urlscan.io logo urlscan.io
SecurityTrails logo

moneythinks4u.com Open in urlscan Pro
141.193.213.10  Public Scan

Go To Rescan Add Verdict Report
URL: https://moneythinks4u.com/
Submission: On July 04 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 5 domains to perform 32 HTTP transactions. The main IP is 141.193.213.10, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is moneythinks4u.com.
TLS certificate: Issued by E6 on June 16th 2024. Valid for: 3 months.
This is the only time moneythinks4u.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 141.193.213.10 209242 (CLOUDFLAR...)
1 18.239.83.100 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 50.21.183.167 8560 (IONOS-AS ...)
1 18.238.243.58 16509 (AMAZON-02)
3 18.173.205.29 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
32 8
19    141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
moneythinks4u.com
1    18.239.83.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-100.ams58.r.cloudfront.net
forms.feedblitz.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    50.21.183.167 (United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: mail01.feedblitz.com
app.feedblitz.com
1    18.238.243.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-58.ams58.r.cloudfront.net
assets.feedblitz.com
3    18.173.205.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-29.fra56.r.cloudfront.net
assets.feedblitzstatic.com
5    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
19 moneythinks4u.com
moneythinks4u.com
1 MB
5 gstatic.com
fonts.gstatic.com
39 KB
5 feedblitz.com
forms.feedblitz.com
app.feedblitz.com — Cisco Umbrella Rank: 175337
assets.feedblitz.com — Cisco Umbrella Rank: 111006
16 KB
3 feedblitzstatic.com
assets.feedblitzstatic.com — Cisco Umbrella Rank: 219304
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
1 KB
32 5
Domain Requested by
19 moneythinks4u.com moneythinks4u.com
5 fonts.gstatic.com fonts.googleapis.com
3 assets.feedblitzstatic.com moneythinks4u.com
3 app.feedblitz.com 1 redirects forms.feedblitz.com
1 assets.feedblitz.com forms.feedblitz.com
1 fonts.googleapis.com moneythinks4u.com
1 forms.feedblitz.com moneythinks4u.com
32 7
Subject Issuer Validity Valid
moneythinks4u.com
E6		 2024-06-16 -
2024-09-14		 3 months crt.sh
forms.feedblitz.com
Amazon RSA 2048 M03		 2024-04-30 -
2025-05-29		 a year crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
app.feedblitz.com
R11		 2024-07-01 -
2024-09-29		 3 months crt.sh
assets.feedblitz.com
Amazon RSA 2048 M02		 2023-12-06 -
2025-01-03		 a year crt.sh
assets.feedblitzstatic.com
Amazon RSA 2048 M02		 2023-08-27 -
2024-09-24		 a year crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://moneythinks4u.com/
Frame ID: 340B0760DCD4880A0A633219506D0E51
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - Money Thinks 4U

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Page Statistics

32
Requests

97 %
HTTPS

29 %
IPv6

5
Domains

7
Subdomains

8
IPs

2
Countries

1118 kB
Transfer

1978 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://app.feedblitz.com/formdata/23451/cd53bd27-1a37-4ab1-a930-63ac9aff9714/https://moneythinks4u.com/ HTTP 302
  • https://assets.feedblitzstatic.com/images/blank.gif

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
moneythinks4u.com/ 		140 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moneythinks4u.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
03fbd7636094f93b3b3cdc33547bd338363ce3b210760cc67ef6731e08257e80

