481 B 55ms
6ms Image
image/gif 2600:9000:211e:2e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: think2money.com
URL: https://think2money.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 07fbd2276304c86925071791c7032951.cloudfront.net (CloudFront)
age: 12963391
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: qW1vBs_J70TWfY6t0idoLVZR2Pqdrp9LJwqSHwtYmt4M8d7s7JE4uA==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 60ms
30ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-173213886-1&cid=1890550927.1641229865&jid=1491546425&_u=aCDACUACRAAAAC~&z=1376102726

Requested by

Host: think2money.com
URL: https://think2money.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 17:11:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 61ms
31ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-173213886-1&cid=1890550927.1641229865&jid=1491546425&_u=aCDACUACRAAAAC~&z=1376102726

Requested by

Host: think2money.com
URL: https://think2money.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 17:11:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
d.clarity.ms/s/0.6.31/ 52 KB
23 KB 300ms
94ms Script
application/javascript 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/s/0.6.31/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/4qyw7z1twa
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:05 GMT
content-encoding: br
etag: "1d7ffcbff747e00"
last-modified: Sun, 02 Jan 2022 11:29:26 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=A72AE155B4C247A4B293EDFC31A6F3EC&RedC=c.clarity.ms&MXFR=3F56CEE17B3767862347DFC07F3769D2
https://c.clarity.ms/c.gif?CtsSyncId=A72AE155B4C247A4B293EDFC31A6F3EC&MUID=137D82E5F0DD63A4197D93C4F1B662D0

42 B
369 B

27ms
27ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=A72AE155B4C247A4B293EDFC31A6F3EC&MUID=137D82E5F0DD63A4197D93C4F1B662D0
Requested by: Host: think2money.com
URL: https://think2money.com/
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 17:11:04 GMT
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "f95a3e4769d2d71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 03 Jan 2022 17:11:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5DD8B9722D1E45529E1A6ECD3E3124A3 Ref B: FRAEDGE1511 Ref C: 2022-01-03T17:11:05Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=A72AE155B4C247A4B293EDFC31A6F3EC&MUID=137D82E5F0DD63A4197D93C4F1B662D0
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 cosa-sono-stock-options-326x245.jpg
think2money.com/wp-content/uploads/2021/01/ 17 KB
17 KB 12ms
12ms Image
image/jpeg 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://think2money.com/wp-content/uploads/2021/01/cosa-sono-stock-options-326x245.jpg
Requested by: Host: think2money.com
URL: https://think2money.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: out29.keliweb.com
Software: Apache /
Resource Hash: a6688d2f391281b53dddceaae9491ddcf0aab47f0e1adcb89d947369d0b1b503

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:05 GMT
last-modified: Tue, 19 Oct 2021 14:17:06 GMT
server: Apache
accept-ranges: bytes
content-length: 17038
content-type: image/jpeg

GET
H2 200 lo-swap-definizione-678x381.jpg
think2money.com/wp-content/uploads/2021/11/ 32 KB
32 KB 12ms
11ms Image
image/jpeg 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://think2money.com/wp-content/uploads/2021/11/lo-swap-definizione-678x381.jpg
Requested by: Host: think2money.com
URL: https://think2money.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: out29.keliweb.com
Software: Apache /
Resource Hash: bcad2da1616235874ef6a6900cf31f57d70728b15a2fcd514cef6906a5b24f31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:05 GMT
last-modified: Tue, 16 Nov 2021 16:20:26 GMT
server: Apache
accept-ranges: bytes
content-length: 33000
content-type: image/jpeg

GET
H2 200 industria_porno-326x245.jpg
think2money.com/wp-content/uploads/2021/05/ 16 KB
16 KB 21ms
21ms Image
image/jpeg 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://think2money.com/wp-content/uploads/2021/05/industria_porno-326x245.jpg
Requested by: Host: think2money.com
URL: https://think2money.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: out29.keliweb.com
Software: Apache /
Resource Hash: 7c4d83279efd77e50d35508d7af43fb2d9979f6bc8d133c2eed633444df24548

