urlscan.io logo urlscan.io
SecurityTrails logo

money-bag.tk Open in urlscan Pro
178.250.243.56  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.money-bag.tk/
Effective URL: https://money-bag.tk/
Submission: On September 07 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 41 HTTP transactions. The main IP is 178.250.243.56, located in Russian Federation and belongs to MAJORDOMO, RU. The main domain is money-bag.tk.
TLS certificate: Issued by R3 on September 7th 2021. Valid for: 3 months.
This is the only time money-bag.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 178.250.243.56 43362 (MAJORDOMO)
1 2606:4700::68... 13335 (CLOUDFLAR...)
16 2606:4700:20:... 13335 (CLOUDFLAR...)
8 172.64.143.12 13335 (CLOUDFLAR...)
2 136.243.4.18 24940 (HETZNER-AS)
41 6
11    178.250.243.56 (Russian Federation)

ASN43362 (MAJORDOMO, RU)
PTR: static.178.250.243.56.clients.majordomo.ru
www.money-bag.tk
money-bag.tk
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
16    2606:4700:20::ac43:49a4 (United States)

ASN13335 (CLOUDFLARENET, US)
linkslot.ru
8    172.64.143.12 (United States)

ASN13335 (CLOUDFLARENET, US)
adhitzads.com
p3.adhitzads.com
2    136.243.4.18 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.18.4.243.136.clients.your-server.de
ad.a-ads.com
static.a-ads.com
Domain Requested by
16 linkslot.ru money-bag.tk
10 money-bag.tk money-bag.tk
7 p3.adhitzads.com adhitzads.com
p3.adhitzads.com
1 static.a-ads.com ad.a-ads.com
1 ad.a-ads.com money-bag.tk
1 adhitzads.com money-bag.tk
1 stackpath.bootstrapcdn.com money-bag.tk
1 www.money-bag.tk 1 redirects
41 8
Subject Issuer Validity Valid
money-bag.tk
R3		 2021-09-07 -
2021-12-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2020-12-02 -
2022-01-02		 a year crt.sh

This page contains 3 frames:

Primary Page: https://money-bag.tk/
Frame ID: 102C63AD033B4DC7C2F02C5BD3D52A15
Requests: 33 HTTP requests in this frame

Frame: https://p3.adhitzads.com/6137994c47e7d824026350gmoney-bag.tk214142
Frame ID: 240575AF2F0B40BF2F6D286BFCA70662
Requests: 7 HTTP requests in this frame

Frame: https://ad.a-ads.com/1762236?size=728x90
Frame ID: D77D6CABB9452B04A2D7179E13274DC1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Чемпион среди САР в интернете - Зарабатывай на максимум

Page URL History Show full URLs

  1. https://www.money-bag.tk/ HTTP 301
    https://money-bag.tk/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Page Statistics

41
Requests

90 %
HTTPS

40 %
IPv6

5
Domains

8
Subdomains

6
IPs

3
Countries

1368 kB
Transfer

1578 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.money-bag.tk/ HTTP 301
    https://money-bag.tk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
money-bag.tk/
Redirect Chain
  • https://www.money-bag.tk/
  • https://money-bag.tk/
13 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://money-bag.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.250.243.56 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS
static.178.250.243.56.clients.majordomo.ru
Software
Apache/2.2.22 (@RELEASE@) / PHP/7.1.33
Resource Hash
7a33e229a78cf7d75f4dcb6b9ee3fb335a6a321437e0741e9e5ea884bbb32856

Request headers

Host
money-bag.tk
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 07 Sep 2021 16:54:35 GMT
Server
Apache/2.2.22 (@RELEASE@)
X-Powered-By
PHP/7.1.33
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Set-Cookie
PHPSESSID=d5dc57dc91b43093f5067c28e82c2b06; path=/
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Tue, 07 Sep 2021 16:54:35 GMT
Server
Apache/2.2.22 (@RELEASE@)
Location
https://money-bag.tk/
Content-Length
315
Connection
close
Content-Type
text/html; charset=iso-8859-1
bootstrap-reboot.css
money-bag.tk/css/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://money-bag.tk/css/bootstrap-reboot.css
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.250.243.56 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS
static.178.250.243.56.clients.majordomo.ru
Software
Apache/2.2.22 (@RELEASE@) /
Resource Hash
01e7197bcb3c873828af8686864d03a02682e05d70c368b1b2231a419a497942

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
money-bag.tk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://money-bag.tk/
Cookie
PHPSESSID=d5dc57dc91b43093f5067c28e82c2b06
Connection
keep-alive
Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 07 Sep 2021 16:54:36 GMT
X-Pad
avoid browser bug
Last-Modified
Wed, 07 Apr 2021 00:20:34 GMT
Server
Apache/2.2.22 (@RELEASE@)
ETag
"112a0c-12f0-5bf56e636d880"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
4848
bootstrap-grid.css
money-bag.tk/css/ 		63 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://money-bag.tk/css/bootstrap-grid.css
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.250.243.56 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS
static.178.250.243.56.clients.majordomo.ru
Software
Apache/2.2.22 (@RELEASE@) /
Resource Hash
ccf7b32d832946384bcb911e59864cbcad62356b652e929a6bf55a392394d9e8

