roodeemoney.com Open in urlscan Pro
2606:4700:3036::6815:4c97 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.roodeemoney.com/
Effective URL:
https://roodeemoney.com/
Submission: On August 22 via automatic, source certstream-suspicious (August 22nd 2021, 4:38:35 am UTC)

Summary HTTP 68 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 19 domains to perform 68 HTTP transactions. The main IP is 2606:4700:3036::6815:4c97, located in United States and belongs to CLOUDFLARENET, US. The main domain is roodeemoney.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 23rd 2021. Valid for: a year.

This is the only time roodeemoney.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	2606:4700:303... 2606:4700:3036::6815:4c97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	203.78.107.224 203.78.107.224	18362 (NETWAY-AS...) (NETWAY-AS-AP Netway Communication Co.)
8	52.219.37.10 52.219.37.10	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:219... 2600:9000:2190:2200:17:beb7:8f40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	42.61.47.40 42.61.47.40	3758 (SINGNET S...) (SINGNET SingNet)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
3	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
68	26

14 2606:4700:3036::6815:4c97 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.roodeemoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
roodeemoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 203.78.107.224 (Thailand)

ASN18362 (NETWAY-AS-AP Netway Communication Co.,Ltd., TH)

www.amot.in.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.219.37.10 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1.amazonaws.com

s3-ap-southeast-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:2200:17:beb7:8f40:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.ktc.co.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 42.61.47.40 (Singapore, Singapore)

ASN3758 (SINGNET SingNet, SG)

www.uob.co.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.77.48 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	roodeemoney.com 1 redirects www.roodeemoney.com roodeemoney.com	1 MB
11	youtube.com www.youtube.com	682 KB
8	amazonaws.com s3-ap-southeast-1.amazonaws.com	3 MB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	176 KB
5	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net static.doubleclick.net	10 KB
4	amot.in.th www.amot.in.th	704 KB
3	google.com adservice.google.com www.google.com	14 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	w.org s.w.org	2 KB
2	googletagmanager.com www.googletagmanager.com	88 KB
1	ytimg.com i.ytimg.com	4 KB
1	ggpht.com yt3.ggpht.com	4 KB
1	gstatic.com fonts.gstatic.com	15 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	660 B
1	wp.com i1.wp.com	97 KB
1	uob.co.th www.uob.co.th	97 KB
1	ktc.co.th www.ktc.co.th	267 KB
68	19

	Domain	Requested by
13	roodeemoney.com	roodeemoney.com
11	www.youtube.com	roodeemoney.com www.youtube.com
8	s3-ap-southeast-1.amazonaws.com	roodeemoney.com
5	pagead2.googlesyndication.com	roodeemoney.com pagead2.googlesyndication.com tpc.googlesyndication.com
4	www.amot.in.th	roodeemoney.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.youtube.com
3	s.w.org	roodeemoney.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google.com	www.youtube.com tpc.googlesyndication.com
2	www.googletagmanager.com	roodeemoney.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	fonts.gstatic.com	www.youtube.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	i1.wp.com	roodeemoney.com
1	www.uob.co.th	roodeemoney.com
1	www.ktc.co.th	roodeemoney.com
1	www.roodeemoney.com	1 redirects
68	24

This site contains links to these domains. Also see Links.

Domain
cl.accesstrade.in.th
access.amot.in.th
www.facebook.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-04-23` - `2022-04-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.amot.in.th DigiCert TLS RSA SHA256 2020 CA1	`2021-02-19` - `2022-03-21`	a year	crt.sh
*.s3-ap-southeast-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
www.ktc.co.th DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
www.uobgroup.com GlobalSign RSA OV SSL CA 2018	`2020-06-29` - `2022-06-21`	2 years	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2019-12-19` - `2021-12-18`	2 years	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://roodeemoney.com/
Frame ID: 75F91824757B1C75C6A29ACC28504EE5
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html
Frame ID: 661973D353BD62CFB08DC62D7B356108
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6267369281180869&output=html&adk=1812271804&adf=3025194257&lmt=1629607096&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Froodeemoney.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629607096545&bpp=4&bdt=390&idt=93&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=148701936720&frm=20&pv=2&ga_vid=1243165754.1629607097&ga_sid=1629607097&ga_hid=32563936&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C20211866%2C31062181%2C31062297&oid=3&pvsid=3612445778148373&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=110
Frame ID: D1C8D048234507D700757A542FFF3571
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/l_mAFiTcY4M?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Froodeemoney.com&widgetid=1
Frame ID: 1D83C20EEB5F7DC1C0BA4379A0F9F043
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2F47B1A4700D0DD9DB6E4FC4E760C1E1
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BE7B37E61EFE6E5F558F0AE9D941D6F1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

รู้ดี money - รู้ดีเรื่องบัตรเครดิต และสินเชื่อส่วนบุคคล - รู้ดี Money

Page URL History Show full URLs

https://www.roodeemoney.com/ HTTP 301
https://roodeemoney.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

68
Requests

100 %
HTTPS

76 %
IPv6

19
Domains

24
Subdomains

26
IPs

5
Countries

6622 kB
Transfer

9381 kB
Size

8
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://cl.accesstrade.in.th/0021140010bs
Title: สมัครบัตร KTC Proud

Search URL Search Domain Scan URL

URL: https://access.amot.in.th/?affiliate=TWpNM01qazJYekkyTURZeE5RPT0
Title: สมัครบัตรกดเงินสด CitiBank

Search URL Search Domain Scan URL

URL: https://access.amot.in.th/?affiliate=TWpNM01qWTJYekkyTURVNE5RPT0
Title: สมัครบัตร UOB Cash Plus

Search URL Search Domain Scan URL

URL: https://cl.accesstrade.in.th/000io00010bs
Title: สมัครบัตร CIMB

Search URL Search Domain Scan URL

URL: https://cl.accesstrade.in.th/000bp60010bs
Title: สมัครบัตร UOB Yolo

Search URL Search Domain Scan URL

URL: https://cl.accesstrade.in.th/000bjw0010bs
Title: สมัครบัตร KTC Cash Back

Search URL Search Domain Scan URL

URL: https://access.amot.in.th/?affiliate=TWpNM01qWTRYekkyTURVNE53PT0
Title: สมัครบัตร Bangkok Platinum

Search URL Search Domain Scan URL

URL: https://cl.accesstrade.in.th/001dvb0010bs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/roodeemoney/
Title: facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/roodeemoney
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=l_mAFiTcY4M
Title: https://www.youtube.com/watch?v=l_mAFiTcY4M

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.roodeemoney.com/ HTTP 301
https://roodeemoney.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

68 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
roodeemoney.com/
Redirect Chain

https://www.roodeemoney.com/
https://roodeemoney.com/

40 KB
11 KB

233ms
219ms

Document
text/html

2606:4700:3036::6815:4c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://roodeemoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:4c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6eef28b87abd72b27ae0c19f0070ad1366419c868f5c538760cae1af5c4c9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: roodeemoney.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:38:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Cookie
cache-control: max-age=3, must-revalidate
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lb67yfVM44BdoYN%2BhNkuNEhWGANiiynBCKuTpPCmOTcGETxIOIgr%2B1JNyNi%2B0prIBAl5KZQUTDRo8byf2YVLNvXqofk8GmmXvWk3PthoAP5NfqyM%2FudtQQJpfYKhsyowzXfoCouu5LMeSnUgYoU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6829691d99533240-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date: Sun, 22 Aug 2021 04:38:15 GMT
content-type: text/html
location: https://roodeemoney.com/
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwdN63ylKxj3MzyVbjrN7wOe%2B%2Bmk5HmvQiOZTvIH6bcvQMhkWYc5ZUtX5y2Epht1mgitXjhqCRReLaz2lk1xQM%2BITntnRrpmDnom6M9DuTBOVvzFNXnqBALNnPO83LG8vEplFVX47RUOeBij%2BeLDfLpb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6829691c28583240-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 autoptimize_348a1d10eb9fd1a8e75fbc84803e79ea.css
roodeemoney.com/wp-content/cache/autoptimize/css/ 179 KB
30 KB 41ms
29ms Stylesheet
text/css 2606:4700:3036::6815:4c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://roodeemoney.com/wp-content/cache/autoptimize/css/autoptimize_348a1d10eb9fd1a8e75fbc84803e79ea.css

