gift3843.g00le.vip Open in urlscan Pro
172.67.200.150  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://t3.g00le.vip/visit/617bb6cec3a1b80006a1d45b Page URL
2. https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	617bb6cec3a1b80006a1d45b t3.g00le.vip/visit/	483 B 1 KB	198ms 89ms	Document text/html	172.67.200.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t3.g00le.vip/visit/617bb6cec3a1b80006a1d45b Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.200.150 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cf-cache-status DYNAMIC cf-ray 7922b330de8c5cb0-FRA content-length 483 date Tue, 31 Jan 2023 13:12:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} refresh 0;URL=https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eySSdYB15V0gkcIcsvsfVTOT8Cy2wST5UcRTdzHsH9rjOouwG5TWf1dxDcEdxAL%2Bq14Qzukru0Si1UPDCuJe0%2BOpPH5s4WJRI0EpJrp34UupMTM9%2FW4jotXBKw3YNoQ%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	Primary Request index_en-us.php Show response gift3843.g00le.vip/sweeps/ww/money1/	13 KB 3 KB	207ms 86ms	Document text/html	172.67.200.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.200.150 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9631c1991870ca0045356f5e93f99ede709a79f71eacd26db3c60c21f8c3b22a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cf-cache-status DYNAMIC cf-ray 7922b33259325c5c-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 31 Jan 2023 13:12:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2BHz0WXBWmS2%2FOe4W9JDuCJdOwWmR7co9XchNRhbXX8zLMWSIjVKRV99GNUdz5Z4ZzyJiEKIn5uCyiNmi4GtpAx4r6U5ktCrJGJJsB8jousOGCuUlYIQ7pQMbXt8h70s4XonB%2Fk%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	_style10.css gift3843.g00le.vip/sweeps/ww/money1/	8 KB 2 KB	79ms 76ms	Stylesheet text/css	172.67.200.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gift3843.g00le.vip/sweeps/ww/money1/_style10.css Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.200.150 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e4e33dfc48f784a06ede85f218979b14ed2efd1c46c7f64dc2b6197f684ad04f Request headers accept-language de-DE,de;q=0.9 Referer https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:37 GMT content-encoding br cf-cache-status MISS last-modified Sat, 28 Aug 2021 10:59:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"612a1700-211c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OI620cxBMsoSIccxfBaD4fBTwN7n2vS7JJm2xII4WUBiCHv3iaemgEz8qtt9AQMy3XpHacGE54wazWzZ8ChIXTV94pdxcq1ihbSV0AD7%2F4rczwMh9Cf2Elvdih5QT%2FqvtoKh1gM%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 7922b332ea475c5c-FRA expires Wed, 01 Feb 2023 01:12:37 GMT
GET H2	200	_style.css gift3843.g00le.vip/sweeps/ww/money1/	43 B 407 B	73ms 71ms	Stylesheet text/css	172.67.200.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gift3843.g00le.vip/sweeps/ww/money1/_style.css Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.200.150 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acbff103bc569ecd727168c0037d9b406f40d5d4916104e91bad0a8355eb200e Request headers accept-language de-DE,de;q=0.9 Referer https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:37 GMT cf-cache-status MISS last-modified Sat, 28 Aug 2021 10:59:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "612a1700-2b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxJ8MpWj9SwIkRaJyElU59Wp4n47%2Fr0I%2Bl7SL2fsbaTTInRZSvS2WW8XO82mOOjvHDG7oZceXn4oTeKdCH%2B0S2SKL3hy9VLgVonenUytnBYp%2Bo%2BtlpiRDmiul2DuLTlDBB0U2JY%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 accept-ranges bytes cf-ray 7922b332ea4a5c5c-FRA content-length 43 expires Wed, 01 Feb 2023 01:12:37 GMT
GET H2	200	recaptcha.css rs.y1h1.com/	31 B 517 B	357ms 50ms	Stylesheet text/css	172.67.129.176 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rs.y1h1.com/recaptcha.css Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2e33546fa7891764ba7ae3402a1a46afd831d3e84496d7fb4b70e5cb057e5767 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:37 GMT cf-cache-status HIT last-modified Tue, 05 Nov 2019 03:35:23 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 11729 etag "5dc0edfb-1f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCcEO6qdLm%2BBQGNPxmVjejww2vPU9rRW0AWmHpbJXJs2XxFIrHAHG%2B%2BdnbXRoPVIoblQXtn70qjIhvb4JtZ6vKygRBo2ozsLMOefuHeeMQvnLSnfyoWVZf5qBlnaYw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 accept-ranges bytes cf-ray 7922b334dc4423e2-LHR content-length 31 expires Tue, 31 Jan 2023 21:57:08 GMT
GET H2	200	common.js Show response rs.y1h1.com/	17 KB 7 KB	364ms 58ms	Script application/javascript	172.67.129.176 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rs.y1h1.com/common.js Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ecfa449cbb48255f0ece7b436e2015299b9e6adceb9f4df863a9ce36eab71278 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:37 GMT content-encoding br cf-cache-status HIT last-modified Tue, 22 Feb 2022 09:36:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 11729 etag W/"6214ae9e-42fe" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVsruSiJUk8kd%2F9507DugFD1%2F5BU3xxQ9A1OetA8upnQ7lMcIaMRGNkortewCV2xv%2BRLRtkmZG2YBikHfAuyNRTzRR86PwM7oZKc2PGaAOFPoChaWtTDR3TEBQECtg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 7922b334dc4723e2-LHR expires Tue, 31 Jan 2023 21:57:08 GMT