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
money-bag.tk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://money-bag.tk/
Cookie
PHPSESSID=d5dc57dc91b43093f5067c28e82c2b06
Connection
keep-alive
Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 07 Sep 2021 16:54:36 GMT
Last-Modified
Wed, 07 Apr 2021 00:20:33 GMT
Server
Apache/2.2.22 (@RELEASE@)
ETag
"112a0b-fbf5-5bf56e6279640"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
64501
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://money-bag.tk
Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 16:54:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
11505332
cdn-cachedat
2021-04-27 14:25:18
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
4b5921ae191d7f49dd6dc18936abce3a
cf-ray
68b175bb5e224a56-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
font-awesome.min.css
money-bag.tk/css/ 		27 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://money-bag.tk/css/font-awesome.min.css
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.250.243.56 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS
static.178.250.243.56.clients.majordomo.ru
Software
Apache/2.2.22 (@RELEASE@) /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
money-bag.tk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://money-bag.tk/
Cookie
PHPSESSID=d5dc57dc91b43093f5067c28e82c2b06
Connection
keep-alive
Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 07 Sep 2021 16:54:36 GMT
Last-Modified
Wed, 07 Apr 2021 00:20:36 GMT
Server
Apache/2.2.22 (@RELEASE@)
ETag
"112a0f-6b4a-5bf56e6555d00"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
27466
aoa_style.css
money-bag.tk/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://money-bag.tk/css/aoa_style.css
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.250.243.56 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS
static.178.250.243.56.clients.majordomo.ru
Software
Apache/2.2.22 (@RELEASE@) /
Resource Hash
3cd2959a7b6bc9e60ba998724eff58647966dc6ce5aa463683a1b9b4a8f3d49d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
money-bag.tk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://money-bag.tk/
Cookie
PHPSESSID=d5dc57dc91b43093f5067c28e82c2b06
Connection
keep-alive
Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 07 Sep 2021 16:54:36 GMT
X-Pad
avoid browser bug
Last-Modified
Wed, 07 Apr 2021 00:20:33 GMT
Server
Apache/2.2.22 (@RELEASE@)
ETag
"112a0a-7d7-5bf56e6279640"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
2007
styles.css
money-bag.tk/css/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://money-bag.tk/css/styles.css
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.250.243.56 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS
static.178.250.243.56.clients.majordomo.ru
Software
Apache/2.2.22 (@RELEASE@) /
Resource Hash
4fb463b2217cb9b429f02438829b1d1953486eea436b5494946af785f93dc8d9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
money-bag.tk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://money-bag.tk/
Cookie
PHPSESSID=d5dc57dc91b43093f5067c28e82c2b06
Connection
keep-alive
Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 07 Sep 2021 16:54:36 GMT
X-Pad
avoid browser bug
Last-Modified
Wed, 07 Apr 2021 00:20:37 GMT
Server
Apache/2.2.22 (@RELEASE@)
ETag
"112a11-11d8-5bf56e6649f40"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
4568
logo.png
money-bag.tk/img/graphics/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://money-bag.tk/img/graphics/logo.png
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.250.243.56 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS
static.178.250.243.56.clients.majordomo.ru
Software
Apache/2.2.22 (@RELEASE@) /
Resource Hash
8e52127d7cd1fa5261ff82a8adcf5dbd6d50b88db3cd7efd56798a9dff126914

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
money-bag.tk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://money-bag.tk/
Cookie
PHPSESSID=d5dc57dc91b43093f5067c28e82c2b06
Connection
keep-alive
Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 07 Sep 2021 16:54:36 GMT
Last-Modified
Wed, 07 Apr 2021 00:21:01 GMT
Server
Apache/2.2.22 (@RELEASE@)
ETag
"114a12-4f08-5bf56e7d2d540"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
20232
bancode.php
linkslot.ru/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=317231
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9890d217bcc4ab2fc59860d91cea2a680de6d4d664645965be1e3279a3c321ae

Request headers

Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 16:54:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUzp0A2hOnXnHmNyPW5KdrSVPSTKhlst%2FX0EFDge1cazOoFx0mmh1J1Ch5m0V%2FFsmMWbyRC3qew%2Ff6riQneOJFVxMX7sfcCe%2Bvko1fLlwauwAFlvdM%2FmhAFLwXgUMA45jCQT9Ui3eRrh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
cf-ray
68b175bb6d134e1a-FRA
bancode.php
linkslot.ru/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=317232
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca791d351f49c2f1c8f371189561a766b0cc9c9881dbe97e7657f02bd1d29789

