billplease.ru Open in urlscan Pro
2606:4700:3032::6815:b43 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://billplease.ru/
Submission: On August 10 via automatic, source certstream-suspicious (August 10th 2024, 7:49:02 pm UTC) — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3032::6815:b43, located in United States and belongs to CLOUDFLARENET, US. The main domain is billplease.ru.
TLS certificate: Issued by WE1 on August 2nd 2024. Valid for: 3 months.

This is the only time billplease.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3032::6815:b43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 9	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	4

12 2606:4700:3032::6815:b43 (United States)

ASN13335 (CLOUDFLARENET, US)

billplease.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

userstat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	billplease.ru billplease.ru	632 KB
6	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 6787	4 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2503	71 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9685	1 KB
1	userstat.net userstat.net — Cisco Umbrella Rank: 232748	647 B
19	5

	Domain	Requested by
12	billplease.ru	billplease.ru
6	mc.yandex.com	3 redirects billplease.ru
3	mc.yandex.ru	1 redirects billplease.ru
2	counter.yadro.ru	1 redirects billplease.ru
1	userstat.net	billplease.ru
19	5

This site contains no links.

Subject Issuer	Validity	Valid
billplease.ru WE1	`2024-08-02` - `2024-10-31`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-05-23` - `2024-11-02`	5 months	crt.sh
userstat.net WE1	`2024-07-17` - `2024-10-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://billplease.ru/
Frame ID: 081B261074F2A33215D8E7EDFFE866BE
Requests: 18 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: B60DB62E4013AB8AA40B01A6D0370017
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Казино Клубника официальный сайт | Clubnika Casino зеркало

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

19
Requests

84 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

706 kB
Transfer

1078 kB
Size

23
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//billplease.ru/;0.6737952452974445 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//billplease.ru/;0.6737952452974445

Request Chain 12

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10457.WBGKvaMsZ_GQcPcRmnmi6OIVrILDr-LtsYTvK94UVtkxOoNb47uhwGkJiFW5WMz5.DlUdj8EgGVilSLN1oWGcFt4XPXc%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10457.fqoxw7i1Vw_ETv4Kqsn0PAA2xYoRrOqT3mGMpL5pmzK2UjAqb1EVP7-LDU2XraQ2fQycL32e14CVWkEFT157DtqzUVuhLwaIf33vm4ORwtM%2C.yQxi0xEd4h4_TPFkuh1lJf3V5Fo%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10457.BNqHdyly5PpxO9T6ls3ksR-aEgoxLydnsfJOLs83vZzAoffbzRI3UrR9fJJ3OdNqqmyF3HNb8RCoqFAl6q7bI512kWxrWVL_SHH2dU1yzCLW-nR8jWTfadougLlRRwoiN7okVavTAeio8Wy0hq_Kd8tGtv-ELbUoMT2U-G6m3awE-CIgoU8ZSaDtqRD7FR-r8VKxZ2mpgyCjxb2qcGv1MA%2C%2C.vt6eo8fytCXd6Iu8x0hfT8AZwFc%2C

Request Chain 15

https://mc.yandex.com/watch/98031520?wmode=7&page-url=https%3A%2F%2Fbillplease.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A2zmls2rp8z74v4amwvwsqnn6xn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1370%3Acn%3A1%3Adp%3A0%3Als%3A39565779452%3Ahid%3A1015780752%3Az%3A120%3Ai%3A20240810214857%3Aet%3A1723319338%3Ac%3A1%3Arn%3A802787364%3Arqn%3A1%3Au%3A1723319338116816926%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A19%2C23%2C85%2C4%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1723319337295%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1723319338%3At%3A%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20%D0%9A%D0%BB%D1%83%D0%B1%D0%BD%D0%B8%D0%BA%D0%B0%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%7C%20Clubnika%20Casino%20%D0%B7%D0%B5%D1%80%D0%BA%D0%B0%D0%BB%D0%BE&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)cdl(na)eco(21037568)ti(1) HTTP 302
https://mc.yandex.com/watch/98031520/1?wmode=7&page-url=https%3A%2F%2Fbillplease.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A2zmls2rp8z74v4amwvwsqnn6xn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1370%3Acn%3A1%3Adp%3A0%3Als%3A39565779452%3Ahid%3A1015780752%3Az%3A120%3Ai%3A20240810214857%3Aet%3A1723319338%3Ac%3A1%3Arn%3A802787364%3Arqn%3A1%3Au%3A1723319338116816926%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A19%2C23%2C85%2C4%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1723319337295%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1723319338%3At%3A%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20%D0%9A%D0%BB%D1%83%D0%B1%D0%BD%D0%B8%D0%BA%D0%B0%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%7C%20Clubnika%20Casino%20%D0%B7%D0%B5%D1%80%D0%BA%D0%B0%D0%BB%D0%BE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29cdl%28na%29eco%2821037568%29ti%281%29

