www.birds-money.me Open in urlscan Pro
2606:4700:3031::ac43:9226  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.birds-money.me/	8 KB 3 KB	232ms 184ms	Document text/html	2606:4700:3031::ac43:9226 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:9226 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 90846cacd35fa07f3f2030f7c380c72feee13027b15f01ad93a2de6782ca926e Request headers :method GET :authority www.birds-money.me :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 00:17:58 GMT content-type text/html; charset=cp1251 set-cookie PHPSESSID=su2dmg6ipdl0vmok0t18utip26; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache vary Accept-Encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2s5OvVflXMxxomdHRWWn43idEP%2FaAGv5%2FAKzLxq63POW7vZhSSvbuyU3hDbo32eo74EOrUxSw6UReLnuGEGFa3esksd47krjXaN4MOAnKGg8pkXPIz8YMZ9xKPDz%2FqffvdzTudHND0bnK7ev672avM%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 68511eb41c045c14-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	style.css www.birds-money.me/style/	13 KB 4 KB	116ms 102ms	Stylesheet text/css	2606:4700:3031::ac43:9226 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.birds-money.me/style/style.css?v=2.1 Requested by Host: www.birds-money.me URL: https://www.birds-money.me/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:9226 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 30ed5b7306006df8345e7a590aa8160b04b19a545096cd97f0d6ac6b1fcde0ae Request headers :path /style/style.css?v=2.1 pragma no-cache cookie PHPSESSID=su2dmg6ipdl0vmok0t18utip26 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.birds-money.me referer https://www.birds-money.me/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.birds-money.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 00:17:58 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=18126 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Wed, 23 Dec 2020 20:11:31 GMT server cloudflare etag W/"5fe3a473-46ce" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxZielG%2Bveoka4gShy0Xzdl5yniwmRPhmWJJ6wUgOqIzq75fjWV7LzfNgg7KZOwYVX6yZhMCXasiv8DXNwmk3dB1mLBSIEKJT3Dp%2F1QcpMYL%2BP8PjfqTggbiyCuqEp3nbk%2BCd3AV7oowx39K3T85peE%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 68511eb56c554e37-FRA cf-bgj minify
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 647 B	16ms 14ms	Script text/javascript	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: www.birds-money.me URL: https://www.birds-money.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash d6ffde0bc44344c9007373cfd28cad502d8ab3dffb0f7c02fd72f68d309386b1 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.birds-money.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 00:17:58 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 555 x-xss-protection 1; mode=block expires Fri, 27 Aug 2021 00:17:58 GMT
GET H3-29	200	jquery.js Show response www.birds-money.me/js/	55 KB 20 KB	109ms 96ms	Script application/javascript	2606:4700:3031::ac43:9226 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.birds-money.me/js/jquery.js Requested by Host: www.birds-money.me URL: https://www.birds-money.me/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:9226 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35dab8ea9ca8b961a05669e24f56dcb4b2455ea8b289db46fed0ef7e820c1c84 Request headers :path /js/jquery.js pragma no-cache cookie PHPSESSID=su2dmg6ipdl0vmok0t18utip26 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.birds-money.me referer https://www.birds-money.me/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.birds-money.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 00:17:58 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=57272 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Fri, 18 Dec 2020 12:00:58 GMT server cloudflare etag W/"5fdc99fa-dfb8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FZgycRv7jcQWXWqMKcwrITyOtBd1dqdEQxfD7oem5A8HQlk5X9ZUF9v7%2FEEJeanoRhMuEBQVc0SIW1XpfWnDWe9Jfr%2Bb7vYf3IBGoPTtdje3Mh%2Bisr39Ren%2Fbki8DDZnNHdJdCi3YJ3dzeVI89s4SE%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 68511eb56c574e37-FRA cf-bgj minify