Request headers

Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 16:54:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6J3IjVTcL0vHXHimVY2UsAXF%2Fc8QmzI3Ughg5u%2BJx%2FY4qbf9Bh5PKVwZMimZ5Dg3wjOIpSBVf3Nqiyxe9lAkPrh2r8xxSBds5toVDqV6dMV1MCxhBdUAxYrsyyRhP0NtawtsT62so%2B1M"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
cf-ray
68b175bb6d144e1a-FRA
bancode.php
linkslot.ru/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=317234
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eefe231493859fcf7a7e4388fc35e8eb1cff81027327a1c103e20f90d9016b9

Request headers

Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 16:54:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2SwVRjbtMy6u9e9cQBQG8t4bitIHOUgdQ3AY4zg4dOj2uNnrLWjYdMmnSsFhhIQ9fdtC5WOOAgLKicrBAaSQoHAbAwl%2BVl0K%2FajCZEsa1uFQ8GzE2rbSvLBdUkJNVaP%2BKPtZ05a7fM6E"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
cf-ray
68b175bb6d154e1a-FRA
lincode.php
linkslot.ru/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/lincode.php?id=317230
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5a5b0887dc34bce6d3eb9439a3b8d37932f8951dd9eae28b9d0b176b8900501

Request headers

Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 16:54:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUeZra60WKF1IEdugnfqtWmasJC1i7zI4TrCqBAhxS1jw8Hnh4L1r1bfEkMkfi4r4cKi561%2FWlK%2BQw7YA5HTK5d%2Fm4I1m1rGxo3TWwXC9Pq98ju3ZuXBbF8QIU0lkGQz4n4dXEe5xR3f"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
cf-ray
68b175bb6d164e1a-FRA
bancode.php
linkslot.ru/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=317233
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be34ebf8f9d3610c1f0cdd787dd37037238f5519d1e0e76f80eab323b60bcc35

Request headers

Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 16:54:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRCGTZADKCyaREMTkWhL%2B2c6zQN09r3JS90PtHpdSAlBioQKY%2BkxusbanWKClb%2Fxt1bO2P19eLeyZ1zLgCc6QKM452uXYbppJQB5sVhYKoOUAeK02g0pTxZekz9n3QdMkLyurGKcjGmg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
cf-ray
68b175bb6d174e1a-FRA
1137995
adhitzads.com/ 		448 B
882 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adhitzads.com/1137995
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.143.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b8614b8f1efe4ba5701a71738e64b2453dbc76cc622eef8443a25f373cbf8e8

Request headers

Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 16:54:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALswOfwBIfy5EkNeI6M77QXZ1KiP%2F3onF4r1P%2FRFxEWnRuY%2BCXmB9Hfjp7m3XkY37jybwR9%2BfHuNZrgXuiHn9IWFBA325MSR8rmqw%2BmqgPo55rdu1x%2BYiAbkWfP2nOxX"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=3600, public
cf-ray
68b175bb9f493b9d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 07 Sep 2021 17:54:36 GMT
jquery.min.js
money-bag.tk/js/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://money-bag.tk/js/jquery.min.js
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.250.243.56 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS
static.178.250.243.56.clients.majordomo.ru
Software
Apache/2.2.22 (@RELEASE@) /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
money-bag.tk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://money-bag.tk/
Cookie
PHPSESSID=d5dc57dc91b43093f5067c28e82c2b06
Connection
keep-alive
Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 07 Sep 2021 16:54:36 GMT
Last-Modified
Wed, 07 Apr 2021 00:21:17 GMT
Server
Apache/2.2.22 (@RELEASE@)
ETag
"116a16-15851-5bf56e8c6f940"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
88145
wbn.js
money-bag.tk/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://money-bag.tk/js/wbn.js
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.250.243.56 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS
static.178.250.243.56.clients.majordomo.ru
Software
Apache/2.2.22 (@RELEASE@) /
Resource Hash
4f220a7e795f702050eefac06a8e3209af474b162fa33c66e9837f103476bea8

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
money-bag.tk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://money-bag.tk/
Cookie
PHPSESSID=d5dc57dc91b43093f5067c28e82c2b06
Connection
keep-alive
Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 07 Sep 2021 16:54:36 GMT
Last-Modified
Wed, 07 Apr 2021 00:21:17 GMT
Server
Apache/2.2.22 (@RELEASE@)
ETag
"116a17-232e-5bf56e8c6f940"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
9006
gate.php
linkslot.ru/ 		2 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d0dad3cfeb94cbdbc8a0dcd28b969c9c9ca5998cab97a2988a99959b958ddfd6e3e3cddec9969d919b8592e9d0d7ded0e9db87d6d78b969aa097a49ad8dbd69d9c9e8bdda0a69089dbd1e2d4ccdfc8cdd0d3e6969ead98a09b9d888bd6cddedfd3959acddbd3cc88cad0c8d5e19089ddc9e4d7d4cd92a49798a2959daf92a796989d9c8bd8cbd8c8dbe390a79b9e9696a1889fa79d9ee196a3cd9bd5d29b959aa29799aa91a2989798939b959aa29799aa9195988a8b94a1989ba29a9cb098a8999a9b
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.14
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 16:54:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.14
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tz5zbzygsJ4aePtR3SsX13%2B%2B6Ch%2B%2BHQYi%2BkSkNzVq50iI%2Bmv5J8bIomNfazkejfAph8mbn8ysrTtqQ4p4bysMwEqYpM2KQZhCZaXim6HyAsg0BccOLUtkAbWndLO87H2PSJtGb5Fru8b"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
68b175bbeb6042c9-FRA
content-length
2
f89ccd4369d566fbdf894073490300bb.png
linkslot.ru/uploads/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/uploads/f89ccd4369d566fbdf894073490300bb.png
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0abdea4ed7b3772c7346d2e824ec3bb05612ce22532ca4489324f4d055c95618