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:05 GMT
last-modified: Tue, 19 Oct 2021 14:19:20 GMT
server: Apache
accept-ranges: bytes
content-length: 16367
content-type: image/jpeg

POST
H2 200 v2oixuw-CEfnkeJo54MpoPWmk6cjmSpqEnopKNqaWOC72UaqJl6whyT-ALba2y3RICK9O4n-cqeF6RP_B__DuXkGd7iveO24N-GNxRn27Mi74bREJnKs7TUDRi5ysHx_SOn-nXydA4sD8gA Show response
steadfastsystem.com/ 209 B
606 B 43ms
17ms Fetch
application/json 35.190.90.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://steadfastsystem.com/v2oixuw-CEfnkeJo54MpoPWmk6cjmSpqEnopKNqaWOC72UaqJl6whyT-ALba2y3RICK9O4n-cqeF6RP_B__DuXkGd7iveO24N-GNxRn27Mi74bREJnKs7TUDRi5ysHx_SOn-nXydA4sD8gA

Requested by

Host: steadfastsystem.com
URL: https://steadfastsystem.com/v2mfqKKzSl8P-u82WXSyMpB0DDPRxFqMGwAIbYQD0mCC64hUmYxCgM61lDAziynYNe-S6lWUT34CWEq-KgCpLkzZ00oUcnxLC3VzXLLqKGpb6syvpcM39eWcBL_hg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.90.202 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

202.90.190.35.bc.googleusercontent.com

Software

Resource Hash

72dff039d4eb9e077482432545f51f78b693b87f5809b3eac578ecb7d14298d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://think2money.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Mon, 03 Jan 2022 17:11:05 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://think2money.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: c984a0b3
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 209
expires: Mon, 03 Jan 2022 17:11:04 GMT

POST
H2 204 collect Show response
d.clarity.ms/ 0
70 B 195ms
195ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://think2money.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://think2money.com
date: Mon, 03 Jan 2022 17:11:05 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 9479488712761976943
tpc.googlesyndication.com/simgad/ Frame 2D97 7 KB
8 KB 42ms
17ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9479488712761976943?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlC1fjPkDvTfgkGqjm_TPLlpTMjsw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731104385596521&output=html&h=90&slotname=8781160927&adk=1082742915&adf=3072990261&pi=t.ma~as.8781160927&w=728&lmt=1641229865&psa=0&format=728x90&url=https%3A%2F%2Fthink2money.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641229864777&bpp=10&bdt=135&idt=247&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2395777676232&frm=20&pv=1&ga_vid=1890550927.1641229865&ga_sid=1641229865&ga_hid=1422575891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=629&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824&oid=2&pvsid=3821999356165986&pem=268&tmod=590&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HxCMn4ioCp&p=https%3A//think2money.com&dtd=250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eecc32061bb50dc4ee7b9861db5cc784198d65c6b798ed3b4e393b6b692d5798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 02:17:55 GMT
x-content-type-options: nosniff
age: 399190
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7554
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 14:05:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 30 Dec 2022 02:17:55 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 2D97 19 KB
8 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 16:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jan 2022 16:58:31 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 2D97 2 KB
1 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:02:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 539
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jan 2022 17:02:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2D97 119 KB
37 KB 49ms
24ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 03 Jan 2022 17:11:05 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 2D97 15 KB
6 KB 31ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jan 2022 17:10:44 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 2D97 27 KB
11 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cc36b7e19b912c6d09739d2c3edbbb05a272be96736ae9fb0b0a70c2a331d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11415
x-xss-protection: 0
server: cafe
etag: 3382072337847676073
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jan 2022 14:42:37 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2D97 0
0 58ms
57ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2YStKS7TYZzaC4OvrQHy853ID9W0xbFl6sWY36EOloLNhYgWEAEgkJ6Me2CV-vCBjAegAanZ-JUDyAECqQKEd4hY7wuzPqgDAcgDyQSqBOQBT9AnuRo2X5wvJUghkTAWpkfq2IkdLWPKBHyVHppegY_Tl6nnZ1vawYndp5IwEISvq68gZevj-bxerC2dzdQJAdMThjoEOzO4ZFCNg3wlpy6XVdSWVgSc3Tqg8u8XiVn_ts3Pvs1JQGOoLAoiKR54Xti-1FdwfQ-GxX5T1pUX-nKOSt770gA1KMahK-Dn0-gn5rfQnB_OV61QC6EzJa0xUMWS4Ur_5SFs0bhgax7_1jXhjxeWojuF91eU7I5HBlhO6MEBJYnldDhCQWqMKrdtR2JWODe6T60VpbbmmH-R2RdeQ_hswASky-H5zAOSBQQIBBgBkgUECAUYBKAGAoAHv6aHaqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEI63EtIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xNzMxMTA0Mzg1NTk2NTIxGAA&sigh=oAkO-4CDNF4&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731104385596521&output=html&h=90&slotname=8781160927&adk=1082742915&adf=3072990261&pi=t.ma~as.8781160927&w=728&lmt=1641229865&psa=0&format=728x90&url=https%3A%2F%2Fthink2money.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641229864777&bpp=10&bdt=135&idt=247&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2395777676232&frm=20&pv=1&ga_vid=1890550927.1641229865&ga_sid=1641229865&ga_hid=1422575891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=629&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824&oid=2&pvsid=3821999356165986&pem=268&tmod=590&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HxCMn4ioCp&p=https%3A//think2money.com&dtd=250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 03 Jan 2022 17:11:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 03 Jan 2022 17:11:05 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4CD2 143 B
163 B 10ms
8ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731104385596521&output=html&h=90&slotname=8781160927&adk=1082742915&adf=3072990261&pi=t.ma~as.8781160927&w=728&lmt=1641229865&psa=0&format=728x90&url=https%3A%2F%2Fthink2money.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641229864777&bpp=10&bdt=135&idt=247&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2395777676232&frm=20&pv=1&ga_vid=1890550927.1641229865&ga_sid=1641229865&ga_hid=1422575891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=629&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824&oid=2&pvsid=3821999356165986&pem=268&tmod=590&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HxCMn4ioCp&p=https%3A//think2money.com&dtd=250