Requested by

Host: roodeemoney.com
URL: https://roodeemoney.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:4c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea6e1aafc418a2f43f97735f6c99ab4817516e3efade144ab32aa9544fb3bace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/cache/autoptimize/css/autoptimize_348a1d10eb9fd1a8e75fbc84803e79ea.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: roodeemoney.com
referer: https://roodeemoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 119
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Aug 2021 07:43:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61122e3e-2cdfa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4B0bPV2YFFEqHGFamCpmJVOQZ3IVsrqLQKTXqgmaeSa4Vm84SWMi2d8XerJxZ2k6aVAnyVdfTVYw8cMIQvzCEH%2FkoQHHCKlc3fSjJ%2B4NNr81SfxqBvxsUgB6qr3s5%2B0OYAyQuJeGXLVeoLkUQg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6829691f088ddfcf-FRA

GET
H3-29 200 jquery.min.js Show response
roodeemoney.com/wp-includes/js/jquery/ 87 KB
32 KB 26ms
17ms Script
application/javascript 2606:4700:3036::6815:4c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://roodeemoney.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Requested by

Host: roodeemoney.com
URL: https://roodeemoney.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:4c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: roodeemoney.com
referer: https://roodeemoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 119
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f7dedd5-15d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0G3jZ6rH5zNx3mvvsXpN0UftCp41xQaSwJdsUpKOLgQyvC96vMpsLbXvwGcDPk4tuvpQdtkCDJ1IBl7vjbiNxA16PHweEQeGgrj%2FGq0SatVSL6cy9JyY3LVPK%2Fcon%2FFYrpBM4YtM8XempaMuus%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 6829691f088cdfcf-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 128 KB
50 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MPRBRG5Y6Y

Requested by

Host: roodeemoney.com
URL: https://roodeemoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ecb7eea171614b4b31f360977d91d83f497ee31d65816934c2e3e4544141c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:38:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51539
x-xss-protection: 0
expires: Sun, 22 Aug 2021 04:38:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 42ms
23ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6267369281180869

Requested by

Host: roodeemoney.com
URL: https://roodeemoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66c47e95e2ac18d9e71b1eeb1664d31499133817fa93ea09cde1c228eb13a137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://roodeemoney.com
Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49909
x-xss-protection: 0
server: cafe
etag: 7723420151934129076
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 22 Aug 2021 04:38:16 GMT

GET
H/1.1 200
OK fae22d2d51.jpg
www.amot.in.th/amot/uploadfiles/campaign/XL/ 249 KB
249 KB 1239ms
224ms Image
image/jpeg 203.78.107.224
NETWAY-AS-AP Netw...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.amot.in.th/amot/uploadfiles/campaign/XL/fae22d2d51.jpg
Requested by: Host: roodeemoney.com
URL: https://roodeemoney.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.78.107.224 , Thailand, ASN18362 (NETWAY-AS-AP Netway Communication Co.,Ltd., TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: 9a1fe38b222a10ffeb53c06814a044b6ea26271d2fe76bc5b5bebeb617780793

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 22 Aug 2021 04:57:54 GMT
Last-Modified: Wed, 31 Mar 2021 02:50:47 GMT
Server: Apache/2
ETag: "3e213-5becc2e8aafc0"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 254483
Expires: Tue, 21 Sep 2021 04:57:54 GMT

GET
H/1.1 200
OK 75034_1287x1820_20190904062924352.jpg
s3-ap-southeast-1.amazonaws.com/images.accesstrade.in.th/8d7d8ee069cb0cbbf816bbb65d56947e/ 195 KB
195 KB 873ms
265ms Image
image/jpeg 52.219.37.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-1.amazonaws.com/images.accesstrade.in.th/8d7d8ee069cb0cbbf816bbb65d56947e/75034_1287x1820_20190904062924352.jpg
Requested by: Host: roodeemoney.com
URL: https://roodeemoney.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.37.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 01716fda64460d237027ce9ef9a5b50e30e1cbd16f79f5b4ee01b0952ae0dbe7

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 22 Aug 2021 04:38:17 GMT
Last-Modified: Wed, 04 Sep 2019 06:29:25 GMT
Server: AmazonS3
x-amz-request-id: RRX79QFC818AQHDR
ETag: "d808f7c34020eadb7d8a90a2189b80a9"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 199723
x-amz-id-2: uxKaQVIaFbb6s5fKjDpd811FrhZZmoUqriFdyQGJXOjY4Eo90JHuL33pTYfEmgHq/uzR2GajuHg=

GET
H2 200 14-KTC_CASH_BACK_PLATINUM_MASTERCARD.png
www.ktc.co.th/pub/media/creditcard/ 266 KB
267 KB 990ms
714ms Image
image/png 2600:9000:2190:2200:17:beb7:8f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ktc.co.th/pub/media/creditcard/14-KTC_CASH_BACK_PLATINUM_MASTERCARD.png
Requested by: Host: roodeemoney.com
URL: https://roodeemoney.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:2200:17:beb7:8f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4e2816bbf692a367068749417b5237804fc9e870c122552d55cdfc49fd22bd9

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:38:18 GMT
via: 1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
last-modified: Mon, 08 Feb 2021 18:06:24 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "c6e9d20af47ce5741b6c9ea5d7bce407"
x-cache: Miss from cloudfront
x-amz-version-id: null
cache-control: max-age=2592000
accept-ranges: bytes
content-type: image/png
content-length: 272611
x-amz-cf-id: DCQBGycp5JKxjkLioh_nXlBc2gawTLE9f8X4SP09Xn6qeqVfQQaMNQ==

GET
H/1.1 200
OK 191476_1280x560_20201019082819234.jpg
s3-ap-southeast-1.amazonaws.com/images.accesstrade.in.th/f899139df5e1059396431415e770c6dd/ 514 KB
514 KB 852ms
243ms Image
image/jpeg 52.219.37.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-1.amazonaws.com/images.accesstrade.in.th/f899139df5e1059396431415e770c6dd/191476_1280x560_20201019082819234.jpg
Requested by: Host: roodeemoney.com
URL: https://roodeemoney.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.37.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 30e221ad2cdb25042059e0f78e09fdd275b2dfa9f9886e06cd9f26140ebfe959

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 22 Aug 2021 04:38:17 GMT
Last-Modified: Mon, 19 Oct 2020 08:28:20 GMT
Server: AmazonS3
x-amz-request-id: RRXF8EX562G78R2K
ETag: "7c8a781e3ee7392c4fe80cfd528438ce"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 526477
x-amz-id-2: dtPZuH6UEALEs2Jym4z5Ttl8S8Cu7H3zUqB0HgQeGoKpP8OiTZ0+eC+uzN3ImbjBGdz11BMiV+c=

GET
H/1.1 200
OK 3791fe22b8.jpg
www.amot.in.th/amot/uploadfiles/campaign/XL/ 228 KB
228 KB 1294ms
239ms Image
image/jpeg 203.78.107.224
NETWAY-AS-AP Netw...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.amot.in.th/amot/uploadfiles/campaign/XL/3791fe22b8.jpg
Requested by: Host: roodeemoney.com
URL: https://roodeemoney.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.78.107.224 , Thailand, ASN18362 (NETWAY-AS-AP Netway Communication Co.,Ltd., TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: bcbe79ce2116c05e7872815dcb15915ce7760d122ce4b8e1cb8fa25e9910a0c8

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 22 Aug 2021 04:57:54 GMT
Last-Modified: Fri, 20 Nov 2020 10:15:29 GMT
Server: Apache/2
ETag: "38e3b-5b4871fb39240"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 233019
Expires: Tue, 21 Sep 2021 04:57:54 GMT