Request headers

Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 16:54:36 GMT
cf-cache-status
HIT
last-modified
Sat, 28 Aug 2021 19:56:00 GMT
server
cloudflare
age
4268
etag
"612a94d0-8f9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0NKWN7i8W7Z%2FhmNjA1X%2FYCbnLbB83cLnrJXRgIPNa%2FfepAbfTJGggISPMGVoqT87qR8p2uLMIm406lrcLoHJPh1HAY5KRgsOq3oFdHU6e35df%2FJ5lW0tj0vj4gUlrtPD5KTrDHMtkFD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
68b175bbde254e1a-FRA
content-length
36765
buyb.png
linkslot.ru/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/img/buyb.png
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29

Request headers

Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 16:54:36 GMT
cf-cache-status
HIT
last-modified
Fri, 29 May 2015 20:03:43 GMT
server
cloudflare
age
4883
etag
"5568c61f-a19"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2O0q84kYYyG46s2QsG5%2BcJS%2F%2BzmiNdghA9NzVX0l5RCxVQk8Z9x4ki6AGCiIZXkqKVw%2FpWZKtdpbAb4jNoE1w8Emjgw%2FxgnOZHq0dzlTy9X6aO5b%2ByoN2LEKE9Gn63crApl94QTLUwng"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
68b175bbde284e1a-FRA
content-length
2585
gate.php
linkslot.ru/ 		2 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d0dad3cfeb94cbdbc8a0dcd28b969c9c9ca59a8cab97a2988a99959b958ddfd6e3e3cddec9969d919b8592e9d0d7ded0e9db87d6d78b969aa097a49ad8dbd69d9c9e8bdda0a69089dbd1e2d4ccdfc8cdd0d3e6969ead98a09b9d888bd6cddedfd3959acddbd3cc88cad0c8d5e19089ddc9e4d7d4cd92a49798a2959daf92a796989d9c8bd8cbd8c8dbe390a79b9e9696a1889ca8d1dce5c8eca1d09cdbde959aa29799aa91a2989798939b959aa29799aa9195988a8b94a1989ba29a9cb098a8999aa1
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.14
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 16:54:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.14
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XsElYPIfHhHGdPjD701cwgISX9VCZQ1EWpsYGWFu3vmLj7C7M6ChN%2FqJVi8LbZmqaCRKlqjByjUNbfl%2Fo8kPpCSZwIqORMDH%2Fpjezjdc0Vq9F3bEVuBUQYj0ObqPyyO4nayJrkU5ai5M"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
68b175bbeb6542c9-FRA
content-length
2
865cb492491d957ee5ce57d3807758bb.gif
linkslot.ru/uploads/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/uploads/865cb492491d957ee5ce57d3807758bb.gif
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f20bfee07545d1dab738dd63af863418c07020038bae3c8f66f3c1ca149f48ec