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 03 Jan 2022 17:02:26 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 519
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-bcpkd6nkxxery-34rpjthjfvtmb4jj-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 813E 247 B
963 B 295ms
15ms Document
text/html 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-bcpkd6nkxxery-34rpjthjfvtmb4jj-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

b7fffe1ac96897469abb1c3ad095bf1ca8852b54b8a4f32e7d5e3c0720535fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-bEi9FasIyZ3_Mh2XfpCY3w' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 205
date: Mon, 03 Jan 2022 17:11:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4CD2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

63ms
60ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 03 Jan 2022 17:11:05 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 03 Jan 2022 17:11:05 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 03 Jan 2022 17:11:05 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2D97 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9c5cbc5ba06a442ca698747e2f2bae66a8311e3c396ed95ed94bbe2e3fcadbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 16007870849568352195
tpc.googlesyndication.com/simgad/ Frame ADD5 24 KB
24 KB 32ms
13ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16007870849568352195?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlhfD6Qh2q4hnVGOlXaQ0JLmMyWAw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731104385596521&output=html&h=333&slotname=7152384480&adk=375129656&adf=3243134834&pi=t.ma~as.7152384480&w=326&lmt=1641229865&rafmt=11&psa=0&format=326x333&url=https%3A%2F%2Fthink2money.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641229864813&bpp=2&bdt=171&idt=223&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2395777676232&frm=20&pv=1&ga_vid=1890550927.1641229865&ga_sid=1641229865&ga_hid=1422575891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824&oid=2&pvsid=3821999356165986&pem=268&tmod=590&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yU8E2jYAcS&p=https%3A//think2money.com&dtd=226