GET H3-29	200	functions.js Show response www.birds-money.me/js/	968 B 1 KB	106ms 93ms	Script application/javascript	2606:4700:3031::ac43:9226 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.birds-money.me/js/functions.js Requested by Host: www.birds-money.me URL: https://www.birds-money.me/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:9226 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3a5a22021d329a32eee527098d3d6d455e5a702289fa3e55c76439d587157831 Request headers :path /js/functions.js pragma no-cache cookie PHPSESSID=su2dmg6ipdl0vmok0t18utip26 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.birds-money.me referer https://www.birds-money.me/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.birds-money.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 00:17:58 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=1250 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Fri, 18 Dec 2020 12:00:58 GMT server cloudflare etag W/"5fdc99fa-4e2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6HkbYHSTtHmBrK6bFUcG%2FCrBYAF0X%2BHihV5SFnAFPckCbyKdGiLLFwbik2wlphBrW2abhB%2B8Vle2M64UYsQPbNi5vZb5%2FsEMf7iycsJ%2BJARRH7jTIIF9Wr6l4sQWNcxOdPtmzYFJfuoHO3d4Eafffg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 68511eb56c564e37-FRA cf-bgj minify
GET H2	200	468x60.gif fast-furious.cc/img/	243 KB 244 KB	313ms 205ms	Image image/gif	54.38.50.40 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://fast-furious.cc/img/468x60.gif Requested by Host: www.birds-money.me URL: https://www.birds-money.me/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.38.50.40 , France, ASN16276 (OVH, FR), Reverse DNS cpsfiv.iphoster.net Software nginx / Resource Hash 3597794041655c92edd250e7bf3b4453d763d5d631ffbbd359f861adda6eb33b Request headers Referer https://www.birds-money.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma public date Fri, 27 Aug 2021 00:17:59 GMT last-modified Thu, 15 Apr 2021 21:19:28 GMT server nginx content-type image/gif cache-control max-age=5184000 accept-ranges bytes content-length 248996 expires Tue, 26 Oct 2021 00:17:59 GMT
GET H2	200	468x60.jpg coco-money.com/img/	44 KB 45 KB	166ms 60ms	Image image/jpeg	188.165.24.131 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://coco-money.com/img/468x60.jpg Requested by Host: www.birds-money.me URL: https://www.birds-money.me/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.165.24.131 , France, ASN16276 (OVH, FR), Reverse DNS cpsfur.iphoster.net Software nginx / Resource Hash 848725d0f402b010d617d0baa3fcb41a8421b1d2072b02cda25ce65327113f4b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.birds-money.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 00:17:58 GMT x-content-type-options nosniff last-modified Fri, 26 Mar 2021 20:22:49 GMT server nginx content-type image/jpeg expires Tue, 26 Oct 2021 00:17:58 GMT cache-control max-age=5184000 x-server-powered-by Engintron accept-ranges bytes content-length 45409 x-xss-protection 1; mode=block x-nginx-upstream-cache-status HIT
GET H3-29	200	red2.png www.birds-money.me/img/	84 KB 84 KB	195ms 194ms	Image image/png	2606:4700:3031::ac43:9226 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.birds-money.me/img/red2.png Requested by Host: www.birds-money.me URL: https://www.birds-money.me/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:9226 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 037bcc6b8ef7fac244f1ef064646f60508969998946f0c518d28618f6496b002 Request headers :path /img/red2.png pragma no-cache cookie PHPSESSID=su2dmg6ipdl0vmok0t18utip26 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.birds-money.me referer https://www.birds-money.me/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.birds-money.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 00:17:58 GMT cf-cache-status MISS last-modified Mon, 21 Dec 2020 19:17:19 GMT server cloudflare etag "5fe0f4bf-14e86" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YkhbhXKwWaboHllb4uk96dVB0MAVufoDRy3K1ysP%2BDVmEPXUV6257jHxUjxKNLuieKU%2BoyL6MpZtxxb9HhGlUAHFPhlgG64l7qW2AQ0LEfa0PQAYo3JwOx7Qj4nibvhsY63HfvVvff%2BA6WQLkwufW%2BU%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 68511eb61d3c4e37-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 85638
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/	340 KB 340 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3b168b017f9db602024341f3e4fce6b102b26e59a60f2ee8f6083b86f83e58c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.birds-money.me Referer https://www.birds-money.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 26 Aug 2021 17:25:10 GMT x-content-type-options nosniff age 24768 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 348244 x-xss-protection 0 last-modified Mon, 16 Aug 2021 04:14:16 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 26 Aug 2022 17:25:10 GMT
