fosterthemoney.com Open in urlscan Pro
2606:4700:20::681a:e47 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fosterthemoney.com/ps-mx-apoyo-madres-00102/
Submission Tags: falconsandbox
Submission: On March 15 via api (March 15th 2023, 10:33:43 pm UTC) from US — Scanned from DE

Summary HTTP 54 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 16 domains to perform 54 HTTP transactions. The main IP is 2606:4700:20::681a:e47, located in United States and belongs to CLOUDFLARENET, US. The main domain is fosterthemoney.com.
TLS certificate: Issued by GTS CA 1P5 on January 27th 2023. Valid for: 3 months.

This is the only time fosterthemoney.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700:20:... 2606:4700:20::681a:e47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	54.78.253.158 54.78.253.158	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:a200:d:6881:ac40:21	16509 (AMAZON-02) (AMAZON-02)
2	3.76.5.46 3.76.5.46	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:ddf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:9400:16:a497:9700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:2251:3400:9:fddd:fc40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:47e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	44.195.130.143 44.195.130.143	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
54	23

10 2606:4700:20::681a:e47 (United States)

ASN13335 (CLOUDFLARENET, US)

fosterthemoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.253.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-253-158.eu-west-1.compute.amazonaws.com

tag.escalated.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:a200:d:6881:ac40:21 (United States)

ASN16509 (AMAZON-02, US)

d2pn47juqu41ip.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.76.5.46 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-5-46.eu-central-1.compute.amazonaws.com

tc.pubguru.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ddf (United States)

ASN13335 (CLOUDFLARENET, US)

tracker.adtechpanda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:9400:16:a497:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2251:3400:9:fddd:fc40:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:47e8 (United States)

ASN13335 (CLOUDFLARENET, US)

recaptcha.fosterthemoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.195.130.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-130-143.compute-1.amazonaws.com

rudder.adtechpanda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	fosterthemoney.com fosterthemoney.com recaptcha.fosterthemoney.com	69 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	672 KB
9	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1985 www.google.com — Cisco Umbrella Rank: 2	144 KB
5	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 googleads.g.doubleclick.net — Cisco Umbrella Rank: 32	163 KB
3	rudderlabs.com cdn.rudderlabs.com — Cisco Umbrella Rank: 12273 api.rudderlabs.com — Cisco Umbrella Rank: 5607	31 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6069	563 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	136 KB
2	adtechpanda.com tracker.adtechpanda.com rudder.adtechpanda.com	738 B
2	pubguru.net tc.pubguru.net	420 B
2	escalated.io tag.escalated.io — Cisco Umbrella Rank: 37801	31 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 171	2 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	185 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	51 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 59	4 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	4 KB
1	cloudfront.net d2pn47juqu41ip.cloudfront.net	2 KB
54	16

	Domain	Requested by
10	fosterthemoney.com	fosterthemoney.com
7	fonts.gstatic.com	fonts.googleapis.com www.google.com
6	www.google.com	1 redirects fosterthemoney.com www.gstatic.com www.google.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	securepubads.g.doubleclick.net	fosterthemoney.com securepubads.g.doubleclick.net
2	www.google.de
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	connect.facebook.net	fosterthemoney.com connect.facebook.net
2	recaptcha.fosterthemoney.com	fosterthemoney.com
2	api.rudderlabs.com	cdn.rudderlabs.com
2	tc.pubguru.net	fosterthemoney.com
2	tag.escalated.io	fosterthemoney.com tag.escalated.io
1	www.googleadservices.com	www.googletagmanager.com
1	www.facebook.com
1	www.googletagmanager.com	fosterthemoney.com
1	rudder.adtechpanda.com	cdn.rudderlabs.com
1	lh3.googleusercontent.com
1	fonts.googleapis.com
1	cdn.rudderlabs.com	fosterthemoney.com
1	tracker.adtechpanda.com	fosterthemoney.com
1	d2pn47juqu41ip.cloudfront.net	fosterthemoney.com
54	22

This site contains no links.

Subject Issuer	Validity	Valid
*.fosterthemoney.com GTS CA 1P5	`2023-01-27` - `2023-04-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.escalated.io Go Daddy Secure Certificate Authority - G2	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.pubguru.net Amazon RSA 2048 M02	`2023-02-14` - `2023-05-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-28` - `2024-02-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.rudderlabs.com Amazon RSA 2048 M02	`2023-02-21` - `2023-08-12`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
rudder.adtechpanda.com R3	`2023-03-08` - `2023-06-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-23`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/
Frame ID: 27005376616FA4E98EFB98038241CB76
Requests: 41 HTTP requests in this frame

Frame: https://fosterthemoney.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1678910400
Frame ID: 256425700A986EE380FCEDC3119CB65D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc-uOUgAAAAALyBWRuxkrEZ7yzdNaA7FJumhKAZ&co=aHR0cHM6Ly9mb3N0ZXJ0aGVtb25leS5jb206NDQz&hl=de&v=MuIyr8Ej74CrXhJDQy37RPBe&size=invisible&cb=7nryq04j6pi
Frame ID: 03FF6C0911AAE51076E9F6425A98A1B0
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PS - MX - Apoyo Madres - 00102 - Foster The Moneypesquisarpesquisar

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

54
Requests

98 %
HTTPS

82 %
IPv6

16
Domains

22
Subdomains

23
IPs

3
Countries

1311 kB
Transfer

3414 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/404364835/?random=1006091763&cv=11&fst=1678919620511&bg=ffffff&guid=ON&async=1&gtm=45be33d0&u_w=1600&u_h=1200&label=JjzbCMzav4kYEKO86MAB&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffosterthemoney.com%2Fps-mx-apoyo-madres-00102%2F&tiba=PS%20-%20MX%20-%20Apoyo%20Madres%20-%2000102%20-%20Foster%20The%20Money&gtm_ee=1&us_privacy=1---&auid=627333050.1678919621&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=xEcSZOr9JdCX1waIyLCABA&sscte=1&crd=&pscrd=Ek5DaEVJOE5uRm9BWVF0dGpPa0tpaW9LRE9BUklsQUtZMXVTMmVtYTZkOWoybVM1dmNmLXJXcW1xVHBtaVN3VGptSEc3NDZNVjRWbHlHUncaWENoRUk4Tm5Gb0FZUXA0ZXVzUDJLX00tUEFSSXRBT0U2R1Rsc0FZQi1nSWU5LUJhN2ZxcDVGMlBkbEZsbmxUZ0g5VFNneTlLNmtPOUtHMVR1VFpyS3M3MkU HTTP 302
https://www.google.com/pagead/1p-conversion/404364835/?random=1006091763&cv=11&fst=1678919620511&bg=ffffff&guid=ON&async=1&gtm=45be33d0&u_w=1600&u_h=1200&label=JjzbCMzav4kYEKO86MAB&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffosterthemoney.com%2Fps-mx-apoyo-madres-00102%2F&tiba=PS%20-%20MX%20-%20Apoyo%20Madres%20-%2000102%20-%20Foster%20The%20Money&gtm_ee=1&us_privacy=1---&auid=627333050.1678919621&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE5uRm9BWVF0dGpPa0tpaW9LRE9BUklsQUtZMXVTMmVtYTZkOWoybVM1dmNmLXJXcW1xVHBtaVN3VGptSEc3NDZNVjRWbHlHUncaWENoRUk4Tm5Gb0FZUXA0ZXVzUDJLX00tUEFSSXRBT0U2R1Rsc0FZQi1nSWU5LUJhN2ZxcDVGMlBkbEZsbmxUZ0g5VFNneTlLNmtPOUtHMVR1VFpyS3M3MkU&is_vtc=1&ocp_id=xEcSZOr9JdCX1waIyLCABA&random=1159928682 HTTP 302
https://www.google.de/pagead/1p-conversion/404364835/?random=1006091763&cv=11&fst=1678919620511&bg=ffffff&guid=ON&async=1&gtm=45be33d0&u_w=1600&u_h=1200&label=JjzbCMzav4kYEKO86MAB&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffosterthemoney.com%2Fps-mx-apoyo-madres-00102%2F&tiba=PS%20-%20MX%20-%20Apoyo%20Madres%20-%2000102%20-%20Foster%20The%20Money&gtm_ee=1&us_privacy=1---&auid=627333050.1678919621&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE5uRm9BWVF0dGpPa0tpaW9LRE9BUklsQUtZMXVTMmVtYTZkOWoybVM1dmNmLXJXcW1xVHBtaVN3VGptSEc3NDZNVjRWbHlHUncaWENoRUk4Tm5Gb0FZUXA0ZXVzUDJLX00tUEFSSXRBT0U2R1Rsc0FZQi1nSWU5LUJhN2ZxcDVGMlBkbEZsbmxUZ0g5VFNneTlLNmtPOUtHMVR1VFpyS3M3MkU&is_vtc=1&ocp_id=xEcSZOr9JdCX1waIyLCABA&random=1159928682&ipr=y&prhg=0

54 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
fosterthemoney.com/ps-mx-apoyo-madres-00102/ 118 KB
28 KB 130ms
64ms Document
text/html 2606:4700:20::681a:e47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef10165eed1453ea0aab918406425e97c0120618c63526244ed6217eabcd1105

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-apo-via: origin,no-cache
cf-cache-status: BYPASS
cf-ray: 7a8838196a0b2c19-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 15 Mar 2023 22:33:37 GMT
last-modified: Wed, 15 Mar 2023 20:02:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIMRUX1dHky3NJC1OvnqKN%2FgvYGUy%2Bxk%2BFyOScxZhgIA1FgzIqU%2BY%2BlBPNaNTwyzxwFArGeWzU2Nw5AF0ePkeJGW8KZQxQeFY7iEvM11XvHPjS6G%2FzzWpF0NvxH83rNxCYAq9kL7jqxPkZW%2BnTjC6w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

GET
H2 200 main.min.css
fosterthemoney.com/wp-content/themes/twentytwentyone/assets/css/ 39 KB
8 KB 62ms
61ms Stylesheet
text/css 2606:4700:20::681a:e47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fosterthemoney.com/wp-content/themes/twentytwentyone/assets/css/main.min.css?ver=1
Requested by: Host: fosterthemoney.com
URL: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62803368765d01d6453e26a5da6abd6a625ec5d7d7ba5f3cc7c274d3ee5219b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:33:37 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Mar 2023 12:45:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRjZd3zhM4sCbPatm4Myx%2F3697yPrM2XSekyKT2Rv%2FVVdNiPXQLUJFGanpBfk5QT1mGVCPlKFv1G1dzqjgO5pxc7zdSjx2b6niSc14D4vtgQNnM41QnBSPAEx44xlyRWC2mTh6vW66ytUVsbGjkSaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
cf-ray: 7a88381a0a862c19-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 224ms
104ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: fosterthemoney.com
URL: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87fd02e65588b3ad5bcdb3e18f7d925cd230dafc3bd1ec6f37e4a064d5d0ac5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fosterthemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27380
x-xss-protection: 0
server: sffe
etag: "1512 / 581 of 1000 / last-modified: 1678918158"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Mar 2023 22:33:37 GMT

GET
H/1.1 200
OK / Show response
tag.escalated.io/ 77 KB
30 KB 139ms
34ms Script
text/javascript 54.78.253.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.escalated.io/?i=ZVisSlSVgsQR&callback=setEscalatedScore

Requested by

Host: fosterthemoney.com
URL: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-78-253-158.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

5b8df9ca9d91dbde345c3da756f87adf40404e4cdbf74d436f09b37231a08274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fosterthemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 22:33:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Mar 2023 16:55:26 GMT
Server: Apache
ETag: "134a3-5f68ea0bbbb80"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 30406
X-XSS-Protection: 1; mode=block

GET
H2 200 price.js Show response
d2pn47juqu41ip.cloudfront.net/fosterthemoney/ 9 KB
2 KB 58ms
8ms Script
text/javascript 2600:9000:2250:a200:d:6881:ac40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2pn47juqu41ip.cloudfront.net/fosterthemoney/price.js
Requested by: Host: fosterthemoney.com
URL: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:a200:d:6881:ac40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39728ff04768c14ecd4767fc2413b37c41cc1d341c17cb969a465675072cec42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fosterthemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:24:04 GMT
content-encoding: gzip
via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 09:22:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 2372
x-amz-server-side-encryption: AES256
etag: W/"376aeeba0aa551a595d6c21b67ee7104"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=14400
x-amz-cf-id: NRIAlXFrD9inZLFzfQEpvFegyDz6Pkfbv_ij3GrCKjtMtgWPkAweDw==

GET
H2 200 lazyload.min.js Show response
fosterthemoney.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 64ms
63ms Script
application/javascript 2606:4700:20::681a:e47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fosterthemoney.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by: Host: fosterthemoney.com
URL: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:33:37 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 27 Dec 2021 13:16:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i8skiAMVHzF4XilGmjjLsoC5Xq8E6IPL7jP4bQtVy1pYJbD6IJiVgcBcG%2Boq2NUzXstLl%2Flkj75zGgUBLevEu8Flu%2BEZAxAxI%2FMKFClaMCTUxFxTbq0JEYONMQX6GltrjDJJd%2BuUFS9zD2t6T1nKlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 7a88381a9b022c19-FRA

POST
H/1.1 200
OK v1 Show response
tc.pubguru.net/ 19 B
420 B 28ms
26ms XHR
application/json 3.76.5.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tc.pubguru.net/v1

Requested by

Host: fosterthemoney.com
URL: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.76.5.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-76-5-46.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cb53198b71b8ad5dd1e0caa8c7c741d5a374f1178a73974018bead92f016959b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://fosterthemoney.com/
accept-language: de-DE,de;q=0.9
Authorization: Token eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MiwibmFtZSI6IkluZGllVGVjaCBPXHUwMGRjIDIyMzM2NzI5NDk4In0.OqpwtqURKs0O34OMPaGCIRU1MTX2jcxAOI-fwP_HTwo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json; charset=UTF-8;

Response headers

Date: Wed, 15 Mar 2023 22:33:37 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Server: nginx
Cross-Origin-Opener-Policy: same-origin
X-Frame-Options: DENY
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://fosterthemoney.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Duration: 17
Content-Length: 19

OPTIONS
H/1.1 200
OK v1
tc.pubguru.net/ Frame 0
0 42ms
9ms Preflight
text/html 3.76.5.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tc.pubguru.net/v1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.76.5.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-76-5-46.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://fosterthemoney.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin: https://fosterthemoney.com
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Cross-Origin-Opener-Policy: same-origin
Date: Wed, 15 Mar 2023 22:33:37 GMT
Referrer-Policy: same-origin
Server: nginx
Vary: Origin
X-Content-Type-Options: nosniff
X-Duration: 0

GET
H2 200 stimulus.min.js Show response
fosterthemoney.com/wp-content/themes/twentytwentyone/assets/js/ 35 KB
9 KB 55ms
55ms Script
application/javascript 2606:4700:20::681a:e47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fosterthemoney.com/wp-content/themes/twentytwentyone/assets/js/stimulus.min.js
Requested by: Host: fosterthemoney.com
URL: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3226da462af13fcd31c313f212207f848ee112915f2dc4a6c50769a087111f28

Request headers

Referer: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/
Origin: https://fosterthemoney.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:33:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 10 Feb 2022 13:02:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9BDhHdpedwiWZt4oysIxbKEc6u6BXCR7u78LUwjdm%2FD6fn2taH77elMhOyvIEWvwXCNQjX50bB8lXntZC%2FpT0e%2FxclCGSCOnEY6MrKrIat2txJjKa0NdF%2Bmmr3FwBgtktpBYGz6%2BNH9Ruj7pCZWZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 7a88381abb182c19-FRA

GET
H2 200 typos.js Show response
fosterthemoney.com/wp-content/themes/twentytwentyone/assets/js/ 16 KB
3 KB 67ms
66ms Script
application/javascript 2606:4700:20::681a:e47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fosterthemoney.com/wp-content/themes/twentytwentyone/assets/js/typos.js
Requested by: Host: fosterthemoney.com
URL: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a4f6acf0f7aeb5097bc9ddb1619b882e60852d14d4a4896a5b32211d314e55c

Request headers

Referer: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/
Origin: https://fosterthemoney.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:33:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 10 Feb 2022 13:02:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sopq89vUjQ1S63GptsD%2Fm4vEwrWbHueJvk1AruEpWZf7ZSeFeKPDObmjLdejHyNbay2HZ11WBltOarosbGjIRZJ9KF3zsaW2C4RhhL3CqyubFDsRIfzAxNFQ0kadl%2BRk0hR0vFqm69nAsA1lDEx4Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 7a88381abb192c19-FRA

GET
H2 200 commons.js Show response
fosterthemoney.com/wp-content/themes/twentytwentyone/assets/js/ 2 KB
837 B 69ms
69ms Script
application/javascript 2606:4700:20::681a:e47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fosterthemoney.com/wp-content/themes/twentytwentyone/assets/js/commons.js
Requested by: Host: fosterthemoney.com
URL: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af90051a2fac6552b5169ca317a8c0a7989dd414e47b2d7516acc8c4c5328976

Request headers

Referer: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/
Origin: https://fosterthemoney.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:33:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 08 Apr 2022 08:53:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3XRULub12MeW6yYJRiF9dTz2nWme6AdKVh2TYFphqWdzQ5U4X8%2BcyblRjdz7Yvx1%2BFYot9OW91m7XqG8d2vlc4l3sATcaVD7bdI5sAj4TtUsbEdgkTugLBbyDs0PYWb7tBLrmCBj8QxD1OaIZE8NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 7a88381abb1a2c19-FRA

GET
H2 200 email-hosts.js Show response
fosterthemoney.com/wp-content/themes/twentytwentyone/assets/js/ 81 B
359 B 78ms
77ms Script
application/javascript 2606:4700:20::681a:e47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fosterthemoney.com/wp-content/themes/twentytwentyone/assets/js/email-hosts.js
Requested by: Host: fosterthemoney.com
URL: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06d460f3f37c80755b215b12ac3fcf055c4ad551e9f932c996a7becb29f09700

Request headers

Referer: https://fosterthemoney.com/wp-content/themes/twentytwentyone/assets/js/commons.js
Origin: https://fosterthemoney.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:33:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 10 Feb 2022 13:02:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tvS4zimxArPmTlyn3cmgtLErNNjNxfkj8EvyJ5No6r4uEGDZXG6snIk3Ij07kH8BKJV0oyg5Mvyo6ShqvZszweIVahoP6wm4rvpez%2BUyu%2F2jh%2FNcTeu6lLPsdh9TEriVPdxA9fIgMD87TMK48np6Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 7a88381b2b842c19-FRA

GET
H2 200 / Show response
tracker.adtechpanda.com/ 127 B
536 B 53ms
21ms Fetch
application/json 2606:4700:20::681a:ddf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.adtechpanda.com/
Requested by: Host: fosterthemoney.com
URL: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ddf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c32bcb5e0c7a8ba2143f32f8a1dd1d218588bfa7041ffb31a20e5bd1dee6c4eb

Request headers

accept: application/json
Referer: https://fosterthemoney.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:33:37 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBowXirScPY3RC0lMuoLuqBPVYQhVe%2FktgXslcDeBMeQrTq4XXXtys9m8z1tTvccUszq2Q%2BTSP84BLVgFXl5pHjhlNcfE9pZHmL9jVYYgGuTnBxNmjrjsuwJ0aNpb8qztYYclCUniBYEdEaY0mSFAEnO72KC"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cf-ray: 7a88381b69372bb8-FRA

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pubads_impl_2023030901.js Show response
securepubads.g.doubleclick.net/gpt/ 395 KB
133 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2940fc3e4be1c44c42429926fd8144235bee8fde8e590386bc0b8900482b82d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fosterthemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136293
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 09:39:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 14 Mar 2024 22:31:07 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 118 B
104 B 125ms
47ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=fosterthemoney.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45328b6a41c0a2f60c65d393b25c8326fc1d5efae34268d42a1a41ea6e422495

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fosterthemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:33:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
x-xss-protection: 0
expires: Wed, 15 Mar 2023 22:33:38 GMT

GET
H2 200 invisible.js Show response
fosterthemoney.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 2564 27 KB
12 KB 20ms
20ms Script
application/javascript 2606:4700:20::681a:e47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fosterthemoney.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1678910400
Requested by: Host: fosterthemoney.com
URL: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5198921a67b5589b2cc80852ec37dd81049d7774f8685272f116c69f8fb714d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:33:37 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6RBIE89Xum29mNRqAMWbjUiZdXUZJDh9eeY7xkrH5kdF7ZhFfqrefpWjlHG6xjiCDYnJAVHo%2BD3pu1%2B5dP755xieAhcNoKZjr2uWICJ0JfTW6YEMIhe9WmNmqv3Y9mXFyqReETCLWk71P9epb4Q2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7a88381c2c7d2c19-FRA

POST
H/1.1 200
OK post Show response
tag.escalated.io/ 43 B
474 B 137ms
45ms Fetch
application/json 54.78.253.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.escalated.io/post

Requested by

Host: tag.escalated.io
URL: https://tag.escalated.io/?i=ZVisSlSVgsQR&callback=setEscalatedScore

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-78-253-158.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

1b367a0b95026dd0321062c8dd74774c933b892c58ad864ef17489a60e7e7db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 15 Mar 2023 22:33:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Connection: close
Access-Control-Allow-Headers: content-type
Content-Length: 61
X-XSS-Protection: 1; mode=block

GET
H2 200 pica.js
fosterthemoney.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 2564 7 KB
4 KB 19ms
19ms Other
application/javascript 2606:4700:20::681a:e47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fosterthemoney.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: fosterthemoney.com
URL: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 584f951aaaeee15d5e8a02f713b05f7641b151a49ff08b016453fce7721e7d19

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:33:37 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3u%2BjC8MD8Vg8PbAjpDynfmOfvYWnDrJlA5f14SSZ4VA11P7338axyTcEShEYEr1e9XkQPWm8sW%2BL7ypI%2F5aOvgp0WHTl2GjegIJQhhIKqpy0WywlouAsMOajUBud0SfNDexk4ffBgDUlovYPD%2BrwHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7a88381c6cab2c19-FRA

POST
H2 200 7a8838196a0b2c19 Show response
fosterthemoney.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 2564 2 B
634 B 43ms
42ms XHR
text/plain 2606:4700:20::681a:e47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fosterthemoney.com/cdn-cgi/challenge-platform/h/b/cv/result/7a8838196a0b2c19
Requested by: Host: fosterthemoney.com
URL: https://fosterthemoney.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1678910400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Mar 2023 22:33:38 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a88381e2e602c19-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ODZ6TxTT8CYpDaPNJCyvIvrhdw8PiIaViUp2xS3SKDD9maxcoKi1WKF0aYm6MTlQpv5B%2FzW79XC6TfXzeDjX9cwQ3Rjvp0kDH%2BkbcZ8QE7%2FchQ81KxyLdA0tFtRRk8LRh8x5PO4mEyPpbuWOkwfM0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 22783444064 Show response
fundingchoicesmessages.google.com/i/ 126 KB
43 KB 282ms
175ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22783444064?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28b99118c69ab4f78b73aa95ed2a8ca9a1565d3b3c7e9c9a29dec4962ce72f00

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Brffbg-1_u98kCLJO0HzfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fosterthemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:33:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-Brffbg-1_u98kCLJO0HzfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUWCOCe7PW_Zi90XAriBfvNKPkNrhDYXgdD5vuvIhPsEuv5LXW3p34P2if5WLkxWHiKaKmlZ1rYQtjZl_zSjcc= Show response
fundingchoicesmessages.google.com/f/ 433 KB
59 KB 100ms
99ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUWCOCe7PW_Zi90XAriBfvNKPkNrhDYXgdD5vuvIhPsEuv5LXW3p34P2if5WLkxWHiKaKmlZ1rYQtjZl_zSjcc=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc4OTE5NjE4LDY3NjAwMDAwMF0sIkJDNjQ2NkFBLTQ0QkQtNEY1MS05Njc2LTFENDIxRkNCRTBEOSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vZm9zdGVydGhlbW9uZXkuY29tL3BzLW14LWFwb3lvLW1hZHJlcy0wMDEwMi8iLG51bGwsW1s4LCJ2M25VdEozVzNGSSJdLFs5LCJkZSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.v3nUtJ3W3FI.es5.O/d=1/rs=AJlcJMw9aMlABNYOIzigMYrvQC3YP70v5w/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2306c39d77c3461fbb6f01819547ef9ca02f7d73285ffb11d40accb5f0a12db0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IXwX_ykeg-k0SnLSSVTszQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fosterthemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:33:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-IXwX_ykeg-k0SnLSSVTszQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 939 B
924 B 131ms
49ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lc-uOUgAAAAALyBWRuxkrEZ7yzdNaA7FJumhKAZ&onload=setRecaptcha

Requested by

Host: fosterthemoney.com
URL: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b3de3dba0e4a0f669d1ea16bd237b17c2a0ed5400c5f2eb02fdb026d05aaad7f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fosterthemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:33:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 22:33:38 GMT

GET
H2 200 rudder-analytics.min.js Show response
cdn.rudderlabs.com/v2/ 93 KB
30 KB 499ms
442ms Script
application/javascript 2600:9000:214f:9400:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v2/rudder-analytics.min.js?transport=beacon
Requested by: Host: fosterthemoney.com
URL: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9400:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5156291c4336da3cfa4a386363b1c996710c87f6ce3862dfcfc57d65c933a1fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fosterthemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:33:40 GMT
content-encoding: gzip
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
last-modified: Mon, 12 Oct 2020 11:33:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"ed6e3461f4dc53994e36eabe89a16202"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: nnLo7xFrKxo-GDi-Le4L2CX9UqURKG-pIZ4ReJS5cX2ga7GWNSS7Xg==

GET
H2 200 css
fonts.googleapis.com/ 60 KB
4 KB 138ms
57ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.v3nUtJ3W3FI.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMw9aMlABNYOIzigMYrvQC3YP70v5w/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0509cb66ed6e37cd1f581c1084d98172eceda01f2d92bd1e1259760fff6bdbab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fosterthemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Mar 2023 22:33:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 22:33:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Mar 2023 22:33:38 GMT

GET
H2 200 SD49za2tJeNCDxrRFz9lQ7XWrpd3Rr8rznkI7d_oBAtfYDcvv7WwutcjuE74ThGiptDSl63IXeJYry8u07KcVFeXcEUSCJz5CF2-j28wMvCY1uP0-Ud5-g=h60
lh3.googleusercontent.com/ 4 KB
4 KB 128ms
48ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/SD49za2tJeNCDxrRFz9lQ7XWrpd3Rr8rznkI7d_oBAtfYDcvv7WwutcjuE74ThGiptDSl63IXeJYry8u07KcVFeXcEUSCJz5CF2-j28wMvCY1uP0-Ud5-g=h60

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e3e9ff1ac517f8709b928108522fec872ab04032dd8903f2ed69e380682c24b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fosterthemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:33:38 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3835
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 15 Mar 2023 13:51:37 GMT

POST
H3 204 AGSKWxWwIQL06gF56_3KSa7g-IWYyZUnzCa3g4fRQGDBZSS7CNigOyE4uvev8i19eagmTd0dOvVJ2BWICBngF2o5LkfQ47EhyiBuW1UYiTWya4WNOHJXf86fWY6BclSA_wJz-cG6ntbffw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 124ms
51ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWwIQL06gF56_3KSa7g-IWYyZUnzCa3g4fRQGDBZSS7CNigOyE4uvev8i19eagmTd0dOvVJ2BWICBngF2o5LkfQ47EhyiBuW1UYiTWya4WNOHJXf86fWY6BclSA_wJz-cG6ntbffw==?dmid=e1d21edf45198923

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TcioBRAvn6cAzS2BIDzupg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fosterthemoney.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Mar 2023 22:33:38 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TcioBRAvn6cAzS2BIDzupg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://fosterthemoney.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/ 405 KB
162 KB 115ms
35ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lc-uOUgAAAAALyBWRuxkrEZ7yzdNaA7FJumhKAZ&onload=setRecaptcha

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e008e03e1be26d3c8a0291bb1d29f93bddeef133fefd946ed207245fc6e63ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fosterthemoney.com/
Origin: https://fosterthemoney.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 00:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 425521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165509
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 21:03:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 00:21:37 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 121ms
36ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fosterthemoney.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 22:35:21 GMT
x-content-type-options: nosniff
age: 431898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 22:35:21 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
34 KB 229ms
145ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fosterthemoney.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:21:56 GMT
x-content-type-options: nosniff
age: 529903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 19:21:56 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 217ms
151ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fosterthemoney.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 23:44:24 GMT
x-content-type-options: nosniff
age: 600555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 23:44:24 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 223ms
158ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fosterthemoney.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 23:44:24 GMT
x-content-type-options: nosniff
age: 600555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 23:44:24 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 199ms
135ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fosterthemoney.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 23:44:24 GMT
x-content-type-options: nosniff
age: 600555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 23:44:24 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 03FF 42 KB
22 KB 62ms
61ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc-uOUgAAAAALyBWRuxkrEZ7yzdNaA7FJumhKAZ&co=aHR0cHM6Ly9mb3N0ZXJ0aGVtb25leS5jb206NDQz&hl=de&v=MuIyr8Ej74CrXhJDQy37RPBe&size=invisible&cb=7nryq04j6pi

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

65de3ebf8536f76531c637487e8394dea3465d6c683a70deeb8a0a069e570e9a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qwAijgKlGxIlNhUNhz-sTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fosterthemoney.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22523
content-security-policy: script-src 'report-sample' 'nonce-qwAijgKlGxIlNhUNhz-sTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 22:33:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/ Frame 03FF 55 KB
24 KB 108ms
36ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc-uOUgAAAAALyBWRuxkrEZ7yzdNaA7FJumhKAZ&co=aHR0cHM6Ly9mb3N0ZXJ0aGVtb25leS5jb206NDQz&hl=de&v=MuIyr8Ej74CrXhJDQy37RPBe&size=invisible&cb=7nryq04j6pi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 14:16:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 21:03:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Mar 2024 14:16:38 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/ Frame 03FF 405 KB
162 KB 126ms
54ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e008e03e1be26d3c8a0291bb1d29f93bddeef133fefd946ed207245fc6e63ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 00:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 425522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165509
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 21:03:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 00:21:37 GMT

GET
H2 200 / Show response
api.rudderlabs.com/sourceConfig/ 1 KB
1 KB 13ms
12ms XHR
application/json 2600:9000:2251:3400:9:fddd:fc40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rudderlabs.com/sourceConfig/?p=web&v=1.1.5

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v2/rudder-analytics.min.js?transport=beacon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:3400:9:fddd:fc40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f4e9121d38bfac3e3d1c4626e9cba30d95d98d253002cb2943de68b3e088a7c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fosterthemoney.com/
accept-language: de-DE,de;q=0.9
Authorization: Basic MXFsSlhGTWVZVW1UeXVjWDZLVVZRVkVqQkJNOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:30:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 171
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 08a71ac0-c381-11ed-a6c2-93267342cbc6
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
x-amz-cf-id: w-XrJval2WdOBLRVog-40Czh209e0SAFs1SnAK3P80hBQx4B0dy2sg==

OPTIONS
H2 204 /
api.rudderlabs.com/sourceConfig/ Frame 0
0 48ms
9ms Preflight 2600:9000:2251:3400:9:fddd:fc40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rudderlabs.com/sourceConfig/?p=web&v=1.1.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3400:9:fddd:fc40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://fosterthemoney.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: *
access-control-max-age: 900
age: 171
alt-svc: h3=":443"; ma=86400
date: Wed, 15 Mar 2023 22:30:48 GMT
vary: Origin
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-cf-id: J3_r5Qm0Mz64vnK1Sx3OBjOXHb73ms72kYDzwER9V07mI5dQzcS-XQ==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
x-request-id: 089651e0-c381-11ed-8613-5bdcf49ec634

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 03FF 2 KB
2 KB 36ms
35ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 15:21:16 GMT
x-content-type-options: nosniff
age: 457943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 17 Mar 2023 15:21:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 03FF 15 KB
15 KB 38ms
37ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 20:18:07 GMT
x-content-type-options: nosniff
age: 94532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Mar 2024 20:18:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 03FF 15 KB
15 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 09:54:53 GMT
x-content-type-options: nosniff
age: 563926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 09:54:53 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 03FF 102 B
134 B 44ms
44ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=MuIyr8Ej74CrXhJDQy37RPBe

