www.birds-money.me Open in urlscan Pro
2606:4700:3031::ac43:9226  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.birds-money.me/	8 KB 2 KB	208ms 182ms	Document text/html	2606:4700:3031::ac43:9226 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:9226 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c9d8d2403d77713e845dc93aacb45be11b4c56ef7a37bf41b9e12eaa15523f8d Request headers :method GET :authority www.birds-money.me :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 19:27:03 GMT content-type text/html; charset=cp1251 set-cookie __cfduid=dd3982a4331f37a03617c8f62f4bb43a21608665223; expires=Thu, 21-Jan-21 19:27:03 GMT; path=/; domain=.birds-money.me; HttpOnly; SameSite=Lax; Secure PHPSESSID=2auo1r8eanpipo22038qu9h145; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache vary Accept-Encoding cf-cache-status DYNAMIC cf-request-id 072d84699200003244a4af8000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KslV2MZG1bqjkyi0L5sdgaPs8yXThEr9Z0KNG9iSW%2BtD1hNhFJgw9iyE86eOot5pNABEsev0b30Gjy41S6X439%2BrVRWTunpnEr8dgtnXtaWEszRaCTs8vejhKEcqOHk%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 605c3cef5ac13244-FRA content-encoding br
GET H2	200	style.css www.birds-money.me/style/	17 KB 4 KB	163ms 162ms	Stylesheet text/css	2606:4700:3031::ac43:9226 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.birds-money.me/style/style.css?1123 Requested by Host: www.birds-money.me URL: https://www.birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:9226 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dbb473f0d45b6a7a59da22b26f60bf6e567cf1032e4f99d68f5daea293091568 Request headers Referer https://www.birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 19:27:03 GMT content-encoding br cf-cache-status MISS last-modified Mon, 21 Dec 2020 21:53:19 GMT server cloudflare etag W/"5fe1194f-454f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zEXFnX%2B4lUZxhEt5R556%2B9oOdtVTt2HemUxFQHQXzO%2Favdq9h7GfCMkh65e3LRMJxoC8Yf%2F5rJs%2BSReBfTSu6cBgK%2BPIBovCO4zri4omk5AQU7X56o6tsEGQbSUmBw8%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 605c3cf07dfd3244-FRA cf-request-id 072d846a4f00003244e8b68000000001
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 646 B	15ms 15ms	Script text/javascript	2a00:1450:4001:814::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: www.birds-money.me URL: https://www.birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash c04cbfe21e23ceb866fae28e981a17dfe9ce6cb178943dda6f11a495255ec137 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 19:27:03 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 554 x-xss-protection 1; mode=block expires Tue, 22 Dec 2020 19:27:03 GMT
GET H2	200	jquery.js Show response www.birds-money.me/js/	56 KB 19 KB	208ms 208ms	Script application/javascript	2606:4700:3031::ac43:9226 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.birds-money.me/js/jquery.js Requested by Host: www.birds-money.me URL: https://www.birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:9226 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29133962ccf97017876e2a59a345433a326ea9debced53451c44e39707f36800 Request headers Referer https://www.birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 19:27:03 GMT content-encoding br cf-cache-status MISS last-modified Fri, 18 Dec 2020 12:00:58 GMT server cloudflare etag W/"5fdc99fa-dfb8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9F64nU%2BalxzC0YDDgDW%2F3dDwT9tKjBhDsHx34a2OqxAsDzYza1UVKd%2BrsHWKgmZgacXq9N6UfPu6QO9Be7mONeVtMV%2BM0ld2y6f7rQbjndTQ2MnPKnAdqUTZeRbuy9U%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 605c3cf07e023244-FRA cf-request-id 072d846a50000032449489c000000001
GET H2	200	functions.js Show response www.birds-money.me/js/	1 KB 760 B	122ms 121ms	Script application/javascript	2606:4700:3031::ac43:9226 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.birds-money.me/js/functions.js Requested by Host: www.birds-money.me URL: https://www.birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:9226 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca8f99c82a52b7c38515660369a78bd7597d85a8aad535e9e9104fa57241624c Request headers Referer https://www.birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 19:27:03 GMT content-encoding br cf-cache-status MISS last-modified Fri, 18 Dec 2020 12:00:58 GMT server cloudflare etag W/"5fdc99fa-4e2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SYQ9SEoVyGnm9bPlPnlzYZYOIXSoPr9Mf2uxX1Fazrl%2BBbIwIq0b0QFKabf215Zw%2FngS7DcoJGCYZA58HsdygP41un2Vv%2FvSil1olBIp41N2lm%2BUEnW47SucoVIzZoo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 605c3cf07e053244-FRA cf-request-id 072d846a50000032449890d000000001
GET H2	200	bancode.php Show response linkslot.ru/	14 KB 5 KB	92ms 76ms	Script application/javascript	2606:4700:20::681a:1c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://linkslot.ru/bancode.php?id=306848 Requested by Host: www.birds-money.me URL: https://www.birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c357d3f342230dfc33693620b20ad9b61313f2c06b52e153fa3c2de902f2f2f Request headers Referer https://www.birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers cf-request-id 072d846b0300002c42862d8000000001 content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare date Tue, 22 Dec 2020 19:27:04 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H%2FHYLsa0J7joiAfCnnz4lpyvvkUaKwd6vUBLinn%2B4Hr3XpSauRjXD%2BW19VPYYHYSz2HdXztv1BDwxDPgV9RT2r58bZRFW0ZVsB60iQZPNZUGCSn0wWHWWg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=windows-1251 cf-ray 605c3cf19ddd2c42-FRA
