money-trees.cc Open in urlscan Pro
2606:4700:3033::6815:4c6d  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response money-trees.cc/	11 KB 3 KB	270ms 209ms	Document text/html	2606:4700:3033::6815:4c6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://money-trees.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:4c6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 84e6921554eb0e298d51b4e6a38c08e9f6d337181ccb0879e9a4c7f7f47293cc Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-cache-status DYNAMIC cf-ray 78379cd3ab7d9170-FRA content-encoding br content-type text/html; charset=cp1251 date Tue, 03 Jan 2023 00:28:07 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzIjw2bMNC%2BNqZOq50xDj%2BWr1tptOGWqNxFVfl52piq6%2FNFZmNuCpsZGRlI8CRMl5pYaNwI8qYb4fqwGTrqvks4SLdRAclIlUNX2yE70xXYv7YUxrJcqOIJ3LROMjVU8mELTq4VzgcIrqFdn4Q%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	style.css money-trees.cc/style/	18 KB 4 KB	198ms 192ms	Stylesheet text/css	2606:4700:3033::6815:4c6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://money-trees.cc/style/style.css?v=2.1 Requested by Host: money-trees.cc URL: https://money-trees.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:4c6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 314426d81b85e47a5e049e8706a9929fa222ab7acffd518b1113b1ed68b90264 Request headers accept-language de-DE,de;q=0.9 Referer https://money-trees.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 00:28:08 GMT content-encoding br cf-cache-status MISS last-modified Wed, 23 Dec 2020 20:11:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"5fe3a473-46ce" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vK5I5XSd9erg2N2XjAzdalhso08f2DthQU99NRTZ4%2BdS6hSZXd3ieZEdmPtKnjIHmRPh0V9K8Ih7lcW163Xh42TWGs8OhjsLLnA621q5uIBgYseB8TPndLhfR6sI5l%2FT7L6S3MaFugCO%2BPLgtw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 78379cd51d469170-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 965 B	97ms 31ms	Script text/javascript	2a00:1450:4001:806::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: money-trees.cc URL: https://money-trees.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash dfe02a2d93a93c68f34213c0b1f9c16f59edc3a652167733cc9a06b3ed7fdecd Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://money-trees.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 00:28:07 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 552 x-xss-protection 1; mode=block expires Tue, 03 Jan 2023 00:28:07 GMT
GET H2	200	jquery.js Show response money-trees.cc/js/	56 KB 20 KB	220ms 216ms	Script application/javascript	2606:4700:3033::6815:4c6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://money-trees.cc/js/jquery.js Requested by Host: money-trees.cc URL: https://money-trees.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:4c6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29133962ccf97017876e2a59a345433a326ea9debced53451c44e39707f36800 Request headers accept-language de-DE,de;q=0.9 Referer https://money-trees.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 00:28:08 GMT content-encoding br cf-cache-status MISS last-modified Fri, 18 Dec 2020 12:00:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"5fdc99fa-dfb8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDycb3dNg7YQXKvSGatjJ9uFrEqvv0GgvuxtZxqhSHTGS%2F5K9PZwDz3AkdqlGkFH6ZQWhHAH1j3GTDram0AsNeCkyW6apZcv2ZbCrfzUdlnUDgl37eKdsXvBXQaDXIMtRv3ZTIegb0DQYUCoqw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 78379cd51d499170-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	functions.js Show response money-trees.cc/js/	1 KB 796 B	119ms 117ms	Script application/javascript	2606:4700:3033::6815:4c6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://money-trees.cc/js/functions.js Requested by Host: money-trees.cc URL: https://money-trees.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:4c6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca8f99c82a52b7c38515660369a78bd7597d85a8aad535e9e9104fa57241624c Request headers accept-language de-DE,de;q=0.9 Referer https://money-trees.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 00:28:07 GMT content-encoding br cf-cache-status MISS last-modified Fri, 18 Dec 2020 12:00:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"5fdc99fa-4e2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHh08l%2F942hYENKyB%2FjclqJ7LuIp8XvOJBeBZxif37EWCWsxxOIrcZS7wzKOdflUnGQL7mwDgq6i%2F5v4ERJ1KvcDbftd3d5BBEmT6SUj%2B%2B%2F0YUsYk4xTtaJAWo4BrZKzzaz2%2Ff5ZcykfR2lgQA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 78379cd52d4c9170-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	468x60.jpg owls.money/img/	53 KB 53 KB	638ms 43ms	Image image/jpeg	54.38.201.191 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://owls.money/img/468x60.jpg Requested by Host: money-trees.cc URL: https://money-trees.cc/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.38.201.191 , Poland, ASN16276 (OVH, FR), Reverse DNS cpsfiv.iphoster.net Software nginx / Resource Hash 9c6adb23761f6f2d941c7198df7cab8e1a00c241d00176d9d142ddda3b4fbeb1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://money-trees.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers expires Sat, 04 Mar 2023 00:28:08 GMT date Tue, 03 Jan 2023 00:28:08 GMT x-server-powered-by Engintron x-content-type-options nosniff last-modified Sat, 10 Apr 2021 13:43:06 GMT server nginx content-type image/jpeg cache-control max-age=5184000 accept-ranges bytes content-length 53907 x-xss-protection 1; mode=block x-nginx-upstream-cache-status STALE
GET H2	200	468.gif golden-gnomes.biz/img/	245 KB 246 KB	117ms 29ms	Image image/gif	2606:4700:3035::ac43:cebc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://golden-gnomes.biz/img/468.gif Requested by Host: money-trees.cc URL: https://money-trees.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:cebc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2e476862c7d05607e4cf85f44b2ae67d4b7c66b71332333a5a0c9242e81a929e Request headers accept-language de-DE,de;q=0.9 Referer https://money-trees.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 00:28:08 GMT cf-cache-status HIT last-modified Sun, 31 Jan 2021 17:30:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1309 etag "6016e943-3d5c1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3SUz%2BTkBKvtK38HKaz97DAfZsqjW9D%2BkdYXAQNy4LsRDPf%2FwEeuV%2BjvQh0KtobAKP9ZMXlsOJc%2BhDbEmyLycpvB91jQDnnRV%2BLWCIJmRN7J3TaV3y5UStmy6AdFNjh8aRlOCsiOmSIsitxWbefkyg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 78379cd70db25ba4-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 251329
GET H3	200	red2.png money-trees.cc/img/	84 KB 84 KB	204ms 204ms	Image image/png	2606:4700:3033::6815:4c6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://money-trees.cc/img/red2.png Requested by Host: money-trees.cc URL: https://money-trees.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4c6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 037bcc6b8ef7fac244f1ef064646f60508969998946f0c518d28618f6496b002 Request headers accept-language de-DE,de;q=0.9 Referer https://money-trees.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 00:28:08 GMT cf-cache-status MISS last-modified Mon, 21 Dec 2020 19:17:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5fe0f4bf-14e86" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NZpIfJtbENP9imbhJUHjT265NzkPH8SS0M9%2Bf6hp3VH3jeCVgBYDgVEoSNAszlsbEi5ZgVyVIcssUeWzNh3ltgE80Qumw1fGmdxICDOVHTN3dzBxQteWVulUuNwXq%2BBLFod5TpD3352z976tDA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 78379cd68bca91dd-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 85638
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/	407 KB 163 KB	138ms 35ms	Script text/javascript	2a00:1450:400d:805::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://money-trees.cc/ Origin https://money-trees.cc accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 29 Dec 2022 08:51:11 GMT content-encoding gzip x-content-type-options nosniff age 401817 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 166478 x-xss-protection 0 last-modified Thu, 15 Dec 2022 05:24:10 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 29 Dec 2023 08:51:11 GMT
GET H3	200	fon4.jpg money-trees.cc/img/	158 KB 159 KB	240ms 240ms	Image image/jpeg	2606:4700:3033::6815:4c6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://money-trees.cc/img/fon4.jpg Requested by Host: money-trees.cc URL: https://money-trees.cc/style/style.css?v=2.1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4c6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 58dd04fb3c429feba8d00c62072a23d4ceb32198c0e7e63c867296c3ece51fd6 Request headers accept-language de-DE,de;q=0.9 Referer https://money-trees.cc/style/style.css?v=2.1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 00:28:08 GMT cf-cache-status MISS last-modified Wed, 23 Dec 2020 19:39:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5fe39cef-2798f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUEAm31wmD6arr%2BvbPW5IVRSqqZbZFyn7rJBzm4Lhwyzm7cD3lmw7L4TMv3SA%2B8RoaG6f8ExfYfqjdBENI4NfOaXZjLj0J%2F%2Bxgvj3Hu0qZHmWYpJRdlN0ChUvBILI3jUEkp7J1CxkomK6Kg%2BAQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 78379cd68bcb91dd-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 162191
GET H3	200	anchor Show response www.google.com/recaptcha/api2/ Frame 582A	7 KB 1 KB	87ms 39ms	Document text/html	2a00:1450:4001:806::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldj7xAaAAAAAO4g3iAau5aRbCX35eqUK5MeNFBo&co=aHR0cHM6Ly9tb25leS10cmVlcy5jYzo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=2h2zqnv5qn7w Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 836357036aab72008f41b15d3ce2b1dbcd034710b0e97c851dc0edb1556f74c8 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-qqlrvLY0gaN2GCxRghoa_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://money-trees.cc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=0 content-encoding gzip content-length 1051 content-security-policy script-src 'report-sample' 'nonce-qqlrvLY0gaN2GCxRghoa_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 03 Jan 2023 00:28:08 GMT expires Tue, 03 Jan 2023 00:28:08 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 582A	52 KB 24 KB	113ms 37ms	Stylesheet text/css	2a00:1450:400d:805::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldj7xAaAAAAAO4g3iAau5aRbCX35eqUK5MeNFBo&co=aHR0cHM6Ly9tb25leS10cmVlcy5jYzo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=2h2zqnv5qn7w Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 31 Dec 2022 11:12:51 GMT content-encoding gzip x-content-type-options nosniff age 220517 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24262 x-xss-protection 0 last-modified Thu, 15 Dec 2022 05:24:10 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 31 Dec 2023 11:12:51 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 582A	407 KB 163 KB	132ms 56ms	Script text/javascript	2a00:1450:400d:805::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldj7xAaAAAAAO4g3iAau5aRbCX35eqUK5MeNFBo&co=aHR0cHM6Ly9tb25leS10cmVlcy5jYzo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=2h2zqnv5qn7w Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 29 Dec 2022 08:51:11 GMT content-encoding gzip x-content-type-options nosniff age 401817 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 166478 x-xss-protection 0 last-modified Thu, 15 Dec 2022 05:24:10 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 29 Dec 2023 08:51:11 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 582A	2 KB 2 KB	37ms 36ms	Image image/png	2a00:1450:400d:805::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 27 Dec 2022 15:21:21 GMT x-content-type-options nosniff age 551207 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Tue, 03 Jan 2023 15:21:21 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 582A	15 KB 16 KB	146ms 36ms	Font font/woff2	2a00:1450:400d:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldj7xAaAAAAAO4g3iAau5aRbCX35eqUK5MeNFBo&co=aHR0cHM6Ly9tb25leS10cmVlcy5jYzo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=2h2zqnv5qn7w Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 09:20:58 GMT x-content-type-options nosniff age 313630 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 30 Dec 2023 09:20:58 GMT

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery function| ResetCaptcha function| GetSumPer string| valuta function| SetVal function| PaymentSum object| recaptcha object| closure_lm_702148

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			money-trees.cc/	1969-12-31 23:59:59	Name: PHPSESSID Value: g28uo07bgh3rqfbedq3i5rnof1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
golden-gnomes.biz
money-trees.cc
owls.money
www.google.com
www.gstatic.com
2606:4700:3033::6815:4c6d
2606:4700:3035::ac43:cebc
2a00:1450:4001:806::2004
2a00:1450:400d:802::2003
2a00:1450:400d:805::2003
54.38.201.191
037bcc6b8ef7fac244f1ef064646f60508969998946f0c518d28618f6496b002
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
29133962ccf97017876e2a59a345433a326ea9debced53451c44e39707f36800
2e476862c7d05607e4cf85f44b2ae67d4b7c66b71332333a5a0c9242e81a929e
314426d81b85e47a5e049e8706a9929fa222ab7acffd518b1113b1ed68b90264
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
58dd04fb3c429feba8d00c62072a23d4ceb32198c0e7e63c867296c3ece51fd6
836357036aab72008f41b15d3ce2b1dbcd034710b0e97c851dc0edb1556f74c8
84e6921554eb0e298d51b4e6a38c08e9f6d337181ccb0879e9a4c7f7f47293cc
9c6adb23761f6f2d941c7198df7cab8e1a00c241d00176d9d142ddda3b4fbeb1
ca8f99c82a52b7c38515660369a78bd7597d85a8aad535e9e9104fa57241624c
dfe02a2d93a93c68f34213c0b1f9c16f59edc3a652167733cc9a06b3ed7fdecd
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20