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c47be0dbc8b8a0bd1ab27a7eb0f54af86ad21d8f0070dbceb0b36c47194dff54

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc-uOUgAAAAALyBWRuxkrEZ7yzdNaA7FJumhKAZ&co=aHR0cHM6Ly9mb3N0ZXJ0aGVtb25leS5jb206NDQz&hl=de&v=MuIyr8Ej74CrXhJDQy37RPBe&size=invisible&cb=7nryq04j6pi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:33:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 22:33:39 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 03FF 32 KB
18 KB 79ms
78ms XHR
application/json 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Lc-uOUgAAAAALyBWRuxkrEZ7yzdNaA7FJumhKAZ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

69766c2716c1a08e8b76f6cad65d20bba5087984cdd66e36c7735fc2c4d36c64

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc-uOUgAAAAALyBWRuxkrEZ7yzdNaA7FJumhKAZ&co=aHR0cHM6Ly9mb3N0ZXJ0aGVtb25leS5jb206NDQz&hl=de&v=MuIyr8Ej74CrXhJDQy37RPBe&size=invisible&cb=7nryq04j6pi
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 15 Mar 2023 22:33:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18673
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 22:33:39 GMT

OPTIONS
H2 200 /
recaptcha.fosterthemoney.com/ Frame 0
0 84ms
31ms Preflight
text/plain 2606:4700:20::ac43:47e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://recaptcha.fosterthemoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: g-recaptcha
Access-Control-Request-Method: POST
Origin: https://fosterthemoney.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: access-control-allow-headers, g-recaptcha
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1728185
cf-ray: 7a883828789235df-FRA
content-length: 0
content-type: text/plain;charset=UTF-8
date: Wed, 15 Mar 2023 22:33:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rrzQQFKeouqlGkq0NEBjUSBQkthVciEEehmk%2FODKbFonbz0rS1Bcl5VLd%2BP3jZqFXgqjJ5DDE%2Bcwm1UYqSLJVljBQhKAYZicmOFb7Kt0ezqddV3Qq6HRM6HZqzv1bIX9Fumnjcn0Pbr1Y9yxhJQV1%2BuHau0gMXKRgic%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H2 202 / Show response
recaptcha.fosterthemoney.com/ 115 B
412 B 64ms
64ms Fetch
text/plain 2606:4700:20::ac43:47e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://recaptcha.fosterthemoney.com/
Requested by: Host: fosterthemoney.com
URL: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 922bb69d754dcd62d9a6fe59a6fea3aae4d172645d9962193c9bf2d9e245978c

Request headers

g-recaptcha: 03AFY_a8WMaAF8-vfzyFCTBmo1K1E6iGVPXdSfZkQLLadhUlDUHqfHP8GJGPltBdNQyMtm9ggX5xAdmFu-UzOuIJjmoAVUDJmvXw71m4tvgXf3JIBHdy0eP6oJoR3kUVil03g8m7beg3JEQ3hu9braDPpCPZSMK3WfwIOJ__Pcx1dMmE9KtmlcudzDRf_mdJnBG9UneumvKulVf7lOj0wJ9TyNhYJyGZuGKKiUkq2CKfKrqhLMFkLao7CrudZnNu8ZGh3AVtJvZKkr0JNCeRSOhOC8Dk-CVmuBzJT55CvdZZX9LZpU4FZ_rrA5pqFK0F33_5s9bKjxrDjQQhqDXiJEuCroSts1hUxl751ud73rdgJJApzKRqvZzixJhSmfnfXmr1qAj9Ibjipl7i2DjO98RQ32J8iq_UYjPOH3yU497VntZlkDZREcdTM6-x7vGvIhvAvYQ05j2FcOOV69l9yUZLbGTEbEQxNjPKhrgt8PUQCpswfXNNcmJTlkUGeQr5x-mdNbaMGX4R8_
Referer: https://fosterthemoney.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:33:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 1728185
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cmNeqQ4RXCKWoVUr3gkE6LvXKXidQ6WY%2FtxJzjvFKtkau%2B8UvaMvH4POoN0pTmXcgsadhIQNn9VM5onQw0OnNrB9utml4ArFTRxcrLu2XKE99TwkJWMKkJdA3JF7aO87QWH82nl5iuIWE1omP78bs1gDqdWjAlQwDM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST
access-control-allow-origin: *
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
cf-ray: 7a883828a8d935df-FRA
access-control-allow-headers: access-control-allow-headers, g-recaptcha
content-length: 115

POST
H2 200 batch
rudder.adtechpanda.com/beacon/v1/ 2 B
202 B 374ms
121ms Ping
text/plain 44.195.130.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rudder.adtechpanda.com/beacon/v1/batch?writeKey=1qlJXFMeYUmTyucX6KUVQVEjBBM

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v2/rudder-analytics.min.js?transport=beacon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.195.130.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-195-130-143.compute-1.amazonaws.com

Software

nginx/1.21.6 /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fosterthemoney.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Mar 2023 22:33:40 GMT
strict-transport-security: max-age=31536000
server: nginx/1.21.6
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://fosterthemoney.com
access-control-allow-credentials: true
content-length: 2

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 34ms
9ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fosterthemoney.com
URL: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fosterthemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 15 Mar 2023 22:33:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 2M4A2QvV2Bc/qjI8vxsA+HFq21no/5adK/tO5vAmqcJABeNJvxSnSAmv4gQUB36t4/Ci5X8jMkcALKn0LJIxGw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
51 KB 126ms
48ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-404364835

Requested by

Host: fosterthemoney.com
URL: https://fosterthemoney.com/ps-mx-apoyo-madres-00102/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9cd1e5446d687496729e05ca2406749c2ea19f91dba4d7a61ef8dbd4f4f433ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fosterthemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:33:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51601
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 Mar 2023 22:33:40 GMT

GET
H2 200 732568921483218 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 58ms
57ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/732568921483218?v=2.9.98&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

421554f26a7adaf93efc2be7f238fa94ba72224ad65cf2607334832ad508d196

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fosterthemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 15 Mar 2023 22:33:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Jmj44bCnVlDO8AV6W0LEHZtjwk5lsDGL97CH/vNy0i2OkOWpUNPygksuurGWtroeDyj/fFpEbYzxZAdHiIlVsA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 34ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=732568921483218&ev=invalidTraffic&dl=https%3A%2F%2Ffosterthemoney.com%2Fps-mx-apoyo-madres-00102%2F&rl=&if=false&ts=1678919620443&sw=1600&sh=1200&v=2.9.98&r=stable&ec=0&o=29&fbp=fb.1.1678919620442.35923618&it=1678919620349&coo=false&tm=2&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fosterthemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 15 Mar 2023 22:33:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/404364835/ 3 KB
2 KB 167ms
81ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/404364835/?random=1678919620500&cv=11&fst=1678919620500&bg=ffffff&guid=ON&async=1&gtm=45be33d0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffosterthemoney.com%2Fps-mx-apoyo-madres-00102%2F&tiba=PS%20-%20MX%20-%20Apoyo%20Madres%20-%2000102%20-%20Foster%20The%20Money&us_privacy=1---&auid=627333050.1678919621&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-404364835

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08201a287cba8d4f40dd138ac379f3c81594d79ba4f28162c7efe38cbdebcfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fosterthemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 22:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/404364835/ 3 KB
2 KB 148ms
50ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/404364835/?random=1678919620511&cv=11&fst=1678919620511&bg=ffffff&guid=ON&async=1&gtm=45be33d0&u_w=1600&u_h=1200&label=JjzbCMzav4kYEKO86MAB&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffosterthemoney.com%2Fps-mx-apoyo-madres-00102%2F&tiba=PS%20-%20MX%20-%20Apoyo%20Madres%20-%2000102%20-%20Foster%20The%20Money&gtm_ee=1&us_privacy=1---&auid=627333050.1678919621&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-404364835

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8d2537c51db3182737a39402445f54c1d762ace27274fed008546cc72892cc10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fosterthemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 22:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1581
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/404364835/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/404364835/?random=1006091763&cv=11&fst=1678919620511&bg=ffffff&guid=ON&async=1&gtm=45be33d0&u_w=1600&u_h=1200&label=JjzbCMzav4kYEKO8...
https://www.google.com/pagead/1p-conversion/404364835/?random=1006091763&cv=11&fst=1678919620511&bg=ffffff&guid=ON&async=1&gtm=45be33d0&u_w=1600&u_h=1200&label=JjzbCMzav4kYEKO86MAB&hn=www.googleads...
https://www.google.de/pagead/1p-conversion/404364835/?random=1006091763&cv=11&fst=1678919620511&bg=ffffff&guid=ON&async=1&gtm=45be33d0&u_w=1600&u_h=1200&label=JjzbCMzav4kYEKO86MAB&hn=www.googleadse...

42 B
108 B

55ms
55ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/404364835/?random=1006091763&cv=11&fst=1678919620511&bg=ffffff&guid=ON&async=1&gtm=45be33d0&u_w=1600&u_h=1200&label=JjzbCMzav4kYEKO86MAB&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffosterthemoney.com%2Fps-mx-apoyo-madres-00102%2F&tiba=PS%20-%20MX%20-%20Apoyo%20Madres%20-%2000102%20-%20Foster%20The%20Money&gtm_ee=1&us_privacy=1---&auid=627333050.1678919621&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE5uRm9BWVF0dGpPa0tpaW9LRE9BUklsQUtZMXVTMmVtYTZkOWoybVM1dmNmLXJXcW1xVHBtaVN3VGptSEc3NDZNVjRWbHlHUncaWENoRUk4Tm5Gb0FZUXA0ZXVzUDJLX00tUEFSSXRBT0U2R1Rsc0FZQi1nSWU5LUJhN2ZxcDVGMlBkbEZsbmxUZ0g5VFNneTlLNmtPOUtHMVR1VFpyS3M3MkU&is_vtc=1&ocp_id=xEcSZOr9JdCX1waIyLCABA&random=1159928682&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fosterthemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 22:33:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Mar 2023 22:33:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/404364835/?random=1006091763&cv=11&fst=1678919620511&bg=ffffff&guid=ON&async=1&gtm=45be33d0&u_w=1600&u_h=1200&label=JjzbCMzav4kYEKO86MAB&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffosterthemoney.com%2Fps-mx-apoyo-madres-00102%2F&tiba=PS%20-%20MX%20-%20Apoyo%20Madres%20-%2000102%20-%20Foster%20The%20Money&gtm_ee=1&us_privacy=1---&auid=627333050.1678919621&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE5uRm9BWVF0dGpPa0tpaW9LRE9BUklsQUtZMXVTMmVtYTZkOWoybVM1dmNmLXJXcW1xVHBtaVN3VGptSEc3NDZNVjRWbHlHUncaWENoRUk4Tm5Gb0FZUXA0ZXVzUDJLX00tUEFSSXRBT0U2R1Rsc0FZQi1nSWU5LUJhN2ZxcDVGMlBkbEZsbmxUZ0g5VFNneTlLNmtPOUtHMVR1VFpyS3M3MkU&is_vtc=1&ocp_id=xEcSZOr9JdCX1waIyLCABA&random=1159928682&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/404364835/ 42 B
64 B 47ms
46ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/404364835/?random=1678919620500&cv=11&fst=1678917600000&bg=ffffff&guid=ON&async=1&gtm=45be33d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffosterthemoney.com%2Fps-mx-apoyo-madres-00102%2F&tiba=PS%20-%20MX%20-%20Apoyo%20Madres%20-%2000102%20-%20Foster%20The%20Money&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3082248527&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fosterthemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 22:33:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/404364835/ 42 B
455 B 131ms
46ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/404364835/?random=1678919620500&cv=11&fst=1678917600000&bg=ffffff&guid=ON&async=1&gtm=45be33d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffosterthemoney.com%2Fps-mx-apoyo-madres-00102%2F&tiba=PS%20-%20MX%20-%20Apoyo%20Madres%20-%2000102%20-%20Foster%20The%20Money&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3082248527&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fosterthemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 22:33:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 14:41:11	Name: _GRECAPTCHA Value: 09AJBLKW15xCAOnmn5PXqfOal9yr2SgUxdhi44hMjXZ86CnGqSIguxu-t7uJfPRhPFllS5Enu-n5xENo1mMX1Ood0
fosterthemoney.com/	1970-01-20 19:07:35	Name: pll_language Value: mx
.fosterthemoney.com/	1970-01-20 10:22:01	Name: __cf_bm Value: 0QeoZLQo0DnrCWtWm1xEqDHub26LLuBAcPz.agZGmtk-1678919618-0-AY3GuuOM8yxk/bGNMMebggDLFjZRGHaOah8v/ecQLj3SoqUxGV2pSU6LDFfyeXz8rsTlwUtBGuLqDIRtOLuGrPhK4dGKW0rcPZNDUdlnaHAIIO0nYHFNoLrz7ZgACQksLg==
.fosterthemoney.com/	1970-01-20 19:07:35	Name: rl_user_id Value: RudderEncrypt%3AU2FsdGVkX1%2Bo88Sct2sALA2IQdadPE%2BH3O4NstpVmqg%3D
.fosterthemoney.com/	1970-01-20 19:07:35	Name: rl_anonymous_id Value: RudderEncrypt%3AU2FsdGVkX1848eP9uFK6Ojqmr27UoX%2F9k47KGMaxccJ0w9g0SIIW6s8mzQbb4eH7xa7M5VCxAc5aXRxDo7tzYw%3D%3D
.fosterthemoney.com/	1970-01-20 19:07:35	Name: rl_group_id Value: RudderEncrypt%3AU2FsdGVkX19f7GGtQfqsGhzHhm2W5qGtE4%2FV14cCMf4%3D
.fosterthemoney.com/	1970-01-20 19:07:35	Name: rl_trait Value: RudderEncrypt%3AU2FsdGVkX1%2Bds0elyXKb1L4%2B4bzg44GeAW2ceGZumAE%3D
.fosterthemoney.com/	1970-01-20 19:07:35	Name: rl_group_trait Value: RudderEncrypt%3AU2FsdGVkX1%2FKnWEnX5%2B1zY7%2BrNPR7rjXpl2TrjZFBfk%3D
.fosterthemoney.com/	1970-01-20 12:31:35	Name: _fbp Value: fb.1.1678919620442.35923618
.fosterthemoney.com/	1970-01-20 12:31:35	Name: _gcl_au Value: 1.1.627333050.1678919621
.doubleclick.net/	1970-01-20 10:22:00	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.rudderlabs.com
cdn.rudderlabs.com
connect.facebook.net
d2pn47juqu41ip.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
fosterthemoney.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
lh3.googleusercontent.com
recaptcha.fosterthemoney.com
rudder.adtechpanda.com
securepubads.g.doubleclick.net
tag.escalated.io
tc.pubguru.net
tracker.adtechpanda.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
142.250.181.226
2600:9000:214f:9400:16:a497:9700:93a1
2600:9000:2250:a200:d:6881:ac40:21
2600:9000:2251:3400:9:fddd:fc40:93a1
2606:4700:20::681a:ddf
2606:4700:20::681a:e47
2606:4700:20::ac43:47e8
2a00:1450:4001:801::2002
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2008
2a00:1450:4001:812::200a
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2004
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.76.5.46
44.195.130.143
54.78.253.158
0509cb66ed6e37cd1f581c1084d98172eceda01f2d92bd1e1259760fff6bdbab
06d460f3f37c80755b215b12ac3fcf055c4ad551e9f932c996a7becb29f09700
08201a287cba8d4f40dd138ac379f3c81594d79ba4f28162c7efe38cbdebcfa7
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
1b367a0b95026dd0321062c8dd74774c933b892c58ad864ef17489a60e7e7db5
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2306c39d77c3461fbb6f01819547ef9ca02f7d73285ffb11d40accb5f0a12db0
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28b99118c69ab4f78b73aa95ed2a8ca9a1565d3b3c7e9c9a29dec4962ce72f00
2940fc3e4be1c44c42429926fd8144235bee8fde8e590386bc0b8900482b82d2
3226da462af13fcd31c313f212207f848ee112915f2dc4a6c50769a087111f28
39728ff04768c14ecd4767fc2413b37c41cc1d341c17cb969a465675072cec42
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
421554f26a7adaf93efc2be7f238fa94ba72224ad65cf2607334832ad508d196
45328b6a41c0a2f60c65d393b25c8326fc1d5efae34268d42a1a41ea6e422495
5156291c4336da3cfa4a386363b1c996710c87f6ce3862dfcfc57d65c933a1fc
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
584f951aaaeee15d5e8a02f713b05f7641b151a49ff08b016453fce7721e7d19
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b8df9ca9d91dbde345c3da756f87adf40404e4cdbf74d436f09b37231a08274
5e008e03e1be26d3c8a0291bb1d29f93bddeef133fefd946ed207245fc6e63ea
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
62803368765d01d6453e26a5da6abd6a625ec5d7d7ba5f3cc7c274d3ee5219b0
65de3ebf8536f76531c637487e8394dea3465d6c683a70deeb8a0a069e570e9a
69766c2716c1a08e8b76f6cad65d20bba5087984cdd66e36c7735fc2c4d36c64
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87fd02e65588b3ad5bcdb3e18f7d925cd230dafc3bd1ec6f37e4a064d5d0ac5a
8a4f6acf0f7aeb5097bc9ddb1619b882e60852d14d4a4896a5b32211d314e55c
8d2537c51db3182737a39402445f54c1d762ace27274fed008546cc72892cc10
922bb69d754dcd62d9a6fe59a6fea3aae4d172645d9962193c9bf2d9e245978c
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9cd1e5446d687496729e05ca2406749c2ea19f91dba4d7a61ef8dbd4f4f433ce
af90051a2fac6552b5169ca317a8c0a7989dd414e47b2d7516acc8c4c5328976
b3de3dba0e4a0f669d1ea16bd237b17c2a0ed5400c5f2eb02fdb026d05aaad7f
c32bcb5e0c7a8ba2143f32f8a1dd1d218588bfa7041ffb31a20e5bd1dee6c4eb
c47be0dbc8b8a0bd1ab27a7eb0f54af86ad21d8f0070dbceb0b36c47194dff54
cb53198b71b8ad5dd1e0caa8c7c741d5a374f1178a73974018bead92f016959b
d5198921a67b5589b2cc80852ec37dd81049d7774f8685272f116c69f8fb714d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e9ff1ac517f8709b928108522fec872ab04032dd8903f2ed69e380682c24b7
ef10165eed1453ea0aab918406425e97c0120618c63526244ed6217eabcd1105
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e9121d38bfac3e3d1c4626e9cba30d95d98d253002cb2943de68b3e088a7c8

fosterthemoney.com Open in urlscan Pro 2606:4700:20::681a:e47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

54 Requests

98 %HTTPS

82 %IPv6

16 Domains

22 Subdomains

23 IPs

3 Countries

1311 kBTransfer

3414 kBSize

11 Cookies

0 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fosterthemoney.com Open in urlscan Pro
2606:4700:20::681a:e47 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

98 %
HTTPS

82 %
IPv6

16
Domains

22
Subdomains

23
IPs

3
Countries

1311 kB
Transfer

3414 kB
Size

11
Cookies

54 HTTP transactions
1 data transactions