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
billplease.ru/ 33 KB
10 KB 129ms
87ms Document
text/html 2606:4700:3032::6815:b43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://billplease.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 854f7d188497c809b15a2ea396d330843c8624ac5c032caf1772f21dbeed492e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b1281a26f4ab8ae-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 10 Aug 2024 19:48:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TF0dsaD1mF1t%2Bt0PPYcfb6KTa7GNV%2F97TI1U5%2FidDRWmiQ5dqq9fzD%2FSdw%2BTtHOSrKtaLkQYH4xwv1i2MTq5G%2FKgMV0iLdmRknQp8R0tBWDSbHDJzO%2FdwXE4XJ2XXV7tLiOegeBNHy3H982i"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 aL6YQ6AaSqe5.css
billplease.ru/css/ 17 KB
5 KB 89ms
87ms Stylesheet
text/css 2606:4700:3032::6815:b43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://billplease.ru/css/aL6YQ6AaSqe5.css
Requested by: Host: billplease.ru
URL: https://billplease.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59e5d83299287441397c2aebb57a7003142a454178ba9f34012a2f96e8700a38

Request headers

Referer: https://billplease.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:48:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 08 Aug 2024 15:17:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b4e17e-4444"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gbVZ%2BEDiMHQwtUY1RA1PM3v7CviDrnGKMT7m3kWgnK6Ffelh1Q6d1WF%2FqssupGUDnT2Fmga8E33q8%2BBSZBgzvXrhEn4hzNNxNevgDtglGCzTsd0r6i59jqJSQO%2Bl83cH1DJNSfr7pIHsRjvI"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b1281a30ff4b8ae-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 TZDr0isfLWXU.js Show response
billplease.ru/js/ 201 KB
81 KB 127ms
125ms Script
application/javascript 2606:4700:3032::6815:b43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://billplease.ru/js/TZDr0isfLWXU.js
Requested by: Host: billplease.ru
URL: https://billplease.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78ed30ffd8883c55678252b0d846ea07a2b22e00721227dd8b5f72bbc48e9045

Request headers

Referer: https://billplease.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:48:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 08 Aug 2024 15:17:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b4e180-3234b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LxSXclvRLkwWArgCRgcsUSIhyEwxkB%2B4ZtFvZStxgqkqJjkAVM9ff%2F58QjZ45YKAoS2jaBuJhuyWnTSZoHDj3yjQBDmsYhvGRjuwNXKFJJkDzKeRX8K32csrNOOMRQBuepmeVE3vknSB9Sc3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b1281a30ff6b8ae-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 lBjlo3POLaus.js Show response
billplease.ru/js/ 132 KB
41 KB 121ms
119ms Script
application/javascript 2606:4700:3032::6815:b43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://billplease.ru/js/lBjlo3POLaus.js
Requested by: Host: billplease.ru
URL: https://billplease.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71a412091533ac40dc1c65a024d3868fae3c41e73ff0955a391f848db0ffb3b9

Request headers

Referer: https://billplease.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:48:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 08 Aug 2024 15:17:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b4e180-20edd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2WKW7ZNqQhrENcHOcFjJddVob%2F9OF9Gt4evnW8zMWRmL%2FOZIN70Qw%2FMSOKEcPknr%2BjNuDvRzCzyth4iCN5Vt9xzFFmDu1OBkGqPHw79w6wqED7yCo7EdekTHdhzlUypTnbGZ7E0JV0tZuOeA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b1281a30ff9b8ae-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 z9jV1Mi0Jzbg.png
billplease.ru/images/ 31 KB
31 KB 74ms
73ms Image
image/png 2606:4700:3032::6815:b43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billplease.ru/images/z9jV1Mi0Jzbg.png
Requested by: Host: billplease.ru
URL: https://billplease.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95a6ddfe18023589361f2a14d89ff81c21db44029074ab7153a4dc3779122b69

