investors-protect.com Open in urlscan Pro
172.67.142.7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://investors-protect.com/hyip/ethdoubler.uno
Submission: On October 24 via api (October 24th 2022, 1:10:42 am UTC) from GR — Scanned from DE

Summary HTTP 64 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 14 domains to perform 64 HTTP transactions. The main IP is 172.67.142.7, located in United States and belongs to CLOUDFLARENET, US. The main domain is investors-protect.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 15th 2022. Valid for: a year.

This is the only time investors-protect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	172.67.142.7 172.67.142.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:46::45 2620:1ec:46::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
13	192.0.123.247 192.0.123.247	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	192.0.78.18 192.0.78.18	2635 (AUTOMATTIC) (AUTOMATTIC)
64	15

26 172.67.142.7 (United States)

ASN13335 (CLOUDFLARENET, US)

investors-protect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cdn.pagelr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 192.0.123.247 (Los Angeles, United States)

ASN2635 (AUTOMATTIC, US)
PTR: intensedebate.com

www.intensedebate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
intensedebate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.sk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.18 (San Francisco, United States) 1 redirects

ASN2635 (AUTOMATTIC, US)

r-login.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	investors-protect.com investors-protect.com	3 MB
13	intensedebate.com www.intensedebate.com — Cisco Umbrella Rank: 129020 intensedebate.com — Cisco Umbrella Rank: 109604	78 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	119 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	34 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84	501 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 5017 www.google.com — Cisco Umbrella Rank: 2	851 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
2	gstatic.com fonts.gstatic.com	73 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44 ajax.googleapis.com — Cisco Umbrella Rank: 306	32 KB
1	wordpress.com 1 redirects r-login.wordpress.com — Cisco Umbrella Rank: 22878	279 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	google.sk www.google.sk — Cisco Umbrella Rank: 29728	501 B
1	google.de www.google.de — Cisco Umbrella Rank: 6045	501 B
1	pagelr.com cdn.pagelr.com
64	14

	Domain	Requested by
26	investors-protect.com	investors-protect.com ajax.googleapis.com
11	www.intensedebate.com	investors-protect.com intensedebate.com www.intensedebate.com
9	www.googletagmanager.com	investors-protect.com www.googletagmanager.com
2	connect.facebook.net	investors-protect.com connect.facebook.net
2	intensedebate.com	www.intensedebate.com intensedebate.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
1	r-login.wordpress.com	1 redirects
1	www.facebook.com	investors-protect.com
1	www.google.sk	investors-protect.com
1	www.google.com	investors-protect.com
1	www.google.de	investors-protect.com
1	region1.analytics.google.com	www.googletagmanager.com
1	cdn.pagelr.com	investors-protect.com
1	ajax.googleapis.com	investors-protect.com
1	fonts.googleapis.com	investors-protect.com
64	17

This site contains links to these domains. Also see Links.

Domain
cutt.ly
t.me
chat.whatsapp.com
invite.viber.com
investors-protect.ru
hyipparty.com
whois.domaintools.com
www.netvibes.com
add.my.yahoo.com
fusion.google.com
my.msn.com
www.intensedebate.com
wordpress.com
www.investors-protect.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
pagelr.com R3	`2022-10-09` - `2023-01-07`	3 months	crt.sh
*.intensedebate.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-20` - `2023-05-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.sk GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2022-10-31`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://investors-protect.com/hyip/ethdoubler.uno
Frame ID: B370832A754695A20F61CE9A792A3C4E
Requests: 67 HTTP requests in this frame

Frame: https://www.intensedebate.com/empty.php
Frame ID: C7E5F6EAB8B4E0C2D402E5AA16212A91
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ethdoubler.uno - Investors Protect - Hyip Scam Check and Review - Invest Safe

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

IntenseDebate (Comment Systems) Expand

Overall confidence: 100%
Detected patterns

intensedebate\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

64
Requests

98 %
HTTPS

80 %
IPv6

14
Domains

17
Subdomains

15
IPs

3
Countries

3211 kB
Transfer

3814 kB
Size

6
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://cutt.ly/qTwZxvu

Search URL Search Domain Scan URL

URL: https://t.me/investorsprot

Search URL Search Domain Scan URL

URL: https://chat.whatsapp.com/Hu5g51y9aYh8MP8LaKFVfy

Search URL Search Domain Scan URL

URL: https://invite.viber.com/?g2=AQACySaCMUX7Q07Sg0fe0NrRp3xF4MAfox649dZvGVM77Of6K2JwkYRGbWw3uWu5

Search URL Search Domain Scan URL

URL: https://t.me/InvestorsProtectBot
Title: FOLLOW OUR TELEGRAM BOT

Search URL Search Domain Scan URL

URL: http://investors-protect.ru/hyip/ethdoubler.uno
Title: Русская версия

Search URL Search Domain Scan URL

URL: http://hyipparty.com/details-5574-ETHDoubler.html
Title: HyipParty

Search URL Search Domain Scan URL

URL: https://whois.domaintools.com/ethdoubler.uno
Title: Whois

Search URL Search Domain Scan URL

URL: https://www.netvibes.com/subscribe.php?type=rss&url=https://www.intensedebate.com/postRSS/569724696

Search URL Search Domain Scan URL

URL: https://add.my.yahoo.com/rss?url=https://www.intensedebate.com/postRSS/569724696

Search URL Search Domain Scan URL

URL: https://fusion.google.com/add?source=atgs&feedurl=https://www.intensedebate.com/postRSS/569724696

Search URL Search Domain Scan URL

URL: https://my.msn.com/addtomymsn.armx?id=rss&ut=https://www.intensedebate.com/postRSS/569724696

Search URL Search Domain Scan URL

URL: https://www.intensedebate.com/postRSS/569724696
Title: RSS Feed

Search URL Search Domain Scan URL

URL: https://www.netvibes.com/subscribe.php?type=rss&url=https://www.intensedebate.com/allBlogCommentsRSS/411834

Search URL Search Domain Scan URL

URL: https://add.my.yahoo.com/rss?url=https://www.intensedebate.com/allBlogCommentsRSS/411834

Search URL Search Domain Scan URL

URL: https://fusion.google.com/add?source=atgs&feedurl=https://www.intensedebate.com/allBlogCommentsRSS/411834

Search URL Search Domain Scan URL

URL: https://my.msn.com/addtomymsn.armx?id=rss&ut=https://www.intensedebate.com/allBlogCommentsRSS/411834

Search URL Search Domain Scan URL

URL: https://www.intensedebate.com/allBlogCommentsRSS/411834
Title: RSS Feed

Search URL Search Domain Scan URL

URL: https://www.intensedebate.com/signup
Title: create an account

Search URL Search Domain Scan URL

URL: https://wordpress.com/wp-login.php?action=lostpassword
Title: Lost your password?