GET H2	200	bancode.php Show response linkslot.ru/	14 KB 5 KB	76ms 76ms	Script application/javascript	2606:4700:20::681a:1c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://linkslot.ru/bancode.php?id=306849 Requested by Host: www.birds-money.me URL: https://www.birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b03d80d73c69fe0a6c8389882d82f2095605de1e84fe295722110b7fb146027c Request headers Referer https://www.birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers cf-request-id 072d846b2400002c42c5a5b000000001 content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare date Tue, 22 Dec 2020 19:27:04 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vLGR1IwgqFcHu12M0BaC2TzstXNGuh5Kfm6WmWJA2Qp2AWHhKuELV75nt3CINXdKSnSzdVynDK8HE3qNNRPZpPD6Ugr2twfaiq2gJmgXV3yZc%2FnzRA%2FpGA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=windows-1251 cf-ray 605c3cf1de7c2c42-FRA
GET H2	200	red2.png www.birds-money.me/img/	84 KB 84 KB	187ms 186ms	Image image/png	2606:4700:3031::ac43:9226 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.birds-money.me/img/red2.png Requested by Host: www.birds-money.me URL: https://www.birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:9226 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 037bcc6b8ef7fac244f1ef064646f60508969998946f0c518d28618f6496b002 Request headers Referer https://www.birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 19:27:04 GMT cf-cache-status MISS last-modified Mon, 21 Dec 2020 19:17:19 GMT server cloudflare etag "5fe0f4bf-14e86" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kQUukwg8lx74j1BXoFvIoKB6%2BYMugOtuOe7EDaSW%2FdhpThNU9d1waiO0nkHQkhKYYQFzA6xKjVaURjIU%2BdsfZpPdj%2BCzYRnawm6gliDYWefJW29CpRIau0A5CsvF8HE%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 605c3cf1d9d73244-FRA content-length 85638 cf-request-id 072d846b2600003244e72cc000000001
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/	334 KB 131 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:81f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.birds-money.me Referer https://www.birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 17:55:05 GMT content-encoding gzip x-content-type-options nosniff age 5518 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 133916 x-xss-protection 0 last-modified Sun, 06 Dec 2020 23:05:51 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 22 Dec 2021 17:55:05 GMT
GET H2	200	fon4.jpg www.birds-money.me/img/	105 KB 106 KB	176ms 176ms	Image image/jpeg	2606:4700:3031::ac43:9226 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.birds-money.me/img/fon4.jpg Requested by Host: www.birds-money.me URL: https://www.birds-money.me/style/style.css?1123 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:9226 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 002f893c2ee760c7ac017e2f9deddfa67ef8d5d3828addd11375cb94c45606f0 Request headers Referer https://www.birds-money.me/style/style.css?1123 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 19:27:04 GMT cf-cache-status MISS last-modified Mon, 21 Dec 2020 21:50:28 GMT server cloudflare etag "5fe118a4-1a58c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iPn38BM72o0%2FVTcAfoQecu9KALT%2B3AUlCTLvE0aWtg2SPt0%2B3f9EaJQYexNJXTQy7X101jCux3M1ySLOWkEC%2FxfLbz3rNK5Vo%2Bj4FRIC1flu0RfCIBTyiu9at6uRFTw%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 605c3cf1d9e13244-FRA content-length 107916 cf-request-id 072d846b2800003244f2051000000001
GET H3-Q050	200	anchor www.google.com/recaptcha/api2/ Frame BFAB	0 0	18ms 18ms	Document text/html	2a00:1450:4001:814::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LejsgsaAAAAAL4OhcBlFzyzQOiezC39ck8jGgyh&co=aHR0cHM6Ly93d3cuYmlyZHMtbW9uZXkubWU6NDQz&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=normal&cb=97vkeke48c5b Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-rR7CrujWqg2HbH7XQWT1Gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/anchor?ar=1&k=6LejsgsaAAAAAL4OhcBlFzyzQOiezC39ck8jGgyh&co=aHR0cHM6Ly93d3cuYmlyZHMtbW9uZXkubWU6NDQz&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=normal&cb=97vkeke48c5b pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.birds-money.me/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.birds-money.me/ Response headers content-security-policy script-src 'report-sample' 'nonce-rR7CrujWqg2HbH7XQWT1Gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 content-encoding gzip date Tue, 22 Dec 2020 19:27:04 GMT expires Tue, 22 Dec 2020 19:27:04 GMT cache-control private, max-age=0 x-content-type-options nosniff x-xss-protection 1; mode=block content-length 1054 server GSE alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	gate.php Show response linkslot.ru/	2 B 280 B	105ms 91ms	XHR text/html	