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
89defa43bca9aca7-TXL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 04 Jul 2024 12:04:24 GMT
link
<https://moneythinks4u.com/wp-json/>; rel="https://api.w.org/" <https://moneythinks4u.com/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json" <https://moneythinks4u.com/>; rel=shortlink
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 1
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine
f2ed42ef111c43b7699e5e42c3ec2eeb.css
moneythinks4u.com/wp-content/uploads/hummingbird-assets/ 		40 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moneythinks4u.com/wp-content/uploads/hummingbird-assets/f2ed42ef111c43b7699e5e42c3ec2eeb.css
Requested by
Host: moneythinks4u.com
URL: https://moneythinks4u.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
94fb0c7a4677499810af1adffb81b86a424514f7512bc2ba16b406acf79ec3d4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 12:04:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 02 Jul 2024 15:07:16 GMT
server
cloudflare
etag
W/"668417a4-a147"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89defa46ec62aca7-TXL
alt-svc
h3=":443"; ma=86400
style.min.css
moneythinks4u.com/wp-includes/blocks/navigation/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moneythinks4u.com/wp-includes/blocks/navigation/style.min.css
Requested by
Host: moneythinks4u.com
URL: https://moneythinks4u.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2af3d1fbe48af4fa4e2294de3661b895af5c489a7d2ce5888cd14d5f070e78b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 12:04:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 11:16:26 GMT
server
cloudflare
etag
W/"65d48a0a-4064"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89defa46ec65aca7-TXL
alt-svc
h3=":443"; ma=86400
style.min.css
moneythinks4u.com/wp-includes/blocks/social-links/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moneythinks4u.com/wp-includes/blocks/social-links/style.min.css
Requested by
Host: moneythinks4u.com
URL: https://moneythinks4u.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ad4364136812445867e91fa2aed3f2894df8e5aa9227d4736b5d8d3b1a46d66

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 12:04:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 15 Feb 2024 16:53:15 GMT
server
cloudflare
etag
W/"65ce417b-296a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89defa46ec69aca7-TXL
alt-svc
h3=":443"; ma=86400
55e1f0308b443445cabd1927568f4987.css
moneythinks4u.com/wp-content/uploads/hummingbird-assets/ 		569 KB
106 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moneythinks4u.com/wp-content/uploads/hummingbird-assets/55e1f0308b443445cabd1927568f4987.css
Requested by
Host: moneythinks4u.com
URL: https://moneythinks4u.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
593a9059b6c866b127a4ba007f35a88c0598b39187e6eb4a27c69fd14706e092

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 12:04:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 02 Jul 2024 15:07:17 GMT
server
cloudflare
etag
W/"668417a5-8e52c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89defa46ec6eaca7-TXL
alt-svc
h3=":443"; ma=86400
style-index.css
moneythinks4u.com/wp-content/themes/utopian/build/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moneythinks4u.com/wp-content/themes/utopian/build/style-index.css
Requested by
Host: moneythinks4u.com
URL: https://moneythinks4u.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b30706c5fe28d76836fa7bb0c25701531b66e87443504c320331beac1b8cb91

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 12:04:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 19 Feb 2024 23:06:40 GMT
server
cloudflare
etag
W/"65d3df00-433f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89defa46ec72aca7-TXL
alt-svc
h3=":443"; ma=86400
view.min.js
moneythinks4u.com/wp-includes/blocks/navigation/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moneythinks4u.com/wp-includes/blocks/navigation/view.min.js?ver=6.5.3
Requested by
Host: moneythinks4u.com
URL: https://moneythinks4u.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cef72ad53596109595c152da16e28c2799d53b4c151274c7b28c0324e7230f24

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/
Origin
https://moneythinks4u.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 12:04:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Apr 2024 11:03:28 GMT
server
cloudflare
etag
W/"66152080-ce4"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89defa46ec73aca7-TXL
alt-svc
h3=":443"; ma=86400
interactivity.min.js
moneythinks4u.com/wp-includes/js/dist/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moneythinks4u.com/wp-includes/js/dist/interactivity.min.js?ver=6.5.3
Requested by
Host: moneythinks4u.com
URL: https://moneythinks4u.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
df8d3d01743dad99fb13e9a7f1e1d1705e403eab0576dd1a81c45fcc42086a5b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/
Origin
https://moneythinks4u.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 12:04:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 02 May 2024 20:31:23 GMT
server
cloudflare
etag
W/"6633f81b-890d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89defa46ec75aca7-TXL
alt-svc
h3=":443"; ma=86400
Group-9062@2x-1-1024x1024.png
moneythinks4u.com/wp-content/uploads/2024/02/ 		197 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moneythinks4u.com/wp-content/uploads/2024/02/Group-9062@2x-1-1024x1024.png
Requested by
Host: moneythinks4u.com
URL: https://moneythinks4u.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
82026ae598fe16e9a620e1fd90f002b217a5151b373ca35b1972965896734df8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 12:04:25 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Feb 2024 02:01:35 GMT
server
cloudflare
etag
"65d2b67f-315ef"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89defa46ec78aca7-TXL
alt-svc
h3=":443"; ma=86400
content-length
202223
i3f
forms.feedblitz.com/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.feedblitz.com/js/i3f
Requested by
Host: moneythinks4u.com
URL: https://moneythinks4u.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-100.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
891f8adc057130e4f9c546ebfa7b83920f28dee4f992f8b43e0131efc53e01ba