GET
H/1.1 200
OK 294480_1200x627_20210429084053691.jpg
s3-ap-southeast-1.amazonaws.com/images.accesstrade.in.th/cf67355a3333e6e143439161adc2d82e/ 225 KB
225 KB 872ms
259ms Image
image/jpeg 52.219.37.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-1.amazonaws.com/images.accesstrade.in.th/cf67355a3333e6e143439161adc2d82e/294480_1200x627_20210429084053691.jpg
Requested by: Host: roodeemoney.com
URL: https://roodeemoney.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.37.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: aed7d9b7a26edef496d2f8639570085f3b9d230e0eee6edab9dc3e2e03a0cae4

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 22 Aug 2021 04:38:17 GMT
Last-Modified: Thu, 29 Apr 2021 08:40:54 GMT
Server: AmazonS3
x-amz-request-id: RRX2QMCTJ2HJ8AFB
ETag: "b12870259723ea78bbd84da42f34e447"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 230102
x-amz-id-2: U32CLPNqHAslbDxtMiPpA6hjXrCe0r7r4cNRvb81k3tmnNXXcpIdGalD62V7/m0S6xYsmlkYe0k=

GET
H/1.1 200
OK 239076_800x350_20210211085954057.jpg
s3-ap-southeast-1.amazonaws.com/images.accesstrade.in.th/e70611883d2760c8bbafb4acb29e3446/ 125 KB
125 KB 846ms
215ms Image
image/jpeg 52.219.37.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-1.amazonaws.com/images.accesstrade.in.th/e70611883d2760c8bbafb4acb29e3446/239076_800x350_20210211085954057.jpg
Requested by: Host: roodeemoney.com
URL: https://roodeemoney.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.37.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1e513e160c68850f4cc130c9e4ec6c569eb1d6c19c8d0a17ee87ce18303a8b15

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 22 Aug 2021 04:38:17 GMT
Last-Modified: Thu, 11 Feb 2021 08:59:55 GMT
Server: AmazonS3
x-amz-request-id: RRX2MYKAWX9NBJX0
ETag: "82194540947d919851aa8db98a852de9"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 128037
x-amz-id-2: TcDTlCTLVYVh/gTZoD1IVG7A8bTvu91AC6+SjJ88T9c5O4BLjTKR0NaevF2HBjvqYuYKt4m+3hk=

GET
H/1.1 200
OK 2934ee416b.jpg
www.amot.in.th/amot/uploadfiles/campaign/XL/ 227 KB
228 KB 1360ms
255ms Image
image/jpeg 203.78.107.224
NETWAY-AS-AP Netw...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.amot.in.th/amot/uploadfiles/campaign/XL/2934ee416b.jpg
Requested by: Host: roodeemoney.com
URL: https://roodeemoney.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.78.107.224 , Thailand, ASN18362 (NETWAY-AS-AP Netway Communication Co.,Ltd., TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: dc47e1224b9fb2567b7e5d8775bee1eb2af94793a3247702dd777507c89ad7c0

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 22 Aug 2021 04:57:54 GMT
Last-Modified: Mon, 05 Jul 2021 08:11:46 GMT
Server: Apache/2
ETag: "38d17-5c65bdb3bb480"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 232727
Expires: Tue, 21 Sep 2021 04:57:54 GMT

GET
H/1.1 404
Not Found dabb886ac9_800x600.jpg
www.amot.in.th/amot/uploadfiles/campaign/illustration/800x600/ 66 B
66 B 1401ms
296ms Image
text/html 203.78.107.224
NETWAY-AS-AP Netw...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.amot.in.th/amot/uploadfiles/campaign/illustration/800x600/dabb886ac9_800x600.jpg
Requested by: Host: roodeemoney.com
URL: https://roodeemoney.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.78.107.224 , Thailand, ASN18362 (NETWAY-AS-AP Netway Communication Co.,Ltd., TH),
Reverse DNS
Software: Apache/2 / PHP/5.5.34
Resource Hash: cd8359b6adeac3e82c25d1f7564769758db7ed1360c2d111fc7d393abe3f0639

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 Aug 2021 04:57:54 GMT
Server: Apache/2
X-Powered-By: PHP/5.5.34
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 66
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK 55660_Picture2_20190422063450237.png
s3-ap-southeast-1.amazonaws.com/images.accesstrade.in.th/019d385eb67632a7e958e23f24bd07d7/ 703 KB
704 KB 842ms
222ms Image
image/png 52.219.37.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-1.amazonaws.com/images.accesstrade.in.th/019d385eb67632a7e958e23f24bd07d7/55660_Picture2_20190422063450237.png
Requested by: Host: roodeemoney.com
URL: https://roodeemoney.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.37.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7add26056c825823ca575bc8725a35466522826f1c797e34a71da9af4fb35f5c

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 22 Aug 2021 04:38:17 GMT
Last-Modified: Mon, 22 Apr 2019 06:34:51 GMT
Server: AmazonS3
x-amz-request-id: RRXFCXF72R3WPPFH
ETag: "eeee3088afaf1f1a1bb432a8524fc966"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 720191
x-amz-id-2: rrCmSukydo8n6TF8HAl5A9uiu0rZB0r7bdhjdkE2Qmrv6owXrjgp0tWcGk+Is484JcK9/oosI6k=

GET
H/1.1 200
OK 55656_Picture1_20190422062716640.png
s3-ap-southeast-1.amazonaws.com/images.accesstrade.in.th/019d385eb67632a7e958e23f24bd07d7/ 320 KB
320 KB 242ms
241ms Image
image/png 52.219.37.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-1.amazonaws.com/images.accesstrade.in.th/019d385eb67632a7e958e23f24bd07d7/55656_Picture1_20190422062716640.png
Requested by: Host: roodeemoney.com
URL: https://roodeemoney.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.37.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ae00aace8e3f670b626451439100c78be06bb3165dbbc4b9db4bbf4900ad146d

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 22 Aug 2021 04:38:18 GMT
Last-Modified: Mon, 22 Apr 2019 06:27:17 GMT
Server: AmazonS3
x-amz-request-id: JBMYN666HCX1FSEB
ETag: "c87e5aa0a78f8066c3f2ad58e7a357a4"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 327451
x-amz-id-2: mslMfi6HiP8l4yqdp6iFDj6bGElARwRXS81mE42JOxpgdAshWDXTP8p1dcn49Jrf0Rf4KFdBzcw=

GET
H/1.1 200
OK 65289_1640x462_20190605093033014.jpg
s3-ap-southeast-1.amazonaws.com/images.accesstrade.in.th/a02ffd91ece5e7efeb46db8f10a74059/ 883 KB
884 KB 234ms
230ms Image
image/jpeg 52.219.37.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-1.amazonaws.com/images.accesstrade.in.th/a02ffd91ece5e7efeb46db8f10a74059/65289_1640x462_20190605093033014.jpg
Requested by: Host: roodeemoney.com
URL: https://roodeemoney.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.37.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 47f7a370e726141a723111662726767b3df62d73ff592ec5adb53199d5df1555

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 22 Aug 2021 04:38:18 GMT
Last-Modified: Wed, 05 Jun 2019 09:30:34 GMT
Server: AmazonS3
x-amz-request-id: JBMJNJV0NW92RZR7
ETag: "1875e1b1b1ef902b005b970f1e120ae6"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 904548
x-amz-id-2: +12NZfK9ZZ1nvzBiyZTtJuTCRZnJOx4zjXjMQAqxSQGQxULf0HibIaUtO9Zpcm1y7Lb0oV/ThSI=

GET
H/1.1 200
OK 65291_1180x332_20190605093033246.jpg
s3-ap-southeast-1.amazonaws.com/images.accesstrade.in.th/a02ffd91ece5e7efeb46db8f10a74059/ 233 KB
233 KB 250ms
239ms Image
image/jpeg 52.219.37.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-1.amazonaws.com/images.accesstrade.in.th/a02ffd91ece5e7efeb46db8f10a74059/65291_1180x332_20190605093033246.jpg
Requested by: Host: roodeemoney.com
URL: https://roodeemoney.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.37.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4dd9c049a4906bcbff23f4470ca9ed245f96948d5bb2346329bfc65b80a8c214

