birds-money.me Open in urlscan Pro
2606:4700:3032::681f:4e75  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response birds-money.me/	8 KB 3 KB	167ms 148ms	Document text/html	2606:4700:3032::681f:4e75 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::681f:4e75 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 47bb2a23044426154786a13814fe9dfff337cb5fc330247cab8bd9eb88417985 Request headers :method GET :authority birds-money.me :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 27 Dec 2020 07:46:53 GMT content-type text/html; charset=cp1251 set-cookie __cfduid=d1ba1b8e6d559fc00b2e120e0a288e2271609055213; expires=Tue, 26-Jan-21 07:46:53 GMT; path=/; domain=.birds-money.me; HttpOnly; SameSite=Lax; Secure PHPSESSID=09pd7tpqgmd6tma3de99m4tf23; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache vary Accept-Encoding cf-cache-status DYNAMIC cf-request-id 0744c32fe300002bc2ba8ca000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d1beaY73vPMWaYrDw%2BK0bi%2F%2BKCg%2F42PPnsi%2B6g%2BXn7f2F2B7AnudE%2B1wGqZhar%2F%2FyfnurS%2FYA51fwWqiWY79u7bYtMrP3NqTh7pLfVtqggsfjdvG2JuyWJtDaw%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 60816e2c9b5c2bc2-FRA content-encoding br
GET H2	200	style.css birds-money.me/style/	13 KB 3 KB	19ms 18ms	Stylesheet text/css	2606:4700:3032::681f:4e75 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://birds-money.me/style/style.css?v=2.1 Requested by Host: birds-money.me URL: https://birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::681f:4e75 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 30ed5b7306006df8345e7a590aa8160b04b19a545096cd97f0d6ac6b1fcde0ae Request headers Referer https://birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 27 Dec 2020 07:46:53 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 2731 cf-polished origSize=18126 cf-request-id 0744c3308000002bc2ddbd8000000001 last-modified Wed, 23 Dec 2020 20:11:31 GMT server cloudflare etag W/"5fe3a473-46ce" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tUaGBZHOlf2EtrnWntH0jsZDRgRlOf7jsrvKXfKsfRUipIYTD3y27IciIuctr7VoleYDp%2F7mEWPga%2BsK%2FzR6lQiXv6nnfUPz3HpcIzHXiNG86HmCJUzjsf7Csw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 60816e2d9d442bc2-FRA cf-bgj minify
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 762 B	16ms 15ms	Script text/javascript	2a00:1450:4001:824::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: birds-money.me URL: https://birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash c04cbfe21e23ceb866fae28e981a17dfe9ce6cb178943dda6f11a495255ec137 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 27 Dec 2020 07:46:53 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 554 x-xss-protection 1; mode=block expires Sun, 27 Dec 2020 07:46:53 GMT
GET H2	200	jquery.js Show response birds-money.me/js/	55 KB 19 KB	14ms 13ms	Script application/javascript	2606:4700:3032::681f:4e75 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://birds-money.me/js/jquery.js Requested by Host: birds-money.me URL: https://birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::681f:4e75 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35dab8ea9ca8b961a05669e24f56dcb4b2455ea8b289db46fed0ef7e820c1c84 Request headers Referer https://birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 27 Dec 2020 07:46:53 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 3953 cf-polished origSize=57272 cf-request-id 0744c3308100002bc2a9a6f000000001 last-modified Fri, 18 Dec 2020 12:00:58 GMT server cloudflare etag W/"5fdc99fa-dfb8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E3KMyyT2KQKMmEb4PI%2FTdwP5mlh8aQspjplIZBzIvzrpSl9C8HtOOCzRgWUtVGaEUUY3HZ4SZ%2BcMtBt4sAjrGIZ07CAV57dVDQaTjonvjpj1U3mad%2FujKobTiw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 60816e2d9d462bc2-FRA cf-bgj minify
GET H2	200	functions.js Show response birds-money.me/js/	968 B 720 B	11ms 10ms	Script application/javascript	2606:4700:3032::681f:4e75 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://birds-money.me/js/functions.js Requested by Host: birds-money.me URL: https://birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::681f:4e75 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3a5a22021d329a32eee527098d3d6d455e5a702289fa3e55c76439d587157831 Request headers Referer https://birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 27 Dec 2020 07:46:53 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 3953 cf-polished origSize=1250 cf-request-id 0744c3308100002bc2a61ac000000001 last-modified Fri, 18 Dec 2020 12:00:58 GMT server cloudflare etag W/"5fdc99fa-4e2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tuM7Xgl2UKN5qcy1whpG1%2BTjfgwA5D39oWX3PW3nqbnbbLHod21LTBPF4zjxNz8tT0nqCHQ47OTf8eI0e8Un%2BTvkupvySFxGByJiE2fdqd5lxj2ByHMMpqjUQw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 60816e2d9d472bc2-FRA cf-bgj minify