GET H3-29	200	fon4.jpg www.birds-money.me/img/	158 KB 159 KB	187ms 187ms	Image image/jpeg	2606:4700:3031::ac43:9226 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.birds-money.me/img/fon4.jpg Requested by Host: www.birds-money.me URL: https://www.birds-money.me/style/style.css?v=2.1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:9226 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 58dd04fb3c429feba8d00c62072a23d4ceb32198c0e7e63c867296c3ece51fd6 Request headers :path /img/fon4.jpg pragma no-cache cookie PHPSESSID=su2dmg6ipdl0vmok0t18utip26 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.birds-money.me referer https://www.birds-money.me/style/style.css?v=2.1 :scheme https sec-fetch-site same-origin :method GET Referer https://www.birds-money.me/style/style.css?v=2.1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 00:17:58 GMT cf-cache-status MISS last-modified Wed, 23 Dec 2020 19:39:27 GMT server cloudflare etag "5fe39cef-2798f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gog98kiI2iZTqE3lYfoLr%2FahbVa1lcm04iV6KQoJdWEyV4kBzMt%2FkE0K6oJP%2FUqeaWq6hloHB8u8T3n%2BsPOANLKEdACqBVFx%2F6zy9puuRnSzF3KoWy%2BAD8jo23WUg%2BZLnuCauoJZRnJsExRPSXrB6Kg%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 68511eb61d414e37-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 162191
GET H3-29	200	anchor Show response www.google.com/recaptcha/api2/ Frame 0500	40 KB 20 KB	35ms 34ms	Document text/html	2a00:1450:4001:801::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldj7xAaAAAAAO4g3iAau5aRbCX35eqUK5MeNFBo&co=aHR0cHM6Ly93d3cuYmlyZHMtbW9uZXkubWU6NDQz&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=normal&cb=2cv6y06llt3g Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash e38008e78132c25ce82bffff7b6968eaa6b48a80c531229c0343d5d3a12b6a85 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-yJW9aMh3Zn8+Pm/XIQPPlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/anchor?ar=1&k=6Ldj7xAaAAAAAO4g3iAau5aRbCX35eqUK5MeNFBo&co=aHR0cHM6Ly93d3cuYmlyZHMtbW9uZXkubWU6NDQz&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=normal&cb=2cv6y06llt3g pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.birds-money.me/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://www.birds-money.me/ Response headers content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Fri, 27 Aug 2021 00:17:58 GMT content-security-policy script-src 'report-sample' 'nonce-yJW9aMh3Zn8+Pm/XIQPPlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 20865 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame 0500	52 KB 25 KB	16ms 14ms	Stylesheet text/css	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldj7xAaAAAAAO4g3iAau5aRbCX35eqUK5MeNFBo&co=aHR0cHM6Ly93d3cuYmlyZHMtbW9uZXkubWU6NDQz&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=normal&cb=2cv6y06llt3g Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 26 Aug 2021 16:44:15 GMT content-encoding gzip x-content-type-options nosniff age 27223 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25732 x-xss-protection 0 last-modified Mon, 16 Aug 2021 04:14:16 GMT server sffe vary Accept-Encoding content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 26 Aug 2022 16:44:15 GMT
GET H3-29	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame 0500	340 KB 340 KB	23ms 21ms	Script text/javascript	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldj7xAaAAAAAO4g3iAau5aRbCX35eqUK5MeNFBo&co=aHR0cHM6Ly93d3cuYmlyZHMtbW9uZXkubWU6NDQz&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=normal&cb=2cv6y06llt3g Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3b168b017f9db602024341f3e4fce6b102b26e59a60f2ee8f6083b86f83e58c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 26 Aug 2021 17:25:10 GMT x-content-type-options nosniff age 24768 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 348244 x-xss-protection 0 last-modified Mon, 16 Aug 2021 04:14:16 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 26 Aug 2022 17:25:10 GMT
GET DATA	200 OK	truncated / Frame 0500	14 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 0500	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 0500	2 KB 2 KB	7ms 7ms	Image image/png	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 23 Aug 2021 23:34:05 GMT x-content-type-options nosniff last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe age 261833 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha content-type image/png cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 expires Mon, 30 Aug 2021 23:34:05 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 0500	15 KB 15 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldj7xAaAAAAAO4g3iAau5aRbCX35eqUK5MeNFBo&co=aHR0cHM6Ly93d3cuYmlyZHMtbW9uZXkubWU6NDQz&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=normal&cb=2cv6y06llt3g Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.google.com Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 24 Aug 2021 00:42:56 GMT x-content-type-options nosniff age 257702 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 24 Aug 2022 00:42:56 GMT