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 22 Aug 2021 04:38:18 GMT
Last-Modified: Wed, 05 Jun 2019 09:30:34 GMT
Server: AmazonS3
x-amz-request-id: JBMHJH57KCT1HPB3
ETag: "5f003711d04039907b3f184d06177e81"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 238176
x-amz-id-2: xZvFxTRfetxvjNqCnArnKS/mGBk80LII3Tovi64IOLuFDQQisWdoCiV62ub9GKdCOna48CEMN8w=

GET
H3-29 200 autoptimize_f4ef378bf844ca00edfad2cbcbdb73b3.js Show response
roodeemoney.com/wp-content/cache/autoptimize/js/ 204 KB
54 KB 21ms
19ms Script
application/javascript 2606:4700:3036::6815:4c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://roodeemoney.com/wp-content/cache/autoptimize/js/autoptimize_f4ef378bf844ca00edfad2cbcbdb73b3.js

Requested by

Host: roodeemoney.com
URL: https://roodeemoney.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:4c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f64905979e1e44229a9268d9eb42834ad9258b90f1c8f4ac82c8592791783fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/cache/autoptimize/js/autoptimize_f4ef378bf844ca00edfad2cbcbdb73b3.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: roodeemoney.com
referer: https://roodeemoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 118
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Aug 2021 07:43:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61122e3e-32f4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJH4bvWXiNRaOoNQ%2BDr45jh7TdIhbzlkCjdZGCcFQlRh8UtzfFrfwojERLWdq9K589SW4AeWyayLFgwxVbVk5pqPZT8ew7HRtizD2NNWMgyMymVK%2FZiH3ewvHEgBmfRHftCVEsfdOzdPSctNP2U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 6829691f88dbdfcf-FRA

GET
H3-29 200 wp-emoji-release.min.js Show response
roodeemoney.com/wp-includes/js/ 14 KB
5 KB 17ms
16ms Script
application/javascript 2606:4700:3036::6815:4c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://roodeemoney.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2

Requested by

Host: roodeemoney.com
URL: https://roodeemoney.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:4c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: roodeemoney.com
referer: https://roodeemoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 119
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ff5d754-3795"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FTq9rAnu96jwQr2gLYy7sndEAVsCkx8TuuiAucBhGg%2BJ%2Fl26lCqN61vs9ndp9w38KLSJu9vw8IQBw4PW6%2B33voiNOzgFEnCqbCYtktaK2cOlcWNop4YkKIvLACPX20SJcKK%2FG3DOqypRliWHZJ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 6829691f88dcdfcf-FRA

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 96 KB
38 KB 45ms
30ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9KNHJN

Requested by

Host: roodeemoney.com
URL: https://roodeemoney.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f591b5e8e481d42510ec7c3ba1109a1159ee44a01169c53a441e982ba6e4fa5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:38:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38698
x-xss-protection: 0
last-modified: Sun, 22 Aug 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 22 Aug 2021 04:38:16 GMT

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 socicon.woff
roodeemoney.com/wp-content/plugins/meks-smart-social-widget/css/fonts/ 98 KB
64 KB 21ms
20ms Font
application/font-woff 2606:4700:3036::6815:4c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://roodeemoney.com/wp-content/plugins/meks-smart-social-widget/css/fonts/socicon.woff

Requested by

Host: roodeemoney.com
URL: https://roodeemoney.com/wp-content/cache/autoptimize/css/autoptimize_348a1d10eb9fd1a8e75fbc84803e79ea.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:4c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48c273dcbed09b6b87f9365f2f141063f5c859476b53913d94fca1befe90aa0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/meks-smart-social-widget/css/fonts/socicon.woff
pragma: no-cache
origin: https://roodeemoney.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: roodeemoney.com
referer: https://roodeemoney.com/wp-content/cache/autoptimize/css/autoptimize_348a1d10eb9fd1a8e75fbc84803e79ea.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://roodeemoney.com
Referer: https://roodeemoney.com/wp-content/cache/autoptimize/css/autoptimize_348a1d10eb9fd1a8e75fbc84803e79ea.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 119
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Feb 2021 14:45:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"602e7d99-18994"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ik4n7otGeAfuMmEmtTK3K3GON5p1fQWsjnx9SWAz5EKBvNFfbv8%2Frbs8KVV9c3IksyR1m2ypGBiD6Z3semJuk3MWESzqLHtDKLKR8awyQit0%2FmnFyeaygxKdJWFBVvpr7jfUnt2iRHPFfqTcPsc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 68296920b9b4dfcf-FRA

GET
H3-29 200 ktc-proud-card-300x188.png
roodeemoney.com/wp-content/uploads/2021/03/ 72 KB
73 KB 28ms
27ms Image
image/png 2606:4700:3036::6815:4c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roodeemoney.com/wp-content/uploads/2021/03/ktc-proud-card-300x188.png

Requested by

Host: roodeemoney.com
URL: https://roodeemoney.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:4c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d732a88f0f393fb23575c6ed8c7699ef1178cde3e70b84e1add9daf4ad26ced5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/03/ktc-proud-card-300x188.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: roodeemoney.com
referer: https://roodeemoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:38:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 119
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 74076
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Mar 2021 13:25:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60520355-1215c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NW6VLE9aWod3e0ah0O%2FQbLhuy6jrr5lSkyV0IDmNaPLUUVF%2BI%2BVERIaDxGUk9g3yLwVYT7dXrB6E0xigZZo9kcaG1yvNd0yBd8X0TfCPhNIadZ%2F46N7%2BSVTLfnyqMz2DZ7%2FWIh%2BZ03p5dvh1Go8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 682969212a05dfcf-FRA

GET
H3-29 200 CitiReady-Credit-16.png
roodeemoney.com/wp-content/uploads/2021/03/ 446 KB
447 KB 22ms
21ms Image
image/png 2606:4700:3036::6815:4c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roodeemoney.com/wp-content/uploads/2021/03/CitiReady-Credit-16.png

Requested by

Host: roodeemoney.com
URL: https://roodeemoney.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:4c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d51d2273e2767f92e29d0d1d85bfce694ea1c14fe3ce65d069c22d85e91aedcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/03/CitiReady-Credit-16.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: roodeemoney.com
referer: https://roodeemoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:38:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 119
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 456665
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Mar 2021 13:25:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60520351-6f7d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4rnfuJsstufoSbAPUBvfRL48bktXiYobsbCcQUmjMGu1wXpZrMqBl2MccN190ny5zjXQZ1mjrphS2mboLsRw39i4aaoKikv2fKNWlleYByxLBEJdQwqWVWGhsYChXmn5KuUDCKG4G235DNQUKA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 682969212a08dfcf-FRA

GET
H3-29 200 UOB-Cash-Plus.png
roodeemoney.com/wp-content/uploads/2021/03/ 343 KB
344 KB 13ms
13ms Image
image/png 2606:4700:3036::6815:4c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roodeemoney.com/wp-content/uploads/2021/03/UOB-Cash-Plus.png

Requested by

Host: roodeemoney.com
URL: https://roodeemoney.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:4c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4814d26cec0cc65fc34d1a24ecacdc0c2cb5fdb8bc871897403e3b37e6240a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/03/UOB-Cash-Plus.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: roodeemoney.com
referer: https://roodeemoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:38:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 118
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 351495
x-xss-protection: 1; mode=block
last-modified: Wed, 17 Mar 2021 13:25:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60520350-55d07"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o28cMfeIb3ULENt23rHIbrJOeba6Yd3%2BaLxG8HU1JvGmvYzVQ6jSFC0FSZn9QNWV%2F5v3iAFcUalKQOJo1wy6L8KmsiAO5uOLc9xsrrhu8OKTPXbdkIddUzGREOZ%2Bp1%2BLR%2BgceYGNhh7Meru9RHU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 682969212a09dfcf-FRA

GET
H/1.1 200
OK banner-cash-plus-2_2021may_1024x530.jpg
www.uob.co.th/web-resources/images/form/onlineapp-cashplus/ 97 KB
97 KB 2096ms
769ms Image
image/jpeg 42.61.47.40
SINGNET SingNet

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.uob.co.th/web-resources/images/form/onlineapp-cashplus/banner-cash-plus-2_2021may_1024x530.jpg

Requested by

Host: roodeemoney.com
URL: https://roodeemoney.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

42.61.47.40 Singapore, Singapore, ASN3758 (SINGNET SingNet, SG),

Reverse DNS

Software

Resource Hash

de020ce2e06868cdee188a747ae3decbf869cf356fd1181896e6e32b4deebc28

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .uob.co.th .uob.com.sg .uobgroup.com .uobgroup.com.sg https://ereport.uob.co.th https://docs.google.com https://www.youtube.com https://firebase.google.com https://www.facebook.com
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 22 Aug 2021 04:38:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1
Last-Modified: Mon, 17 May 2021 04:52:38 GMT
Vary: Accept-Encoding,user-Agent
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Type: image/jpeg
Cache-Control: public,max-age=1209600,post-check=604800
Content-Security-Policy: frame-ancestors 'self' *.uob.co.th *.uob.com.sg *.uobgroup.com *.uobgroup.com.sg https://ereport.uob.co.th https://docs.google.com https://www.youtube.com https://firebase.google.com https://www.facebook.com
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Mon, 23 Aug 2021 04:38:19 GMT

GET
H2 200 03-CIMB-Extra-Cash2.png
i1.wp.com/www.cardfavor.com/wp-content/uploads/2018/09/ 97 KB
97 KB 138ms
45ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.cardfavor.com/wp-content/uploads/2018/09/03-CIMB-Extra-Cash2.png?fit=400%2C260&ssl=1

Requested by

Host: roodeemoney.com
URL: https://roodeemoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

064fe433b8ca642ef9184ea5bf9c88ec3c518bad42215f7d28772375e51514ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 22 Aug 2021 04:38:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 22 Aug 2021 04:36:19 GMT
server: nginx
etag: "0ab367db4a6eedee"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://www.cardfavor.com/wp-content/uploads/2018/09/03-CIMB-Extra-Cash2.png>; rel="canonical"
content-length: 98822
expires: Tue, 22 Aug 2023 16:36:19 GMT

GET
H3-29 200 C6CBD4D1-D265-4222-BB7D-D46EBC8E28D2-300x189.png
roodeemoney.com/wp-content/uploads/2021/04/ 80 KB
81 KB 21ms
20ms Image
image/png 2606:4700:3036::6815:4c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roodeemoney.com/wp-content/uploads/2021/04/C6CBD4D1-D265-4222-BB7D-D46EBC8E28D2-300x189.png

Requested by

Host: roodeemoney.com
URL: https://roodeemoney.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:4c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

108f55d18a11c3b2bf5217a29ee3f1a34faa3f792cd6ed733954f208a2cc781f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/04/C6CBD4D1-D265-4222-BB7D-D46EBC8E28D2-300x189.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: roodeemoney.com
referer: https://roodeemoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:38:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 119
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 81870
x-xss-protection: 1; mode=block
last-modified: Tue, 06 Apr 2021 15:12:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "606c7a6a-13fce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFN3V4i%2BA4UQErWyVugJxoo0YgVCbPs80fb%2BQtd%2FiYHz0IOJBly0f0w%2Fb3jp5ke%2FMqZef3COFnCqxHahEg7gXpqdE8K0m0V8zJdYSLVIhyHvU9Khv0ufbafmkm%2FqhXtCQ1MGsC2yON6Py6Uw0%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 682969212a0adfcf-FRA

GET
H3-29 200 citi-cash-back-platinum-credit-card-1.png
roodeemoney.com/wp-content/uploads/2021/03/ 71 KB
71 KB 47ms
47ms Image
image/png 2606:4700:3036::6815:4c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roodeemoney.com/wp-content/uploads/2021/03/citi-cash-back-platinum-credit-card-1.png

Requested by

Host: roodeemoney.com
URL: https://roodeemoney.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:4c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a0f079ca28cf34ded6cb943c7432478ad00a774a65362e879c0186193b96bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/03/citi-cash-back-platinum-credit-card-1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: roodeemoney.com
referer: https://roodeemoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:38:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 119
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 72225
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Mar 2021 11:46:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "604b549b-11a21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UqtAtcTjY7FomeLZ4aBBCEAc5yG2RsaRvHVfm%2BbXa7lfsoj2Iu9y63Xdg8hLlvRzPKmL08pWrcPusvtyH2bvRkzovijxoLlgFgrfYhBZX3tbBnhfWR%2FmLxiNG%2Fhqzr7JJ2bSrUv3T%2Buo%2FmlkLpI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 682969212a0cdfcf-FRA

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 26a1.svg
s.w.org/images/core/emoji/13.0.1/svg/ 451 B
650 B 137ms
45ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/13.0.1/svg/26a1.svg

Requested by

Host: roodeemoney.com
URL: https://roodeemoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

d3a6d0c18f6887f771aa3cd51db375e7a9588e1af63801cc100cd9bcc5bccaac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 22 Aug 2021 04:38:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 20 Oct 2020 16:13:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 451
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f39f.svg
s.w.org/images/core/emoji/13.0.1/svg/ 1 KB
641 B 75ms
45ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/13.0.1/svg/1f39f.svg

Requested by

Host: roodeemoney.com
URL: https://roodeemoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

6395d65d0f56d2401b63830f8742bc9361cc3f610b942a6d1d31b29e4d53bb78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 22 Aug 2021 04:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Oct 2020 16:13:30 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f525.svg
s.w.org/images/core/emoji/13.0.1/svg/ 822 B
536 B 49ms
45ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/13.0.1/svg/1f525.svg

Requested by

Host: roodeemoney.com
URL: https://roodeemoney.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

4fa646a4dbc10513ddeb70561789483638faf456e15186f4eb7291c5c455cbb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 22 Aug 2021 04:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Oct 2020 16:13:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/ 252 KB
93 KB 45ms
31ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6267369281180869&plah=roodeemoney.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6267369281180869

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5b3b78060934b27d88d694a3f65e5847097f62d5ffc862ae98e5ce482f74da7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95446
x-xss-protection: 0
server: cafe
etag: 16230733116024533272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 22 Aug 2021 04:38:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/ Frame 6619 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6267369281180869

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210812/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://roodeemoney.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://roodeemoney.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 21 Aug 2021 20:32:15 GMT
expires: Sat, 04 Sep 2021 20:32:15 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 29161
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 admin-ajax.php Show response
roodeemoney.com/wp-admin/ 1 B
724 B 583ms
583ms XHR
text/html 2606:4700:3036::6815:4c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://roodeemoney.com/wp-admin/admin-ajax.php

Requested by

Host: roodeemoney.com
URL: https://roodeemoney.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:4c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://roodeemoney.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
content-length: 53
:path: /wp-admin/admin-ajax.php
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: roodeemoney.com
referer: https://roodeemoney.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://roodeemoney.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 22 Aug 2021 04:38:17 GMT
content-encoding: br
x-content-type-options: nosniff nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-robots-tag: noindex
server: cloudflare
x-frame-options: SAMEORIGIN SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FqXryVXlzGrxYDcIK5NpRzVjAtDZj%2BTsE8m%2BdglD264NMmrneRLmDiRbC2G7aVoGsxBRsQHEY%2BVc60vPXf%2FHJjHpv5prXX%2B0XlRACLIuqsMBMJrioC0DSzCH57SsR2xR2ndPoRVPonps1pUt2w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://roodeemoney.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 682969219a56dfcf-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 player_api Show response
www.youtube.com/ 980 B
895 B 22ms
22ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: roodeemoney.com
URL: https://roodeemoney.com/wp-content/cache/autoptimize/js/autoptimize_f4ef378bf844ca00edfad2cbcbdb73b3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0085de260172012defb7edafe9ba7ecbbbca4672ac945cc91227771bab38c1f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:38:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
accept-ch-lifetime: 2592000
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
expires: Sun, 22 Aug 2021 04:38:18 GMT

GET
H3-29 200 mejs-controls.svg
roodeemoney.com/wp-includes/js/mediaelement/ 4 KB
2 KB 12ms
12ms Image
image/svg+xml 2606:4700:3036::6815:4c97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roodeemoney.com/wp-includes/js/mediaelement/mejs-controls.svg