Search URL Search Domain Scan URL

URL: https://www.intensedebate.com/userDash
Title: Dashboard

Search URL Search Domain Scan URL

URL: https://www.intensedebate.com/editprofile
Title: Edit profile

Search URL Search Domain Scan URL

URL: https://www.intensedebate.com/logout?_id_nonce=
Title: Logout

Search URL Search Domain Scan URL

URL: https://www.intensedebate.com/people/0

Search URL Search Domain Scan URL

URL: https://www.intensedebate.com/
Title: IntenseDebate

Search URL Search Domain Scan URL

URL: https://www.investors-protect.com/
Title: Investors-Protect.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://r-login.wordpress.com/remote-login.php?action=script_redirect&url_hash=f7a910a2244fa88bfbb9c40f7bde40d5&id=intensedebate&url=https%3A%2F%2Fwww.intensedebate.com%2Fidc%2Fjs%2Fcomment-func.php%3Fblogpostid%3D569724696%26token%3DXe8lyDHo00kz3whkPChYYiiaQh50RE02%26return%3Dtrue HTTP 302
https://www.intensedebate.com/idc/js/comment-func.php?blogpostid=569724696&token=Xe8lyDHo00kz3whkPChYYiiaQh50RE02&return=true

64 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ethdoubler.uno Show response
investors-protect.com/hyip/ 20 KB
7 KB 3807ms
3738ms Document
text/html 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be7fc2260cadb28cecf41cc1c9d0e58536f170aaa03d6b8f37dc00eb57420ec2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public
cf-cache-status: DYNAMIC
cf-ray: 75eed551ad14b3aa-MUC
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 24 Oct 2022 01:10:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iHCmcpvahqcngwULhtylndEru%2FNZLv%2BTJfBcXVibgPzzTggrmqtVYVoC%2FPi8yzbj5t%2BrRR0lUcyrQWFK0r9e8%2FY8juRQg00H2lmUtGl2JhRzntd6C%2Bvrk0M52ojbpnQdqbXrPOVkZNQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding

GET
H2 200 style.min.css
investors-protect.com/ip/css/ 50 KB
26 KB 40ms
38ms Stylesheet
text/css 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://investors-protect.com/ip/css/style.min.css?1648458918
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24440fc10e3ec578af01d96199edcfab0bf429d44a025b67c33ba8ab2f1edb0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/hyip/ethdoubler.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Mar 2022 09:15:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 62012
etag: W/"c883-5db43c03dd394-gzip"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r98GmWF6CWIIp2W9CzV2YmmQCUZl1RzKEnzKeQ734yY%2F1Yz283NRqUlR3%2F8VKvpYefvMh9DIGj5UvcdjNcPvpZWeKnriIl53LO%2FnhPj3cHPeAIl5FMsxpICbp83KLjI6CVyBAlQlYRk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 75eed569195ab3aa-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ubm.min.css
investors-protect.com/bm/css/ 5 KB
2 KB 194ms
192ms Stylesheet
text/css 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://investors-protect.com/bm/css/ubm.min.css
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70821d84cf6f787c4889fdd7b74359b08d2c2ff60681f23dcd43dd7a24b0c93a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/hyip/ethdoubler.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Feb 2022 01:06:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"155c-5d763347dbbbc-gzip"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1jaoa0YsK%2BSjTdEkmi1iqByzQ6%2BjmiCiNyReTGw3vUEK77YxIQhjA46y8x7xhsFzqjREQpPUp2AeI4c68m4UZSgo0GgrkSp8S0lVaj7c0bdX6LrfJGCojpovUoHI2kYTKamQOz%2FWKs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 75eed569195cb3aa-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 custom.min.css
investors-protect.com/ip/css/com/ 936 B
766 B 193ms
192ms Stylesheet
text/css 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://investors-protect.com/ip/css/com/custom.min.css?1646154907
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afca467b19558e8c663c5e6686dbc27a5d219ccae9540e23c33c4f1d379e08be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/hyip/ethdoubler.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Mar 2022 17:15:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3a8-5d92b4e7da4d3-gzip"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdTInhJO0IdUrQYRWbjObjnQIWpptJ6twTW2WgvzOepN0LGvdtK%2FfDU%2FZWU%2FxpVXE%2B2kdNk7cjxwN2lAK5WzDw2DE13KjozV4ZROrqUWPZ034UMnFG7sB6uF4aBWWXax%2B15l4q4GDeo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 75eed569195db3aa-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 86ms
32ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-99262604-1

Requested by

Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a40259d6065e873becac3a00caf420ba22a126f6744084aeee6bf03c54af3da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 24 Oct 2022 01:10:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
950 B 77ms
29ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400&subset=cyrillic,latin

Requested by

Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

04b01b2146c598381dd577c7b763bf2da90a33e42715ff00c77ec7c558ace4ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Oct 2022 01:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 01:10:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Oct 2022 01:10:35 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 02:19:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Oct 2023 02:19:59 GMT

GET
H3 200 yout.webp
investors-protect.com/ip/img/com/ 9 KB
9 KB 234ms
229ms Image
image/webp 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investors-protect.com/ip/img/com/yout.webp
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf68f0df74c70601d401fc32557259ddd24727d0cafcb2c1d68ecb1b208946b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/hyip/ethdoubler.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:36 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 09 Mar 2022 20:57:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "234c-5d9cf5a0cca06"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4O99XrqHZsv5H7QIcrS2ay28h%2BPmJ0RMRti4o54vhkthu5o9iuWM8bvB0QTu1qTT4T1q2CeHXVhgi%2FtF1H2PWVG%2B1zzSBWX%2FHQpULjV2ietH4XwMEPL5r%2B8Xyx3WLTzfbhDPnd2V3LM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 75eed56a6e9a6d6d-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9036

GET
H3 200 telegr_ch.webp
investors-protect.com/ip/img/com/ 9 KB
9 KB 200ms
195ms Image
image/webp 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investors-protect.com/ip/img/com/telegr_ch.webp
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03c1cfa4412b17fd264a8ce6774edeeb4e24a0eb0d1e10db0e67d61842f12538

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/hyip/ethdoubler.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:36 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 02 Mar 2022 19:50:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "240c-5d941970d3162"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSj4pAxmqA8whoMARqUSvTRl5vcwAXYKDx1OrChFMHfcKPmNkfHGf%2FJl1MnhgWkfAheteE9XwG%2FTttRJUjSzJnVNy96sEqyFEAOI%2BW80L18%2Bk9lpv0xi4UHHtIzQlBxvBD7OnEP735c%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 75eed56a6e9b6d6d-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9228