Request headers

Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 16:54:36 GMT
cf-cache-status
HIT
last-modified
Sun, 05 Sep 2021 05:21:50 GMT
server
cloudflare
age
4574
etag
"613453ee-67b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M95LAeP4lCkstqnWHySAQO%2FNU1CvnDF7XQanHQxBbFSwfvESLOJ2LfnHq4zDTRzvRXIEf%2BfoYAVBgOg4psU46Xj2xbl4jc8wkO13MYnsj4D4%2F63VqPaESgBBUcAFhOVa%2BjbY9cOV45yw"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
68b175bbee334e1a-FRA
content-length
26550
gate.php
linkslot.ru/ 		2 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d0dad3cfeb94cbdbc8a0dcd28b969c9c9ca5978cab97a2988a99959b958ddfd6e3e3cddec9969d919b8592e9d0d7ded0e9db87d6d78b969aa097a49ad8dbd69d9c9e8bdda0a69089dbd1e2d4ccdfc8cdd0d3e6969ead98a09b9d888bd6cddedfd3959acddbd3cc88cad0c8d5e19089ddc9e4d7d4cd92a49798a2959daf92a796989d9c8bd8cbd8c8dbe390a79b9e9696a1889cd5c9d2df95ddca9c9fd2d6959aa29799aa91a2989798939b959aa29799aa9195988a8b94a1989ba29a9cb098a8999b9b
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.14
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 16:54:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.14
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=caXGCBaruEkuHi5U3zPwC8JhTthVPt0qKxjo9xGjTrL6L%2Fc8F%2FYnS5DAz7kqpczUVTd%2FRKtxIayGoHl7WytQPWFbkEDmpNjQz5PLYogS5BBJ2rOPQk1JwdKEUYCJ2dZn6kNjS7TbGqbd"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
68b175bbeb6842c9-FRA
content-length
2
gate.php
linkslot.ru/ 		2 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d0dad3cfeb94cbdbc8a0dcd28b969c9c9ca5988cab97a2988a99959b958ddfd6e3e3cddec9969d919b8592e9d0d7ded0e9db87d6d78b969aa097a49ad8dbd69d9c9e8bdda0a69089dbd1e2d4ccdfc8cdd0d3e6969ead98a09b9d888bd6cddedfd3959acddbd3cc88cad0c8d5e19089ddc9e4d7d4cd92a49798a2959daf92a796989d9c8bd8cbd8c8dbe390a79b9e9696a1889ed59fe2aac5dd989ae0ce9b959aa29799aa91a2989798939b959aa29799aa9195988a8b94a1989ba29a9cb098a8999ba1
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.14
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 16:54:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.14
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TRY78TxJnm5iV8TGXArLXNfJOEjmxgWxPogHhhohgk2bN3rMfTttpKJQDSNe6cTOnKGZEQrMuUVPmwCs4KS2JtqYzygTVH5UIOCgGeZyKxpgCLfTK2Z1nxDwUF5Zx31uWbCAoTSsrUrh"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
68b175bbfb6b42c9-FRA
content-length
2
a2b3feed02dc0e9deb8bce4d5b510875.gif
linkslot.ru/uploads/ 		204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/uploads/a2b3feed02dc0e9deb8bce4d5b510875.gif
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee13955c0886a18bb51a3709d0cf6af7f5907c4d327b89b36a6667364ff1fade

Request headers

Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 16:54:36 GMT
cf-cache-status
HIT
last-modified
Mon, 06 Sep 2021 22:04:32 GMT
server
cloudflare
age
2938
etag
"61369070-3319c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1i%2BZbH2VeXF8zXMWxV14HVRsusZkm4T7EfqXwY87dS0qwCgkZyGU%2FVI7NvhE0eSk2VO1LUYKLHeyawO6auHdPp43nw8eaKXdQnqGA27my4cNzbktogjwF44RFQ7AC%2BlYYlXBoCRg3RA"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
68b175bbee534e1a-FRA
content-length
209308
gate.php
linkslot.ru/ 		2 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d0dad3cfeb94cbdbc8a0dcd28b969c9c9ca59b8cab97a2988a99959b958ddfd6e3e3cddec9969d919b8592e9d0d7ded0e9db87d6d78b969aa097a49ad8dbd69d9c9e8bdda0a69089dbd1e2d4ccdfc8cdd0d3e6969ead98a09b9d888bd6cddedfd3959acddbd3cc88cad0c8d5e19089ddc9e4d7d4cd92a49798a2959daf92a796989d9c8bd8cbd8c8dbe390a79b9e9696a1889dd3d9dae398ddd99ed0d89b959aa29799aa91a2989798939b959aa29799aa9195988a8b94a1989ba29a9cb098a8999c9c
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.14
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 16:54:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.14
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMs8O57Nygv57bvowpNkhvlyvIETQMi61phdD7%2BvmMKL1wG3%2FgUEgqlHjDKVuqr%2B%2B8HjeMv%2Blhdrr%2FsgIy3ubAEnlIGr8GlzPybLt%2Fs%2FyuIJMoSaziJ8%2FwaPJr8vjOVNazS%2BCpnkKcqe"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
68b175bbfb7a42c9-FRA
content-length
2
a190a67f30f99f943b7605bd0b6fa79c.gif
linkslot.ru/uploads/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/uploads/a190a67f30f99f943b7605bd0b6fa79c.gif
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebbcd2b05cae179f8c24bc2d17fdf2da53d81593b4e16e2e2d25813acadb224

Request headers

Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 16:54:36 GMT
cf-cache-status
HIT
last-modified
Sun, 05 Sep 2021 21:09:55 GMT
server
cloudflare
age
6012
etag
"61353223-75cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E74GIkfuMMaKUNJhP8HCnTVOIO9BAPNNHoGWAWM8kB6z2usx38zfwML%2FEObbzVzalNSslLA1ssE1DbBKUV9z7JmcI1fWwngY7QFlvkutwyJb9q1u5SB3JNM8QeUWFORx7fTZkjCdMfQg"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
68b175bbfe694e1a-FRA
content-length
30156
/
p3.adhitzads.com/ 		643 B
661 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.adhitzads.com/?z=1137995&p=864859848&l=https%3A//money-bag.tk/&c=1
Requested by
Host: adhitzads.com
URL: https://adhitzads.com/1137995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.143.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
0d750efddcd1b517452893511c2ea1763bdc261c0a4631df23c5940f29f83fdb