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 12:04:26 GMT
content-encoding
gzip
via
1.1 039ee779486557ccf22d128d6266e00e.cloudfront.net (CloudFront)
last-modified
Wed, 14 Feb 2024 17:04:22 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P5
x-amz-server-side-encryption
AES256
etag
W/"089c0e60a7f7881d2e6b66acd6fc2d1e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
6hwJJlMcTtiMr9t9EhC2odoHBJZLEcvTXMlwUt75E1zAYAGH7o2T6g==
25f272508199a6e8db4fdcf52f5aa514.js
moneythinks4u.com/wp-content/uploads/hummingbird-assets/ 		223 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moneythinks4u.com/wp-content/uploads/hummingbird-assets/25f272508199a6e8db4fdcf52f5aa514.js
Requested by
Host: moneythinks4u.com
URL: https://moneythinks4u.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b9c1abaa8e30978a7a3f9f3ef109096106011c96f617f846810d5bb1f6b0372

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 12:04:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 02 Jul 2024 15:07:23 GMT
server
cloudflare
etag
W/"668417ab-37abc"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89defa46ec7aaca7-TXL
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: moneythinks4u.com
URL: https://moneythinks4u.com/wp-content/themes/utopian/build/style-index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f6e8efb65dff0486271d787d60be7d84387c203bebd36159794e6e2c28c31f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Jul 2024 12:04:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 Jul 2024 11:20:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Jul 2024 12:04:25 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
f.fbz
app.feedblitz.com/f/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.feedblitz.com/f/f.fbz?turing&ajax=3
Requested by
Host: forms.feedblitz.com
URL: https://forms.feedblitz.com/js/i3f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.21.183.167 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
mail01.feedblitz.com
Software
Microsoft-IIS/10.0 /
Resource Hash
6068c617b4c1b3bf8b0d3fa076598a49abe2b1b19a22bfdce0670aa92f9694f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Thu, 04 Jul 2024 12:04:26 GMT
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-fbzip
50.21.183.167
Content-Type
text/javascript; charset=utf-8
X-Frame-Options
sameorigin
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
1239
X-XSS-Protection
1
Expires
Thu, 19 Nov 1981 08:52:00 GMT
fbz_smartform.js
assets.feedblitz.com/js/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.feedblitz.com/js/fbz_smartform.js
Requested by
Host: forms.feedblitz.com
URL: https://forms.feedblitz.com/js/i3f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-58.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
559e887d528f317fdf24c4c76f5d2d1eb26f957ea2e3a7e27a2a173cb9497d23

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 30 Jun 2024 00:40:48 GMT
Content-Encoding
gzip
Via
1.1 9929448596fb4faec2a082aabe759212.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS58-P1
Age
386619
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
x-amz-meta-sha256
559e887d528f317fdf24c4c76f5d2d1eb26f957ea2e3a7e27a2a173cb9497d23
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 06 May 2024 17:45:45 GMT
Server
AmazonS3
ETag
W/"a8ed0d31d6e3e0eb7665c2527197fda5"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=864000, immutable
X-Amz-Cf-Id
zv8Tpwtlh3vkemOW8E1ZutHaQwdB6ezTb0nF3R5agPKcmEuf4_JXLw==
x-amz-meta-s3b-last-modified
20240506T174147Z
/
app.feedblitz.com/f/ 		66 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.feedblitz.com/f/?p13n=501894
Requested by
Host: forms.feedblitz.com
URL: https://forms.feedblitz.com/js/i3f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.21.183.167 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
mail01.feedblitz.com
Software
Microsoft-IIS/10.0 /
Resource Hash
932dd24628d630a4c594d750036839378e17685dd56ce566c6ab597724dacafd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Thu, 04 Jul 2024 12:04:26 GMT
Server
Microsoft-IIS/10.0
X-Frame-Options
sameorigin
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
X-fbzip
50.21.183.167
Access-Control-Allow-Origin
*
Content-Length
165
X-XSS-Protection
1
close.gif
assets.feedblitzstatic.com/images/ 		222 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.feedblitzstatic.com/images/close.gif
Requested by
Host: moneythinks4u.com
URL: https://moneythinks4u.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-29.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21ea2a02b229aa1e5a38d21816119b839221f69029e3c5dbba7856b29060da56