GET
H3 200 IP-top.png
investors-protect.com/ip/img/com/ 5 KB
6 KB 55ms
51ms Image
image/png 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investors-protect.com/ip/img/com/IP-top.png
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd79c206001cc92b1401381e7a6f3df531d8152fabcaf16ff9e428623687af69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/hyip/ethdoubler.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62007
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5547
last-modified: Mon, 07 Feb 2022 01:06:05 GMT
server: cloudflare
etag: "15ab-5d763347dea9c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UlZ5QzNq1BMXVirJj88U0IzcKxYcfP5PJ%2BGsCJy3D%2FZKwdpJO33%2BnYEdFR2D%2FReezbus7jIa00q29f%2BP95iCcqDd6qo9Bx4Wz2vas0vNQDd76qjnjSeikDefE3zCAYlV6%2FTbiixrUc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 75eed56a6e9c6d6d-MUC
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wa--ip.webp
investors-protect.com/ip/img/com/ 16 KB
16 KB 224ms
219ms Image
image/webp 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investors-protect.com/ip/img/com/wa--ip.webp
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d70c03571f0af613ef0992ab853b5ad6708690752a7ff7b3864f959355d98f85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/hyip/ethdoubler.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:36 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 08 Mar 2022 10:35:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "400a-5d9b28b500fa8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FVhAYmkl71I8pp1U4tOf6ako0ToffEP3t0ZZkZi7nZWBDF9jQ0GT2I07EDc%2BZMjca2yUwFEZVaxE9VBlnbxFFGrXDrn1QtohS47sOvQR6F2wFxyh5D6vfhIN4fAJVvp%2F%2BGvj7%2Bazjs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 75eed56a6e9d6d6d-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16394

GET
H3 200 viber.webp
investors-protect.com/ip/img/com/ 4 KB
5 KB 194ms
189ms Image
image/webp 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investors-protect.com/ip/img/com/viber.webp
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 653506b5bbbc60687ec987fb1ffdf823bbcb348682eec2f26448a7368c6cd581

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/hyip/ethdoubler.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:36 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 09 Mar 2022 20:57:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "11fc-5d9cf5a0cca06"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kutBBhczwqOlzLmpurbqhNS1Jqa601kbNp4WkEZAy7i7mfFbljFgD5hMV74URpqxCgIrLa4LLTnq5f%2B4gUySJPULeme7bdNOZ5wtuXicm3nsCvqwclxQV9ZddKvFIR09xjnNHfV3wDs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 75eed56a6e9e6d6d-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4604

GET
H3 200 ru.png
investors-protect.com/ip/img/ 551 B
1 KB 61ms
57ms Image
image/png 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investors-protect.com/ip/img/ru.png
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d406489111cdebb89eb9bbfcb52bc5afd1afdf3926ac1de56f097943b4c089c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/hyip/ethdoubler.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62005
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 551
last-modified: Mon, 07 Feb 2022 01:06:05 GMT
server: cloudflare
etag: "227-5d763347dfa3c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CKXeQh4dc7ACGW9ClnU4USG9oOo1hffq%2BC9yXrn9RMAr1BssipTT7bwK4BAeIT4InqXbWriKgJzEKy8dXOKdDATJKWGANYiUqaSUaZxnPRP9GbcDBYN5elAPSLmBfG85BgspzQ49ew%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 75eed56a6e9f6d6d-MUC
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 404 javascript
cdn.pagelr.com/capture/ 0
0 480ms
233ms Image
application/json 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pagelr.com/capture/javascript?uri=ethdoubler.uno&b_width=1400&width=256&height=256&cookies=1&maxage=604800&cloak=1&key=iBnlw7ff7kyRoT1brPP-EA&hash=ca585e368735577c07ad5a60b29c13ea
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 arrow50.png
investors-protect.com/ip/img/ 2 KB
3 KB 61ms
57ms Image
image/png 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investors-protect.com/ip/img/arrow50.png
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f46362b8d07ceed60452f494c6f1a5edc272abb57093ffa1e99bec66e1907b0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/hyip/ethdoubler.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62003
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2554
last-modified: Mon, 07 Feb 2022 01:06:05 GMT
server: cloudflare
etag: "9fa-5d763347ddafc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=esTRBZNnglMm8Ul0itMf7eQkJqTTZtXnEulXUY4tFoXbAaIA%2Bi6o7Vv0WUsZG19ac23BLHUXQFnLVvhnzbWLxi7hUbwyHkF0OY4BJ%2BDuMkzrM7szB9ZK6UDAPN8VzjZSgcxX4P4qwrw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 75eed56a6ea06d6d-MUC
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bot-np.png
investors-protect.com/ip/img/ 34 KB
35 KB 233ms
229ms Image
image/png 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investors-protect.com/ip/img/bot-np.png
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 779fb86e80e1fefbfa657866dcc62555ec00cfc231a5cda0e8f8827f52c19ff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/hyip/ethdoubler.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:36 GMT
cf-cache-status: MISS
last-modified: Mon, 07 Feb 2022 01:06:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8931-5d763347ddafc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SU4KGsX82nF%2BawYffxP%2B%2FUadOq19nlKXjmw8EWb7yAu1CWpN4sJ%2FcA6dXdI3%2FFS4y5WQjrYaiBY8Wg7Y4xGrWjw0QXAer0qWxCSZLvsc90h7Os3OC5OKBlmqySe3ovIILfHm9rLVr4g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 75eed56a6ea16d6d-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35121
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 genericCommentWrapperV2.js Show response
www.intensedebate.com/js/ 1 KB
548 B 537ms
174ms Script
application/javascript 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.intensedebate.com/js/genericCommentWrapperV2.js
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: cabb1c09c51af4f41be58c1957f374548ed8d12f803a30546264aa7ce5e1cef5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:36 GMT
content-encoding: br
last-modified: Wed, 13 Jul 2016 17:20:33 GMT
server: nginx
etag: W/"57867861-46a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Wed, 23 Nov 2022 01:10:36 GMT