Requested by

Host: roodeemoney.com
URL: https://roodeemoney.com/wp-content/cache/autoptimize/css/autoptimize_348a1d10eb9fd1a8e75fbc84803e79ea.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:4c97 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad55816ac6c62f214e60a1913ff4f0215ab329034cbc7436a5514941449ca7b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/mediaelement/mejs-controls.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: roodeemoney.com
referer: https://roodeemoney.com/wp-content/cache/autoptimize/css/autoptimize_348a1d10eb9fd1a8e75fbc84803e79ea.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://roodeemoney.com/wp-content/cache/autoptimize/css/autoptimize_348a1d10eb9fd1a8e75fbc84803e79ea.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 118
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Aug 2017 04:43:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"59800707-11f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpqIrV4YKLBxks4Gz8YXsKEDtY0reQ%2FV%2BlsdiGiYnmJd5pi%2Foxz3UWM93IHXIGjfgLVL98UMQKsSGr2aSkYFGMANKdU1mDcJhZuxrPwv%2FtDLD7yrMGNN2Hnz1TtWlc1CHUFHgi8SDwERTS9cmH0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 68296921aa60dfcf-FRA

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
12ms Ping
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-MPRBRG5Y6Y&gtm=2oe8i0&_p=32563936&sr=1600x1200&ul=en-us&cid=1243165754.1629607097&_s=1&dl=https%3A%2F%2Froodeemoney.com%2F&dt=%E0%B8%A3%E0%B8%B9%E0%B9%89%E0%B8%94%E0%B8%B5%20money%20-%20%E0%B8%A3%E0%B8%B9%E0%B9%89%E0%B8%94%E0%B8%B5%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%E0%B8%9A%E0%B8%B1%E0%B8%95%E0%B8%A3%E0%B9%80%E0%B8%84%E0%B8%A3%E0%B8%94%E0%B8%B4%E0%B8%95%20%E0%B9%81%E0%B8%A5%E0%B8%B0%E0%B8%AA%E0%B8%B4%E0%B8%99%E0%B9%80%E0%B8%8A%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%AA%E0%B9%88%E0%B8%A7%E0%B8%99%E0%B8%9A%E0%B8%B8%E0%B8%84%E0%B8%84%E0%B8%A5%20-%20%E0%B8%A3%E0%B8%B9%E0%B9%89%E0%B8%94%E0%B8%B5%20Money&sid=1629607096&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MPRBRG5Y6Y
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 22 Aug 2021 04:38:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://roodeemoney.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9KNHJN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 5077
date: Sun, 22 Aug 2021 03:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Sun, 22 Aug 2021 05:13:41 GMT

GET
H3-29 200 watch
www.youtube.com/ 0
0 32ms
32ms Media
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.youtube.com/watch?v=l_mAFiTcY4M&_=1
Requested by: Host: roodeemoney.com
URL: https://roodeemoney.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://roodeemoney.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
660 B 162ms
66ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=roodeemoney.com&callback=_gfp_s_&client=ca-pub-6267369281180869

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6267369281180869&plah=roodeemoney.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

1573ade6002fc3ad78e99dcf7a4eda970e4af095c23a8ca35ec704ffbee0356a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 35ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=roodeemoney.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 Aug 2021 04:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 34ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=roodeemoney.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 Aug 2021 04:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D1C8 17 KB
5 KB 536ms
536ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6267369281180869&output=html&adk=1812271804&adf=3025194257&lmt=1629607096&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Froodeemoney.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629607096545&bpp=4&bdt=390&idt=93&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=148701936720&frm=20&pv=2&ga_vid=1243165754.1629607097&ga_sid=1629607097&ga_hid=32563936&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C20211866%2C31062181%2C31062297&oid=3&pvsid=3612445778148373&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=110

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

353603ffa99efb9a3878f4f44635e6f954d0eac3f33c2ab1d482e123bcb160da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6267369281180869&output=html&adk=1812271804&adf=3025194257&lmt=1629607096&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Froodeemoney.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629607096545&bpp=4&bdt=390&idt=93&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=148701936720&frm=20&pv=2&ga_vid=1243165754.1629607097&ga_sid=1629607097&ga_hid=32563936&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C20211866%2C31062181%2C31062297&oid=3&pvsid=3612445778148373&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=110
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://roodeemoney.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://roodeemoney.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 22 Aug 2021 04:38:17 GMT
server: cafe
content-length: 5098
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 22-Aug-2021 04:53:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 22 Aug 2021 04:38:17 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 43ms
20ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:38:18 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458978809797"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27677
x-xss-protection: 0
expires: Sun, 22 Aug 2021 04:38:18 GMT

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/b555ee94/www-widgetapi.vflset/ 125 KB
42 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b555ee94/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6648b04e414e1e9fe5291e31e47fae11425d5180dd7c1da6743e5cf840f3e37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 03:35:17 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 00:25:39 GMT
server: sffe
age: 3781
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42716
x-xss-protection: 0
expires: Mon, 22 Aug 2022 03:35:17 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
12ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=32563936&t=pageview&_s=1&dl=https%3A%2F%2Froodeemoney.com%2F&ul=en-us&de=UTF-8&dt=%E0%B8%A3%E0%B8%B9%E0%B9%89%E0%B8%94%E0%B8%B5%20money%20-%20%E0%B8%A3%E0%B8%B9%E0%B9%89%E0%B8%94%E0%B8%B5%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%E0%B8%9A%E0%B8%B1%E0%B8%95%E0%B8%A3%E0%B9%80%E0%B8%84%E0%B8%A3%E0%B8%94%E0%B8%B4%E0%B8%95%20%E0%B9%81%E0%B8%A5%E0%B8%B0%E0%B8%AA%E0%B8%B4%E0%B8%99%E0%B9%80%E0%B8%8A%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%AA%E0%B9%88%E0%B8%A7%E0%B8%99%E0%B8%9A%E0%B8%B8%E0%B8%84%E0%B8%84%E0%B8%A5%20-%20%E0%B8%A3%E0%B8%B9%E0%B9%89%E0%B8%94%E0%B8%B5%20Money&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=1706708176&gjid=62022478&cid=1243165754.1629607097&tid=UA-195071185-1&_gid=1246820112.1629607098&_r=1&gtm=2wg8i0W9KNHJN&z=584507406

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 22 Aug 2021 04:38:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://roodeemoney.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 l_mAFiTcY4M Show response
www.youtube.com/embed/ Frame 1D83 56 KB
24 KB 42ms
41ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/l_mAFiTcY4M?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Froodeemoney.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/www-widgetapi.vflset/www-widgetapi.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b20ced19e175c2bf10427736057e006d989365176cfd1209c9e7ab62d9c6d35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/l_mAFiTcY4M?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Froodeemoney.com&widgetid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://roodeemoney.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=1kq53CLiiDQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://roodeemoney.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 22 Aug 2021 04:38:18 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=MMyRxs9qgs8; Domain=.youtube.com; Expires=Fri, 18-Feb-2022 04:38:18 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+759; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
85 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-195071185-1&cid=1243165754.1629607097&jid=1706708176&gjid=62022478&_gid=1246820112.1629607098&_u=YADAAEAAAAAAAC~&z=1082556237

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 22 Aug 2021 04:38:18 GMT
content-type: text/plain
access-control-allow-origin: https://roodeemoney.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/b555ee94/ Frame 1D83 329 KB
45 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b555ee94/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/l_mAFiTcY4M?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Froodeemoney.com&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa52f6b5576b95a51157b7b318e6bf15c54cfe5013ed068c66fde0852971f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/l_mAFiTcY4M?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Froodeemoney.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 14:41:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 00:25:39 GMT
server: sffe
age: 222996
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46249
x-xss-protection: 0
expires: Fri, 19 Aug 2022 14:41:42 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/b555ee94/www-embed-player.vflset/ Frame 1D83 193 KB
64 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b555ee94/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cc4e229cc22a45146d4f3c3358e36ad1cafe05c73d07fba488da967a85a58ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/l_mAFiTcY4M?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Froodeemoney.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 16:17:45 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 00:25:39 GMT
server: sffe
age: 44433
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65245
x-xss-protection: 0
expires: Sun, 21 Aug 2022 16:17:45 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/ Frame 1D83 2 MB
497 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0930cdf7a5ac7dd8c0eee66b6d5d1e215205f9f08228cb0b048acd4f08016920