2606:4700:20::681a:1c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://linkslot.ru/gate.php?d1=dae2dc98d4d0dbded49fd5d6d6c8e493d7d78a9caa97aa9c9f8b94a1959a95989baa9195d5d6e2ccd7d1cba19c97aa819ad5c8cbccd9d9d9e5cfa49acae0dcccd483d8c6cd92d6dc9ad9929997c7949fc49f9b87caead1decddecdc5d6cedea19c9cb18fa59e8790ced3d9d7de9389e6caddcd87cfc8ced0d99b87cce2d3e1d5cc979b9e939aa09b9aaa94a09e9888d6cccbcbe4d098af94a9969a9e86a0d7e1ddd6d9f0d0a9db9f98939b959aa29799aa91a2989798939b959aa2978caa8495999d989ba19b9fa4999daa97a2 Requested by Host: www.birds-money.me URL: https://www.birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.8 Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://www.birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 19:27:04 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.8 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s9AalQVRvc%2FTETPl7DgI68LcfHGpxHUky6LZtOiaPsxscMlQZl01D77n7ESFLvn%2BVJrQBtr7wSOwgvMEJ9fDGcX9s64ZoRptBQMYTHeXmfAnrGKgGN0lWw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html;charset=windows-1251 access-control-allow-origin * cf-ray 605c3cf27d642bad-FRA content-length 2 cf-request-id 072d846b9200002bada8265000000001
GET H2	200	191a22f80ec4d664dfac72f77bbfc9c3.jpeg linkslot.ru/uploads/	48 KB 49 KB	19ms 18ms	Image image/jpeg	2606:4700:20::681a:1c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://linkslot.ru/uploads/191a22f80ec4d664dfac72f77bbfc9c3.jpeg Requested by Host: www.birds-money.me URL: https://www.birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e89bc350ac68019b58e281f77c0c7c06b12be68cd8af7e5806636d5f8a4a6bf1 Request headers Referer https://www.birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 19:27:04 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 6839 content-length 49300 cf-request-id 072d846b8300002c4274860000000001 last-modified Tue, 22 Dec 2020 11:31:53 GMT server cloudflare etag "5fe1d929-c094" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1PVkLCFlo4CkGKqwwDSprE4LROWDhBIs7rQJvUg5ZeI5m6HpkMPsVM7xGoqQglJ1wTHaPYagvnQ6g7m41d0kPR9uTc2WgnkhbGPDJrbOJOdafWAKgMfMVg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 605c3cf26fdf2c42-FRA cf-bgj h2pri
GET H2	200	gate.php Show response linkslot.ru/	2 B 623 B	90ms 82ms	XHR text/html	2606:4700:20::681a:1c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://linkslot.ru/gate.php?d1=dae2dc98d4d0dbded49fd5d6d6c8e493d7d78a9caa97aa9ca08b94a1959a95989baa9195d5d6e2ccd7d1cba19c97aa819ad5c8cbccd9d9d9e5cfa49acae0dcccd483d8c6cd92d6dc9ad9929997c7949fc49f9b87caead1decddecdc5d6cedea19c9cb18fa59e8790ced3d9d7de9389e6caddcd87cfc8ced0d99b87cce2d3e1d5cc979b9e939aa09b9aaa94a09e9888d6cccbcbe4d098af94a9969a9e86dadde0d9cd9ff296d9df9798939b959aa29799aa91a2989798939b959aa2978caa8495999d989ba19b9fa4999daa97a8 Requested by Host: www.birds-money.me URL: https://www.birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.8 Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://www.birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 19:27:04 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.8 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BlWntAxHp9S4948s1GuPGwIJo0LvTtIJuEgfonq0%2FDIeawwhTAWIo105KUBKrUWqT01r4PgVAhedVIS1oJ1r49Jmjr49t6qX7yMA%2FBIELpne%2B3VcDO2alw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html;charset=windows-1251 access-control-allow-origin * cf-ray 605c3cf27d682bad-FRA content-length 2 cf-request-id 072d846b9000002badc8317000000001
GET H2	200	3adf18d7aa2b8a4f14772d91c39bd7a8.jpeg linkslot.ru/uploads/	47 KB 47 KB	20ms 19ms	Image image/jpeg	2606:4700:20::681a:1c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://linkslot.ru/uploads/3adf18d7aa2b8a4f14772d91c39bd7a8.jpeg Requested by Host: www.birds-money.me URL: https://www.birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f1f12d3b6de7aed1779a1a1212af14120ec959595ec496a4a2295009c42e38c5 Request headers Referer https://www.birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 19:27:04 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 2014 content-length 47622 cf-request-id 072d846b8800002c426d091000000001 last-modified Sun, 20 Dec 2020 18:48:14 GMT server cloudflare etag "5fdf9c6e-ba06" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Du3Sb7xLiz6hJqc36B%2Bwop038Q2hmvU2SIVJNLTijAA%2FUNoN1PzKSSjbTHdOwvAWznorT1HF63%2FDIv2oMIw3STZ55tEkUiz3A9wLt0%2Bzs73Xr9FyUnX6bg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 605c3cf27ff62c42-FRA cf-bgj h2pri
GET		gate.php linkslot.ru/	0 0
GET H2	200	gate.php Show response linkslot.ru/	2 B 414 B	82ms 82ms	XHR text/html	2606:4700:20::681a:1c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://linkslot.ru/gate.php?d2=dae2dc98d4d0dbded49fd5d6d6c8e493d7d78a9caa97aa9ca08b938e958da28a9ab091aa9e9d9d959d999aa89d Requested by Host: www.birds-money.me URL: https://www.birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.8 Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://www.birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 19:27:09 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.8 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8noN1NBoF7XmhmHk01OSoUARUdtzi5yHJNoY82%2FKdQ5urhkZriE%2Bl21P9nuiB4YwI0HuvGY5rultnPiwvCo6vuyVkAJy0v9WX4TU6g2hsS0eWUgYSvesOw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html;charset=windows-1251 access-control-allow-origin * cf-ray 605c3d11bced2bad-FRA content-length 2 cf-request-id 072d847f1000002bad670b9000000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