GET
H3 200 whatsapp.svg
investors-protect.com/ip/img/ 3 KB
2 KB 65ms
61ms Image
image/svg+xml 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investors-protect.com/ip/img/whatsapp.svg
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2167c08ec476da71f62bc68dfb26d2748a1faba71b8c0e4b9fb0dd59049593f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/hyip/ethdoubler.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Feb 2022 01:06:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61994
etag: W/"b12-5d763347e09dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbKQcWYDvM7PrIXyeMt%2BWuTvCBYUYBiIaXa5wc6ugnocXq46UeykK%2FyIzgXZPXAaXJJ%2FHaLhAIIbLWPhF7%2B3v%2BShAhv8U0qRC5k9xgqiv0geLX1LMnhCsmLBRWw258xOBC49VLTCEtg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=315360000
cf-ray: 75eed56a6ea36d6d-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 telegram.svg
investors-protect.com/ip/img/ 2 KB
2 KB 66ms
62ms Image
image/svg+xml 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investors-protect.com/ip/img/telegram.svg
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ce569206e56ae8d10f1b854c71db221952bdfdd4e7ad7cdf9a165977d28ce65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/hyip/ethdoubler.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Mar 2022 20:51:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61993
etag: W/"759-5d94272baf243"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjy7Kssl13djU4c9%2BprGbaND93BMPo8VA8y1qFmMJuOnnscfkHBjLQloNXnjT%2FOWm7phgZJFJB7hwkIWbMlF83TXwWLfkf8jEnRPxj6Ve98j8CrKpS3mzu94N9c7ivi7kzVFjBo5bOE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=315360000
cf-ray: 75eed56a6ea46d6d-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 viber.svg
investors-protect.com/ip/img/ 3 KB
2 KB 67ms
64ms Image
image/svg+xml 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investors-protect.com/ip/img/viber.svg
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68dff875fa12fc800231e5ac9371b5d26fbe5f5c4db571a169c9c37a698c4d71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/hyip/ethdoubler.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Mar 2022 20:57:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61991
etag: W/"baa-5d9cf5a0cca06"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kAfnFb6MuLAzaYLl0QR2HH0LnuX718JV0j9344p2tWRWYrrDFQAglSsWgjGhIkH84VqGgO4s14SH81ddR5LRNdyO7f1FCLfqRNHNrp6r3ij3nGcpZyw3%2FemE3Qjg%2Bx4yrNgHRBJH0Og%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=315360000
cf-ray: 75eed56a6ea56d6d-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 youtube-squared.svg
investors-protect.com/ip/img/ 3 KB
2 KB 69ms
66ms Image
image/svg+xml 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investors-protect.com/ip/img/youtube-squared.svg
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f99df003f534b71ce684c3d56ab72c25015d23314b6a4dbe0c8bae992c1425ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/hyip/ethdoubler.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Feb 2022 01:06:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61992
etag: W/"a44-5d763347e09dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixhdSiXPgwyfvGfky3hEPZ80D0gB0jeGT49MyiwN5%2BhNiWRBf3RixRmoUGF7BLtC7DoDBLRQ56IDxKIgR09XFuVDg%2BmPZ6xRmxZCRi9fKFYVjayjmoKycea6TfbIW6uOhz5bWRa%2Fq%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=315360000
cf-ray: 75eed56a6ea66d6d-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ch.min.js Show response
investors-protect.com/ip/js/ 50 KB
13 KB 36ms
36ms Script
application/javascript 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://investors-protect.com/ip/js/ch.min.js
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f91c500314bb1e0ecacd6afd9c059bede18f43491e5593230b19bceb164e504d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/hyip/ethdoubler.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Feb 2022 01:06:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 62010
etag: W/"c77c-5d763347e09dc-gzip"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlHCh8ZKjc1L0eVIyPc1KgNyCKAvsTdjD5DD6pyUkiGgLXYUfBWtzX1MLhcb%2Bx%2FYv5jgEa6PknGqW2Sa2Wj%2B0S%2Fltsaeuq8XIOVn%2Bazdj%2BzidTmcaVwIW42JfkwiwvUGLh1TINxs%2FJk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 75eed56a4e956d6d-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 orig.min.js Show response
investors-protect.com/rt/js/ 15 KB
6 KB 77ms
76ms Script
application/javascript 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://investors-protect.com/rt/js/orig.min.js
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c75bd0ced6bb81246ac30e10472b4f99d6ec8d52ff9292ccacbdec0d733a70c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/hyip/ethdoubler.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Feb 2022 01:06:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3d44-5d7633488a8a7-gzip"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCP094lM27vGvwKZTUK59GXGI4eLZq9DGDD8YR%2Bj5N2zaTMecgOl6hcpL89glAB4YFq1%2F0%2BF5VlIckJ%2BSotIoAHhN%2F5SP09MF92q9uNNPuGOcFttxzF1ehEQ0sMKlYh6EuZCPyGBcvM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 75eed56a5e976d6d-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ubm-jsonp.min.js Show response
investors-protect.com/bm/js/ 6 KB
2 KB 70ms
67ms Script
application/javascript 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://investors-protect.com/bm/js/ubm-jsonp.min.js
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bb6ad4f2c731d91617afd2348d9fe1381d717c6cd9cdd173dd5765cc5505587

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/hyip/ethdoubler.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Feb 2022 01:06:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61991
etag: W/"1791-5d763347dcb5c-gzip"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tmGWxd4jmBo6ZJ9NrCJiuqqjV1Z5LLcSN8msbovQwO3xx4UYoqZjokNPRiVkogGtm%2F8MXE%2FgfHvDYd47IAEHwQq76a%2Fy5su0H%2BMTIf9Q8%2BR%2FwAthMXooDlNpPyvZesGwtOEGmIO04bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 75eed56a6ea76d6d-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ip.min.js Show response
investors-protect.com/ip/js/ 3 KB
2 KB 72ms
69ms Script
application/javascript 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://investors-protect.com/ip/js/ip.min.js?1648458918
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e34bd04403a1f26368fd6ab937a3ae84c0efca99612799b9c22883da8c1cfe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/hyip/ethdoubler.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Mar 2022 09:15:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61990
etag: W/"b6c-5db43c03de334-gzip"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=il0c%2BnR%2FdrRZafgDhCPU%2FNUtEg7zWOUiSyo%2Bya1cB3IicXefWUY1UbUQdaKuTl6adojnM%2Bpg7F1PgRQpyQH0RPVFmj6Qhrss1Vbcv2evR51UMiYq%2BQxmAQMVZBi7fgvwadNpWeKlY3A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 75eed56a6ea86d6d-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 96 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a84b3f681a5ba47605eb8707ca10c766601754005a747b82c09915f44f25bd18

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
44 KB 90ms
40ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400&subset=cyrillic,latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://investors-protect.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 19:26:32 GMT
x-content-type-options: nosniff
age: 366243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 19:26:32 GMT

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7741d12bae36bb29a5bddfd391bff579c1351cfdf93929036ff2e69beafa7a

Request headers

Referer
Origin: https://investors-protect.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
DATA 200
OK truncated
/ 584 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f01ee14dd4146a66cca582bcea0c21cfc06a6cfb62c147935833c323aeb65e38

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7355c48f8f92529f63ae7c8517320bd775db71052aa05dd72bdb8713116f3146

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 jizaRExUiTo99u79D0aExdGM.woff2
fonts.gstatic.com/s/ptsans/v17/ 28 KB
28 KB 54ms
20ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400&subset=cyrillic,latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://investors-protect.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:16:27 GMT
x-content-type-options: nosniff
age: 266048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28444
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:45:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 23:16:27 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 79ms
37ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K0VXYP82L1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-99262604-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af863e90b243ddd1aeb3d1a405fe36b0bb01d179fedd988087e1ea7a666b2bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76631
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 24 Oct 2022 01:10:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-99262604-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 23 Oct 2022 23:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6879
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 24 Oct 2022 01:15:57 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 82ms
38ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=668527461&t=pageview&_s=1&dl=https%3A%2F%2Finvestors-protect.com%2Fhyip%2Fethdoubler.uno&ul=en-us&de=UTF-8&dt=ethdoubler.uno%20-%20Investors%20Protect%20-%20Hyip%20Scam%20Check%20and%20Review%20-%20Invest%20Safe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=2001565513&gjid=372966797&cid=1842063463.1666573836&tid=UA-99262604-1&_gid=2020197217.1666573836&_r=1&gtm=2ouaj0&z=527579614

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://investors-protect.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 01:10:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://investors-protect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
350 B 161ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-K0VXYP82L1&gtm=2oeaj0&_p=668527461&_gaz=1&cid=1842063463.1666573836&ul=en-us&sr=1600x1200&_s=1&sid=1666573836&sct=1&seg=0&dl=https%3A%2F%2Finvestors-protect.com%2Fhyip%2Fethdoubler.uno&dt=ethdoubler.uno%20-%20Investors%20Protect%20-%20Hyip%20Scam%20Check%20and%20Review%20-%20Invest%20Safe&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K0VXYP82L1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 01:10:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://investors-protect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 162ms
30ms Ping
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K0VXYP82L1&cid=1842063463.1666573836&gtm=2oeaj0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K0VXYP82L1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 01:10:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://investors-protect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 604ms
603ms Image
image/gif 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-K0VXYP82L1&cv=1&v=3&t=t&pid=1844820190&rv=aj0&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAAAIA&tc=11&dl=investors-protect.com%2Fhyip%2Fethdoubler.uno&tdp=G-K0VXYP82L1;74346365;1;1;0&z=0

Requested by

Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 01:10:36 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 td
www.googletagmanager.com/ 0
15 B 114ms
113ms Image
image/gif 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=G-K0VXYP82L1&cv=1&v=3&t=t&pid=1844820190&rv=aj0&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAAAIA&tc=11&dl=investors-protect.com%2Fhyip%2Fethdoubler.uno&tdp=G-K0VXYP82L1;74346365;1;1;0&z=0
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 01:10:36 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 618ms
617ms Image
image/gif 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-K0VXYP82L1&cv=1&v=3&t=t&pid=1844820190&rv=aj0&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAAAAAIA&tc=11&tr=1setproductsettings.1ogtgooglesignals.1ccdconversionmarking.1ccdgaregscope.1ccdemdownload.1ccdempageview.1ccdemscroll.1ccdemvideo.1ccdemoutboundclick.1ccdemsitesearch&ti=2setproductsettings.2ogtgooglesignals.2ccdconversionmarking.2ccdgaregscope.2ccdemdownload.2ccdempageview.2ccdemscroll.2ccdemvideo.2ccdemoutboundclick.2ccdemsitesearch&z=0

Requested by

Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 01:10:36 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 159ms
42ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K0VXYP82L1&cid=1842063463.1666573836&gtm=2oeaj0&aip=1&z=1548957795

Requested by

Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 01:10:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 618ms
617ms Image
image/gif 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-K0VXYP82L1&cv=1&v=3&t=t&pid=1844820190&rv=aj0&es=1&e=gtm.js&eid=1&u=AAAAAAAAAAAAAGAAAIA&tc=11&tr=1gct&epr=1G.2G&ti=1gct&z=0

Requested by

Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 01:10:36 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 614ms
614ms Image
image/gif 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-K0VXYP82L1&cv=1&v=3&t=t&pid=1844820190&rv=aj0&es=1&e=gtag.config&eid=2&u=AAAAAAAAAAAAAGCAAIA&tc=11&z=0

Requested by

Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 01:10:36 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 614ms
614ms Image
image/gif 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-K0VXYP82L1&cv=1&v=3&t=t&pid=1844820190&rv=aj0&e=gtm.init&eid=0&u=AAAAAAAAAAAAAGCAAIA&tc=11&tr=5setproductsettings.5ogtgooglesignals.5ccdconversionmarking.5ccdgaregscope.5ccdemdownload.5ccdempageview.5ccdemscroll.5ccdemvideo.5ccdemoutboundclick.5ccdemsitesearch&ti=2setproductsettings.2ogtgooglesignals.2ccdconversionmarking.2ccdgaregscope.2ccdemdownload.2ccdempageview.2ccdemscroll.2ccdemvideo.2ccdemoutboundclick.2ccdemsitesearch&z=0

Requested by

Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 01:10:36 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 126ms
29ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-99262604-1&cid=1842063463.1666573836&jid=2001565513&gjid=372966797&_gid=2020197217.1666573836&_u=YEBAAUAAAAAAACAAI~&z=647923344

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e8e0475582ab3e866b093f14c52982006a8112d6a2833b0cd999cb8368b0f50d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://investors-protect.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 24 Oct 2022 01:10:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://investors-protect.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 83ms
31ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-99262604-1&cid=1842063463.1666573836&jid=2001565513&_u=YEBAAUAAAAAAACAAI~&z=1228278003

Requested by

Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 01:10:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.sk/ads/ 42 B
501 B 82ms
32ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.sk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-99262604-1&cid=1842063463.1666573836&jid=2001565513&_u=YEBAAUAAAAAAACAAI~&z=1228278003

Requested by

Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 01:10:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 genericCommentWrapper2.php Show response
intensedebate.com/js/ 2 KB
868 B 192ms
191ms Script
application/javascript 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://intensedebate.com/js/genericCommentWrapper2.php?acct=8acec967a103ed5c69d6bd5ce1e41fc5&postid=https%3A%2F%2Finvestors-protect.com%2Fhyip%2Fethdoubler.uno&title=ethdoubler.uno%20-%20Investors%20Protect%20-%20Hyip%20Scam%20Check%20and%20Review%20-%20Invest%20Safe&url=https%3A%2F%2Finvestors-protect.com%2Fhyip%2Fethdoubler.uno
Requested by: Host: www.intensedebate.com
URL: https://www.intensedebate.com/js/genericCommentWrapperV2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: 98afe661002d9d4f512bd3ed6ea4572f4dd2b3d93d22b0f4c7f88c06d74a7cf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: application/javascript
date: Mon, 24 Oct 2022 01:10:36 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 102 KB
27 KB 68ms
23ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: investors-protect.com
URL: https://investors-protect.com/ip/js/ip.min.js?1648458918

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 24 Oct 2022 01:10:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27027
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: NbKTDuzkb6MrLVjRSCw3eqhgzJ8K2VYfkLOAIEB4iLcrQ4Vmfxh00H9uk1EV2WF4w3CgCZKXADlhrM0hpHkDlA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 skin.png
investors-protect.com/rt/img/ 6 KB
6 KB 36ms
35ms Image
image/png 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investors-protect.com/rt/img/skin.png
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2c4097e321050a805570801504aceb341f6c6d0666a3885992d00ef5245220b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/hyip/ethdoubler.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61984
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5916
last-modified: Mon, 07 Feb 2022 01:06:06 GMT
server: cloudflare
etag: "171c-5d7633488a8a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4U9HG%2B9Q5MImBBh2N9A2BmIJ%2FcCgNgzNcjYi7tyMorj0GA44wbA4GEhlRReRhTR7LqW6mK%2B4btaICcJ6uARq%2BkgKvzzylCbQddC7PQVTnqOkpMfHbeX0TCclseACkSQXO%2FmO1glX11c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 75eed56dbfec6d6d-MUC
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ajax.php Show response
investors-protect.com/bm/ 6 KB
1 KB 349ms
349ms XHR
application/json 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://investors-protect.com/bm/ajax.php?callback=jQuery36004403691381139576_1666573835882&ubm_banners=0%3A43%2C1%3A29%2C2%3A30%2C3%3A1%2C4%3A2%2C5%3A51%2C6%3A52%2C7%3A60%2C8%3A64%2C9%3A65%2C10%3A66%2C11%3A55%2C12%3A56%2C13%3A58%2C14%3A67%2C15%3A68%2C16%3A69%2C17%3A70%2C18%3A27%2C19%3A28%2C&ubm_anticache=0.8655721426131548&action=ubm_getbanner&_=1666573835883
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 704afc6a61c51ac125aae8ec2a18545fdf6d03f66df26e8c4b2a55d80e0254db