GET H2	200	load.js Show response rs.y1h1.com/	7 KB 4 KB	409ms 103ms	Script application/javascript	172.67.129.176 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rs.y1h1.com/load.js Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eda9e1ca8b96059ca3ed3cdd8f1e6822a8ef23604293b1cb914117caa5371d94 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:37 GMT content-encoding br cf-cache-status HIT last-modified Fri, 02 Sep 2022 10:37:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 11729 etag W/"6311dce6-1b90" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRaYSMFqOdggiZmPjezzDadKE6dtjyoawEMOc%2Fva%2F2shoT5R3ezx%2B0uyp0%2Bjf6X8PJhq4urmDewdpTXQClbi%2BqjUg%2FoVf8tK1QLY7R6oa%2FQZvQ40TrLM8vpvuXHchA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 7922b3351ca523e2-LHR expires Tue, 31 Jan 2023 21:57:08 GMT
GET H2	200	backbutton.js Show response rs.y1h1.com/	5 KB 2 KB	362ms 56ms	Script application/javascript	172.67.129.176 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rs.y1h1.com/backbutton.js Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 41e9f9514444fbf97421e59d1fe250d2999da2f96657379a41b681a2a000b824 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:37 GMT content-encoding br cf-cache-status HIT last-modified Tue, 04 Jan 2022 15:23:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 11729 etag W/"61d46677-12d0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWW%2B6hsCFNhhizI0yCg5rWx%2B%2BWbY7ZHDA2Hsjbc1T8vO6Oss5oB%2BUmcXEbsQY7tam9Dds5cgZfogORIZLNsEO6CgQUsHHMe%2Bf7%2F2DhwVfEHG7mOA2znAWs6eoUItTA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 7922b334dc4b23e2-LHR expires Tue, 31 Jan 2023 21:57:08 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	884 B 907 B	160ms 57ms	Script text/javascript	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash cae55edbd300794bda5f55657f7ba1516eb46c555c8b365a17fe3e87a91c069e Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:37 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 587 x-xss-protection 1; mode=block expires Tue, 31 Jan 2023 13:12:37 GMT
GET H2	200	checkbot.js Show response rs.y1h1.com/	8 KB 4 KB	366ms 60ms	Script application/javascript	172.67.129.176 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rs.y1h1.com/checkbot.js Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b2b11e955ad96caa642a0b963217b7a9e81c66ca8bcf0fe15b8ef0ea0d565d31 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:37 GMT content-encoding br cf-cache-status HIT last-modified Sat, 05 Mar 2022 01:55:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 11729 etag W/"6222c2ff-1fef" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zDGgvXGRI%2BbL1Ycz2o1X18dJI5%2BLUwpqzs%2B02ktVn9SxkYBuLyug2ELf0%2FVeg6Cy8euSaxQItzDdE%2BZQl1jciw9aufaJbEeocB4GEC%2Bgm8AEF4cN4JjdhQFvbj1kFQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 7922b334dc4d23e2-LHR expires Tue, 31 Jan 2023 21:57:08 GMT
GET H2	200	jquery-3.5.1.min.js Show response rs.y1h1.com/	87 KB 32 KB	375ms 69ms	Script application/javascript	172.67.129.176 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rs.y1h1.com/jquery-3.5.1.min.js Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:37 GMT content-encoding br cf-cache-status HIT last-modified Sun, 20 Jun 2021 08:52:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 11662 etag W/"60cf01d1-15d84" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4yMZZK%2FnUbOVek7YmLvzkQWtv8hkFui2XU9PmyTUr5lTQiXYRaSblr0Y24y1F3kwfo75xjEhvKkF7hihb3i%2FL6dqr8mArxNLo1DkNbc79pgdZDQGrgwdnkqOQh%2Bd4Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 7922b334dc4e23e2-LHR expires Tue, 31 Jan 2023 21:58:15 GMT
GET H2	200	dr-dtime.js Show response rs.y1h1.com/	14 KB 5 KB	360ms 55ms	Script application/javascript	172.67.129.176 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rs.y1h1.com/dr-dtime.js Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d545d7aacd401e8a50c84b82125b3b5d19212861be51646632472471699b777 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:37 GMT content-encoding br cf-cache-status HIT last-modified Sun, 05 Dec 2021 08:01:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 11662 etag W/"61ac71f3-3647" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LpUCESdenuWrKZaNLJIju0FWuKTjL4zDx6Y0CBg31yOMjs5%2FZmlHRK3MyWKbCNJT9S0YZg7LpaP00ideBBIarQbmJl%2BxMTpXKz8cE7vkFkTrDs0PWYS5IOda0%2BJQBg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 7922b334dc4823e2-LHR expires Tue, 31 Jan 2023 21:58:15 GMT
GET H2	200	confetti.css rs.y1h1.com/	160 B 411 B	362ms 57ms	Stylesheet text/css	172.67.129.176 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rs.y1h1.com/confetti.css Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a77ef7a847598ae41ba1c402f4af306715f4d67c1f901cda2e504b0b78899edd Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:37 GMT content-encoding br cf-cache-status HIT last-modified Sat, 19 Jun 2021 08:17:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 11662 etag W/"60cda835-a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhQPyM98n4XnoIybBg4kHrBR414DLkyONp2xI6%2BUC%2Fi9iYr4P0jG4ATo%2B5hMDNI9d%2Bpj7oywYJ6%2FTH5VTbua8CmV%2FzQLCafVYialOtRSu0WIuitcDOp1z3SkTHdLxA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 7922b334dc4623e2-LHR expires Tue, 31 Jan 2023 21:58:15 GMT
GET H2	200	confetti.js Show response rs.y1h1.com/	6 KB 2 KB	406ms 101ms	Script application/javascript	172.67.129.176 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rs.y1h1.com/confetti.js Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 33f525bbd8e61778f7365c1b6638b3114542b4118c937841f32c7bbf9985b76c Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:37 GMT content-encoding br cf-cache-status HIT last-modified Sun, 20 Jun 2021 04:10:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 11661 etag W/"60cebfcc-19c5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HsZzoPFx4XOF2pNAl3ymFfmFsTpgvszoSMeEIWvlTMyl%2BfdusGPW%2BWXXMFqCBkgCiHnv383dFo%2Bp8HR%2FEhy7V5iMgnMc67SS8Dt1Nti9qBDA8i2vlegBPq9mY25KQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 7922b334dc4923e2-LHR expires Tue, 31 Jan 2023 21:58:16 GMT