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99fb7dc313216536a24fd6a972e3d5518368bbe0a9c5ff32068887181860f58b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 08:29:05 GMT
x-content-type-options: nosniff
age: 117720
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24674
x-xss-protection: 0
last-modified: Sun, 19 Sep 2021 10:05:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 02 Jan 2023 08:29:05 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame ADD5 19 KB
8 KB 28ms
11ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:10:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jan 2022 17:10:55 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame ADD5 2 KB
1 KB 29ms
17ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jan 2022 17:07:34 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ADD5 119 KB
36 KB 42ms
27ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 03 Jan 2022 17:11:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame ADD5 15 KB
6 KB 26ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:07:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jan 2022 17:07:01 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ADD5 0
0 53ms
52ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfwaCKS7TYZenDLzArtoPyJSJkA2lqbakZdatxdmoDqLqjK2XKhABIJCejHtglfrwgYwHoAGe67i3AcgBAqkChHeIWO8Lsz6oAwHIA8kEqgTzAU_QdKhPwnEONjdhsRT4ZmE7TLuintNfOEpufSEPkMf2Q0DWP9yKXQHINDedWrO-C2xEJjZNcyunCDwsTTHFdbtA5NVwUVZuWSt26a-c60EHRlodL-VoXBKFaQGTdJ_CWfrq8y4a3wc2KmPeQiI_WHfIZtjktgyIkerP94Iw8kIxJ-y5kryONJ5yPb65LPSO7-4LM5b0a3mIYQ9F0aVrp0IFgE3AWNx2OAsZWlKxjyWPIvgmO45xj_HqS_EPTw-QlZLnS0Invd_3vhmHPiRp9PVM-KOsK0FRnHLQEFkWdQG0n9pQjT4HahxS7e2gn6q9yoB-98AEy9Dg2eUDkgUECAQYAZIFBAgFGASgBgKAB8qUx8gCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQwY9a0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTE3MzExMDQzODU1OTY1MjEYAA&sigh=ZF-p9Mvn9qE&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731104385596521&output=html&h=333&slotname=7152384480&adk=375129656&adf=3243134834&pi=t.ma~as.7152384480&w=326&lmt=1641229865&rafmt=11&psa=0&format=326x333&url=https%3A%2F%2Fthink2money.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641229864813&bpp=2&bdt=171&idt=223&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2395777676232&frm=20&pv=1&ga_vid=1890550927.1641229865&ga_sid=1641229865&ga_hid=1422575891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824&oid=2&pvsid=3821999356165986&pem=268&tmod=590&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yU8E2jYAcS&p=https%3A//think2money.com&dtd=226
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 03 Jan 2022 17:11:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame ADD5 27 KB
11 KB 29ms
17ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cc36b7e19b912c6d09739d2c3edbbb05a272be96736ae9fb0b0a70c2a331d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11415
x-xss-protection: 0
server: cafe
etag: 3382072337847676073
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jan 2022 14:42:37 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E221 143 B
163 B 15ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731104385596521&output=html&h=333&slotname=7152384480&adk=375129656&adf=3243134834&pi=t.ma~as.7152384480&w=326&lmt=1641229865&rafmt=11&psa=0&format=326x333&url=https%3A%2F%2Fthink2money.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641229864813&bpp=2&bdt=171&idt=223&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2395777676232&frm=20&pv=1&ga_vid=1890550927.1641229865&ga_sid=1641229865&ga_hid=1422575891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=989&ady=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824&oid=2&pvsid=3821999356165986&pem=268&tmod=590&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=yU8E2jYAcS&p=https%3A//think2money.com&dtd=226

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 03 Jan 2022 17:02:26 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 519
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1422575891&t=event&ni=1&_s=2&dl=https%3A%2F%2Fthink2money.com%2F&ul=en-us&de=UTF-8&dt=Think2Money.com%20-%20i%20consigli%20per%20i%20tuoi%20investimenti&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=9r8dep&_u=aDDACUADRAAAAC~&jid=&gjid=&cid=1890550927.1641229865&tid=UA-173213886-1&_gid=1619337553.1641229865&gtm=2ouc10&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F4qyw7z1twa%2Fk2m6ri%2F9r8dep&z=1498217096

Requested by

Host: think2money.com
URL: https://think2money.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 03:04:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50796
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame ADD5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06e0bb4f1ffe7a15f429e620b2ad10ce77f4e0f89f9deec2937341205db69d52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E221
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