Request headers

Referer: https://billplease.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:48:57 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Aug 2024 15:17:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66b4e17f-7ad2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H6svdlH4U7ART5mif7uBPJyhldDlbKdE9oMueD04HO8FOgbBnY%2FwWNVZiGRvS43j%2BHw0Ajr6JdfsiEAuLLx4FTYbwP8mi6oildNHRfK8pVt3bkGlajDSoBuA5mPhV4o%2BH4rBjyVXX0y6efUF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b1281a30ffab8ae-AMS
alt-svc: h3=":443"; ma=86400
content-length: 31442

GET
H3 200 CVpohemGZqO2.jpg
billplease.ru/images/ 84 KB
84 KB 104ms
103ms Image
image/jpeg 2606:4700:3032::6815:b43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billplease.ru/images/CVpohemGZqO2.jpg
Requested by: Host: billplease.ru
URL: https://billplease.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 041aee9db90e94fe0508ae389fac3e12ad7a426a6d7ef08360613db41ce95fbf

Request headers

Referer: https://billplease.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:48:57 GMT
cf-cache-status: MISS
last-modified: Thu, 08 Aug 2024 15:17:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66b4e17e-14e1f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oqsp8efcLbZdR%2BxZQtHncgENwFc6ZSGj3MejL7DNHDttGE3pG%2FkSaH8sg%2Bo%2FAYg6RkJ15hwYX6fBDksRo%2BJRJoMbfBnVA0sZsqXsMvnOMEkmlBl2rF47CnKyV36JqbGFvgl4FJ%2F4EN8zT%2BpW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b1281a30ffbb8ae-AMS
alt-svc: h3=":443"; ma=86400
content-length: 85535

GET
H3 200 k1.webp
billplease.ru/images/ 81 KB
81 KB 109ms
108ms Image
image/webp 2606:4700:3032::6815:b43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billplease.ru/images/k1.webp
Requested by: Host: billplease.ru
URL: https://billplease.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44f8818c25ec5708acfc16815fcc266005d7be665bededd569a6fe8e72edd5cf

Request headers

Referer: https://billplease.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:48:57 GMT
cf-cache-status: MISS
last-modified: Thu, 08 Aug 2024 15:17:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66b4e17e-143f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j0KaHdHhqVYy2Pd8BjGza2GgchR9AgBdQCoDOlQBfY84F%2FSXoEwgGX3G%2Fo%2Frx3JVjw81xPsHaAkmWvU7v%2F5wZpbiCxTOmJysmMHkfraIx2fdn78tD5o%2F079UvWIuXYiqFrKQcKQjQN2RJPFS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b1281a3a88cb8ae-AMS
alt-svc: h3=":443"; ma=86400
content-length: 82932

GET
H3 200 k2.webp
billplease.ru/images/ 44 KB
44 KB 42ms
41ms Image
image/webp 2606:4700:3032::6815:b43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billplease.ru/images/k2.webp
Requested by: Host: billplease.ru
URL: https://billplease.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 468908d97e98ac0224ce3d85a509656b2b9c480381ae27371b36ab26af89ad27

Request headers

Referer: https://billplease.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:48:57 GMT
cf-cache-status: MISS
last-modified: Thu, 08 Aug 2024 15:17:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66b4e17e-af84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BA3VElhf3VTk0nTX0G127f14XFpxrqPRkzoMtr8qAfDrxIUWNcaTkmBMw3el2zssPFEWmrc9oXQnXjzNbogKgvFBwd6K6WLLoHGPGn5vcM6PoT%2FPNaBaOqsjTuPzaJx4ZYVeRKafQr2n7ueC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b1281a3f8bab8ae-AMS
alt-svc: h3=":443"; ma=86400
content-length: 44932