GET H2	200	loading4.gif gift3843.g00le.vip/sweeps/ww/money1/	8 KB 8 KB	69ms 65ms	Image image/gif	172.67.200.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gift3843.g00le.vip/sweeps/ww/money1/loading4.gif Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.200.150 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 11894f102437796ba20a1b49a71253e51c340d5ae28ea83e7dcb6fcf9d83e2d1 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:38 GMT cf-cache-status MISS last-modified Sat, 28 Aug 2021 10:59:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "612a1700-1eec" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6rtXhP6GU%2Fazyn2JVBEW5fBxd4Xo6Zrua4Rbb5aSy0N4o67f5zC4STXzG0KFMzmGbY8w4OofB2DCoiT48rBxtwlUfVorBf04E3AsnCAKv61kwu%2BylS0qdvUnhSpnUa4ynvxctTI%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2592000 accept-ranges bytes cf-ray 7922b3359f095c5c-FRA content-length 7916 expires Thu, 02 Mar 2023 13:12:38 GMT
GET H2	200	acard.jpg gift3843.g00le.vip/sweeps/ww/money1/	33 KB 33 KB	105ms 102ms	Image image/jpeg	172.67.200.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gift3843.g00le.vip/sweeps/ww/money1/acard.jpg Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.200.150 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 405e53ef8e55cf4e054b0a5ad95708f11e21089087bca56d5baac34de171ce91 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:38 GMT cf-cache-status MISS last-modified Sat, 28 Aug 2021 10:59:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "612a1700-824f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2Bh3ju%2F%2Fx6namFp3tBsqwlsO6wjvZZBLjeEWrQlPtY9btFDmZhxEZfVa1gY7vKrONdSJnWBS0XKMpC8eHsTWWlOck9YbWaKoSKW%2B1t4akM%2B4%2BzZhg9I7fd4jxG92dBI9YPLIDI4%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 7922b3359f0a5c5c-FRA content-length 33359 expires Thu, 02 Mar 2023 13:12:38 GMT
GET H2	200	menue.png gift3843.g00le.vip/sweeps/ww/money1/	17 KB 17 KB	62ms 59ms	Image image/png	172.67.200.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gift3843.g00le.vip/sweeps/ww/money1/menue.png Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.200.150 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c18050d1b501837e8dd06711738cea5fced7c8f4cb9b5b4604e8d7994292da65 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:38 GMT cf-cache-status MISS last-modified Sat, 28 Aug 2021 10:59:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "612a1700-43eb" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cDoonYC7t4P%2Bp0odaU%2B46R1bHXkA%2BPdqNvbU6OhmUYlZ8vUawvQQDFXeyhXFqlepA0ouc2UHb%2F1ESQutH%2Ba1Fj0tNuAxUfNpRRZXb6JrOzVV8OwIA7D3%2Bv%2FompiYR%2BkoIsjstM%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 7922b3359f0c5c5c-FRA content-length 17387 expires Thu, 02 Mar 2023 13:12:38 GMT
GET H2	200	logo.png gift3843.g00le.vip/sweeps/ww/money1/	21 KB 22 KB	74ms 71ms	Image image/png	172.67.200.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gift3843.g00le.vip/sweeps/ww/money1/logo.png Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.200.150 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d28c8d82a8cd25f75e54a83d258fde5c00d2d13e783b0b49ece6adfc4be7104e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:38 GMT cf-cache-status MISS last-modified Sat, 28 Aug 2021 10:59:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "612a1700-55e9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHhs7%2FAxztYElDeNrtIW%2FF0rRYRhdILwulYCSkWvbhnxTPNB7eq3w3lJLaGgM%2Bsqz56sKoYHip29LLnd%2F16kYcn94ct8zCd8%2FLQFRLhicIYECk5QgZg6nVYMVrDOvV2pYaXwXUw%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 7922b3359f0d5c5c-FRA content-length 21993 expires Thu, 02 Mar 2023 13:12:38 GMT
GET H2	200	user.png gift3843.g00le.vip/sweeps/ww/money1/	2 KB 3 KB	73ms 69ms	Image image/png	172.67.200.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gift3843.g00le.vip/sweeps/ww/money1/user.png Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.200.150 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c4575354c41980db26473d56e60e1e4e43da1cff091af0819bdc05acfea442d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:38 GMT cf-cache-status MISS last-modified Sat, 28 Aug 2021 10:59:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "612a1700-8a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DYFyudq4qIgJHRdEZkjFq%2BUFNVGBRJGfzlqkSKIdXPIgqzAz85G0R0lYYriMXyG3R0GWH9PeTsSNzaiY72Vuk7OcwfO0%2F%2F2TDQoP%2BDCbJkopjkVE6xTOsvaFW4avzezBmQ1e7c%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 7922b3359f125c5c-FRA content-length 2208 expires Thu, 02 Mar 2023 13:12:38 GMT
GET H2	200	trophy.jpg gift3843.g00le.vip/sweeps/ww/money1/	11 KB 11 KB	112ms 109ms	Image image/jpeg	172.67.200.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gift3843.g00le.vip/sweeps/ww/money1/trophy.jpg Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.200.150 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 41fd835af982f40043cd15cea0c03c558e39f4db87c18349157f83a7e5443d76 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:38 GMT cf-cache-status MISS last-modified Sat, 28 Aug 2021 10:59:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "612a1700-2a96" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iwEvlTBW7X5BF%2FNkPJTK3fslSS0umxFhM5OibB5FUumsWoofVvJqPj8grDyVWh1mfjTWzY3bigTaFrw0L4yKTAeHog3y9Q0JsxMAvdkjTJ5Ld2XuSrGW7hXtODg%2B%2BEwbkFLyFkQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 7922b3359f145c5c-FRA content-length 10902 expires Thu, 02 Mar 2023 13:12:38 GMT