62ms
62ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 03 Jan 2022 17:11:06 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 03 Jan 2022 17:11:06 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 03 Jan 2022 17:11:06 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js Show response
pagead2.googlesyndication.com/bg/ Frame A382 35 KB
13 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 12:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13559
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Jan 2023 12:52:09 GMT

GET
H3 200 iframe.html Show response
p4-bcpkd6nkxxery-34rpjthjfvtmb4jj-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 813E 4 KB
2 KB 30ms
15ms Document
text/html 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-bcpkd6nkxxery-34rpjthjfvtmb4jj-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-bcpkd6nkxxery-34rpjthjfvtmb4jj-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-bcpkd6nkxxery-34rpjthjfvtmb4jj-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

9eaa7fff0033f984596f12303c001a683801911d418bf610ae7ae1ed474b0ce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://p4-bcpkd6nkxxery-34rpjthjfvtmb4jj-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-PUiQtjey8FvJ4wYL5Y9Lqg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1862
date: Mon, 03 Jan 2022 17:11:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F3C 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 12:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13559
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Jan 2023 12:52:09 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 45ms
30ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc91c035436786620543cc7f15c514d93c1e633f7b0603342cb44288bdb1f72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Jan 2022 17:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8669
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Mon, 03 Jan 2022 17:11:06 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FC59 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Mon, 03 Jan 2022 16:44:28 GMT
expires: Tue, 03 Jan 2023 16:44:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1598
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FC0B 783 B
532 B 16ms
16ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f221ef2aad34eb67e3682e75f9efb105cf0e6269abf04fc688c2f69c78292842

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yS2auLt9mSdy3OeSGlgR/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 03 Jan 2022 17:11:06 GMT
date: Mon, 03 Jan 2022 17:11:06 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-yS2auLt9mSdy3OeSGlgR/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js Show response
pagead2.googlesyndication.com/bg/ Frame FC59 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 12:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13559
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Jan 2023 12:52:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FC0B 0
0 55ms
55ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=3821999356165986&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=3821999356165986&bg=!QEOlQwfNAAZKWFskSlg7ACkAdvg8Wpb6gGt_klphMBObm07m0TBkE2KifkM_OwG3EGzmaK9MbMkrfwIAAABXUgAAAAdoAQcKAF3wIZ82jbKfEfKQCthhTJ8Ca0BXj2u_F4s9IBCcRiu4G7qlIO8epTWOVrGn9O0IFQ2IUzLxVSl_kcEVqA9Vm98doLfRoACGWrLiaVjqyuBn86WYTIu7lVJlbkMa8g-ZAr6E3fMVZ9MfWoUBkrlsKIfE2XaEOQvDFo4w313xJ2QZSHKEMHi7tSJ1G-KwbMktuTIacccw7mgpv8cLDsfIPjug3sByg6sLX3mCYkTAMx-PTNDSHTPZL-Lh5vJSHL_oUmdn1mh8NQW3WFtr3Lh-fHonmrMEi0PHCNtdEh_wR-0LdasmBZHVoPeWfzMkqgyyUuOfB4DMjDkk8s15U002rqTK4PanOguRdFnV2MXOfn-RCP9jyo-eCTt3mUlQpXwAkQ0AcF-zc_ezif8uxU3Z0GYLpTpiYPdAbl0xSS0AlmpvhNTBW0nRPBnFH21V790jUb3dByyNFsebDA2rRm4msf0CkNQaahy-e74wlQRzTak2oZ3qWaNrlYNf9f0JzU-16_L0eXi9QQyYKN_9mMBbxYy6LfSz-U_Gz80gyxTE2Mui5jdMUIiaLx--1G415R1gAgK2dHGBv3g4DL1Tsuj7xFONgqbrFUwz4EjLgMZj2qTaIW3CiEeRf39mcCpVnfFERNobFUN6HMJzU5-R6gFL4eoI111mduHILAvF0JiDYLfsXqtnJLFqdPDE7QZqs8MRVxp_LAU_OPnp6XHfq1ZLKoDMu3RFroPrbrmYZqzG7vRdiVA34fpNJTj7ehR3xjq4h1AAFUiYdXEfHnVR7XnQVgy_8TQ4xt6UB0TcMGflkEd0mrj7PQsUwXl7cc-aQEiUB4lXOQIb8St1or5byCZ1JJZVp_wf4tMz_7P_wcv_61-939nQltljKQZ6tiB98TLbSDIymUBQmeoDJOCrJt2f8w_UXUq7_Z5aseh41UY1sS3BytCe90HMgmaTWlUsMzaOxJuhVtnQvdOfpQ0RLwL4-lptDAUCKfjR_rsLzYD3ek6YaKlu2judVRwx3uLwDg6_Fx9hYx4CR520mtOK_FS0JcTHiquqsqSi06S8_Apv5y8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 17:11:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bitcoin.jpg
think2money.com/wp-content/uploads/2020/09/ 49 KB
49 KB 12ms
11ms Image
image/jpeg 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://think2money.com/wp-content/uploads/2020/09/bitcoin.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: out29.keliweb.com
Software: Apache /
Resource Hash: 294a867cd7d49585f13eb97d0e1252a52e40349f74482bb007fa9320006f5853

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://think2money.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 17:11:06 GMT
last-modified: Tue, 19 Oct 2021 14:10:05 GMT
server: Apache
accept-ranges: bytes
content-length: 50153
content-type: image/jpeg

POST
H2 200 admin-ajax.php Show response
think2money.com/wp-admin/ 0
34 B 111ms
111ms XHR
text/html 168.119.64.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://think2money.com/wp-admin/admin-ajax.php

Requested by

Host: think2money.com
URL: https://think2money.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

168.119.64.244 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

out29.keliweb.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://think2money.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 03 Jan 2022 17:11:06 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://think2money.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2D97 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqR0JUvCfBZkI91xC2WapjSu-yl_VhIo7teH3L2jaD8kKBMLZqXu8D0tZEH3TxmEVpOgyKqL38uPOl7z9airmPMkscrNsqIqt2jJFkZw1H3O7LkSDipQ&sai=AMfl-YQjrEWP2D5BRAhGXXupV6y5lO--VTlXejzUcKjvS5kKhWuWfacmpPsWp1Z2OyYn_rdEL_pbiuIMnMTl&sig=Cg0ArKJSzBthaPl6VXwpEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=0.95&if=1&app=0&itpl=4&adk=1082742915&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641229865028&rpt=872&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 17:11:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 103ms
103ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://think2money.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://think2money.com
date: Mon, 03 Jan 2022 17:11:06 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ADD5 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunuQFgzBEZbWbBeAD8te0G3_I13_NnGeXywQ16d0avk598fAdLWPvcYczVGit45OofiMquwaClwG0x0oPUXftbyuOtMG9UzKt4m3TLgCCsFF7G9G3vow&sai=AMfl-YTmIQdDV1bGBY8pWfE5bvPBxU6AysRjidkj5yUiJ5d0PzatzIhTKywndGJwxG8UXCDeUPvhl5a1OnzS&sig=Cg0ArKJSzLwtT_XW8UBWEAE&id=lidar2&mcvt=1000&p=0,0,272,326&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=375129656&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641229865040&rpt=967&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 17:11:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HRM03WJQXT&gtm=2oec10&_p=1422575891&sr=1600x1200&gdid=dZTNiMT&ul=en-us&cid=1890550927.1641229865&_s=2&dl=https%3A%2F%2Fthink2money.com%2F&dt=Think2Money.com%20-%20i%20consigli%20per%20i%20tuoi%20investimenti&sid=1641229864&sct=1&seg=1&en=page_view&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HRM03WJQXT&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://think2money.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 17:11:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://think2money.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
d.clarity.ms/ 0
48 B 93ms
92ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: application/x-clarity-gzip
Referer: https://think2money.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://think2money.com
date: Mon, 03 Jan 2022 17:11:10 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.think2money.com/	1970-01-20 17:25:01	Name: _ga_HRM03WJQXT Value: GS1.1.1641229864.1.1.1641229865.0