Request headers

Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Tue, 07 Sep 2021 16:54:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6EuMv%2FHEepcZopx2Wncy5sjbvIq%2BahDtBcAZ9vs9wEehz1CAzdRIx4mgeufpBQTRhwL7%2B46fzAswm25EgOdNyf5pFvaRGbW6ElE7%2BZFilIdXmB0YeAQaemYAQ%2B3FoTDQxkl"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
68b175bcb9773b9d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 26 Jul 1997 05:00:00 GMT
mark_green.png
money-bag.tk/img/graphics/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://money-bag.tk/img/graphics/mark_green.png
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/css/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.250.243.56 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS
static.178.250.243.56.clients.majordomo.ru
Software
Apache/2.2.22 (@RELEASE@) /
Resource Hash
f323cbed33a28290812926938413d5d42b250f3b8727a40998aae9c9cc868656

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
money-bag.tk
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://money-bag.tk/css/styles.css
Cookie
PHPSESSID=d5dc57dc91b43093f5067c28e82c2b06; nova=3arqi7kq7hu000000000000000000000
Connection
keep-alive
Referer
https://money-bag.tk/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 07 Sep 2021 16:54:36 GMT
X-Pad
avoid browser bug
Last-Modified
Wed, 07 Apr 2021 00:21:02 GMT
Server
Apache/2.2.22 (@RELEASE@)
ETag
"114a13-a44-5bf56e7e21780"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
2628
6137994c47e7d824026350gmoney-bag.tk214142
p3.adhitzads.com/ Frame 2405 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p3.adhitzads.com/6137994c47e7d824026350gmoney-bag.tk214142
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/?z=1137995&p=864859848&l=https%3A//money-bag.tk/&c=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.143.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d39d3aaf1d5fcd35a15ef64757d888d8fc303b8b3179f1a7b4aed165e4bc9ed

Request headers

:method
GET
:authority
p3.adhitzads.com
:scheme
https
:path
/6137994c47e7d824026350gmoney-bag.tk214142
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://money-bag.tk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://money-bag.tk/

Response headers

date
Tue, 07 Sep 2021 16:54:36 GMT
content-type
text/html; charset=UTF-8
expires
Tue, 07 Sep 2021 17:24:36 GMT
cache-control
max-age=1800 private
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6nRvNfQAHwFV193Et02Pt672aPtza7Oj%2Fu7YqOCaHfaRBU1xerSJK3G6Z8I3KIJPPDsGaGV7lvt1bXBirDqbWyy%2BCki2KUfU8XBbNMh7MNhvEyrWFfqXKPybpXbAnSye8g5"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68b175bd6aaa3b9d-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1762236
ad.a-ads.com/ Frame D77D 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1762236?size=728x90
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.18.4.243.136.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
833f04662202bc22d35412ec8625e6a8837c2a0302813d62f9812b64b2295700
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://money-bag.tk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://money-bag.tk/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Tue, 07 Sep 2021 16:54:36 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://money-bag.tk/
Content-Encoding
gzip
1PPSUHdoqwjL2VWcj6xyFKbKzkU.js
p3.adhitzads.com/cdn-cgi/apps/head/ Frame 2405 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.adhitzads.com/cdn-cgi/apps/head/1PPSUHdoqwjL2VWcj6xyFKbKzkU.js
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/6137994c47e7d824026350gmoney-bag.tk214142
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.64.143.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
065a05d12986a9e31fba40f27204e3d048315acb63e4f70b2cc7d44a6f80df3f

Request headers

Referer
https://p3.adhitzads.com/6137994c47e7d824026350gmoney-bag.tk214142
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 16:54:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1501326
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
M20VJCJAYBVH76GE
x-amz-id-2
Mmnyeniv5paswPIfwnThl11PXDc/7VPfK9eSVvX7qJ/USQVgwBR1Pr6xALN6YBQiLxR0tYs66lU=
last-modified
Sat, 21 Aug 2021 07:52:28 GMT
server
cloudflare
etag
W/"0efa17b3260a0b776ab28207ab5cc303"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2F42ljdV9UsAZ5XiWFc60oE%2FQ%2B34pwGaGOuSSRLHl9o3DI3gB827LUrPD%2Bd0Fwgd0PQCsMRSbE1nSJ12CmRuxA1cJSvmPZhN%2BHuoPs0gyr4iA3w61FG5Etsdt2SzkFDFU4uv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
HIlLEqrgQhxtvnqNOJO.wJAtVe0RPRw5
cf-ray
68b175bdc82cbd54-CDG
api.js
p3.adhitzads.com/cdn-cgi/bm/cv/669835187/ Frame 2405 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.adhitzads.com/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/6137994c47e7d824026350gmoney-bag.tk214142
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.64.143.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://p3.adhitzads.com/6137994c47e7d824026350gmoney-bag.tk214142
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 16:54:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZC3%2F0TEUy0yy6P%2BK8zUDmzqBbBo7gI9oTO6tWpgT7ocC0b%2BP6oHa2lU4PWf%2BjRGw9mDqxslpUeD5SJcQUKLmrz%2BT%2FJMA4BnG%2BqdksHVPKFhUBUoxqVjIffUE5gLkJa6lJ6m"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
68b175bdd82dbd54-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
728x90
static.a-ads.com/a-ads-banners/217382/ Frame D77D 		692 KB
693 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/217382/728x90?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1762236?size=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.4.18 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.18.4.243.136.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
808adc74c8c2c7a45e2e6d5eed2e427723a4890732168915a15d37ac81bcb9a1