GET H2	200	winner_1.jpg gift3843.g00le.vip/sweeps/ww/money1/	994 B 1 KB	72ms 69ms	Image image/jpeg	172.67.200.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gift3843.g00le.vip/sweeps/ww/money1/winner_1.jpg Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.200.150 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3988ceb5393040608765e40cf416c71ad6657d46378f54a275091b8b1a6a218a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:38 GMT cf-cache-status MISS last-modified Sat, 28 Aug 2021 10:59:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "612a1700-3e2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQ%2Fjl%2BBAk7lFNElBmgNLu7brHmd4phB%2Bxag9w4qc8%2BgWL4L%2FtZHN2CJnt1OdRLMBExR%2FCvS7CmEBv%2Fi1Bx2oMwDXuNhw9qOVOTOchsEAq1P3O1E1%2FkaancfV%2F3QGs%2B%2FjOLVL4BQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 7922b3359f155c5c-FRA content-length 994 expires Thu, 02 Mar 2023 13:12:38 GMT
GET H2	200	winner_initial_m.jpg gift3843.g00le.vip/sweeps/ww/money1/	950 B 1 KB	73ms 70ms	Image image/jpeg	172.67.200.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gift3843.g00le.vip/sweeps/ww/money1/winner_initial_m.jpg Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.200.150 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 669c7de8cc4685bb673f13db0b8de84fd8142005c4db680cbe35fad7b852c631 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:38 GMT cf-cache-status MISS last-modified Sat, 28 Aug 2021 10:59:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "612a1700-3b6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQjTxwd3WZS8lSSxPjAL2mKQf4npLBcKC6unhSwUzvOynNHnMw4pjnb58J1G%2Bs4GWgi98Ral%2Fd0n5QnXZvRhv%2Bc5TyYAo52kdYdx7lluVo20tLqdnBSfg99v2ScSxgYt3ShgMFY%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 7922b3359f185c5c-FRA content-length 950 expires Thu, 02 Mar 2023 13:12:38 GMT
GET H2	200	winner_3.jpg gift3843.g00le.vip/sweeps/ww/money1/	2 KB 2 KB	121ms 119ms	Image image/jpeg	172.67.200.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gift3843.g00le.vip/sweeps/ww/money1/winner_3.jpg Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.200.150 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9fca34a6b918e0d57a987d0b4db6fe6ea8d1a0593123f5b8083bf2bd0250351d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:38 GMT cf-cache-status MISS last-modified Sat, 28 Aug 2021 10:59:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "612a1700-73a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NqjwfZhOcclZL0wDyKSBPccsclahaMe73ZA3vvYHAA8JZul2PxKjwkgo%2B3vclWeFbbVsTq5xGLyP5Tv2sYv7Tppd9z5dx%2B43m5ieziSvZikrUtF%2FFG0NbDDR%2FvJOcdLgjOaO7dY%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 7922b335df835c5c-FRA content-length 1850 expires Thu, 02 Mar 2023 13:12:38 GMT
GET H2	200	winner_cat2.jpg gift3843.g00le.vip/sweeps/ww/money1/	1 KB 1 KB	122ms 120ms	Image image/jpeg	172.67.200.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gift3843.g00le.vip/sweeps/ww/money1/winner_cat2.jpg Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.200.150 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a83b950fc88acb0866c5043de6a2192d4a3a1c1f4c86046c56352cd98998645d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:38 GMT cf-cache-status MISS last-modified Sat, 28 Aug 2021 10:59:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "612a1700-42e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BISZEvxdNLuwdMn25YeXApGVDZNDzlHCQ1MyAnVJyXnfqh%2BiYEkOg2knb%2FFw2qYjrxFoXItsmwnshr39ieNZCbVAyA1VN6UOuL5uC2zXjdVNNnFC7cKVrk2Z2o%2BQ8YdBaL2RJtk%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 7922b335df855c5c-FRA content-length 1070 expires Thu, 02 Mar 2023 13:12:38 GMT
GET H2	200	winner_heart.jpg gift3843.g00le.vip/sweeps/ww/money1/	1 KB 1 KB	114ms 111ms	Image image/jpeg	172.67.200.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gift3843.g00le.vip/sweeps/ww/money1/winner_heart.jpg Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.200.150 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 183d077619e792b7dca8a6aae956d4aeed36fe6d8217fad61e33fcb663ccdb85 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:38 GMT cf-cache-status MISS last-modified Sat, 28 Aug 2021 10:59:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "612a1700-41b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rry3nbXypJjq5T9wQKMmip2KDbN2gceYgH%2B5dezYLHI40VfKNdqz3mv9YTz9i%2BDW2ya2I5Gm5Jim%2FYcLfeXl3G4vuh0soD%2Fv0m3B3cCmsVG1MMYFpWSaCYftRQCiLQHFeJxX7m0%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 7922b335df895c5c-FRA content-length 1051 expires Thu, 02 Mar 2023 13:12:38 GMT
GET H2	200	winner_2.jpg gift3843.g00le.vip/sweeps/ww/money1/	2 KB 2 KB	122ms 119ms	Image image/jpeg	172.67.200.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gift3843.g00le.vip/sweeps/ww/money1/winner_2.jpg Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.200.150 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acad01dcfdc01b98f69db941ca21c784835aa118c53025dc8006705e49145da7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:38 GMT cf-cache-status MISS last-modified Sat, 28 Aug 2021 10:59:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "612a1700-740" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hChaKr%2F4Pp3UKgp4jR6PtncQhAtVGhV0mwAQqqbJXO0QJWmp1TK5%2BjAWDIoS7U7mG5T455Zv57wW6DSWOuJw2PcLVQGBI4GeUoZMYfyJJkL9sBg0F5q%2FYL8J6EyYzU9DwZQZIlI%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 7922b335df8a5c5c-FRA content-length 1856 expires Thu, 02 Mar 2023 13:12:38 GMT
GET H2	200	winner_initial_s.jpg gift3843.g00le.vip/sweeps/ww/money1/	751 B 1 KB	143ms 140ms	Image image/jpeg	172.67.200.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gift3843.g00le.vip/sweeps/ww/money1/winner_initial_s.jpg Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.200.150 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7125f531b9cdb3ef75f1b5b608b974f492794764638bfe482c4b4c5083acbcdb Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:38 GMT cf-cache-status MISS last-modified Sat, 28 Aug 2021 10:59:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "612a1700-2ef" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z66%2FD868z2rcgy6nve01%2BoZ9OjIaKt9ESrKDgRjBJ%2BV90KzeMXky2Oqsx3y3WWUr6igyFF610RSBorErmQER%2BAvWsOx0P%2Frcq5obn2YGM2MHRAwfgUgvjX6CL6xd46mpVGeyJHk%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 7922b335df8b5c5c-FRA content-length 751 expires Thu, 02 Mar 2023 13:12:38 GMT
GET H2	200	winner_cat.jpg gift3843.g00le.vip/sweeps/ww/money1/	1 KB 1 KB	120ms 118ms	Image image/jpeg	172.67.200.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gift3843.g00le.vip/sweeps/ww/money1/winner_cat.jpg Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.200.150 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e6817ce05601aedf3fc3429a5ae05838697d805c544bce308d33260406d780e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:38 GMT cf-cache-status MISS last-modified Sat, 28 Aug 2021 10:59:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "612a1700-401" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FZcjvzG8zI2S6Hbvq29SfQWki3ukp5XDFp7j7MqunkcMi2VMdCU98XOwV9eWoKZFZFzbrwzdmuA4mnP2EMQe4hZv9Mm04qLwgUWLEx2%2FdBcUrnJ4z0CfTDbJdXYtTNEzeKMwAI%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 7922b335df8d5c5c-FRA content-length 1025 expires Thu, 02 Mar 2023 13:12:38 GMT
GET H2	200	winner_4.jpg gift3843.g00le.vip/sweeps/ww/money1/	2 KB 2 KB	113ms 111ms	Image image/jpeg	172.67.200.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gift3843.g00le.vip/sweeps/ww/money1/winner_4.jpg Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.200.150 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c1304a435337d677c1bb2e43007b946aea6571cacb2b12bf150676dcbd6b8c3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:38 GMT cf-cache-status MISS last-modified Sat, 28 Aug 2021 10:59:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "612a1700-763" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0WQHSq824Wu0rEPfUVbJZ%2BdWANiVp%2FZ8N%2BpQYQ6CjFzatnA0ibqOxjl0kYhTK8V8qr4nW5ijP4CIur3xtDQ99%2BI4FPKuaeyQyP%2Bved88elRY4boqEwLkUCKaNU6nzCxQMWWjcYs%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 7922b335df8f5c5c-FRA content-length 1891 expires Thu, 02 Mar 2023 13:12:38 GMT
GET H2	200	winner_initial_r.jpg gift3843.g00le.vip/sweeps/ww/money1/	807 B 1 KB	121ms 119ms	Image image/jpeg	172.67.200.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gift3843.g00le.vip/sweeps/ww/money1/winner_initial_r.jpg Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.200.150 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7fbbaed15a8beaf623f6eaab8c739875e3f90dd929e09a03bcdb2327e486c438 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:38 GMT cf-cache-status MISS last-modified Sat, 28 Aug 2021 10:59:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "612a1700-327" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibXz7Tii6wHAqFDwJ9nbRnSwgO0LF6kaR2qBV8uki8AyAQPE8KRb%2BZJ%2FlrFLKFh0R1wt5FM4mTVeNY9KS6LUQNmhc1DxNh98R1CvLPOkOP6pBefzw5%2Fr2e8fwPVHzlYPiR%2B8zSg%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 7922b335df905c5c-FRA content-length 807 expires Thu, 02 Mar 2023 13:12:38 GMT
GET H2	200	copy.js Show response rs.y1h1.com/	4 KB 2 KB	57ms 56ms	Script application/javascript	172.67.129.176 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rs.y1h1.com/copy.js Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29daea46fd37a5f226b28e122dbfe919646b40a1aeeb5f3318a12d375bb11b2b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:38 GMT content-encoding br cf-cache-status HIT last-modified Fri, 26 Aug 2022 10:43:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 11730 etag W/"6308a3c6-ea8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YIJ1gPBwmcm1up0vnGXo0fmzOEp02Mqju1su%2FeqQPDcQc%2Bwk1QiXlXBWbVRNRG%2BHbtVmJFkgthFg1T2V9JhdaIlECptR%2FyfNzOtozyuH5k%2Bhc9bOacLRVLXq3XRjg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 7922b3357d2b23e2-LHR expires Tue, 31 Jan 2023 21:57:08 GMT
GET H2	200	script1.js Show response gift3843.g00le.vip/sweeps/ww/money1/	4 KB 1 KB	72ms 69ms	Script application/javascript	172.67.200.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gift3843.g00le.vip/sweeps/ww/money1/script1.js Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.200.150 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 84d8f417b1d068d49e060e7c65226dcec58fc42d3b4d37f3d008668880aab156 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:38 GMT content-encoding br cf-cache-status MISS last-modified Sat, 28 Aug 2021 10:59:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"612a1700-f3a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2K9ZtFkgJs0jjiM5zV%2BWMmITvXzp9cf0sMOfY%2B%2FNwuJHmVr%2FfZUv3MOo6Y8Hkv84EnzSMactZaZ69amGPcEetCFEZha%2FqmA3mrSxh%2BEQVVKtWAEwhPvzFgs4dX2Lmecch5PV84A%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 7922b3359f045c5c-FRA expires Wed, 01 Feb 2023 01:12:38 GMT
GET H2	200	audio1.js Show response gift3843.g00le.vip/sweeps/ww/money1/	356 B 532 B	114ms 110ms	Script application/javascript	172.67.200.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gift3843.g00le.vip/sweeps/ww/money1/audio1.js Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.200.150 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a512351cc8b0aad17b2409e583779db2b196278bbf07b60ed867978a77d9de7c Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:38 GMT content-encoding br cf-cache-status MISS last-modified Sat, 18 Sep 2021 07:56:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"61459ba4-164" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fr0kUE56U5OeGYenz0%2BsiNtiV0ZgTNFMTCfCet000ZHmfXhF1eikqPndD5V9J%2BGl9fL5Wf%2B7PzsQTbECHy2olk0uyLgWSi3pTsZjyF1Wd%2Bz9vXAj%2BJHgsrfhPPUe6ar1%2FgP80pk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 7922b3359f075c5c-FRA expires Wed, 01 Feb 2023 01:12:38 GMT
GET H2	200	trans.css rs.y1h1.com/	417 B 525 B	53ms 52ms	Stylesheet text/css	172.67.129.176 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rs.y1h1.com/trans.css Requested by Host: rs.y1h1.com URL: https://rs.y1h1.com/load.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0fe667512aae8052789e62a742e2296323d2262962b98e7f8c7811d8663cfff1 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:38 GMT content-encoding br cf-cache-status HIT last-modified Sat, 24 Apr 2021 01:57:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 11663 etag W/"60837b07-1a1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPhIamXDnMMNpg25BgRWGrh6xdqzma8IW%2B6stPmpgHdTHEF91%2BmYN5dXbeis7cd4DrxgOp1kDFOKWyZlzFV4BknI3P8OmC0xYkSJpWf3O1QHXGXEn1%2FujCxKOjfcqw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 7922b3357d2d23e2-LHR expires Tue, 31 Jan 2023 21:58:15 GMT
GET H2	200	trans.js Show response rs.y1h1.com/	337 B 528 B	54ms 52ms	Script application/javascript	172.67.129.176 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rs.y1h1.com/trans.js Requested by Host: rs.y1h1.com URL: https://rs.y1h1.com/load.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.129.176 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e1d5fa481d5589bf9eb0efe7b8685c3159c5475a05f9bd0a743c5257fe4f7a68 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:38 GMT content-encoding br cf-cache-status HIT last-modified Sat, 24 Apr 2021 01:58:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 11667 etag W/"60837b56-151" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEwml86LGg%2F1VgHvCtfrlCRXdFoF5yGLUPqKxD4i%2B3NxYvvw1SS3E4k%2BXEG1oQdnEwwWh6RSUCwGHAQ3YQIUy8oy1SenQPPM4MYxn77RBR%2FkG09GBx04581x0g3fdw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 cf-ray 7922b3359d5523e2-LHR expires Tue, 31 Jan 2023 21:58:11 GMT
GET H2	200	element.js Show response translate.google.com/translate_a/	78 KB 28 KB	157ms 67ms	Script text/javascript	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit Requested by Host: rs.y1h1.com URL: https://rs.y1h1.com/load.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 10a5b27eb2b9500f2772ce5ddaa3dfbee4f4ab9d853365bc13e0e2d9f13fed12 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers pragma no-cache date Tue, 31 Jan 2023 13:12:38 GMT content-encoding gzip x-content-type-options nosniff server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	215 KB 76 KB	213ms 86ms	Script application/javascript	2a00:1450:400d:803::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-37GE99Q100 Requested by Host: rs.y1h1.com URL: https://rs.y1h1.com/load.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d22dcc976672d930320cb42d8235af3816a52343a350ccd1264344cc00a8d833 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:38 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 77233 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 31 Jan 2023 13:12:38 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/	405 KB 162 KB	144ms 39ms	Script text/javascript	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 447256eb31b03e8de245de6feb98fad0a7710874162ab5cd91bd39274eaed7a7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer Origin https://gift3843.g00le.vip accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 12:48:02 GMT content-encoding gzip x-content-type-options nosniff age 1476 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 165279 x-xss-protection 0 last-modified Mon, 23 Jan 2023 01:02:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 31 Jan 2024 12:48:02 GMT
GET H2	200	update Show response t3.g00le.vip/	2 B 411 B	58ms 58ms	Fetch text/plain	172.67.200.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t3.g00le.vip/update?eventSub3=view&event3=1 Requested by Host: rs.y1h1.com URL: https://rs.y1h1.com/common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.200.150 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:38 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QwSJf1vUjIi1%2FbkRbdciYMWoX11EtC0XZF%2FGKms%2FhBsaIoAPOpSYl68NZvt9NQS0gSgcaqevr%2BADxc5Su9E%2FRLx1TDuZCkfr2PDCsXW2VFbxOAR4oxF1ZlsA9QFHZXo%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 access-control-allow-origin https://gift3843.g00le.vip access-control-allow-credentials true cf-ray 7922b33679f95cb0-FRA content-length 2
GET H2	200	translateelement.css translate.googleapis.com/translate_static/css/	22 KB 4 KB	167ms 48ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.googleapis.com/translate_static/css/translateelement.css Requested by Host: URL: /_/translate_http/_/js/k=translate_http.tr.de.JGz9fzOtmas.O/d=1/rs=AN8SPfpU5wA-8b0-DMUXB7kXj_lp1vwwHg/m=el_conf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8953492dba77df435e5fbcd568b638fe049279d04fa0403f859d33e72fea74e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 12:38:49 GMT content-encoding br x-content-type-options nosniff age 2029 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3632 x-xss-protection 0 last-modified Mon, 09 Jan 2023 20:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="rosetta" vary Accept-Encoding report-to {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=3600 accept-ranges bytes expires Tue, 31 Jan 2023 13:38:49 GMT
GET H2	200	m=el_main Show response translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.JGz9fzOtmas.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpU5wA-8b0-DMUXB7kXj_lp1vwwHg/	207 KB 74 KB	171ms 52ms	Script text/javascript	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.JGz9fzOtmas.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpU5wA-8b0-DMUXB7kXj_lp1vwwHg/m=el_main Requested by Host: URL: /_/translate_http/_/js/k=translate_http.tr.de.JGz9fzOtmas.O/d=1/rs=AN8SPfpU5wA-8b0-DMUXB7kXj_lp1vwwHg/m=el_conf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e6cd25df04ebc9b9101d7f131cc765c10a3f88dabc2487e1a06f48ce8a767b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 22:18:09 GMT content-encoding gzip x-content-type-options nosniff age 53669 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 75400 x-xss-protection 0 last-modified Wed, 25 Jan 2023 04:12:33 GMT server sffe cross-origin-opener-policy same-origin; report-to="rosetta" vary Accept-Encoding report-to {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 30 Jan 2024 22:18:09 GMT
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame D129	42 KB 23 KB	68ms 65ms	Document text/html	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y&co=aHR0cHM6Ly9naWZ0Mzg0My5nMDBsZS52aXA6NDQz&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=n8p6w6fvbm7c Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 15a76382b3aacf893a96c271d584719f241b6b1477bd6650555ac90fc472f574 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-IvfWQR-LGFGE2JYQdH69vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 22685 content-security-policy script-src 'report-sample' 'nonce-IvfWQR-LGFGE2JYQdH69vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 31 Jan 2023 13:12:38 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
POST H2	204	collect region1.google-analytics.com/g/	0 256 B	157ms 52ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-37GE99Q100&gtm=2oe1p0&_p=848660106&cid=2005348155.1675170758&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675170758&sct=1&seg=0&dl=https%3A%2F%2Fgift3843.g00le.vip%2Fsweeps%2Fww%2Fmoney1%2Findex_en-us.php%3Fvid%3D1675170757-BnmYuG%26utm_medium%3D%257Bsub1%257D%26utm_source%3DAdvertizer%26utm_campaign%3DAdv_RevenueShare_RU%26utm_content%3DWW_2025_Finance%2BSurvey%2B%2528Android%2529_RandomPub%26isp%3DWebInvest%2BInternational%2BSA%26city%3DLappersdorf%26br%3D0%26sp%3D0%26iw%3DFalse%26checked%3D0%26trans%3D1%26ipp%3D0%26lpkey%3D16ef7568173a13d557%26ck%3D2%26tp%3D0%26td%3Dt3.g00le.vip&dt=(1)%20New%20Message&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-37GE99Q100 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers pragma no-cache date Tue, 31 Jan 2023 13:12:38 GMT server Golfe2 content-type text/plain access-control-allow-origin https://gift3843.g00le.vip cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ Frame D129	55 KB 24 KB	143ms 44ms	Stylesheet text/css	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y&co=aHR0cHM6Ly9naWZ0Mzg0My5nMDBsZS52aXA6NDQz&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=n8p6w6fvbm7c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 11:19:35 GMT content-encoding gzip x-content-type-options nosniff age 93183 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24605 x-xss-protection 0 last-modified Mon, 23 Jan 2023 01:02:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 30 Jan 2024 11:19:35 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ Frame D129	405 KB 161 KB	142ms 43ms	Script text/javascript	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y&co=aHR0cHM6Ly9naWZ0Mzg0My5nMDBsZS52aXA6NDQz&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=n8p6w6fvbm7c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 447256eb31b03e8de245de6feb98fad0a7710874162ab5cd91bd39274eaed7a7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 12:48:02 GMT content-encoding gzip x-content-type-options nosniff age 1476 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 165279 x-xss-protection 0 last-modified Mon, 23 Jan 2023 01:02:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 31 Jan 2024 12:48:02 GMT
GET DATA	200 OK	truncated Show response / Frame 409F	1 KB 1 KB		Document text/html
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 10908b6e6cfaeb149b47a6dc31aaa65aca0cf22158c74096c384bbc47285914a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Content-Type text/html;charset=UTF-8
GET H3	200	translate_24dp.png www.gstatic.com/images/branding/product/1x/	846 B 870 B	180ms 177ms	Image image/png	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/branding/product/1x/translate_24dp.png Requested by Host: gift3843.g00le.vip URL: https://gift3843.g00le.vip/sweeps/ww/money1/index_en-us.php?vid=1675170757-BnmYuG&utm_medium=%7Bsub1%7D&utm_source=Advertizer&utm_campaign=Adv_RevenueShare_RU&utm_content=WW_2025_Finance+Survey+%28Android%29_RandomPub&isp=WebInvest+International+SA&city=Lappersdorf&br=0&sp=0&iw=False&checked=0&trans=1&ipp=0&lpkey=16ef7568173a13d557&ck=2&tp=0&td=t3.g00le.vip Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 12:43:46 GMT x-content-type-options nosniff age 1732 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 846 x-xss-protection 0 last-modified Thu, 14 Oct 2021 09:08:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 31 Jan 2024 12:43:46 GMT