GET
H3 200 k3.webp
billplease.ru/images/ 119 KB
120 KB 120ms
117ms Image
image/webp 2606:4700:3032::6815:b43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billplease.ru/images/k3.webp
Requested by: Host: billplease.ru
URL: https://billplease.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a1256aca63a1a334d0ecbdf5db14a22403469a6f7c3609b3a5ca04d9ce7191d

Request headers

Referer: https://billplease.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:48:57 GMT
cf-cache-status: MISS
last-modified: Thu, 08 Aug 2024 15:17:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66b4e17f-1dd24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wwEnbALnwyKqn04pw1eu8AR1svxJvrr0Tqmj2RReHiWZEa3EfC7nVvC6dXDuF8wprH9b8gQId6GS0M4hnVpEuPQxAc0dfpHZz6xmjt5ORcOzusJi8OyfGMTyI06TdMMAZ2VuCTCRoDY98FAK"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b1281a3f8bfb8ae-AMS
alt-svc: h3=":443"; ma=86400
content-length: 122148

GET
H3 200 qZqrjQOjBIzz.gif
billplease.ru/images/ 125 KB
126 KB 115ms
113ms Image
image/gif 2606:4700:3032::6815:b43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billplease.ru/images/qZqrjQOjBIzz.gif
Requested by: Host: billplease.ru
URL: https://billplease.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3089fa1c0e3d5148ab35f67d4edbc868ec54669de65bd8ec1ce6ed6abec8e20

Request headers

Referer: https://billplease.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:48:57 GMT
cf-cache-status: MISS
last-modified: Thu, 08 Aug 2024 15:17:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66b4e17f-1f470"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PUAngFWrekrbRoQ2HV5AN%2FMTC8w7PBXFddq2pDmnVb4B89uNnnaxv3Z8dVTHttH%2FYWlcIFotWrevINvsjT%2BfibOz%2BJ6fSHSqgiDyak6HzpiglimJlp5PjCBPFoc4kBnie2POi49Vf5sYyncq"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b1281a3f8c2b8ae-AMS
alt-svc: h3=":443"; ma=86400
content-length: 128112

GET
H3 200 YJcS6C4NBBzG.png
billplease.ru/images/ 7 KB
7 KB 78ms
75ms Image
image/png 2606:4700:3032::6815:b43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://billplease.ru/images/YJcS6C4NBBzG.png
Requested by: Host: billplease.ru
URL: https://billplease.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 513b56ad286df98cb4fee3c37ec4854d265535eaa725a3f07bc969c1bf161904

Request headers

Referer: https://billplease.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:48:57 GMT
cf-cache-status: MISS
last-modified: Thu, 08 Aug 2024 15:17:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66b4e17f-1b79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6dIwfyZQG5X6m0rr9Z509m7lDClg2rhaUDxmVumDrEsCKYU0vzFuhd3r1DQvJJE3ISlMt3B3z5j%2B4ah5mMqGW8NtpNlyHRRcIg14KsHfxxX8oxbFfX1vGDFnKvqJ4VCMnAUkpjkyUEPUPZZj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b1281a3f8c3b8ae-AMS
alt-svc: h3=":443"; ma=86400
content-length: 7033

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
71 KB 217ms
102ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: billplease.ru
URL: https://billplease.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

dca271e5c10ab729dbf7e10ccb7c82ba4b87625a821dd4bd640279b6807f2033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://billplease.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Sat, 10 Aug 2024 19:48:57 GMT
last-modified: Tue, 06 Aug 2024 09:26:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66b1ec49-11660"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71264
expires: Sat, 10 Aug 2024 20:48:57 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//billplease.ru/;0.6737952452974445
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//billplease.ru/;0.6737952452974445

43 B
528 B

48ms
48ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//billplease.ru/;0.6737952452974445

Requested by

Host: billplease.ru
URL: https://billplease.ru/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://billplease.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Aug 2024 19:48:57 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Thu, 10 Aug 2023 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 10 Aug 2024 19:48:57 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//billplease.ru/;0.6737952452974445
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Thu, 10 Aug 2023 21:00:00 GMT

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10457.WBGKvaMsZ_GQcPcRmnmi6OIVrILDr-LtsYTvK94UVtkxOoNb47uhwGkJiFW5WMz5.DlUdj8EgGVilSLN1oWGcFt4XPXc%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10457.fqoxw7i1Vw_ETv4Kqsn0PAA2xYoRrOqT3mGMpL5pmzK2UjAqb1EVP7-LDU2XraQ2fQycL32e14CVWkEFT157DtqzUVuhLwaIf33vm4ORwtM%2C.yQxi0xEd4h4_TPFkuh1lJf3V5Fo%2C
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10457.BNqHdyly5PpxO9T6ls3ksR-aEgoxLydnsfJOLs83vZzAoffbzRI3UrR9fJJ3OdNqqmyF3HNb8RCoqFAl6q7bI512kWxrWVL_SHH2dU1yzCLW-...

43 B
598 B

57ms
57ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10457.BNqHdyly5PpxO9T6ls3ksR-aEgoxLydnsfJOLs83vZzAoffbzRI3UrR9fJJ3OdNqqmyF3HNb8RCoqFAl6q7bI512kWxrWVL_SHH2dU1yzCLW-nR8jWTfadougLlRRwoiN7okVavTAeio8Wy0hq_Kd8tGtv-ELbUoMT2U-G6m3awE-CIgoU8ZSaDtqRD7FR-r8VKxZ2mpgyCjxb2qcGv1MA%2C%2C.vt6eo8fytCXd6Iu8x0hfT8AZwFc%2C

Requested by

Host: billplease.ru
URL: https://billplease.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://billplease.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 10 Aug 2024 19:48:57 GMT
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10457.BNqHdyly5PpxO9T6ls3ksR-aEgoxLydnsfJOLs83vZzAoffbzRI3UrR9fJJ3OdNqqmyF3HNb8RCoqFAl6q7bI512kWxrWVL_SHH2dU1yzCLW-nR8jWTfadougLlRRwoiN7okVavTAeio8Wy0hq_Kd8tGtv-ELbUoMT2U-G6m3awE-CIgoU8ZSaDtqRD7FR-r8VKxZ2mpgyCjxb2qcGv1MA%2C%2C.vt6eo8fytCXd6Iu8x0hfT8AZwFc%2C
date: Sat, 10 Aug 2024 19:48:57 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
992 B 160ms
53ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: billplease.ru
URL: https://billplease.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://billplease.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:48:57 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Aug 2024 09:26:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66b1ec49-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 10 Aug 2024 20:48:57 GMT

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame B60D 0
0 146ms
49ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: billplease.ru
URL: https://billplease.ru/js/TZDr0isfLWXU.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://billplease.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1046
content-type: text/html
date: Sat, 10 Aug 2024 19:48:57 GMT
etag: "66b1ec49-416"
expires: Sat, 10 Aug 2024 20:48:57 GMT
last-modified: Tue, 06 Aug 2024 09:26:33 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2

200

1 Show response
mc.yandex.com/watch/98031520/
Redirect Chain

https://mc.yandex.com/watch/98031520?wmode=7&page-url=https%3A%2F%2Fbillplease.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A2zmls2rp8z74v4amwvwsqnn6xn%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
https://mc.yandex.com/watch/98031520/1?wmode=7&page-url=https%3A%2F%2Fbillplease.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A2zmls2rp8z74v4amwvwsqnn6xn%3Afu%3A0%3Aen%3Autf-8%3Ala%...

464 B
674 B

59ms
58ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/98031520/1?wmode=7&page-url=https%3A%2F%2Fbillplease.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A2zmls2rp8z74v4amwvwsqnn6xn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1370%3Acn%3A1%3Adp%3A0%3Als%3A39565779452%3Ahid%3A1015780752%3Az%3A120%3Ai%3A20240810214857%3Aet%3A1723319338%3Ac%3A1%3Arn%3A802787364%3Arqn%3A1%3Au%3A1723319338116816926%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A19%2C23%2C85%2C4%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1723319337295%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1723319338%3At%3A%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20%D0%9A%D0%BB%D1%83%D0%B1%D0%BD%D0%B8%D0%BA%D0%B0%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%7C%20Clubnika%20Casino%20%D0%B7%D0%B5%D1%80%D0%BA%D0%B0%D0%BB%D0%BE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29cdl%28na%29eco%2821037568%29ti%281%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

de5f66b0400e2f0d8fb9adbfb0fffc7d3521db32fada1a9e032b84120570d8c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://billplease.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Aug 2024 19:48:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 10-Aug-2024 19:48:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://billplease.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 464
x-xss-protection: 1; mode=block
expires: Sat, 10-Aug-2024 19:48:58 GMT

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 10 Aug 2024 19:48:58 GMT
last-modified: Sat, 10-Aug-2024 19:48:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/98031520/1?wmode=7&page-url=https%3A%2F%2Fbillplease.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A2zmls2rp8z74v4amwvwsqnn6xn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1370%3Acn%3A1%3Adp%3A0%3Als%3A39565779452%3Ahid%3A1015780752%3Az%3A120%3Ai%3A20240810214857%3Aet%3A1723319338%3Ac%3A1%3Arn%3A802787364%3Arqn%3A1%3Au%3A1723319338116816926%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A19%2C23%2C85%2C4%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1723319337295%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1723319338%3At%3A%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20%D0%9A%D0%BB%D1%83%D0%B1%D0%BD%D0%B8%D0%BA%D0%B0%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%7C%20Clubnika%20Casino%20%D0%B7%D0%B5%D1%80%D0%BA%D0%B0%D0%BB%D0%BE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29cdl%28na%29eco%2821037568%29ti%281%29
access-control-allow-origin: https://billplease.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 10-Aug-2024 19:48:58 GMT

GET
H3 200 S5CwY6czQEGl.png
billplease.ru/images/ 1 KB
2 KB 74ms
74ms Other
image/png 2606:4700:3032::6815:b43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://billplease.ru/images/S5CwY6czQEGl.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4523f8bdb57c3cde9cd7f1112ac2a032a6ae4bf1299bbd48b48f8d69a4895dbd

Request headers

Referer: https://billplease.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:48:58 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Aug 2024 15:17:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66b4e17f-5e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BlvK51KCyaNvTWyuut%2FJQ1LYdJshgfrp81%2B%2BLUOxRlUt96Ly5w8raVQFM6JSkzz%2Bd60QeNEuCsPMBhZIqizpNu4KRjNr19d4jomDS9J2NbzA%2FWHX%2BYhOwcha6zZ0xq3kj8Nt%2Bt56sEA92uCb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b1281a68aecb8ae-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1509

GET
H3 200 script.js Show response
userstat.net/get/ 129 B
647 B 184ms
98ms Script
text/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userstat.net/get/script.js?referrer=https://billplease.ru/
Requested by: Host: billplease.ru
URL: https://billplease.ru/js/lBjlo3POLaus.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.1
Resource Hash: 15ce5c1c9ba32dcc6ad17bb12d61ead8aafba652147c3c51d0e200a16a992d67