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/l_mAFiTcY4M?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Froodeemoney.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 14:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 00:25:39 GMT
server: sffe
age: 222995
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 508404
x-xss-protection: 0
expires: Fri, 19 Aug 2022 14:41:43 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/b555ee94/fetch-polyfill.vflset/ Frame 1D83 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b555ee94/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/l_mAFiTcY4M?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Froodeemoney.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 14:41:35 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 00:25:39 GMT
server: sffe
age: 223003
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Fri, 19 Aug 2022 14:41:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1D83 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 21:27:21 GMT
x-content-type-options: nosniff
age: 457857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 21:27:21 GMT

GET
H3-29 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 1D83 113 B
161 B 28ms
27ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63f836a3c05fa57cc373764fb7d76fa5d37fe6280f91817c7851656d567e5e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 1D83 29 B
91 B 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:29:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 517
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Sun, 22 Aug 2021 04:44:41 GMT

GET
H2 200 XXkzgZ_iluOMdrQKXYNRgqTdRkvmuzerOYXdiSc_i3s.js Show response
www.google.com/js/th/ Frame 1D83 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/XXkzgZ_iluOMdrQKXYNRgqTdRkvmuzerOYXdiSc_i3s.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d7933819fe296e38c76b40a5d835182a4dd464be6bb37ab3985dd89273f8b7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 05:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 343551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13420
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 15:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 05:12:27 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/ Frame 1D83 24 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92afa9485ca4ccf9d827259ae32c1868922e79a8c5677db8757acc8a0170e959

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/l_mAFiTcY4M?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Froodeemoney.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 14:49:45 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 00:25:39 GMT
server: sffe
age: 222513
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7274
x-xss-protection: 0
expires: Fri, 19 Aug 2022 14:49:45 GMT

GET
DATA 200
OK truncated
/ Frame 1D83 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQzMb7w1cLHuZUXo2V3g1fHUlVa4kz9o6LuYx6m=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 1D83 4 KB
4 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQzMb7w1cLHuZUXo2V3g1fHUlVa4kz9o6LuYx6m=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5de641fa6b8e93328db555679cfb819e20e1beaf7299768ccef5087dd952ca6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 03:19:16 GMT
x-content-type-options: nosniff
age: 4742
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3705
x-xss-protection: 0
server: fife
etag: "v20"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 07 Jul 2021 02:22:16 GMT

GET
H2 200 default.webp
i.ytimg.com/vi_webp/l_mAFiTcY4M/ Frame 1D83 4 KB
4 KB 43ms
43ms Image
image/webp 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/l_mAFiTcY4M/default.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16a19e5d686917aaf450123b845a6d5cfc787c63168202fdaa0dc648a493c70c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:38:18 GMT
x-content-type-options: nosniff
server: sffe
etag: "1572255078"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4092
x-xss-protection: 0
expires: Sun, 22 Aug 2021 06:38:18 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame 1D83 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?bM-iGw
Requested by: Host: roodeemoney.com
URL: https://roodeemoney.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/l_mAFiTcY4M?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Froodeemoney.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:38:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 31ms
18ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210812&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8723dff8ba173b4717f37bfdda8a43afe779c603eaf589012f43a15da083648a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 Aug 2021 04:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8578
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 04:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sun, 22 Aug 2021 04:38:19 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2F47 12 KB
5 KB 21ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://roodeemoney.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://roodeemoney.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sat, 21 Aug 2021 19:41:40 GMT
expires: Sun, 21 Aug 2022 19:41:40 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 32199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BE7B 783 B
537 B 19ms
18ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e9b2a4dfbb0e73a27a6452af631ee51169eb4274557200740c3e619ed34b56a0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RmGTVG96rM3m5vJjUlsQ3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://roodeemoney.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://roodeemoney.com/

Response headers

expires: Sun, 22 Aug 2021 04:38:19 GMT
date: Sun, 22 Aug 2021 04:38:19 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-RmGTVG96rM3m5vJjUlsQ3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 LPVuzLK1TyzEP0FlVkI4C3aV71n8MLJs6dtRUJPDU8s.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F47 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LPVuzLK1TyzEP0FlVkI4C3aV71n8MLJs6dtRUJPDU8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cf56eccb2b54f2cc43f41655642380b7695ef59fc30b26ce9db515093c353cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 23:42:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13273
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Aug 2022 23:42:19 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 30ms
30ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210812&jk=3612445778148373&bg=!JSalJmLNAAZvV8FTb1c7ACkAdvg8WvYf3OTZAi3r0nCJXWubYHFg0R2w0yMSi-B4Z1Swhn0SFy4c7AIAAABYUgAAAAxoAQcKAQoUsNq22n5kjgWW8gmY7-l7y-t6VVJiQSzaEIJEkrEzsS61N19GryKt-6ka4PdxXxMQzSlVoy6dDSyNn5jNsR3nrVeeMXyqaj3SfpWnTjVfWWkCvac5fJ_SKnouMTzCyKItMyCrp1wwW2fvpRdyiB8J8KEZkFz6g6MWJH7ReIJB3VGKAKhNP4r7ZIPKyk237ZzLeJKnoaTtBkS26X9_K560JTAZ3k6l6OqDHqA_rv40Li7yZgXRQp3nmvoesUzVIn5a1nbQKMvV3qAqOk0SrgIT9z-ODyXEOnCwcuo76CymgQabCfph6KHbWfWcDsLQxtz8cslRENGdl5RI-Pux0W4EWGw3cE2UkBxu1pkCdNoC4lTtsEr8Ha6gXzJ4UDHJpQE0wTiPsybKJs0ZlDhtia9FlDQmk-iGoEeKBmrq5DjAhOTPuuoMtopr67INr5GymXbWmZZhi4B7PKB_osHwy7iX77MTbSElDrq9XhE9_tD9NqV39ykaTx4Dd9Y8lSL6L6psnWwejNjyp9Nd0tZtGi3Mfd3eeO0vd2yC3S2n1jSyrv4US95tS18yaUz9kLCpLLmJsCnHE_-t4wSVshZPRaAqwmI5PA7uvjIw-rzxz79vaMlQKycMl6qPwvyUe1TNKh1Bb0pybfpzOzpeI0JIXA4TwWbq-au2EEF1BDAQXrxaiiGZxeXWaR6vBuze-Spdd1zQDyX3gHeHAtI2DyVRBlXEl8riSq0G3Qd2iXqUa2SK0NF5l5vxAVSYdY6bUT6BR2y2272ORz2JQy3rkTCeMRvvAdnJIthiJ1yia81wxWE0rNGX6g3EEPeCfmG8j62Lqf7Sbr05cguTUZ-es6-OazcCbQsezeFI9poF0VlE7c3wquU1BPU9_uYn-p8n7ks6S2F1szvtqGYGeelrp7-f0x04cwtScVHbwhvCepTCOSEJMIuMAfGRqredUviXlxk38Z1Wg94IEQB6mBsZIVCG0sARR6BfMdPcefO0-CKssbxByer22Z1UNSLdONZX8j4SeY-2EFIgI-0KI8TbKD9stIBhmYGVKL3-iioRVCpVhj8mklG5TBcJFPpkpZQLgMDpzRCHh6yeBhNpg2F6qdv4A_KO33LJnyeCJ6DSUvZzxpOY5CR8deztj1a0BwdVscTLm6mzKJs3CbUFtgdl6mjD_UJgb6O6OB6lTFXUW4D-c_MfV1U

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://roodeemoney.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Aug 2021 04:38:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 1D83 28 B
54 B 20ms
20ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b555ee94/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/l_mAFiTcY4M?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Froodeemoney.com&widgetid=1
X-YouTube-Client-Version: 1.20210818.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtNTXlSeHM5cWdzOCi6qYeJBg%3D%3D
X-YouTube-Ad-Signals: dt=1629607098294&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C373%2C210&vis=1&wgl=true&ca_type=image&bid=ANyPxKp79b1BVSy1ZXQ2upPGUkzMbUfbXqfS_1qYjli5byi9MknJ7JlJt7jr9Y94_i4bo9S3N6_eSzV_PHmh18jU6Jw5PPxNKg