.think2money.com/	1970-01-20 09:15:25	Name: __gads Value: ID=a7c48568cf14ce6f-22056a5b14cd00d5:T=1641229865:RT=1641229865:S=ALNI_MYeu-kpu1nwfleVf-aNoDMb6OAWJw
.think2money.com/	1970-01-20 17:25:01	Name: _ga Value: GA1.2.1890550927.1641229865
.think2money.com/	1970-01-19 23:55:16	Name: _gid Value: GA1.2.1619337553.1641229865
.think2money.com/	1970-01-19 23:53:49	Name: _gat_gtag_UA_173213886_1 Value: 1
www.clarity.ms/	1970-01-20 08:39:25	Name: CLID Value: f235deb1d0904d80a5d3b27a90c5b23c.20220103.20230103
.c.bing.com/	1970-01-20 09:15:25	Name: SRM_B Value: 137D82E5F0DD63A4197D93C4F1B662D0
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 09:15:25	Name: MUID Value: 137D82E5F0DD63A4197D93C4F1B662D0
.c.clarity.ms/	1970-01-19 23:53:50	Name: ANONCHK Value: 0
.think2money.com/	1970-01-20 08:39:25	Name: _clck Value: k2m6ri\|1\|ext\|0
.think2money.com/	1970-01-21 02:10:37	Name: _awl Value: 2.1641229865.0.5-1da261524849e0ba9c37486aa71ccae2-6763652d6575726f70652d7765737431-0
.doubleclick.net/	1970-01-20 09:15:25	Name: IDE Value: AHWqTUlQ_k_1AJTs9R1TpB0jP518g3qrc8jgPNE0Kn1rEifjKEPGzycEq1HWEBlvNEw
.think2money.com/	1970-01-19 23:55:16	Name: _clsk Value: 9r8dep\|1641229865978\|1\|1\|d.clarity.ms/collect
.doubleclick.net/	1970-01-19 23:53:53	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c.bing.com
c.clarity.ms
d.clarity.ms
fonts.gstatic.com
googleads.g.doubleclick.net
p4-bcpkd6nkxxery-34rpjthjfvtmb4jj-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
static.adsafeprotected.com
stats.g.doubleclick.net
steadfastsystem.com
think2money.com
tpc.googlesyndication.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
142.250.184.227
142.250.185.66
168.119.64.244
2600:9000:211e:2e00:8:48e:53c0:93a1
2620:1ec:27::cafe:1746
2620:1ec:c11::200
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:400c:c06::9d
35.190.90.202
40.76.174.66
52.142.114.2
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
06036e90b0f46b2bcdcf22d487c85131723b041d6881c990ca1e5ffeba52b8cb
060bed643c91a94a054032b505a566228875451a75ad131aa8e22fed10ed1ad4
06e0bb4f1ffe7a15f429e620b2ad10ce77f4e0f89f9deec2937341205db69d52
0c66145a3220206903084e3c2b907f3cb05cd243f7b963779a492b48f28c16ae
0dfe69a8a5c331f4d65bdc1ff51a144d9411143c5908ba1d7aacbf3a6d1f17de
0f4a040585b96f4541dfb57a044d1482ed2bd3fd0e2dbd724daf645edaa72381
0fe02db00a8ac32375a09c5db32623c315e84991382f73f46d79a6addea03309
1265f5cf75bb6439cbb3a416f6e70baa95f0499466ef549c3818091467167669
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
188b35c7860433b9b410f4f8c742ec66ee35232b254a17ec0a41005475160c1a
1cf55843ed1c7586cf657f1f9f5a7a6bd032793f0d27c1baf531ea9221477cee
294a867cd7d49585f13eb97d0e1252a52e40349f74482bb007fa9320006f5853
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cc36b7e19b912c6d09739d2c3edbbb05a272be96736ae9fb0b0a70c2a331d48
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3f415df90093023ccab2c21a4465ad42a56af00d4fb3c2eed552a007156c3750
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
46c9f7bfa1887262d688f704f9bb769c953bff810cf684b1e65f09698c171802
4d83b6530aa41ce44fdab94a299b24d5a2e34e1f4c447ebb2f91b10c84d63f54
4e84f893b4d2fd4b3b6429ea63085539bb47371953cf8611443b6b673ab27aba
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55bc08b200bdc05544627d344592fa1af1821b2ba959dd310950dc7088b960d9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
654905eb947da8013b2e5ada4b01aac45537b950b4810122b1d877cc23028257
7026eec556aa1fdbb0264f8a533696fba77e4b66dea8c8837f711b74c3c24345
72dff039d4eb9e077482432545f51f78b693b87f5809b3eac578ecb7d14298d9
791c5be9ccfab03be11608cba160fff2b2f2aa17b7723dea543571dae2e8bae0
7c4d83279efd77e50d35508d7af43fb2d9979f6bc8d133c2eed633444df24548
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
880799487bdd81f75ad11e71d4397194ebee0e5800ae9894f602da716fbf15ce
8970038901f01a1a0e025c1b2a0b9fe2061041cd6d58df13df3a6367782bdf2b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99fb7dc313216536a24fd6a972e3d5518368bbe0a9c5ff32068887181860f58b
9eaa7fff0033f984596f12303c001a683801911d418bf610ae7ae1ed474b0ce5
a13354fe49ada4068179f0960dcef4bcaf768797d42862bfe5707840ea324f33
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c9feb0989a20d4137b6548d92d2cba0f01fdf01df125a15d401574e8d5ef99
a6688d2f391281b53dddceaae9491ddcf0aab47f0e1adcb89d947369d0b1b503
aa1f98450650981eaf21e4c8127c998f9e32996792a39341f04124f265184d50
ac51b7fcd68594c83c801985d3201a1b9edfb4bfd092fbe1afec311946556626
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b6261e51f9f64ec57caa7d8b5ebd08a5475ce7af8c03429afd0f3a7be60b4360
b7fffe1ac96897469abb1c3ad095bf1ca8852b54b8a4f32e7d5e3c0720535fc5
bbf855c35cf0473af92720e4b46d4a95e89ae102e308a1e6d617f816193d5932
bcad2da1616235874ef6a6900cf31f57d70728b15a2fcd514cef6906a5b24f31
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c0ed456ecc6de10c5e4f233a0d2d170f485a1eb82269c150f1def4188d5805cb
c61c050678dd8b3f4a7a9ed2f522bdef895d70837e012a83612cdd94a8702a64
d7385909ed2ab7e0bebb621d42fe68f3b8c12af95e9910a5eb575c67d4d8bbb3
d78c6d2891e892baae7ec4e0ac089c055deadd6a1bb6cf946bb666e63ec3555a
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6294c352dca2cf981e8f8c95f901c7246b2c229c7f1f9a12b2e8b015133a4f9
e66ad5ebfe39e47c45c1c7e86db693721e591985e0bbfd2be90cfd29c78a7448
e83171a76657083b9eb66e41f1fec53bf3b30fb9a15c9b9603f7ed21e3d2a6e7
ec8c733b03d937bb39f5ad1a7df802a97c63f88b534544f0d69ec834417e59ca
ecc91c035436786620543cc7f15c514d93c1e633f7b0603342cb44288bdb1f72
eecc32061bb50dc4ee7b9861db5cc784198d65c6b798ed3b4e393b6b692d5798
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f221ef2aad34eb67e3682e75f9efb105cf0e6269abf04fc688c2f69c78292842
f3584fce2faa976232d0ecbc58dce21d491b4d3e2f6e27b129a155d756c1bbac
f7a6ae0b131866614ff8d503b771467b0fcc0b2840d4ec4380272ebde35727a4
f9c5cbc5ba06a442ca698747e2f2bae66a8311e3c396ed95ed94bbe2e3fcadbb
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

think2money.com Open in urlscan Pro 168.119.64.244 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

94 Requests

99 %HTTPS

70 %IPv6

14 Domains

21 Subdomains

20 IPs

4 Countries

1316 kBTransfer

3000 kBSize

15 Cookies

2 Outgoing links

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

think2money.com Open in urlscan Pro
168.119.64.244 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

99 %
HTTPS

70 %
IPv6

14
Domains

21
Subdomains

20
IPs

4
Countries

1316 kB
Transfer

3000 kB
Size

15
Cookies

94 HTTP transactions
3 data transactions