GET H2	200	bancode.php Show response linkslot.ru/	14 KB 5 KB	77ms 62ms	Script application/javascript	2606:4700:20::ac43:49a4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://linkslot.ru/bancode.php?id=307240 Requested by Host: birds-money.me URL: https://birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff87d65dfced9b1c0adc2084c2c75212af048677a30eae933b71235893eaf7c3 Request headers Referer https://birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers cf-request-id 0744c3309f0000c2b81ba61000000001 content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare date Sun, 27 Dec 2020 07:46:53 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fSwOLvGl%2FqaKj7G2Qtcw45pXZEZ1O4FRzZaZyaKl7dphQtJn2cZzo%2BXhmKcTCS3j2Jc4Sc4dYqoKaV1iG2QG47PqD6mvwjBoKJnpPLYhzBIaLTvrRl4ygQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=windows-1251 cf-ray 60816e2dc852c2b8-FRA
GET H2	200	bancode.php Show response linkslot.ru/	14 KB 5 KB	76ms 64ms	Script application/javascript	2606:4700:20::ac43:49a4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://linkslot.ru/bancode.php?id=307241 Requested by Host: birds-money.me URL: https://birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad2faac9ab94fbd5e8bd747c321b061b906c12c4f7c38da475c1bc699f16e607 Request headers Referer https://birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers cf-request-id 0744c3309f0000c2b82c291000000001 content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare date Sun, 27 Dec 2020 07:46:53 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y1OvF6QskaLXqAXXQPNpazLgT%2BE%2BYjKRaOq0GvpGNg45jbFlnxnQfzDlIHM5uL3kTm0UTzXKmkIgzwRR7yNkWVh%2FFvrpJJsVYBUSiK%2BApjqvAd05ex46Ug%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=windows-1251 cf-ray 60816e2dc853c2b8-FRA
GET H2	200	red2.png birds-money.me/img/	84 KB 84 KB	18ms 18ms	Image image/png	2606:4700:3032::681f:4e75 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://birds-money.me/img/red2.png Requested by Host: birds-money.me URL: https://birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::681f:4e75 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 037bcc6b8ef7fac244f1ef064646f60508969998946f0c518d28618f6496b002 Request headers Referer https://birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 27 Dec 2020 07:46:53 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1980 content-length 85638 cf-request-id 0744c3309b00002bc2ec25c000000001 last-modified Mon, 21 Dec 2020 19:17:19 GMT server cloudflare etag "5fe0f4bf-14e86" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T%2F0RZmlgHtIARH%2FgSWaR40nvE81PUPvtTw8KPwfKaw7XcwHWjJbiVJYMIxZvv9xQ5lOWcgv9tzMCLWOoY30e4tth70PEMpAGbR3yWTUEAdkXLG2blel9VLW7PA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 60816e2dcd8f2bc2-FRA
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/	334 KB 131 KB	25ms 6ms	Script text/javascript	2a00:1450:4001:81f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://birds-money.me Referer https://birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 27 Dec 2020 06:21:02 GMT content-encoding gzip x-content-type-options nosniff age 5151 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 133916 x-xss-protection 0 last-modified Sun, 06 Dec 2020 23:05:51 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 27 Dec 2021 06:21:02 GMT
GET H2	200	fon4.jpg birds-money.me/img/	158 KB 159 KB	11ms 10ms	Image image/jpeg	2606:4700:3032::681f:4e75 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://birds-money.me/img/fon4.jpg Requested by Host: birds-money.me URL: https://birds-money.me/style/style.css?v=2.1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::681f:4e75 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 58dd04fb3c429feba8d00c62072a23d4ceb32198c0e7e63c867296c3ece51fd6 Request headers Referer https://birds-money.me/style/style.css?v=2.1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 27 Dec 2020 07:46:53 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 3953 content-length 162191 cf-request-id 0744c3309b00002bc2a1a78000000001 last-modified Wed, 23 Dec 2020 19:39:27 GMT server cloudflare etag "5fe39cef-2798f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Le1YXEtKGDEezFdn2eEfgzrhsYFFHRTh4NvGWgTiH1cK%2By9XytgbZ8NrFcEFDedNrhkIhS9W9obYDqNe2ebWtvu%2FwU1q26LabIq%2BHcoCNpl3ctco6Yv5E5SYyA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 60816e2dcd902bc2-FRA
GET H3-Q050	200	anchor www.google.com/recaptcha/api2/ Frame 8AEA	0 0	55ms 41ms	Document text/html	2a00:1450:4001:824::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldj7xAaAAAAAO4g3iAau5aRbCX35eqUK5MeNFBo&co=aHR0cHM6Ly9iaXJkcy1tb25leS5tZTo0NDM.&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=normal&cb=ji8jpqxispwd Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-smfrWELh5WkUUFQ3BmEnLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/anchor?ar=1&k=6Ldj7xAaAAAAAO4g3iAau5aRbCX35eqUK5MeNFBo&co=aHR0cHM6Ly9iaXJkcy1tb25leS5tZTo0NDM.&hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&size=normal&cb=ji8jpqxispwd pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://birds-money.me/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://birds-money.me/ Response headers content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Sun, 27 Dec 2020 07:46:53 GMT content-security-policy script-src 'report-sample' 'nonce-smfrWELh5WkUUFQ3BmEnLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 10883 server GSE alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	gate.php Show response linkslot.ru/	2 B 627 B	81ms 65ms	XHR text/html	2606:4700:20::ac43:49a4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://linkslot.ru/gate.php?d1=c5d4d7cee594d6e9cfd7e195d5c88e989aa9999daa84a39e9798869c979aa28ad6e9dbdbd4d3c992a0939a928fd6dbc4dbd6dbd7d6d3a08adbd5dddfcd92d5c8cb83dad88aea879aaac0a39cc69d8c8bc6dae2d3cef1c6d4d3d0dc92a098a1a09a9f9a89ddd0dbd5cf9785d6dbd2ce9ac8d7cbd2d78c8bc8d2e4d6d6df90aa9b9598919f969aa5959fab81e5c9cdc9d5d4949fa59e97ad97959c9f99cdd4ccdfe69f9aae91a2989798939b959aa29799aa91a2989798939b958da28a8cab97a2a1979d989d969daa9a9d Requested by Host: birds-money.me URL: https://birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.8 Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 27 Dec 2020 07:46:53 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.8 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wrLu2Pm%2BSP5oUQDSBp87SuxFm%2FNWXM%2BvjX0Z4F3RJC2K0bxTd3YJDanEodGMCNxCx256Yw0JG90aRN%2B15hC5lES9KuY2BQxAuL4pyAabENJQaCJVi5PH%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html;charset=windows-1251 access-control-allow-origin * cf-ray 60816e2e8cac1752-FRA content-length 2 cf-request-id 0744c3311900001752a394b000000001
GET H2	200	191a22f80ec4d664dfac72f77bbfc9c3.jpeg linkslot.ru/uploads/	48 KB 49 KB	14ms 14ms	Image image/jpeg	2606:4700:20::ac43:49a4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://linkslot.ru/uploads/191a22f80ec4d664dfac72f77bbfc9c3.jpeg Requested by Host: birds-money.me URL: https://birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e89bc350ac68019b58e281f77c0c7c06b12be68cd8af7e5806636d5f8a4a6bf1 Request headers Referer https://birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 27 Dec 2020 07:46:53 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 6768 content-length 49300 cf-request-id 0744c331090000c2b8de81b000000001 last-modified Thu, 24 Dec 2020 09:46:11 GMT server cloudflare etag "5fe46363-c094" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LM4yEVUKYVSuSNpV46kqFr8xhPl3pZV%2FoM52OvDUS2uKUh0nfkRANZ6JkjcHQkb0r5WVyAl2R5whDuJ1gbUUOor7lh%2FcEgwUiEbz6gtFst5zqufEu5MLrQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 60816e2e792cc2b8-FRA cf-bgj h2pri
GET H2	200	gate.php Show response linkslot.ru/	2 B 288 B	83ms 72ms	XHR text/html	2606:4700:20::ac43:49a4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://linkslot.ru/gate.php?d1=c5d4d7cee594d6e9cfd7e195d5c88e989aa9999dab84a39e9798869c979aa28ad6e9dbdbd4d3c992a0939a928fd6dbc4dbd6dbd7d6d3a08adbd5dddfcd92d5c8cb83dad88aea879aaac0a39cc69d8c8bc6dae2d3cef1c6d4d3d0dc92a098a1a09a9f9a89ddd0dbd5cf9785d6dbd2ce9ac8d7cbd2d78c8bc8d2e4d6d6df90aa9b9598919f969aa5959fab81e5c9cdc9d5d4949fa59e97ad97959cd3dec7ce95d9dea09ceb91a2989798939b959aa29799aa91a2989798939b958da28a8cab97a2a1979d989d969daa9aa2 Requested by Host: birds-money.me URL: https://birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.8 Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 27 Dec 2020 07:46:53 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.8 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=93%2BKNzINUSAk%2Fhb6%2FKtf29TkTvLOWerT1h6wXCGMH%2FxyqtGau92ZEaEojI%2BSYQbGyP9Flt8JUzzDDNW%2FVvYeEzqtVIh59rLNjOIjQAYarnnbRmvOTorChw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html;charset=windows-1251 access-control-allow-origin * cf-ray 60816e2e8cb11752-FRA content-length 2 cf-request-id 0744c3311a00001752f298e000000001
GET H3-Q050	200	bframe www.google.com/recaptcha/api2/ Frame 9685	0 0	18ms 18ms	Document text/html	2a00:1450:4001:824::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&k=6Ldj7xAaAAAAAO4g3iAau5aRbCX35eqUK5MeNFBo&cb=m48i43fl86if Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-sruNvBjQLbbppHWwx9LVSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/bframe?hl=en&v=qc5B-qjP0QEimFYUxcpWJy5B&k=6Ldj7xAaAAAAAO4g3iAau5aRbCX35eqUK5MeNFBo&cb=m48i43fl86if pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://birds-money.me/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://birds-money.me/ Response headers content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Sun, 27 Dec 2020 07:46:54 GMT content-security-policy script-src 'report-sample' 'nonce-sruNvBjQLbbppHWwx9LVSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 1123 server GSE alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET		gate.php linkslot.ru/	0 0
GET H2	200	gate.php Show response linkslot.ru/	2 B 422 B	66ms 65ms	XHR text/html	2606:4700:20::ac43:49a4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://linkslot.ru/gate.php?d2=c5d4d7cee594d6e9cfd7e195d5c88e989aa9999dab84a28b978b938e96a0a2a099af96a4999aa096a4 Requested by Host: birds-money.me URL: https://birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.8 Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://birds-money.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 27 Dec 2020 07:46:58 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.8 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XaQp7Avk6JuDAAvRpeGD8uHWVnBdYb0y1MOfWWBrRg2CFrU5YQ%2B8NQeEIA5AW7ng%2Bkj%2B7MWVH5uplf%2Bt%2FTH%2B7MeVlItPd6lJtIT9EPHUQ6L%2Be4tgU8bSfg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html;charset=windows-1251 access-control-allow-origin * cf-ray 60816e4dc9cd1752-FRA content-length 2 cf-request-id 0744c34499000017520f9f0000000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

linkslot.ru

URL

https://linkslot.ru/gate.php?d2=c5d4d7cee594d6e9cfd7e195d5c88e989aa9999daa84a28b978b938e96a0a2a099af96a4999aa096a4

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery function| ResetCaptcha function| GetSumPer string| valuta function| SetVal function| PaymentSum object| recaptcha object| closure_lm_587242 object| lSCoDe function| lsOrder function| lsStHex function| LiNKsloT string| welcome string| jZv string| Rt4 string| pMj string| Yre function| None string| C3U string| Qex string| BXW string| YMF string| f3S string| lsGT number| lsSY number| lsPZ number| lsMX number| lsMY string| lsPR function| lsRT object| lsHT object| lsDS object| lsDv string| lsLN string| lsID string| lsPD string| x string| lsRX number| lsT0 boolean| lsIFram string| hash string| lsNA number| fl function| lsSF function| lsMF string| xgY

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			birds-money.me/	1969-12-31 23:59:59	Name: PHPSESSID Value: 09pd7tpqgmd6tma3de99m4tf23
			.birds-money.me/	1970-01-19 15:40:47	Name: __cfduid Value: d1ba1b8e6d559fc00b2e120e0a288e2271609055213

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

birds-money.me
linkslot.ru
www.google.com
www.gstatic.com
linkslot.ru
2606:4700:20::ac43:49a4
2606:4700:3032::681f:4e75
2a00:1450:4001:81f::2003
2a00:1450:4001:824::2004
037bcc6b8ef7fac244f1ef064646f60508969998946f0c518d28618f6496b002
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
30ed5b7306006df8345e7a590aa8160b04b19a545096cd97f0d6ac6b1fcde0ae
35dab8ea9ca8b961a05669e24f56dcb4b2455ea8b289db46fed0ef7e820c1c84
3a5a22021d329a32eee527098d3d6d455e5a702289fa3e55c76439d587157831
47bb2a23044426154786a13814fe9dfff337cb5fc330247cab8bd9eb88417985
58dd04fb3c429feba8d00c62072a23d4ceb32198c0e7e63c867296c3ece51fd6
ad2faac9ab94fbd5e8bd747c321b061b906c12c4f7c38da475c1bc699f16e607
c04cbfe21e23ceb866fae28e981a17dfe9ce6cb178943dda6f11a495255ec137
e89bc350ac68019b58e281f77c0c7c06b12be68cd8af7e5806636d5f8a4a6bf1
fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb
ff87d65dfced9b1c0adc2084c2c75212af048677a30eae933b71235893eaf7c3