GET H3	200	translate_24dp.png www.gstatic.com/images/branding/product/2x/	2 KB 2 KB	178ms 177ms	Image image/png	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/branding/product/2x/translate_24dp.png Requested by Host: translate.googleapis.com URL: https://translate.googleapis.com/translate_static/css/translateelement.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://translate.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 11:52:02 GMT x-content-type-options nosniff age 4836 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1842 x-xss-protection 0 last-modified Thu, 14 Oct 2021 09:08:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 31 Jan 2024 11:52:02 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame D129	2 KB 2 KB	42ms 41ms	Image image/png	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 01:40:39 GMT x-content-type-options nosniff age 41519 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Tue, 07 Feb 2023 01:40:39 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame D129	15 KB 16 KB	188ms 59ms	Font font/woff2	2a00:1450:400d:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y&co=aHR0cHM6Ly9naWZ0Mzg0My5nMDBsZS52aXA6NDQz&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=n8p6w6fvbm7c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Mon, 30 Jan 2023 13:18:51 GMT x-content-type-options nosniff age 86027 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 30 Jan 2024 13:18:51 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame D129	15 KB 15 KB	202ms 72ms	Font font/woff2	2a00:1450:400d:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y&co=aHR0cHM6Ly9naWZ0Mzg0My5nMDBsZS52aXA6NDQz&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=n8p6w6fvbm7c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Fri, 27 Jan 2023 03:11:30 GMT x-content-type-options nosniff age 381668 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 27 Jan 2024 03:11:30 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame D129	102 B 134 B	50ms 49ms	Other text/javascript	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y&co=aHR0cHM6Ly9naWZ0Mzg0My5nMDBsZS52aXA6NDQz&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=n8p6w6fvbm7c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash cec2fe6ccfa38f972e79f25c46c812727d1048f7d364d3d5639cb2e9528acf5f Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y&co=aHR0cHM6Ly9naWZ0Mzg0My5nMDBsZS52aXA6NDQz&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=n8p6w6fvbm7c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:38 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 112 x-xss-protection 1; mode=block expires Tue, 31 Jan 2023 13:12:38 GMT
POST H3	200	reload Show response www.google.com/recaptcha/api2/ Frame D129	32 KB 18 KB	92ms 91ms	XHR application/json	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/reload?k=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 97d5886d6564b0fbc3503cf14ccf645332bf7ef1e4f1d8e9e2d1d8a4b140cb7d Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXQ7EUAAAAAEY-1sgLx4eGQQDwXNdzlKssae-Y&co=aHR0cHM6Ly9naWZ0Mzg0My5nMDBsZS52aXA6NDQz&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=n8p6w6fvbm7c accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Content-Type application/x-protobuffer Response headers date Tue, 31 Jan 2023 13:12:38 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18601 x-xss-protection 1; mode=block expires Tue, 31 Jan 2023 13:12:38 GMT
GET H2	200	verify Show response t3.g00le.vip/recaptcha/	141 B 414 B	98ms 97ms	Fetch text/plain	172.67.200.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t3.g00le.vip/recaptcha/verify?token=03AFY_a8XqG4gfTwp8jYfxK7lND6WwcJMbJLXm0UaAjGV_ILV4_He7bZ7dKD-JgS9_9UcT7HtDzYb77PXdMxwfhnaABr-4Y2GjU2rK9rUyjLZ5lYA9nzXSr9ssP9Ih2F7PYaxIJzC3DEQXQmysdI0SP5sA5WiJsraQLamLk5Vqp58zOvNvPYFopQN-BpKrHGZ3MlmmVqDc-alCfKNONXYpB8lfk1H7O_JOusdr6UzwrffseIulu3UDQwup0l8haJY1sB6ENvNivKzYhr5Ehw7PbvGKNBhVXugY-fV5aORN5dtP0VJ7nCpFS6s-f6G_0esQ2wZjuMG2E4UUlbP0GEeDmHO9mp2NOhJbwWXBxaw3aMq4w-oOAzgaTogpnb5lUZp-FSgoE60NQ59DxLoGCmorYuR-ShAhr3PUnNjfU-5uKPc8nlqI6JCgj30gmEO3Rwb0vR3BeQlUDKCWaqBiJD8Fh-w1vwVw7XNf7XhYozRDVTI4hr6yxvJeGwL-n1SbP2S5--Mym47edeR8TAXyXSNIqcwFH2E22fLQZA&vid=1675170757-BnmYuG&eventSubField=eventSub9&eventField=event9&botScore=0.5 Requested by Host: rs.y1h1.com URL: https://rs.y1h1.com/common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.200.150 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 47c7cb782e0a8b79532a9037039670fb70fd8e375218bf3283fdef38663079ae Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:12:39 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=16o6aak4OadLh7LBGQdVt4YJDp2%2FqFcr2wGI%2B%2FnA%2BisaUnuhFZ31PnHuGNS3JLcLbxnnk%2FtAxppraJCwKH8XPc4Jt1mXWdq7jA5BjlS9%2F05PExawfoJoSeZAhVLjyJE%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 access-control-allow-origin https://gift3843.g00le.vip access-control-allow-credentials true cf-ray 7922b33bec0e5cb0-FRA
POST		collect region1.google-analytics.com/g/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

region1.google-analytics.com

URL

https://region1.google-analytics.com/g/collect?v=2&tid=G-37GE99Q100&gtm=2oe1p0&_p=848660106&cid=2005348155.1675170758&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1675170758&sct=1&seg=0&dl=https%3A%2F%2Fgift3843.g00le.vip%2Fsweeps%2Fww%2Fmoney1%2Findex_en-us.php%3Fvid%3D1675170757-BnmYuG%26utm_medium%3D%257Bsub1%257D%26utm_source%3DAdvertizer%26utm_campaign%3DAdv_RevenueShare_RU%26utm_content%3DWW_2025_Finance%2BSurvey%2B%2528Android%2529_RandomPub%26isp%3DWebInvest%2BInternational%2BSA%26city%3DLappersdorf%26br%3D0%26sp%3D0%26iw%3DFalse%26checked%3D0%26trans%3D1%26ipp%3D0%26lpkey%3D16ef7568173a13d557%26ck%3D2%26tp%3D0%26td%3Dt3.g00le.vip&dt=(1)%20New%20Message&en=scroll&epn.percent_scrolled=90&_et=15