Request headers

Referer: https://billplease.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 19:48:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.2.1
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://billplease.ru
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aDE%2FNXSaAcNGsKBsChpnTuDx9msMK9TO5AT6pVq1EvIAlns447NVS31iy7osW%2FdaxbxuzYx5Ycl2Ru%2Bi0mET8nZvIAxwydu7P6BDOzllpXWLzZhSAUm6o62%2BdzG%2FQlY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8b1281ab0b8319a0-FRA
access-control-allow-headers: X-Requested-With,content-type
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
billplease.ru/	1970-01-20 22:42:39	Name: PHPREFS Value: full
.billplease.ru/	1970-01-21 07:27:35	Name: _ym_uid Value: 1723319338116816926
.billplease.ru/	1970-01-21 07:27:35	Name: _ym_d Value: 1723319338
.yadro.ru/	1970-01-21 07:26:13	Name: FTID Value: 1cjyGf17aQ8r1cjyGf001Ci0
.yandex.com/	1970-01-21 08:17:59	Name: i Value: 4A3oHeg/IhUHkfXQP4xNMoEZGf0QHsVJoxbia66fzulqgFaWVpvMF3+4cHlwxR/tN2bJE89lxGKV7Jl8cYQlLEyMSaI=
.yandex.com/	1970-01-21 07:27:35	Name: yandexuid Value: 5784063781723319337
.yandex.com/	1970-01-21 07:27:35	Name: yashr Value: 1973643681723319337
.yadro.ru/	1970-01-21 07:26:13	Name: VID Value: 31TZwp1zOlOr1cjyGf001Cif
.mc.yandex.com/	1970-01-20 22:41:59	Name: sync_cookie_csrf Value: 2685372743fake
.billplease.ru/	1970-01-20 22:43:11	Name: _ym_isad Value: 2
.yandex.ru/	1970-01-21 07:27:35	Name: yashr Value: 9591903901723319337
.mc.yandex.ru/	1970-01-20 22:41:59	Name: sync_cookie_csrf Value: 4037656884fake
.mc.yandex.com/	1970-01-20 22:43:25	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 08:17:59	Name: yandexuid Value: 5784063781723319337
.yandex.ru/	1970-01-21 08:17:59	Name: yuidss Value: 5784063781723319337
.yandex.ru/	1970-01-21 08:17:59	Name: i Value: 4A3oHeg/IhUHkfXQP4xNMoEZGf0QHsVJoxbia66fzulqgFaWVpvMF3+4cHlwxR/tN2bJE89lxGKV7Jl8cYQlLEyMSaI=
.yandex.ru/	1970-01-21 08:17:59	Name: yp Value: 1723405737.yu.3260188171723319337
.yandex.ru/	1970-01-21 07:27:35	Name: ymex Value: 1725911337.oyu.3260188171723319337
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 37339541723319338
.yandex.com/	1970-01-21 07:27:35	Name: yuidss Value: 5784063781723319337
.yandex.com/	1970-01-21 07:27:35	Name: ymex Value: 1754855338.yrts.1723319338
.yandex.com/	1970-01-21 07:27:35	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 08:17:59	Name: bh Value: KgI/MGCqiN+1Bg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

billplease.ru
counter.yadro.ru
mc.yandex.com
mc.yandex.ru
userstat.net
188.114.97.3
2606:4700:3032::6815:b43
2a02:6b8::1:119
88.212.201.198
041aee9db90e94fe0508ae389fac3e12ad7a426a6d7ef08360613db41ce95fbf
15ce5c1c9ba32dcc6ad17bb12d61ead8aafba652147c3c51d0e200a16a992d67
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
44f8818c25ec5708acfc16815fcc266005d7be665bededd569a6fe8e72edd5cf
4523f8bdb57c3cde9cd7f1112ac2a032a6ae4bf1299bbd48b48f8d69a4895dbd
468908d97e98ac0224ce3d85a509656b2b9c480381ae27371b36ab26af89ad27
513b56ad286df98cb4fee3c37ec4854d265535eaa725a3f07bc969c1bf161904
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59e5d83299287441397c2aebb57a7003142a454178ba9f34012a2f96e8700a38
71a412091533ac40dc1c65a024d3868fae3c41e73ff0955a391f848db0ffb3b9
78ed30ffd8883c55678252b0d846ea07a2b22e00721227dd8b5f72bbc48e9045
854f7d188497c809b15a2ea396d330843c8624ac5c032caf1772f21dbeed492e
8a1256aca63a1a334d0ecbdf5db14a22403469a6f7c3609b3a5ca04d9ce7191d
95a6ddfe18023589361f2a14d89ff81c21db44029074ab7153a4dc3779122b69
c3089fa1c0e3d5148ab35f67d4edbc868ec54669de65bd8ec1ce6ed6abec8e20
dca271e5c10ab729dbf7e10ccb7c82ba4b87625a821dd4bd640279b6807f2033
de5f66b0400e2f0d8fb9adbfb0fffc7d3521db32fada1a9e032b84120570d8c7

billplease.ru Open in urlscan Pro 2606:4700:3032::6815:b43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

84 %HTTPS

50 %IPv6

5 Domains

5 Subdomains

4 IPs

3 Countries

706 kBTransfer

1078 kBSize

23 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

23 Cookies

Indicators

billplease.ru Open in urlscan Pro
2606:4700:3032::6815:b43 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

84 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

706 kB
Transfer

1078 kB
Size

23
Cookies

19 HTTP transactions
0 data transactions