Request headers

Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 07 Sep 2021 16:54:36 GMT
Last-Modified
Sun, 11 Jul 2021 13:31:19 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
2DBVV3Y3PRJCPRZS
ETag
"c6395473fd63604afe5354149bef9bc0"
Content-Type
image/gif
Cache-Control
max-age=315360000
x-amz-replication-status
COMPLETED
Content-Length
708571
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
MdSXS0TBBSMSIX2gIg1WADzWVBc7YcGN
x-amz-id-2
Abv/dCe2GizPaUsJfV8SQ0F4KFSnfn6fnD/d5bBRSyrYv62O5PuhJZl4DTJnuogaoi+IH0WBIbI=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame D77D 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2405 		984 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
654054d57d0184c0f925aa8890f206bf4432243ff8a971700b55217eccbe4e3d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
1628042417img_ad_cmp_431601.gif
p3.adhitzads.com/s/ad_files/ Frame 2405 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3.adhitzads.com/s/ad_files/1628042417img_ad_cmp_431601.gif
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/6137994c47e7d824026350gmoney-bag.tk214142
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.64.143.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4929e8f999b35fcfd161efb4960418eb8d707dc977696b87215ec9e97b5b9611

Request headers

Referer
https://p3.adhitzads.com/6137994c47e7d824026350gmoney-bag.tk214142
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 16:54:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
389330
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
63304
last-modified
Wed, 04 Aug 2021 02:00:17 GMT
server
cloudflare
etag
"6109f4b1-f748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gphzc%2B9N9yG8Gt2hf%2FVtQKz9PJYBAnfJHU7cTDwXtv5GCy84pTuriwImQHfq8BsMODlrVkJX9457ou9NDotXjl6R7DGpvlLhVn8TrDLVangWP4fXjQQOaeuc3LCx5%2BMn2xWs"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
68b175be2842bd54-CDG
expires
Sun, 03 Oct 2021 04:45:46 GMT
bannerslink.png
p3.adhitzads.com/s/ Frame 2405 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3.adhitzads.com/s/bannerslink.png
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/6137994c47e7d824026350gmoney-bag.tk214142
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.64.143.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c97c6711a3842ff47e9255b0d954eef44acb0ae4625ca9180e3f5bcde4f0f8b1

Request headers

Referer
https://p3.adhitzads.com/6137994c47e7d824026350gmoney-bag.tk214142
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 16:54:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1762782
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1323
last-modified
Thu, 20 May 2010 21:29:39 GMT
server
cloudflare
etag
"4bf5a9c3-52b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UdMz%2FsOel%2BAA3TsvMguQPJpJPxqRkcSrku5UM98n0Gr5djGzH8jGj2DgvDrf%2Bg4InoFC8NvbwLh%2FMmof7xQ92eP6umOOcJouXPUh4my1Ho1zktCKlfFiZY8m5xQgz9S9d%2B2C"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
68b175be2844bd54-CDG
expires
Fri, 17 Sep 2021 07:14:54 GMT
result
p3.adhitzads.com/cdn-cgi/bm/cv/ Frame 2405 		0
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p3.adhitzads.com/cdn-cgi/bm/cv/result?req_id=68b175bd6aaa3b9d
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/cdn-cgi/bm/cv/669835187/api.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.64.143.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p3.adhitzads.com/6137994c47e7d824026350gmoney-bag.tk214142
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Sep 2021 16:54:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xb6jJFmRKp3CQxoV3bt6Oz0QcVLe%2Fwn3WuFB0r5ceE37NCp4kenhA0fl%2BTdKtwmJqyHYLgE7%2FDmbSYr7omZuYQdepRqvto9KwYoafY4fR10vrJKLV0Tzv0St%2FXs%2FVIQQkXeT"}],"group":"cf-nel","max_age":604800}
cf-ray
68b175beb870bd54-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		2 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d2=d0dad3cfeb94cbdbc8a0dcd28b969c9c9ca59b8caa84a28b978b94a1989ba29a9cb098a8999c9c
Requested by
Host: money-bag.tk
URL: https://money-bag.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.14
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://money-bag.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 16:54:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.14
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4HosyjJSttgDRfAVe6m9HP9aKEScHknGYc6sfj4PJDpUa%2FBi%2BNaIlpEneK%2BbIoPj8Ezma65wB4Vh8cXXBCR7KBq7T%2BkSMuSnwzthFJdHn4OLLXRPCOnlmMXhjxHPFzSLWpXY4oNVr7K"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
68b175db3d7b42c9-FRA
content-length
2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=d0dad3cfeb94cbdbc8a0dcd28b969c9c9ca5998caa84a28b978b94a1989ba29a9cb098a8999c9c
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=d0dad3cfeb94cbdbc8a0dcd28b969c9c9ca59a8caa84a28b978b94a1989ba29a9cb098a8999c9c
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=d0dad3cfeb94cbdbc8a0dcd28b969c9c9ca5978caa84a28b978b94a1989ba29a9cb098a8999c9c
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=d0dad3cfeb94cbdbc8a0dcd28b969c9c9ca5988caa84a28b978b94a1989ba29a9cb098a8999c9c