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 03:18:08 GMT
x-amz-meta-key
images/close.gif
via
1.1 b12498b20eb99a0be9023f965d5b2f90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
age
117979
x-cache
Hit from cloudfront
x-amz-meta-md5-hash
540f65d2b2f94032d6c3037622843a50
content-length
222
x-amz-meta-etag
"540f65d2b2f94032d6c3037622843a50"
last-modified
Fri, 05 Feb 2021 13:57:44 GMT
server
AmazonS3
x-amz-meta-bucketexplorer-md5
540f65d2b2f94032d6c3037622843a50
etag
"540f65d2b2f94032d6c3037622843a50"
content-type
image/gif
x-amz-meta-bucket
assets.feedblitz.com
cache-control
public, max-age=864000, immutable
x-amz-meta-bucketexplorer-sha1
2b2daec8418c9d49f14de9122d9a9a91629b7d93
accept-ranges
bytes
x-amz-meta-id
382b969a55524a1b465f34b2ca00ec47a045e677aadbda2cb29f4d682daa649f
x-amz-cf-id
SN3cXu2Y46WsDobUZDEKP7KP1T0ADMjvF2J35JD0In7nz0WPWTvv4g==
Brolink-Regular.woff2
moneythinks4u.com/wp-content/themes/utopian/assets/fonts/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://moneythinks4u.com/wp-content/themes/utopian/assets/fonts/Brolink-Regular.woff2
Requested by
Host: moneythinks4u.com
URL: https://moneythinks4u.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
76db994d07f8843f857498a3177513601cf0c4d42a0c21f023e8923d1545042a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/
Origin
https://moneythinks4u.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 12:04:26 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Feb 2024 23:06:40 GMT
server
cloudflare
etag
"65d3df00-22c4"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89defa4d3b546a75-TXL
alt-svc
h3=":443"; ma=86400
content-length
8900
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://moneythinks4u.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:55:50 GMT
x-content-type-options
nosniff
age
162516
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jul 2025 14:55:50 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://moneythinks4u.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:57:16 GMT
x-content-type-options
nosniff
age
580030
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 18:57:16 GMT
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://moneythinks4u.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:48:51 GMT
x-content-type-options
nosniff
age
162935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7840
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:02:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jul 2025 14:48:51 GMT
fa-light-300.6a94ba20.woff2
moneythinks4u.com/wp-content/themes/utopian/build/fonts/ 		447 KB
448 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://moneythinks4u.com/wp-content/themes/utopian/build/fonts/fa-light-300.6a94ba20.woff2
Requested by
Host: moneythinks4u.com
URL: https://moneythinks4u.com/wp-content/uploads/hummingbird-assets/55e1f0308b443445cabd1927568f4987.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b89a6a3ca2d570b54f0bd623d61633ba4a1d54eb409fc15254afb2477579336