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://investors-protect.com/hyip/ethdoubler.uno
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Qam8%2FFmyaa54q6fhP%2BWY44HmqITjTCRcJWF%2FdpfqpCtfeytVfI91vEhHK%2FqUcIATa8NnjxsEFo9W2WzbQCAS1z2O3SEcL9%2BHMfbxjheZpTjJxQ3XvguSjet8jeQLOVpLinOW4CSRxA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: public
cf-ray: 75eed56dbfee6d6d-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 manager.php Show response
investors-protect.com/rt/ 6 B
468 B 195ms
194ms XHR
text/html 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://investors-protect.com/rt/manager.php?id=17903&_=1666573835884
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 186d2adbf57e32432bc020329a44fd9678aa3d8974e82776506647856a2c08b5

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://investors-protect.com/hyip/ethdoubler.uno
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 24 Oct 2022 01:10:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MH7AqE185Fe5Gsf17cRtWF4FwZpjNZoLton5SnLmpsCHNrZfI3hm%2BI0OuQHfzgbnGdMrFdizhiXvcsFfCqADjiOfvKE6cCH8c17DPOOFNWQDsUetahN8237hKCM2lNlyG8HINffyrEw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: public
cf-ray: 75eed56df80c6d6d-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 338704543300975 Show response
connect.facebook.net/signals/config/ 25 KB
7 KB 251ms
228ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/338704543300975?v=2.9.87&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

74dbec96d3bb0a9fbbe65ec81e483e620a55d8fc809803c667ea803df1be79ca

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 24 Oct 2022 01:10:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 0yCmYdM1K12EZhJf4wQmwHN9xsFvpnFds8lx85QcM4DO4l68fIamzTiaw8n7WAAGMKBHQ1v3JunHEIWCEL9C7w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 65ms
22ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=338704543300975&ev=PageView&dl=https%3A%2F%2Finvestors-protect.com%2Fhyip%2Fethdoubler.uno&rl=&if=false&ts=1666573836763&sw=1600&sh=1200&v=2.9.87&r=stable&ec=0&o=28&fbp=fb.1.1666573836762.1572135231&it=1666573836505&coo=false&rqm=GET

Requested by

Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 24 Oct 2022 01:10:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 banner_AvFyoNdIpKw2DR2X.webp
investors-protect.com/bm/files/ 532 KB
533 KB 197ms
197ms Image
image/webp 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investors-protect.com/bm/files/banner_AvFyoNdIpKw2DR2X.webp
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5676560603f14778fbd2133068c9ca4359d360e543f390a53a62c7cba812be15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/hyip/ethdoubler.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:36 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 08 Jul 2022 11:27:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "85188-5e3497de56add"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wVv4v2ZTcfZyA5YSjizbBtQJ8WPDp1m7pGTTkfSOGw9vFRscd6%2B50NiABbLPmTtrAFBh8m0%2By1KjMWIiJ%2FuuN%2FiUmte9nj2f1kW7UvQu%2Fv44o8ayLn%2BkZdbpvsXh8JTw3FLRvmT7%2FE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 75eed56fe8e66d6d-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 545160

GET
H3 200 banner_mjXQEJcEMJpJnQUU.webp
investors-protect.com/bm/files/ 603 KB
603 KB 195ms
195ms Image
image/webp 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investors-protect.com/bm/files/banner_mjXQEJcEMJpJnQUU.webp
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7940f74ebcd89d31814490139ab3bcf897dee4b94ad4dc8e870573228bc3b07c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/hyip/ethdoubler.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:36 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 23 Sep 2022 12:15:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "96b4e-5e95721765878"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2B6WaMyZMHoZKTo19r%2Ffqca4jtunli21ZyTNTd1gFi3YnWq5QiHckjTckFCxhhz1%2BWmZrnLHVMj%2FRvNVweuLXE0tOqBPFumtstMLZkBBYIkmiJx%2BqvqB5Px45m9Dah3SPIirPSyJ%2BAw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 75eed56fe8e76d6d-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 617294

GET
H3 200 banner_9a474970256cfdd41530a5259c31f708.gif
investors-protect.com/bm/files/ 2 MB
2 MB 34ms
34ms Image
image/gif 172.67.142.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://investors-protect.com/bm/files/banner_9a474970256cfdd41530a5259c31f708.gif
Requested by: Host: investors-protect.com
URL: https://investors-protect.com/hyip/ethdoubler.uno
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd4099c488f870d2788be84fe4b603dffa93ef9e6a6f55a3a21a19941eeab7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/hyip/ethdoubler.uno
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61983
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1590224
last-modified: Wed, 19 Oct 2022 13:49:43 GMT
server: cloudflare
etag: "1843d0-5eb637b24f5e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BxooKJxBpA54Y%2F7%2Fz6cERf8nLTrWe2eoQzIf7k%2BlpEMPzRliD3sReZ3tghkzipXeXHAqtobn8SQItUG8gGQ%2BC4OTRqewY4odir5%2Fdm5rKK39WNDJj8DcSo5qRwHHhUtGnZ%2F4xwy%2F%2Fus%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 75eed56fe8e86d6d-MUC
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 569724696 Show response
intensedebate.com/comment/8acec967a103ed5c69d6bd5ce1e41fc5/generic/ 53 KB
14 KB 199ms
199ms Script
text/javascript 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://intensedebate.com/comment/8acec967a103ed5c69d6bd5ce1e41fc5/generic/569724696
Requested by: Host: intensedebate.com
URL: https://intensedebate.com/js/genericCommentWrapper2.php?acct=8acec967a103ed5c69d6bd5ce1e41fc5&postid=https%3A%2F%2Finvestors-protect.com%2Fhyip%2Fethdoubler.uno&title=ethdoubler.uno%20-%20Investors%20Protect%20-%20Hyip%20Scam%20Check%20and%20Review%20-%20Invest%20Safe&url=https%3A%2F%2Finvestors-protect.com%2Fhyip%2Fethdoubler.uno
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: 2ed089553838d3c308dee8ca2512480a733d21545e936e19ccc80e6b9a038797

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: text/javascript;charset=utf-8
date: Mon, 24 Oct 2022 01:10:37 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"

GET
H2 200 idcCSS.php
www.intensedebate.com/themes/chameleon/css/ 38 KB
7 KB 175ms
175ms Stylesheet
text/css 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.intensedebate.com/themes/chameleon/css/idcCSS.php?acctid=411834&browser=safari
Requested by: Host: intensedebate.com
URL: https://intensedebate.com/comment/8acec967a103ed5c69d6bd5ce1e41fc5/generic/569724696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: c203ce213de7d5f43ebf72cdd0ea057952b878c6b85e14cfc1b84364686913f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: text/css;charset=utf-8
date: Mon, 24 Oct 2022 01:10:37 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"

GET
H2 200 empty.php Show response
www.intensedebate.com/ Frame C7E5 202 B
193 B 193ms
192ms Document
text/html 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.intensedebate.com/empty.php
Requested by: Host: intensedebate.com
URL: https://intensedebate.com/comment/8acec967a103ed5c69d6bd5ce1e41fc5/generic/569724696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: 81b7ea77f8874adfce6248f697d4a9d36966360153679552c5e86a6b098bd50b

Request headers

Referer: https://investors-protect.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 24 Oct 2022 01:10:37 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
server: nginx
vary: Accept-Encoding

GET
H2 200 ajax-loader.gif
www.intensedebate.com/images/ 847 B
959 B 190ms
189ms Image
image/gif 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.intensedebate.com/images/ajax-loader.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: 1b878c651eb8d461dae41cb2fccc3dce986203c48ea27540fce28c49655b93ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:37 GMT
last-modified: Tue, 07 Oct 2008 04:38:04 GMT
server: nginx
etag: "48eae7ac-34f"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 847
expires: Wed, 23 Nov 2022 01:10:37 GMT

GET
H2 200 wordpress-logo.png
www.intensedebate.com/images/ 4 KB
4 KB 190ms
189ms Image
image/png 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.intensedebate.com/images/wordpress-logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: 63d905edad46f2b282690e5684de4763f92bc023c10239b1ab2b9b2581506a10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:37 GMT
last-modified: Tue, 02 Mar 2010 18:09:46 GMT
server: nginx
etag: "4b8d546a-e9a"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3738
expires: Wed, 23 Nov 2022 01:10:37 GMT

GET
H2 200 remoteCheckin.php
www.intensedebate.com/ 58 B
136 B 191ms
190ms Image
image/gif 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.intensedebate.com/remoteCheckin.php?token=Xe8lyDHo00kz3whkPChYYiiaQh50RE02&blogpostid=569724696&time=1666573837280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: c0223f90691a3eff0bf1c2f1737aab1779b6f1a533364c5305832dd63a618794

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
date: Mon, 24 Oct 2022 01:10:37 GMT
cache-control: no-cache
content-type: image/gif
server: nginx
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"

GET
H2 200 idc-universal.png
www.intensedebate.com/themes/universal/images/ 33 KB
34 KB 173ms
173ms Image
image/png 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.intensedebate.com/themes/universal/images/idc-universal.png?=4
Requested by: Host: www.intensedebate.com
URL: https://www.intensedebate.com/themes/chameleon/css/idcCSS.php?acctid=411834&browser=safari
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: 20001877c0cf8f1cbf4250c71d90dcc421ca659c2d5b889f6eb58da32ed807d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.intensedebate.com/themes/chameleon/css/idcCSS.php?acctid=411834&browser=safari
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:37 GMT
last-modified: Tue, 04 May 2010 00:44:33 GMT
server: nginx
etag: "4bdf6df1-85a0"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 34208
expires: Wed, 23 Nov 2022 01:10:37 GMT

GET
H2 200 idc-bg-1223.png
www.intensedebate.com/themes/universal/images/ 394 B
470 B 224ms
224ms Image
image/png 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.intensedebate.com/themes/universal/images/idc-bg-1223.png
Requested by: Host: www.intensedebate.com
URL: https://www.intensedebate.com/themes/chameleon/css/idcCSS.php?acctid=411834&browser=safari
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: d89f0b0e20ce4229f7e31efcfc396b90e9b94705bdccaad43718180337e3e8ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.intensedebate.com/themes/chameleon/css/idcCSS.php?acctid=411834&browser=safari
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:37 GMT
last-modified: Mon, 22 Dec 2008 23:53:36 GMT
server: nginx
etag: "49502880-18a"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 394
expires: Wed, 23 Nov 2022 01:10:37 GMT

GET
H2 200 comment-func.php Show response
www.intensedebate.com/idc/js/ 300 B
284 B 222ms
222ms Script
text/javascript 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.intensedebate.com/idc/js/comment-func.php?token=Xe8lyDHo00kz3whkPChYYiiaQh50RE02&blogpostid=569724696&time=1666573837477
Requested by: Host: intensedebate.com
URL: https://intensedebate.com/comment/8acec967a103ed5c69d6bd5ce1e41fc5/generic/569724696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: 1d6f072fa185d5a2a19683ea57361775675266e0bb01f00d908038133504a297

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 01:10:37 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-type: text/javascript;charset=utf-8
cache-control: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 28ms
27ms Image
image/gif 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-K0VXYP82L1&cv=1&v=3&t=t&pid=1844820190&rv=aj0&es=1&e=gtm.load&eid=9&u=AgAAAAAAAAAAAGCAAIA&tc=11&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 01:10:37 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

comment-func.php Show response
www.intensedebate.com/idc/js/
Redirect Chain

https://r-login.wordpress.com/remote-login.php?action=script_redirect&url_hash=f7a910a2244fa88bfbb9c40f7bde40d5&id=intensedebate&url=https%3A%2F%2Fwww.intensedebate.com%2Fidc%2Fjs%2Fcomment-func.ph...
https://www.intensedebate.com/idc/js/comment-func.php?blogpostid=569724696&token=Xe8lyDHo00kz3whkPChYYiiaQh50RE02&return=true

60 KB
12 KB

178ms
178ms

Script
text/javascript

192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.intensedebate.com/idc/js/comment-func.php?blogpostid=569724696&token=Xe8lyDHo00kz3whkPChYYiiaQh50RE02&return=true
Protocol: H2
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: 70e61f0b7ed7ff27510853bd7f69fd2b1b9ebc66f8846c82a9cf0edc0722f883

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 01:10:38 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-type: text/javascript;charset=utf-8
cache-control: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 24 Oct 2022 01:10:37 GMT
x-ac: 1.hhn _dfw BYPASS
strict-transport-security: max-age=15552000
server: nginx
x-redirect-by: WordPress
vary: Cookie
content-type: text/html; charset=utf-8
location: https://www.intensedebate.com/idc/js/comment-func.php?blogpostid=569724696&token=Xe8lyDHo00kz3whkPChYYiiaQh50RE02&return=true
cache-control: no-cache, must-revalidate, max-age=0
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 idc-m-loading.gif
www.intensedebate.com/themes/universal/images/ 4 KB
4 KB 174ms
174ms Image
image/gif 192.0.123.247
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.intensedebate.com/themes/universal/images/idc-m-loading.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.123.247 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: intensedebate.com
Software: nginx /
Resource Hash: 7493f7cf439055f242b5a0f52febfcf5a805f89df33fd17fc03bbe84a111b4fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://investors-protect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 01:10:38 GMT
last-modified: Fri, 01 May 2009 23:26:05 GMT
server: nginx
etag: "49fb850d-1052"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4178
expires: Wed, 23 Nov 2022 01:10:38 GMT

Verdicts & Comments Add Verdict or Comment

217 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.investors-protect.com/	1970-01-20 06:57:40	Name: _gid Value: GA1.2.2020197217.1666573836
.investors-protect.com/	1970-01-20 06:56:13	Name: _gat_gtag_UA_99262604_1 Value: 1
.investors-protect.com/	1970-01-20 16:32:13	Name: _ga_K0VXYP82L1 Value: GS1.1.1666573836.1.0.1666573836.60.0.0
.investors-protect.com/	1970-01-20 16:32:13	Name: _ga Value: GA1.1.1842063463.1666573836
.intensedebate.com/	1970-01-20 06:57:40	Name: idc-csid-8acec967a103ed5c69d6bd5ce1e41fc5 Value: f6a2209e84f6f694fde6e8aede488911400fa986b5b5454b6c22eaa0c955c53b
.investors-protect.com/	1970-01-20 09:05:49	Name: _fbp Value: fb.1.1666573836762.1572135231

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.pagelr.com/capture/javascript?uri=ethdoubler.uno&b_width=1400&width=256&height=256&cookies=1&maxage=604800&cloak=1&key=iBnlw7ff7kyRoT1brPP-EA&hash=ca585e368735577c07ad5a60b29c13ea Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.pagelr.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
intensedebate.com
investors-protect.com
r-login.wordpress.com
region1.analytics.google.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.google.sk
www.googletagmanager.com
www.intensedebate.com
172.67.142.7
192.0.123.247
192.0.78.18
2001:4860:4802:32::36
2620:1ec:46::45
2a00:1450:4001:801::200a
2a00:1450:4001:802::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:400c:c08::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
03c1cfa4412b17fd264a8ce6774edeeb4e24a0eb0d1e10db0e67d61842f12538
04b01b2146c598381dd577c7b763bf2da90a33e42715ff00c77ec7c558ace4ca
0bb6ad4f2c731d91617afd2348d9fe1381d717c6cd9cdd173dd5765cc5505587
186d2adbf57e32432bc020329a44fd9678aa3d8974e82776506647856a2c08b5
1b878c651eb8d461dae41cb2fccc3dce986203c48ea27540fce28c49655b93ad
1c75bd0ced6bb81246ac30e10472b4f99d6ec8d52ff9292ccacbdec0d733a70c
1d6f072fa185d5a2a19683ea57361775675266e0bb01f00d908038133504a297
20001877c0cf8f1cbf4250c71d90dcc421ca659c2d5b889f6eb58da32ed807d0
24440fc10e3ec578af01d96199edcfab0bf429d44a025b67c33ba8ab2f1edb0f
2ed089553838d3c308dee8ca2512480a733d21545e936e19ccc80e6b9a038797
3b7741d12bae36bb29a5bddfd391bff579c1351cfdf93929036ff2e69beafa7a
3e34bd04403a1f26368fd6ab937a3ae84c0efca99612799b9c22883da8c1cfe4
5676560603f14778fbd2133068c9ca4359d360e543f390a53a62c7cba812be15
63d905edad46f2b282690e5684de4763f92bc023c10239b1ab2b9b2581506a10
653506b5bbbc60687ec987fb1ffdf823bbcb348682eec2f26448a7368c6cd581
68dff875fa12fc800231e5ac9371b5d26fbe5f5c4db571a169c9c37a698c4d71
6ce569206e56ae8d10f1b854c71db221952bdfdd4e7ad7cdf9a165977d28ce65
704afc6a61c51ac125aae8ec2a18545fdf6d03f66df26e8c4b2a55d80e0254db
70821d84cf6f787c4889fdd7b74359b08d2c2ff60681f23dcd43dd7a24b0c93a
70e61f0b7ed7ff27510853bd7f69fd2b1b9ebc66f8846c82a9cf0edc0722f883
7355c48f8f92529f63ae7c8517320bd775db71052aa05dd72bdb8713116f3146
7493f7cf439055f242b5a0f52febfcf5a805f89df33fd17fc03bbe84a111b4fd
74dbec96d3bb0a9fbbe65ec81e483e620a55d8fc809803c667ea803df1be79ca
779fb86e80e1fefbfa657866dcc62555ec00cfc231a5cda0e8f8827f52c19ff8
7940f74ebcd89d31814490139ab3bcf897dee4b94ad4dc8e870573228bc3b07c
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
81b7ea77f8874adfce6248f697d4a9d36966360153679552c5e86a6b098bd50b
8a40259d6065e873becac3a00caf420ba22a126f6744084aeee6bf03c54af3da
98afe661002d9d4f512bd3ed6ea4572f4dd2b3d93d22b0f4c7f88c06d74a7cf8
9d406489111cdebb89eb9bbfcb52bc5afd1afdf3926ac1de56f097943b4c089c
a84b3f681a5ba47605eb8707ca10c766601754005a747b82c09915f44f25bd18
acd4099c488f870d2788be84fe4b603dffa93ef9e6a6f55a3a21a19941eeab7c
af863e90b243ddd1aeb3d1a405fe36b0bb01d179fedd988087e1ea7a666b2bf5
afca467b19558e8c663c5e6686dbc27a5d219ccae9540e23c33c4f1d379e08be
b2c4097e321050a805570801504aceb341f6c6d0666a3885992d00ef5245220b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
be7fc2260cadb28cecf41cc1c9d0e58536f170aaa03d6b8f37dc00eb57420ec2
bf68f0df74c70601d401fc32557259ddd24727d0cafcb2c1d68ecb1b208946b4
c0223f90691a3eff0bf1c2f1737aab1779b6f1a533364c5305832dd63a618794
c203ce213de7d5f43ebf72cdd0ea057952b878c6b85e14cfc1b84364686913f5
cabb1c09c51af4f41be58c1957f374548ed8d12f803a30546264aa7ce5e1cef5
d2167c08ec476da71f62bc68dfb26d2748a1faba71b8c0e4b9fb0dd59049593f
d70c03571f0af613ef0992ab853b5ad6708690752a7ff7b3864f959355d98f85
d89f0b0e20ce4229f7e31efcfc396b90e9b94705bdccaad43718180337e3e8ab
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e0475582ab3e866b093f14c52982006a8112d6a2833b0cd999cb8368b0f50d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01ee14dd4146a66cca582bcea0c21cfc06a6cfb62c147935833c323aeb65e38
f46362b8d07ceed60452f494c6f1a5edc272abb57093ffa1e99bec66e1907b0e
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8
f91c500314bb1e0ecacd6afd9c059bede18f43491e5593230b19bceb164e504d
f99df003f534b71ce684c3d56ab72c25015d23314b6a4dbe0c8bae992c1425ab
fd79c206001cc92b1401381e7a6f3df531d8152fabcaf16ff9e428623687af69
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

investors-protect.com Open in urlscan Pro 172.67.142.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

64 Requests

98 %HTTPS

80 %IPv6

14 Domains

17 Subdomains

15 IPs

3 Countries

3211 kBTransfer

3814 kBSize

6 Cookies

26 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

investors-protect.com Open in urlscan Pro
172.67.142.7 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

98 %
HTTPS

80 %
IPv6

14
Domains

17
Subdomains

15
IPs

3
Countries

3211 kB
Transfer

3814 kB
Size

6
Cookies

64 HTTP transactions
4 data transactions