GET H3-29	200	webworker.js www.google.com/recaptcha/api2/ Frame 0500	102 B 142 B	17ms 15ms	Other text/javascript	2a00:1450:4001:801::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP- Requested by Host: www.birds-money.me URL: https://www.birds-money.me/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 718c7e416390d518d57d2da05f6957956b1b2e2a829522f3bcc6fa46972da72c Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldj7xAaAAAAAO4g3iAau5aRbCX35eqUK5MeNFBo&co=aHR0cHM6Ly93d3cuYmlyZHMtbW9uZXkubWU6NDQz&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=normal&cb=2cv6y06llt3g User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 00:17:59 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Fri, 27 Aug 2021 00:17:59 GMT
GET H3-29	200	bframe Show response www.google.com/recaptcha/api2/ Frame A1CF	7 KB 1 KB	52ms 51ms	Document text/html	2a00:1450:4001:801::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6Ldj7xAaAAAAAO4g3iAau5aRbCX35eqUK5MeNFBo&cb=d7qik76yyi1i Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 4b3b4e800c4d268c5c82c7ef1fbe087268c2fcb8f7078a142e5ec2a04ddd0abc Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-05ZmEHBGbRYlx7DSlivtcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/bframe?hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6Ldj7xAaAAAAAO4g3iAau5aRbCX35eqUK5MeNFBo&cb=d7qik76yyi1i pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.birds-money.me/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://www.birds-money.me/ Response headers content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Fri, 27 Aug 2021 00:17:59 GMT content-security-policy script-src 'report-sample' 'nonce-05ZmEHBGbRYlx7DSlivtcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 1109 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame A1CF	52 KB 25 KB	6ms 6ms	Stylesheet text/css	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6Ldj7xAaAAAAAO4g3iAau5aRbCX35eqUK5MeNFBo&cb=d7qik76yyi1i Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 26 Aug 2021 16:44:15 GMT content-encoding gzip x-content-type-options nosniff age 27224 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25732 x-xss-protection 0 last-modified Mon, 16 Aug 2021 04:14:16 GMT server sffe vary Accept-Encoding content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 26 Aug 2022 16:44:15 GMT
GET H3-29	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame A1CF	340 KB 340 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6Ldj7xAaAAAAAO4g3iAau5aRbCX35eqUK5MeNFBo&cb=d7qik76yyi1i Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3b168b017f9db602024341f3e4fce6b102b26e59a60f2ee8f6083b86f83e58c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 26 Aug 2021 17:25:10 GMT x-content-type-options nosniff age 24769 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 348244 x-xss-protection 0 last-modified Mon, 16 Aug 2021 04:14:16 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 26 Aug 2022 17:25:10 GMT

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery function| ResetCaptcha function| GetSumPer string| valuta function| SetVal function| PaymentSum object| recaptcha object| closure_lm_275197

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.birds-money.me/	1969-12-31 23:59:59	Name: PHPSESSID Value: su2dmg6ipdl0vmok0t18utip26

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

coco-money.com
fast-furious.cc
fonts.gstatic.com
www.birds-money.me
www.google.com
www.gstatic.com
188.165.24.131
2606:4700:3031::ac43:9226
2a00:1450:4001:801::2004
2a00:1450:4001:803::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2004
54.38.50.40
037bcc6b8ef7fac244f1ef064646f60508969998946f0c518d28618f6496b002
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
30ed5b7306006df8345e7a590aa8160b04b19a545096cd97f0d6ac6b1fcde0ae
3597794041655c92edd250e7bf3b4453d763d5d631ffbbd359f861adda6eb33b
35dab8ea9ca8b961a05669e24f56dcb4b2455ea8b289db46fed0ef7e820c1c84
3a5a22021d329a32eee527098d3d6d455e5a702289fa3e55c76439d587157831
3b168b017f9db602024341f3e4fce6b102b26e59a60f2ee8f6083b86f83e58c0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4b3b4e800c4d268c5c82c7ef1fbe087268c2fcb8f7078a142e5ec2a04ddd0abc
58dd04fb3c429feba8d00c62072a23d4ceb32198c0e7e63c867296c3ece51fd6
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
718c7e416390d518d57d2da05f6957956b1b2e2a829522f3bcc6fa46972da72c
848725d0f402b010d617d0baa3fcb41a8421b1d2072b02cda25ce65327113f4b
90846cacd35fa07f3f2030f7c380c72feee13027b15f01ad93a2de6782ca926e
d6ffde0bc44344c9007373cfd28cad502d8ab3dffb0f7c02fd72f68d309386b1
e38008e78132c25ce82bffff7b6968eaa6b48a80c531229c0343d5d3a12b6a85