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/wp-content/uploads/hummingbird-assets/55e1f0308b443445cabd1927568f4987.css
Origin
https://moneythinks4u.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 12:04:26 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Feb 2024 23:06:40 GMT
server
cloudflare
etag
"65d3df00-6fd48"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89defa4d3b576a75-TXL
alt-svc
h3=":443"; ma=86400
content-length
458056
pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		7 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://moneythinks4u.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 03:59:04 GMT
x-content-type-options
nosniff
age
29122
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7632
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 03:59:04 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://moneythinks4u.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 16:21:03 GMT
x-content-type-options
nosniff
age
589403
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 16:21:03 GMT
logo-e1707855640962-300x93.png
moneythinks4u.com/wp-content/uploads/2024/02/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moneythinks4u.com/wp-content/uploads/2024/02/logo-e1707855640962-300x93.png
Requested by
Host: moneythinks4u.com
URL: https://moneythinks4u.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
22d3db6f74c449a074ac3bf9c2eb805c38e47df8579199f0928bd1465c6fd06f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 12:04:26 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Feb 2024 02:01:02 GMT
server
cloudflare
etag
"65d2b65e-ad1"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89defa4d3b516a75-TXL
alt-svc
h3=":443"; ma=86400
content-length
2769
1519919518135.jpeg
moneythinks4u.com/wp-content/uploads/2024/04/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moneythinks4u.com/wp-content/uploads/2024/04/1519919518135.jpeg
Requested by
Host: moneythinks4u.com
URL: https://moneythinks4u.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
65809a5beba7d02aed6a201a17b2510160bda0552fb9f93d1e5de0c6c81bdb7a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 12:04:26 GMT
cf-cache-status
MISS
last-modified
Wed, 17 Apr 2024 14:24:11 GMT
server
cloudflare
etag
"661fdb8b-29f5"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89defa4eef636a75-TXL
alt-svc
h3=":443"; ma=86400
content-length
10741
22644_1695292767_S255C8.jpg.jpg
moneythinks4u.com/wp-content/uploads/2024/02/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moneythinks4u.com/wp-content/uploads/2024/02/22644_1695292767_S255C8.jpg.jpg
Requested by
Host: moneythinks4u.com
URL: https://moneythinks4u.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df87c669405c1852c43df514fe274e94f3cfd1ebabda9c7fbe0c1e3bb00702b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 12:04:26 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Feb 2024 00:50:26 GMT
server
cloudflare
etag
"65d2a5d2-9bf4"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89defa4eef676a75-TXL
alt-svc
h3=":443"; ma=86400
content-length
39924
quotation.png
moneythinks4u.com/wp-content/themes/utopian/assets/blocks/testimonials/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moneythinks4u.com/wp-content/themes/utopian/assets/blocks/testimonials/quotation.png
Requested by
Host: moneythinks4u.com
URL: https://moneythinks4u.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb97b0fd5e66fd82549fe8ccd92ae51eb3366ab2fd3868aed9a4ca010fab3396

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 12:04:26 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Feb 2024 23:06:40 GMT
server
cloudflare
etag
"65d3df00-1ec2"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89defa505aca6a75-TXL
alt-svc
h3=":443"; ma=86400
content-length
7874
close.gif
assets.feedblitzstatic.com/images/ 		222 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.feedblitzstatic.com/images/close.gif
Requested by
Host: moneythinks4u.com
URL: https://moneythinks4u.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-29.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21ea2a02b229aa1e5a38d21816119b839221f69029e3c5dbba7856b29060da56

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 03:18:08 GMT
x-amz-meta-key
images/close.gif
via
1.1 b12498b20eb99a0be9023f965d5b2f90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
age
117979
x-cache
Hit from cloudfront
x-amz-meta-md5-hash
540f65d2b2f94032d6c3037622843a50
content-length
222
x-amz-meta-etag
"540f65d2b2f94032d6c3037622843a50"
last-modified
Fri, 05 Feb 2021 13:57:44 GMT
server
AmazonS3
x-amz-meta-bucketexplorer-md5
540f65d2b2f94032d6c3037622843a50
etag
"540f65d2b2f94032d6c3037622843a50"
content-type
image/gif
x-amz-meta-bucket
assets.feedblitz.com
cache-control
public, max-age=864000, immutable
x-amz-meta-bucketexplorer-sha1
2b2daec8418c9d49f14de9122d9a9a91629b7d93
accept-ranges
bytes
x-amz-meta-id
382b969a55524a1b465f34b2ca00ec47a045e677aadbda2cb29f4d682daa649f
x-amz-cf-id
SN3cXu2Y46WsDobUZDEKP7KP1T0ADMjvF2J35JD0In7nz0WPWTvv4g==
blank.gif
assets.feedblitzstatic.com/images/
Redirect Chain
  • https://app.feedblitz.com/formdata/23451/cd53bd27-1a37-4ab1-a930-63ac9aff9714/https://moneythinks4u.com/
  • https://assets.feedblitzstatic.com/images/blank.gif
43 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.feedblitzstatic.com/images/blank.gif
Requested by
Host: moneythinks4u.com
URL: https://moneythinks4u.com/
Protocol
H2
Server
18.173.205.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-29.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://moneythinks4u.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-meta-key
images/blank.gif
date
Wed, 03 Jul 2024 22:47:49 GMT
via
1.1 b12498b20eb99a0be9023f965d5b2f90.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
age
654044
x-cache
Hit from cloudfront
x-amz-meta-md5-hash
fc94fb0c3ed8a8f909dbc7630a0987ff
content-length
43
x-amz-meta-etag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
last-modified
Fri, 05 Feb 2021 13:57:36 GMT
server
AmazonS3
x-amz-meta-bucketexplorer-md5
fc94fb0c3ed8a8f909dbc7630a0987ff
etag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
content-type
image/gif
x-amz-meta-bucket
assets.feedblitz.com
cache-control
public, max-age=864000, immutable
x-amz-meta-bucketexplorer-sha1
56d45f8a17f5078a20af9962c992ca4678450765
accept-ranges
bytes
x-amz-meta-id
382b969a55524a1b465f34b2ca00ec47a045e677aadbda2cb29f4d682daa649f
x-amz-cf-id
ZsdGEyHlrIgK9FE2c46TqSKS4DUTkMyU5ClLIqG1SrGo8JphvFgzzQ==

Redirect headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Thu, 04 Jul 2024 12:04:26 GMT
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
X-fbzip
50.21.183.167
X-Frame-Options
sameorigin
Content-Type
text/html; charset=UTF-8
Location
https://assets.feedblitzstatic.com/images/blank.gif
Access-Control-Allow-Origin
*
Content-Length
0
X-XSS-Protection
1
favicon.ico
moneythinks4u.com/ 		0
163 B 		Other
General
Check archive.org
Download Go to
Full URL
https://moneythinks4u.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 12:04:27 GMT
cf-cache-status
HIT
last-modified
Sat, 29 Jun 2024 07:49:28 GMT
server
cloudflare
etag
"667fbc88-0"
vary
Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89defa5609156a75-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
circle.svg
moneythinks4u.com/wp-content/uploads/2024/02/ 		3 KB
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moneythinks4u.com/wp-content/uploads/2024/02/circle.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
452a62b63ea3210964fa3dad57d651bf5b3580d3ba34dac36ac97d0ac0a27b38

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 12:04:27 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 13 Feb 2024 20:10:24 GMT
server
cloudflare
etag
W/"65cbccb0-b2e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
89defa574be56a75-TXL
alt-svc
h3=":443"; ma=86400
1622824442896.jpg
moneythinks4u.com/wp-content/uploads/2024/02/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moneythinks4u.com/wp-content/uploads/2024/02/1622824442896.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
20c19ea015e108a5c9a5645459ab1045c3e65921cb0a2b8ab35532adde9b89a1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://moneythinks4u.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 12:04:27 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Feb 2024 22:47:39 GMT
server
cloudflare
etag
"65d3da8b-1b988"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89defa574beb6a75-TXL
alt-svc
h3=":443"; ma=86400
content-length
113032

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| setSfClassStyle function| addExternalScript function| addInlineScript string| fbz_code object| protoTemplate object| newChild object| x object| y object| F23451_scr_requiredFields object| F23451_scr_validateFields string| F23451_scr_fieldcol boolean| fbz_F23451_scr_logged number| F23451_scr_wait function| F23451_scr_wait_fn function| genesisBlocksShare object| wpcf7 object| swv object| webpackChunkutopian object| gsapVersions object| _gsap function| _scrollTop function| _scrollLeft object| lazySizes function| fbz$ function| fbx$ boolean| boxVisible undefined| popupWindow string| pleaseWait string| pleaseWaitInner boolean| reloadNeeded boolean| noreload function| fancyReload function| checkReload function| hideTinyBox function| TrackEscapeKey function| EscNOP function| ChangeFormTarget function| FindFormInside function| RemoveWhiteSpace function| AddToPostString function| CheckFormValues function| cx function| AndTheResultsAre function| AjaxDirectSubmitForm function| AjaxSubmitForm function| ajaxdirectsubmit function| ajaxsubmit function| TakeOverForm function| TakeOverDirectForm undefined| okfunc undefined| failfunc function| customcb function| alertContents object| divArray string| sDivID function| UpdatePageWithResults function| UpdatePageWithError function| JSDivFromURL function| populateModal function| JSModalFromUrl function| JSModal undefined| smartFormOkFunc undefined| smartFormFailFunc function| smartFormCb function| smartFormUpdatePageWithError function| makePOSTRequest function| makeHEADRequest function| makeBooleanRequest string| errCol string| invCol undefined| errText undefined| invText undefined| fbz_temp function| GetButtonSelectValue function| fbz_tabclick function| displayCalendar function| validateEmail function| cb function| vurl function| validateUrl function| validateDate function| validateZip function| validateColor function| clickclear function| clickrecall function| fbz_v function| initCol function| getURLParameter function| s function| clearprompts undefined| fbz_cookies function| fbz_setCookie function| fbz_readCookie function| fbz_popup function| showPopup function| fbz_FitForm function| fbz_SmartForm function| fbz_generateUUID function| fbz_formMetrics function| fbz_cond_test function| fbz_cond_check object| idArray undefined| sID function| FbzUpdateFormWithResults function| FbzFormSubmit function| inlineSubmit number| fbzDelayInterval function| fbz_deferValidation function| fbz_onKeyup function| fbz_onPaste function| fbz_onCut function| fbz_delayedVal function| fbzFindTab function| fbzClearChangedBorders function| fbzRangeCheck function| fbzLengthCheck function| smartFormSubmit function| validateCol string| dhx_globalImgPath boolean| feedblitz_full_form string| fbz_captcha function| fbz_show_turing function| fbz_turing function| fbz_remoterefresh

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.feedblitz.com
assets.feedblitz.com
assets.feedblitzstatic.com
fonts.googleapis.com
fonts.gstatic.com
forms.feedblitz.com
moneythinks4u.com
141.193.213.10
18.173.205.29
18.238.243.58
18.239.83.100
2a00:1450:4001:80b::200a
2a00:1450:4001:829::2003
50.21.183.167
03fbd7636094f93b3b3cdc33547bd338363ce3b210760cc67ef6731e08257e80
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
1b9c1abaa8e30978a7a3f9f3ef109096106011c96f617f846810d5bb1f6b0372
1df87c669405c1852c43df514fe274e94f3cfd1ebabda9c7fbe0c1e3bb00702b
20c19ea015e108a5c9a5645459ab1045c3e65921cb0a2b8ab35532adde9b89a1
21ea2a02b229aa1e5a38d21816119b839221f69029e3c5dbba7856b29060da56
22d3db6f74c449a074ac3bf9c2eb805c38e47df8579199f0928bd1465c6fd06f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3b89a6a3ca2d570b54f0bd623d61633ba4a1d54eb409fc15254afb2477579336
3f6e8efb65dff0486271d787d60be7d84387c203bebd36159794e6e2c28c31f3
452a62b63ea3210964fa3dad57d651bf5b3580d3ba34dac36ac97d0ac0a27b38
559e887d528f317fdf24c4c76f5d2d1eb26f957ea2e3a7e27a2a173cb9497d23
593a9059b6c866b127a4ba007f35a88c0598b39187e6eb4a27c69fd14706e092
6068c617b4c1b3bf8b0d3fa076598a49abe2b1b19a22bfdce0670aa92f9694f5
65809a5beba7d02aed6a201a17b2510160bda0552fb9f93d1e5de0c6c81bdb7a
76db994d07f8843f857498a3177513601cf0c4d42a0c21f023e8923d1545042a
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7ad4364136812445867e91fa2aed3f2894df8e5aa9227d4736b5d8d3b1a46d66
7b30706c5fe28d76836fa7bb0c25701531b66e87443504c320331beac1b8cb91
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
82026ae598fe16e9a620e1fd90f002b217a5151b373ca35b1972965896734df8
891f8adc057130e4f9c546ebfa7b83920f28dee4f992f8b43e0131efc53e01ba
932dd24628d630a4c594d750036839378e17685dd56ce566c6ab597724dacafd
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94fb0c7a4677499810af1adffb81b86a424514f7512bc2ba16b406acf79ec3d4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb97b0fd5e66fd82549fe8ccd92ae51eb3366ab2fd3868aed9a4ca010fab3396
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cef72ad53596109595c152da16e28c2799d53b4c151274c7b28c0324e7230f24
df8d3d01743dad99fb13e9a7f1e1d1705e403eab0576dd1a81c45fcc42086a5b
e2af3d1fbe48af4fa4e2294de3661b895af5c489a7d2ce5888cd14d5f070e78b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855