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| lSCoDe function| lsOrder function| lsStHex function| LiNKsloT string| welcome string| jZv string| Rt4 string| pMj string| Yre function| None string| C3U string| Qex string| BXW string| YMF string| f3S string| lsGT number| lsSY number| lsPZ number| lsMX number| lsMY string| lsPR function| lsRT object| lsHT object| lsDS object| lsDv string| lsLN string| lsID string| lsPD string| x string| lsRX number| lsT0 boolean| lsIFram string| hash string| lsNA number| fl function| lsSF function| lsMF string| xgY object| LpRIce number| _adhtz number| _adhtx function| $ function| jQuery object| d object| w number| active_window number| false_focus function| workAdvIframe function| AOAblockFlashing function| AOAblockFlashing_2 function| AOAblockFlashing_3 function| fillEmptyLinks function| countdownTimerAdv function| falseFocus

1 Cookies

Domain/Path Name / Value
.adhitzads.com/ Name: __cf_bm
Value: lazTzDrNW2EUKXtWC5Fu_SHPyNtQVQ7HN56hlpD41Ow-1631033676-0-AYqHIVZmMVq94JwPpm90NMJnkGvpu5mpNu06itqjn4N1gtdT+B0jZYFiiJzKHUT4EsftA9GO82P12brnFl0eIb260R6qbcyQn5oGSgtExkxhY2UP+pys8IgEMocgKzoLCwVt4fEylJjVD0ugBRwWSdY=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
adhitzads.com
linkslot.ru
money-bag.tk
p3.adhitzads.com
stackpath.bootstrapcdn.com
static.a-ads.com
www.money-bag.tk
linkslot.ru
136.243.4.18
172.64.143.12
178.250.243.56
2606:4700:20::ac43:49a4
2606:4700::6812:acf
01e7197bcb3c873828af8686864d03a02682e05d70c368b1b2231a419a497942
065a05d12986a9e31fba40f27204e3d048315acb63e4f70b2cc7d44a6f80df3f
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0abdea4ed7b3772c7346d2e824ec3bb05612ce22532ca4489324f4d055c95618
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0d750efddcd1b517452893511c2ea1763bdc261c0a4631df23c5940f29f83fdb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3b8614b8f1efe4ba5701a71738e64b2453dbc76cc622eef8443a25f373cbf8e8
3cd2959a7b6bc9e60ba998724eff58647966dc6ce5aa463683a1b9b4a8f3d49d
4929e8f999b35fcfd161efb4960418eb8d707dc977696b87215ec9e97b5b9611
4f220a7e795f702050eefac06a8e3209af474b162fa33c66e9837f103476bea8
4fb463b2217cb9b429f02438829b1d1953486eea436b5494946af785f93dc8d9
5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
654054d57d0184c0f925aa8890f206bf4432243ff8a971700b55217eccbe4e3d
6d39d3aaf1d5fcd35a15ef64757d888d8fc303b8b3179f1a7b4aed165e4bc9ed
7a33e229a78cf7d75f4dcb6b9ee3fb335a6a321437e0741e9e5ea884bbb32856
808adc74c8c2c7a45e2e6d5eed2e427723a4890732168915a15d37ac81bcb9a1
833f04662202bc22d35412ec8625e6a8837c2a0302813d62f9812b64b2295700
8e52127d7cd1fa5261ff82a8adcf5dbd6d50b88db3cd7efd56798a9dff126914
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
9890d217bcc4ab2fc59860d91cea2a680de6d4d664645965be1e3279a3c321ae
9eefe231493859fcf7a7e4388fc35e8eb1cff81027327a1c103e20f90d9016b9
aebbcd2b05cae179f8c24bc2d17fdf2da53d81593b4e16e2e2d25813acadb224
be34ebf8f9d3610c1f0cdd787dd37037238f5519d1e0e76f80eab323b60bcc35
c97c6711a3842ff47e9255b0d954eef44acb0ae4625ca9180e3f5bcde4f0f8b1
ca791d351f49c2f1c8f371189561a766b0cc9c9881dbe97e7657f02bd1d29789
ccf7b32d832946384bcb911e59864cbcad62356b652e929a6bf55a392394d9e8
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee13955c0886a18bb51a3709d0cf6af7f5907c4d327b89b36a6667364ff1fade
f20bfee07545d1dab738dd63af863418c07020038bae3c8f66f3c1ca149f48ec
f323cbed33a28290812926938413d5d42b250f3b8727a40998aae9c9cc868656
f5a5b0887dc34bce6d3eb9439a3b8d37932f8951dd9eae28b9d0b176b8900501