Response headers

date: Sun, 22 Aug 2021 04:38:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sun, 22 Aug 2021 04:38:20 GMT

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-20 00:59:19	Name: VISITOR_INFO1_LIVE Value: MMyRxs9qgs8
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 1kq53CLiiDQ
.doubleclick.net/	1970-01-20 06:01:43	Name: IDE Value: AHWqTUk_CAoybtXrCwgp1XdnRlESSab5HK1AVNItz7pchL9OxkFpYQrH9SkOnbB-
.roodeemoney.com/	1970-01-20 06:01:43	Name: __gads Value: ID=96259f0b9a47c795-2280a9aab1c90060:T=1629607098:RT=1629607098:S=ALNI_MZX_0qfh-fyiMdmlWK7A7Re6QYo2g
.roodeemoney.com/	1970-01-19 20:40:07	Name: _gat_UA-195071185-1 Value: 1
.roodeemoney.com/	1970-01-20 14:11:19	Name: _ga_MPRBRG5Y6Y Value: GS1.1.1629607096.1.0.1629607096.0
.roodeemoney.com/	1970-01-20 14:11:19	Name: _ga Value: GA1.2.1243165754.1629607097
.roodeemoney.com/	1970-01-19 20:41:33	Name: _gid Value: GA1.2.1246820112.1629607098

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://roodeemoney.com/wp-content/cache/autoptimize/js/autoptimize_f4ef378bf844ca00edfad2cbcbdb73b3.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
i1.wp.com
pagead2.googlesyndication.com
partner.googleadservices.com
roodeemoney.com
s.w.org
s3-ap-southeast-1.amazonaws.com
static.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.amot.in.th
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.ktc.co.th
www.roodeemoney.com
www.uob.co.th
www.youtube.com
yt3.ggpht.com
142.250.186.34
192.0.77.2
192.0.77.48
203.78.107.224
2600:9000:2190:2200:17:beb7:8f40:93a1
2606:4700:3036::6815:4c97
2a00:1450:4001:801::2001
2a00:1450:4001:808::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:810::2016
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2006
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c08::9b
42.61.47.40
52.219.37.10
0085de260172012defb7edafe9ba7ecbbbca4672ac945cc91227771bab38c1f5
01716fda64460d237027ce9ef9a5b50e30e1cbd16f79f5b4ee01b0952ae0dbe7
064fe433b8ca642ef9184ea5bf9c88ec3c518bad42215f7d28772375e51514ae
0930cdf7a5ac7dd8c0eee66b6d5d1e215205f9f08228cb0b048acd4f08016920
0b20ced19e175c2bf10427736057e006d989365176cfd1209c9e7ab62d9c6d35
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
108f55d18a11c3b2bf5217a29ee3f1a34faa3f792cd6ed733954f208a2cc781f
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1573ade6002fc3ad78e99dcf7a4eda970e4af095c23a8ca35ec704ffbee0356a
16a19e5d686917aaf450123b845a6d5cfc787c63168202fdaa0dc648a493c70c
1e513e160c68850f4cc130c9e4ec6c569eb1d6c19c8d0a17ee87ce18303a8b15
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2cf56eccb2b54f2cc43f41655642380b7695ef59fc30b26ce9db515093c353cb
30e221ad2cdb25042059e0f78e09fdd275b2dfa9f9886e06cd9f26140ebfe959
353603ffa99efb9a3878f4f44635e6f954d0eac3f33c2ab1d482e123bcb160da
3cc4e229cc22a45146d4f3c3358e36ad1cafe05c73d07fba488da967a85a58ca
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
47f7a370e726141a723111662726767b3df62d73ff592ec5adb53199d5df1555
48c273dcbed09b6b87f9365f2f141063f5c859476b53913d94fca1befe90aa0c
4a0f079ca28cf34ded6cb943c7432478ad00a774a65362e879c0186193b96bf9
4dd9c049a4906bcbff23f4470ca9ed245f96948d5bb2346329bfc65b80a8c214
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fa52f6b5576b95a51157b7b318e6bf15c54cfe5013ed068c66fde0852971f28
4fa646a4dbc10513ddeb70561789483638faf456e15186f4eb7291c5c455cbb6
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5d7933819fe296e38c76b40a5d835182a4dd464be6bb37ab3985dd89273f8b7b
5de641fa6b8e93328db555679cfb819e20e1beaf7299768ccef5087dd952ca6d
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6395d65d0f56d2401b63830f8742bc9361cc3f610b942a6d1d31b29e4d53bb78
63f836a3c05fa57cc373764fb7d76fa5d37fe6280f91817c7851656d567e5e9e
66c47e95e2ac18d9e71b1eeb1664d31499133817fa93ea09cde1c228eb13a137
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf
7add26056c825823ca575bc8725a35466522826f1c797e34a71da9af4fb35f5c
7ecb7eea171614b4b31f360977d91d83f497ee31d65816934c2e3e4544141c78
8723dff8ba173b4717f37bfdda8a43afe779c603eaf589012f43a15da083648a
92afa9485ca4ccf9d827259ae32c1868922e79a8c5677db8757acc8a0170e959
9a1fe38b222a10ffeb53c06814a044b6ea26271d2fe76bc5b5bebeb617780793
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ad55816ac6c62f214e60a1913ff4f0215ab329034cbc7436a5514941449ca7b9
ae00aace8e3f670b626451439100c78be06bb3165dbbc4b9db4bbf4900ad146d
aed7d9b7a26edef496d2f8639570085f3b9d230e0eee6edab9dc3e2e03a0cae4
b5b3b78060934b27d88d694a3f65e5847097f62d5ffc862ae98e5ce482f74da7
bcbe79ce2116c05e7872815dcb15915ce7760d122ce4b8e1cb8fa25e9910a0c8
cd8359b6adeac3e82c25d1f7564769758db7ed1360c2d111fc7d393abe3f0639
d3a6d0c18f6887f771aa3cd51db375e7a9588e1af63801cc100cd9bcc5bccaac
d51d2273e2767f92e29d0d1d85bfce694ea1c14fe3ce65d069c22d85e91aedcf
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d732a88f0f393fb23575c6ed8c7699ef1178cde3e70b84e1add9daf4ad26ced5
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc47e1224b9fb2567b7e5d8775bee1eb2af94793a3247702dd777507c89ad7c0
de020ce2e06868cdee188a747ae3decbf869cf356fd1181896e6e32b4deebc28
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e6648b04e414e1e9fe5291e31e47fae11425d5180dd7c1da6743e5cf840f3e37
e6eef28b87abd72b27ae0c19f0070ad1366419c868f5c538760cae1af5c4c9cf
e9b2a4dfbb0e73a27a6452af631ee51169eb4274557200740c3e619ed34b56a0
ea6e1aafc418a2f43f97735f6c99ab4817516e3efade144ab32aa9544fb3bace
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f4814d26cec0cc65fc34d1a24ecacdc0c2cb5fdb8bc871897403e3b37e6240a5
f4e2816bbf692a367068749417b5237804fc9e870c122552d55cdfc49fd22bd9
f591b5e8e481d42510ec7c3ba1109a1159ee44a01169c53a441e982ba6e4fa5b
f64905979e1e44229a9268d9eb42834ad9258b90f1c8f4ac82c8592791783fdb

roodeemoney.com Open in urlscan Pro 2606:4700:3036::6815:4c97 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

100 %HTTPS

76 %IPv6

19 Domains

24 Subdomains

26 IPs

5 Countries

6622 kBTransfer

9381 kBSize

8 Cookies

11 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

roodeemoney.com Open in urlscan Pro
2606:4700:3036::6815:4c97 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

100 %
HTTPS

76 %
IPv6

19
Domains

24
Subdomains

26
IPs

5
Countries

6622 kB
Transfer

9381 kB
Size

8
Cookies

68 HTTP transactions
8 data transactions