linkslot.ru

URL

https://linkslot.ru/gate.php?d2=dae2dc98d4d0dbded49fd5d6d6c8e493d7d78a9caa97aa9c9f8b938e958da28a9ab091aa9e9d9d959d999aa89d

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery function| ResetCaptcha function| GetSumPer string| valuta function| SetVal function| PaymentSum object| recaptcha object| closure_lm_388986 object| lSCoDe function| lsOrder function| lsStHex function| LiNKsloT string| welcome string| jZv string| Rt4 string| pMj string| Yre function| None string| C3U string| Qex string| BXW string| YMF string| f3S string| lsGT number| lsSY number| lsPZ number| lsMX number| lsMY string| lsPR function| lsRT object| lsHT object| lsDS object| lsDv string| lsLN string| lsID string| lsPD string| x string| lsRX number| lsT0 boolean| lsIFram string| hash string| lsNA number| fl function| lsSF function| lsMF string| xgY

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.birds-money.me/	1970-01-19 14:51:08	Name: nova Value: oxvgf6x5gw000000000000000000000
			www.birds-money.me/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2auo1r8eanpipo22038qu9h145
			.birds-money.me/	1970-01-19 15:34:17	Name: __cfduid Value: dd3982a4331f37a03617c8f62f4bb43a21608665223

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

linkslot.ru
www.birds-money.me
www.google.com
www.gstatic.com
linkslot.ru
2606:4700:20::681a:1c9
2606:4700:3031::ac43:9226
2a00:1450:4001:814::2004
2a00:1450:4001:81f::2003
002f893c2ee760c7ac017e2f9deddfa67ef8d5d3828addd11375cb94c45606f0
037bcc6b8ef7fac244f1ef064646f60508969998946f0c518d28618f6496b002
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29133962ccf97017876e2a59a345433a326ea9debced53451c44e39707f36800
6c357d3f342230dfc33693620b20ad9b61313f2c06b52e153fa3c2de902f2f2f
b03d80d73c69fe0a6c8389882d82f2095605de1e84fe295722110b7fb146027c
c04cbfe21e23ceb866fae28e981a17dfe9ce6cb178943dda6f11a495255ec137
c9d8d2403d77713e845dc93aacb45be11b4c56ef7a37bf41b9e12eaa15523f8d
ca8f99c82a52b7c38515660369a78bd7597d85a8aad535e9e9104fa57241624c
dbb473f0d45b6a7a59da22b26f60bf6e567cf1032e4f99d68f5daea293091568
e89bc350ac68019b58e281f77c0c7c06b12be68cd8af7e5806636d5f8a4a6bf1
f1f12d3b6de7aed1779a1a1212af14120ec959595ec496a4a2295009c42e38c5
fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb