urlscan.io logo urlscan.io
SecurityTrails logo

payeermegabonus.ru
5.196.248.6 

Go To Rescan Add Verdict Report
URL: http://payeermegabonus.ru/
Submission: On September 21 via api from GB — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 5 countries across 14 domains to perform 80 HTTP transactions. The main IP is 5.196.248.6, located in Montaigu-de-Quercy, France and belongs to OVH, FR. The main domain is payeermegabonus.ru.
This is the only time payeermegabonus.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 5.196.248.6 16276 (OVH)
3 25 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 7 2606:4700:303... 13335 (CLOUDFLAR...)
8 5.181.109.142 198610 (BEGET-AS)
1 54.37.161.241 16276 (OVH)
4 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
10 95.217.100.37 24940 (HETZNER-AS)
1 149.202.17.208 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
5 148.251.194.214 24940 (HETZNER-AS)
1 2 88.212.201.198 39134 (UNITEDNET)
6 2a00:1450:400... 15169 (GOOGLE)
80 15
4    5.196.248.6 (Montaigu-de-Quercy, France)

ASN16276 (OVH, FR)
PTR: cpsfix.iphoster.net
payeermegabonus.ru
25    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
linkslot.ru
7    2606:4700:3037::ac43:96c5 (United States)

ASN13335 (CLOUDFLARENET, US)
adslinks.ru
8    5.181.109.142 (St Petersburg, Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: adrek.ru
adrek.ru
1    54.37.161.241 (France)

ASN16276 (OVH, FR)
PTR: bestchange.com
www.bestchange.ru
4    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2606:4700:3037::6815:1fcc (United States)

ASN13335 (CLOUDFLARENET, US)
linkslot.pro
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
multibux.org
10    95.217.100.37 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: www.people-group.su
ads.people-group.net
1    149.202.17.208 (France)

ASN16276 (OVH, FR)
PTR: node-9.1-208.17.202.149.vistnet.net
payeer.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    148.251.194.214 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.214.194.251.148.clients.your-server.de
ad.a-ads.com
static.a-ads.com
2    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru
counter.yadro.ru
6    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
25 linkslot.ru
linkslot.ru — Cisco Umbrella Rank: 403785
369 KB
10 people-group.net
ads.people-group.net
351 KB
8 adrek.ru
adrek.ru
31 KB
7 adslinks.ru
adslinks.ru
45 KB
6 gstatic.com
www.gstatic.com
601 KB
5 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 23932
static.a-ads.com — Cisco Umbrella Rank: 32505
578 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 11
32 KB
4 payeermegabonus.ru
payeermegabonus.ru
58 KB
3 linkslot.pro
linkslot.pro — Cisco Umbrella Rank: 824403
210 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 7583
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
1 KB
1 payeer.com
payeer.com — Cisco Umbrella Rank: 339512
59 KB
1 multibux.org
multibux.org — Cisco Umbrella Rank: 685621
663 B
1 bestchange.ru
www.bestchange.ru — Cisco Umbrella Rank: 616343
20 KB
80 14
Domain Requested by
25 linkslot.ru 3 redirects payeermegabonus.ru
linkslot.ru
10 ads.people-group.net payeermegabonus.ru
ads.people-group.net
8 adrek.ru payeermegabonus.ru
adrek.ru
7 adslinks.ru 1 redirects payeermegabonus.ru
6 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com payeermegabonus.ru
www.gstatic.com
www.google.com
4 payeermegabonus.ru payeermegabonus.ru
3 ad.a-ads.com payeermegabonus.ru
3 linkslot.pro payeermegabonus.ru
2 static.a-ads.com ad.a-ads.com
2 counter.yadro.ru 1 redirects payeermegabonus.ru
1 fonts.googleapis.com payeermegabonus.ru
1 payeer.com payeermegabonus.ru
1 multibux.org payeermegabonus.ru
1 www.bestchange.ru payeermegabonus.ru
80 15
Subject Issuer Validity Valid
adslinks.ru
GTS CA 1P5		 2023-09-18 -
2023-12-17		 3 months crt.sh
adrek.ru
R3		 2023-09-20 -
2023-12-19		 3 months crt.sh
*.linkslot.ru
E1		 2023-08-24 -
2023-11-22		 3 months crt.sh
bestchange.com
R3		 2023-08-21 -
2023-11-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.payeer.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-29 -
2024-07-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-10 -
2024-02-10		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh

This page contains 8 frames:

Primary Page: http://payeermegabonus.ru/
Frame ID: 5D9C5460FA5FD4B9068065369139DAB0
Requests: 61 HTTP requests in this frame

Frame: http://ad.a-ads.com/1376012?size=200x200
Frame ID: E5A6CECCC51BDDB4CC7A7B00A3988F07
Requests: 2 HTTP requests in this frame

Frame: http://ad.a-ads.com/1519822?size=468x60
Frame ID: 063927958ED5408BD556C01B90101A52
Requests: 3 HTTP requests in this frame

Frame: http://ads.people-group.net/?hwn=MTUxMjgnOCcxJw&xm=1&swf=0&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695301487.7e36350645&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F21%2F2023%2013%3A04%3A47%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.3959057108337396
Frame ID: 55072E5C51FC7884553D619988DAE2F7
Requests: 4 HTTP requests in this frame

Frame: http://ad.a-ads.com/1376018?size=240x400
Frame ID: FF4396A3590F0D3111B216C26CE5C896
Requests: 3 HTTP requests in this frame

Frame: http://ads.people-group.net/?hwn=MTUxMjgnOCcyJw&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695301487.7e36350645&xm=1&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F21%2F2023%2013%3A04%3A47%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.07111502638439204
Frame ID: AE8EF4944BD301ADCABF9F4E5E92FCD0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldl9e4UAAAAAH5-TUXOoWglCWz-SNilN4PPWwTs&co=aHR0cDovL3BheWVlcm1lZ2Fib251cy5ydTo4MA..&hl=fr&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=yeycbr3vxhsg
Frame ID: 055D1E11F51AE5FA2D301F897AF7B886
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=fr&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6Ldl9e4UAAAAAH5-TUXOoWglCWz-SNilN4PPWwTs
Frame ID: 8C0F2D2D84707243E309242497B8963A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • <!--LiveInternet counter-->
  • <!--/LiveInternet-->
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

80
Requests

57 %
HTTPS

50 %
IPv6

14
Domains

15
Subdomains

15
IPs

5
Countries

2354 kB
Transfer

3582 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://linkslot.ru/bancode.php?id=285404 HTTP 301
  • https://linkslot.ru/bancode.php?id=285404
Request Chain 3
  • http://linkslot.ru/bancode.php?id=285406 HTTP 301
  • https://linkslot.ru/bancode.php?id=285406
Request Chain 4
  • http://linkslot.ru/bancode.php?id=301829 HTTP 301
  • https://linkslot.ru/bancode.php?id=301829
Request Chain 26
  • https://counter.yadro.ru/hit?t14.6;r;s1600*1200*24;uhttp%3A//payeermegabonus.ru/;h%u041F%u043E%u043B%u0443%u0447%u0430%u0439%u0442%u0435%20%u0440%u0443%u0431%u043B%u0451%u0432%u044B%u0435%20%u0431%u043E%u043D%u0443%u0441%u044B%20%u043D%u0430%20%u0432%u0430%u0448%20%u043A%u043E%u0448%u0435%u043B%u0451%u043A%20%u043A%u0430%u0436%u0434%u044B%u0435%2060%20%u043C%u0438%u043D;0.3059715399150762 HTTP 302
  • https://counter.yadro.ru/hit?q;t14.6;r;s1600*1200*24;uhttp%3A//payeermegabonus.ru/;h%u041F%u043E%u043B%u0443%u0447%u0430%u0439%u0442%u0435%20%u0440%u0443%u0431%u043B%u0451%u0432%u044B%u0435%20%u0431%u043E%u043D%u0443%u0441%u044B%20%u043D%u0430%20%u0432%u0430%u0448%20%u043A%u043E%u0448%u0435%u043B%u0451%u043A%20%u043A%u0430%u0436%u0434%u044B%u0435%2060%20%u043C%u0438%u043D;0.3059715399150762
Request Chain 65
  • http://adslinks.ru/img/buyb.png HTTP 301
  • https://adslinks.ru/img/buyb.png

80 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
payeermegabonus.ru/ 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://payeermegabonus.ru/
Protocol
HTTP/1.1
Server
5.196.248.6 Montaigu-de-Quercy, France, ASN16276 (OVH, FR),
Reverse DNS
cpsfix.iphoster.net
Software
nginx / PHP/5.4.45
Resource Hash
5636e9ec69e944760ea22463eacf7a3faaa27a47d0a3d0e0b8d561c8304e929b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 21 Sep 2023 13:04:47 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Nginx-Upstream-Cache-Status
MISS
X-Powered-By
PHP/5.4.45
X-Server-Powered-By
Engintron
X-XSS-Protection
1; mode=block
css.css
payeermegabonus.ru/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://payeermegabonus.ru/css.css
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Server
5.196.248.6 Montaigu-de-Quercy, France, ASN16276 (OVH, FR),
Reverse DNS
cpsfix.iphoster.net
Software
nginx /
Resource Hash
fe6b192507bbb2f9302d6e7760d921b2418cd12bca97e99303d251ea043ec797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Expires
Sat, 21 Oct 2023 13:04:47 GMT
Date
Thu, 21 Sep 2023 13:04:47 GMT
X-Server-Powered-By
Engintron
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Jul 2022 10:31:28 GMT
Server
nginx
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Nginx-Upstream-Cache-Status
HIT
bancode.php
linkslot.ru/
Redirect Chain
  • http://linkslot.ru/bancode.php?id=285404
  • https://linkslot.ru/bancode.php?id=285404
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=285404
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce424fe41e95d17d81477df7aa868f2b292817883f38eaa90c616e7930bd4ac9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:48 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOfZlLgOVnVVnLJeZIfP3QUI6weMWAcumU9b0F0YgWj9%2FtS8QukHVnnWfeSPE9IE3U2eeo5P8v4Jicn0tzG1l25lrVzeaYc2lI30Glr1UrxHmTZbXb%2Btp2Yob43gsTrFiDbJJD6Pm2HKaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
cf-ray
80a2841998ebd646-CDG
alt-svc
h3=":443"; ma=86400

Redirect headers

Date
Thu, 21 Sep 2023 13:04:47 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktLrMohfjauOTt0fPwxURtdhm87%2FrbkxO6qM7jsl7dPQO6h39Gbypbnqh0wLRkj7BHuHF5fBaxIK2YnG3vL5VwYqNw1fDEg8LCdUOta6%2Fi%2BrA4Qy%2FBnuAHU6ROlRGcxJOUR%2BMgGpmPuofg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Location
https://linkslot.ru:443/bancode.php?id=285404
Connection
keep-alive
CF-RAY
80a284179e753c74-CDG
alt-svc
h3=":443"; ma=86400
mbcode.php
adslinks.ru/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adslinks.ru/mbcode.php?load=250
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:96c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b188de429061ee789b2fddfee95adb0d22592db281a8ac4ed76330cb395c4b4f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EfLtGVEq0Jf1gCNhR3FMO1ZvDikJtVtCxGvHq7BrE2waDSp16J%2Fvy%2FpkDZY2%2Fe1w%2F539s4NpdOsr6u7fiEdoC2dr8m1R0CC9dyIc62d8htZ%2FBCtIrfzuSP%2F7aQl565nu9hx3TD87564Uvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
80a284188d4e0224-CDG
alt-svc
h3=":443"; ma=86400
bancode.php
linkslot.ru/
Redirect Chain
  • http://linkslot.ru/bancode.php?id=285406
  • https://linkslot.ru/bancode.php?id=285406
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=285406
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ecb8d2fde8a453cd885986b0819a73783023b0e74fc25365221a71ba2d182a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:48 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cr732pKQU%2FAWApdEt%2FPpC2irqmeRfhakCS2FZL1FbBzNf%2Fdzrp6evqG%2F9ciwDP3F6g%2FfrpT7w9Vtdl25iqyz9qbZPj8ZZGmEQOl8bmJHGeRBTVm4Oem7WBxl8UDLxMD9zHMyi8OwdQyqdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
cf-ray
80a2841998e7d646-CDG
alt-svc
h3=":443"; ma=86400

Redirect headers

Date
Thu, 21 Sep 2023 13:04:47 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcTCi0xRJpD0JJxZgfn26i1f4eFNbf9%2FGX6iCozGo9pGoHxWzJQPu1STU9lB0%2FwSDW7B94%2BhToKVxehRvPSkyOeLaPC8%2BTC05kNuem56nfUS5G0%2FGJFCnj2M2GkgsWkeGwdbvbbJ9MwXOg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Location
https://linkslot.ru:443/bancode.php?id=285406
Connection
keep-alive
CF-RAY
80a284179a5ad6c2-CDG
alt-svc
h3=":443"; ma=86400
bancode.php
linkslot.ru/
Redirect Chain
  • http://linkslot.ru/bancode.php?id=301829
  • https://linkslot.ru/bancode.php?id=301829
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=301829
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b9ef84fceaf33559b2cbc1ac4192f241b14cc8defbbc4e4425eb992ad9246d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:48 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7p7Zjanr4UtnsgSvI%2F89aHACA%2FH0K09Pc65YHHmCjbE8GMFTDtMSz9mSuvtpS7xYwvTqjZa7BXWrji1aEvl7mYNC%2Foy3A353Qe9KwMO62ynP1s%2FxeOJMbkyNv2AxDSGMsBNnf0QKVTS8sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
cf-ray
80a2841988d8d646-CDG
alt-svc
h3=":443"; ma=86400

Redirect headers

Date
Thu, 21 Sep 2023 13:04:47 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vi%2B%2Bhk3awzbS8WQ1m4SdBRSZui6BRepn1q0p2hLXTaWpz3umJncXDeId21uGfYrl%2Fkjc2MjNJodnbV0Z1lwhm9pnyw7Kb2ZmkXCEiWShLGSAVBdiFSHEG2Tz00lPkR8zQ%2BglP9Lc1m9WSg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Location
https://linkslot.ru:443/bancode.php?id=301829
Connection
keep-alive
CF-RAY
80a284179f610181-CDG
alt-svc
h3=":443"; ma=86400
b.php
adrek.ru/ 		901 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adrek.ru/b.php?id=3224
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.181.109.142 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
adrek.ru
Software
nginx / PHP/7.4.1
Resource Hash
29953f11106bf6790e746d19a7fe93a34d3d8c98ea94909d2cb8e7401a1b42b8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 13:04:47 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/7.4.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 19 Nov 1981 08:52:00 GMT
l.php
adrek.ru/ 		811 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adrek.ru/l.php?id=3669
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.181.109.142 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
adrek.ru
Software
nginx / PHP/7.4.1
Resource Hash
87f8d7901dc7a41d63742fab2ee281f4b6b662bf3b0667eddb9bf714b6584c41

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 13:04:47 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/7.4.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 19 Nov 1981 08:52:00 GMT
bancode.php
linkslot.ru/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=285407
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a21950145f415951cc2f038be147071dfd4388fdfb519b997aa728c095bb174
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:47 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9YSS7Sj1%2FQ4oBfwV4YXrRZTDsmHxvNqcS0q%2FRohTjKbSeSjvgPCgL7Zq4UX0I2P7HAl0iYV%2FbxSzvg4hpXK1xnsfsalGCrIN8a8XVCE%2F3WG9%2FbJHMhkSYQGRH3sEwJ31BHC%2FE57eiuYjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
cf-ray
80a28417dea0d646-CDG
alt-svc
h3=":443"; ma=86400
lincode.php
linkslot.ru/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/lincode.php?id=285409
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
875a9ab37a852c3a0b3f2d27871f6f947d9b2bfe3565724baff89fcefe72d2ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:47 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjVpVunRbveWXzRrQiL%2FglYC95y9xPCWDHkWIMj5qbSoFGSLz%2BOlj4QWy1nzbgRqlashqygZYUa8RUZttc%2FXXVMyG3uiHRAbxGBOOqOC6AbCQgCseKZsXz%2FJlRNVEH5QUns3odG1EFMlhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
cf-ray
80a28417dea1d646-CDG
alt-svc
h3=":443"; ma=86400
200x80-8.jpg
www.bestchange.ru/images/banners/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bestchange.ru/images/banners/200x80-8.jpg
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.161.241 , France, ASN16276 (OVH, FR),
Reverse DNS
bestchange.com
Software
nginx /
Resource Hash
da221bad2fcfba7ce853791581307fa0fed5da32c32b2eb82616fef658b72b7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:47 GMT
strict-transport-security
max-age=31536000;
last-modified
Sat, 12 Nov 2022 19:18:54 GMT
server
nginx
etag
"636ff19e-4dd8"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
19928
expires
Sat, 21 Oct 2023 13:04:47 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
86887572880e058980a785dc35d8dc3c4cc8e1269f84e021f1cfcda5f7113ca8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 21 Sep 2023 13:04:47 GMT
bancode.php
linkslot.pro/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://linkslot.pro/bancode.php?id=4075
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Server
2606:4700:3037::6815:1fcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1db0a6b86e7df8d8e9939bbf7a5fa4ff67fc79286698146ad8215966468fefd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 13:04:47 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79R96p6QX33Gbt82oRkmuBMj3sTn1In6xd8qcEotnKmYcXpi5bBuKOjlKgIu8xDjbTRM8%2BNKWXjJdQ13yESQHG%2F4OvfadLG33vHxrBw8cAlp9MEgSeqC6T0r0%2ByQtWNyuwqSFyyAgN58KDI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
CF-RAY
80a284184def0161-CDG
alt-svc
h3=":443"; ma=86400
Expires
Thu, 19 Nov 1981 08:52:00 GMT
bancode.php
linkslot.ru/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=285412
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3df9b929b8234c82ce754721c262c9d1ef7b29fa983f28e1d089bc6c9afc30f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:47 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8EOTss8tDLOb5fgk0m%2BJu1R%2FFx34Ji2%2BnPVSOFaZtUFKp0isn7YkwOl3iHNKmp2i7I6d17gCyrryW1vIaSExyLscoOb8Kf7FtQ%2BKhD1cQdNr4%2BbGFcoNer9eYec9vg6t9lYySVG8i23eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
cf-ray
80a284181f0dd646-CDG
alt-svc
h3=":443"; ma=86400
bancode.php
linkslot.ru/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=301830
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc58ffad76c33a3453597d8aa41554781eae9bf4c20b7e400b168ea0499a20c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:47 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OcHDy0EXjD8kNB3e1hNG3RRiJptSajfwv3lUEVn5baOIeuynwlIvErPX6RQ5VL9ltBPcMRYiMI36G7uOTDY%2B7R43vgRyprV%2B5hat0bzIeGSRX2giRwhDb%2BBpR8bIIJeX%2BiLaJO8pn2zSSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
cf-ray
80a284181f0ed646-CDG
alt-svc
h3=":443"; ma=86400
bancode.php
multibux.org/ 		5 B
663 B 		Script
General
Check archive.org
Download Go to
Full URL
http://multibux.org/bancode.php?id=12600
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca00fccfb408989eddc401062c4d1219a6aceb6b9b55412357f1790862e8f178

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Thu, 21 Sep 2023 13:04:47 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JwGGUuzpVup3QYswBYpRqblILoLoZDaBn%2F5XvUA9281s%2FdmbmYP5on5KcIufEEZiQQvP%2B0Mx%2BQ5pB0maNwjaOR961g2fX9aUGOu%2B5Vkd0wEtN8pRWYm02UBGB0eC9ymE%2FuZefIU3HKz6Yj8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/javascript; charset=utf-8
Connection
keep-alive
CF-RAY
80a284187fd200a6-CDG
alt-svc
h3=":443"; ma=86400
/
ads.people-group.net/15128/8/1/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.people-group.net/15128/8/1/
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Server
95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www.people-group.su
Software
nginx /
Resource Hash
b33c60ceb433757bb60dd2390122ac52495c6942e1430977c0b2594b362fe596
Security Headers
Name Value
X-Xss-Protection 0;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 13:04:47 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Type
application/x-javascript;charset=UTF-8;
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
X-XSS-Protection
0;
bancode.php
adslinks.ru/ 		894 B
872 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adslinks.ru/bancode.php?id=1307
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:96c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32653f581aa0ee49dfe17a62382f26f1f69613f24cf3b3f649c10703f5174f6b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aS0zZkHImLVbzwskyF0yY24tGzrUk%2B%2F2O26wsdbDs3ZOZYrgcngyIsV1dyzxMcsbwNHaWpX%2BZht86JJOJ6kjlj6DhpYR769wksgsqEbZNrOQGPj7sQxFbmMz4lZQRGTVuCkN6qQYGR8E3g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
80a284188d510224-CDG
access-control-allow-headers
*
expires
Thu, 19 Nov 1981 08:52:00 GMT
bancode.php
linkslot.ru/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=285411
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f6526b97c6d995c135109e8b2a12d07c471ada7aa2b176bd96514e08fda4025
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:48 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTaCA6kPs2eaoCHTLtFELbPiP%2Fxq4VejpvQe8gEpKIga1gNLP4FCzXMBnmeaLt6WgsCDsqezdkZclBCFut0Zta%2BlD2UZWhBc7A8%2BysUa82%2Bgxee5%2BnlnMUwKwO8bizd2UCZ0%2B0jcVXmDsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
cf-ray
80a284187f8bd646-CDG
alt-svc
h3=":443"; ma=86400
b.php
adrek.ru/ 		904 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adrek.ru/b.php?id=14135
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.181.109.142 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
adrek.ru
Software
nginx / PHP/7.4.1
Resource Hash
c750060a03efc96337340d2885dddd974815cae0cedea6719c9fa72c48e2a824

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 13:04:47 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/7.4.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 19 Nov 1981 08:52:00 GMT
728x90-1.jpg
payeer.com/style/images/banner/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payeer.com/style/images/banner/728x90-1.jpg
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.202.17.208 , France, ASN16276 (OVH, FR),
Reverse DNS
node-9.1-208.17.202.149.vistnet.net
Software
iCore Proxy Module /
Resource Hash
0e2995f3777c6ca5f4a36535525df1c61776fd85aa5cf742ee7f21b397bcd31a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Thu, 21 Sep 2023 13:04:47 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Wed, 16 Oct 2019 07:32:45 GMT
Server
iCore Proxy Module
ETag
"5da6c79d-e98f"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
close
Content-Length
59791
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Roboto:400,100,300
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/css.css
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
db27cd20b1c3dc3380e5aedaa72dbd5b26e2c8f4e3c9c3fc53efc7e694d65362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Thu, 21 Sep 2023 13:04:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Thu, 21 Sep 2023 13:04:47 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Thu, 21 Sep 2023 13:04:47 GMT
bg-light.png
payeermegabonus.ru/img/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://payeermegabonus.ru/img/bg-light.png
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/css.css
Protocol
HTTP/1.1
Server
5.196.248.6 Montaigu-de-Quercy, France, ASN16276 (OVH, FR),
Reverse DNS
cpsfix.iphoster.net
Software
nginx /
Resource Hash
b42911b5048af162381904225b708a742f9a955bce496006ac7ac5bd0465dfc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/css.css
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Expires
Mon, 20 Nov 2023 13:04:47 GMT
Date
Thu, 21 Sep 2023 13:04:47 GMT
X-Server-Powered-By
Engintron
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Jul 2022 10:33:09 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48489
X-XSS-Protection
1; mode=block
X-Nginx-Upstream-Cache-Status
HIT
moneta.png
payeermegabonus.ru/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://payeermegabonus.ru/img/moneta.png
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/css.css
Protocol
HTTP/1.1
Server
5.196.248.6 Montaigu-de-Quercy, France, ASN16276 (OVH, FR),
Reverse DNS
cpsfix.iphoster.net
Software
nginx /
Resource Hash
e9101e7dcc47e45a2f63cae20b2ccf50b8fb18be25788db6694d1d5af748cd55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/css.css
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Expires
Mon, 20 Nov 2023 13:04:47 GMT
Date
Thu, 21 Sep 2023 13:04:47 GMT
X-Server-Powered-By
Engintron
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Jul 2022 10:33:10 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2566
X-XSS-Protection
1; mode=block
X-Nginx-Upstream-Cache-Status
STALE
mbcode.php
adslinks.ru/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adslinks.ru/mbcode.php?id=250&loader=JS&cs=0&i=0&l=0&h=a1c746444adc0f6c826f874dfa86142b
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:96c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
154cb2f59167d9a3df27c48931219ea258789a6474e211eefdd92a7a2d646d7f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKud1VKQo%2BIbTrIpecFjsPi0eL6%2F6BhcoPIH2wqjjn%2FRAP3kO6QpDm54YlYYZB4wDPsoF0CvVLM3SMPVkQQ2EwZYKPxB5%2BRfxGxm5iBTBpmCDLzpGnFA6SuqKiHsNC2uI6xQo5huKUiweg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
80a2841a5fb60224-CDG
alt-svc
h3=":443"; ma=86400
1376012
ad.a-ads.com/ Frame E5A6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ad.a-ads.com/1376012?size=200x200
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Server
148.251.194.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.194.251.148.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
aed63b53696cb9d08b486623d81d44bd27f676646f783d96d89a1c4943bfab91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://payeermegabonus.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Thu, 21 Sep 2023 13:04:47 GMT
Server
nginx
Status
200 OK
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding
X-Content-Type-Options
nosniff
X-Original-Referer
http://payeermegabonus.ru/
X-Powered-By
Phusion Passenger(R)
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
X-XSS-Protection
1; mode=block
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/gif
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t14.6;r;s1600*1200*24;uhttp%3A//payeermegabonus.ru/;h%u041F%u043E%u043B%u0443%u0447%u0430%u0439%u0442%u0435%20%u0440%u0443%u0431%u043B%u0451%u0432%u044B%u0435%20%u0431%...
  • https://counter.yadro.ru/hit?q;t14.6;r;s1600*1200*24;uhttp%3A//payeermegabonus.ru/;h%u041F%u043E%u043B%u0443%u0447%u0430%u0439%u0442%u0435%20%u0440%u0443%u0431%u043B%u0451%u0432%u044B%u0435%20%u043...
210 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t14.6;r;s1600*1200*24;uhttp%3A//payeermegabonus.ru/;h%u041F%u043E%u043B%u0443%u0447%u0430%u0439%u0442%u0435%20%u0440%u0443%u0431%u043B%u0451%u0432%u044B%u0435%20%u0431%u043E%u043D%u0443%u0441%u044B%20%u043D%u0430%20%u0432%u0430%u0448%20%u043A%u043E%u0448%u0435%u043B%u0451%u043A%20%u043A%u0430%u0436%u0434%u044B%u0435%2060%20%u043C%u0438%u043D;0.3059715399150762
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
ac1d7cce0fb0fdfbb504fad570d9438a16dbf864eaf014214ae6ec97b68a066d
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 13:04:48 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
210
Expires
Tue, 20 Sep 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 13:04:48 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;t14.6;r;s1600*1200*24;uhttp%3A//payeermegabonus.ru/;h%u041F%u043E%u043B%u0443%u0447%u0430%u0439%u0442%u0435%20%u0440%u0443%u0431%u043B%u0451%u0432%u044B%u0435%20%u0431%u043E%u043D%u0443%u0441%u044B%20%u043D%u0430%20%u0432%u0430%u0448%20%u043A%u043E%u0448%u0435%u043B%u0451%u043A%20%u043A%u0430%u0436%u0434%u044B%u0435%2060%20%u043C%u0438%u043D;0.3059715399150762
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Tue, 20 Sep 2022 21:00:00 GMT
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ 		457 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
914f2794e0de11620e79209bdc54d5dd5cfc36b0c9e4674ed357c0e932401b29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://payeermegabonus.ru/
Origin
http://payeermegabonus.ru
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Mon, 18 Sep 2023 16:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
246826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187717
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 04:01:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Sep 2024 16:31:01 GMT
9345f66c1048d8ade3cc0ba5c679a67c.gif
linkslot.pro/uploads/ 		204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.pro/uploads/9345f66c1048d8ade3cc0ba5c679a67c.gif
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1fcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee13955c0886a18bb51a3709d0cf6af7f5907c4d327b89b36a6667364ff1fade
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:47 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
281
alt-svc
h3=":443"; ma=86400
content-length
209308
last-modified
Sun, 17 Sep 2023 08:25:30 GMT
server
cloudflare
etag
"6506b7fa-3319c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQsCB7rPVNK%2BkkFGoqroWnfUpRxWhBYzR8nbtKFNIa1Od1Qand9keIF929Q%2FhERPPFrVMan3OcOXjoNxpXtQPRi2sfzO2EyHJssw%2BnQvfr%2FOCOtxphlEfTDqlfgvsvD1p6Zhn9nLlPCpoC0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80a2841b7fdc0084-CDG
buyb.png
linkslot.pro/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.pro/img/buyb.png
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1fcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:47 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3555
alt-svc
h3=":443"; ma=86400
content-length
2585
last-modified
Thu, 06 Apr 2023 09:20:44 GMT
server
cloudflare
etag
"642e8eec-a19"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukIWGSmgsUyu72EtHWxtPLQO0ojjIr9NRSk26FGWzK%2F1x4tnW9rHXXWZKJJvLZY0IirGoXReQcaMGPKd22sBpwpIS%2FHQ9jo8mEyqLdwYdrtKTR%2B0u%2BbucqTcMs4eicphFN5k3U02rPzV6EI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80a2841b7fde0084-CDG
1519822
ad.a-ads.com/ Frame 0639 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ad.a-ads.com/1519822?size=468x60
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Server
148.251.194.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.194.251.148.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
d06951de83978ca86f8be7bad5f9f3ae99b1cd626d82a7485603f0f48b05e704
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://payeermegabonus.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Thu, 21 Sep 2023 13:04:47 GMT
Server
nginx
Status
200 OK
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding
X-Content-Type-Options
nosniff
X-Original-Referer
http://payeermegabonus.ru/
X-Powered-By
Phusion Passenger(R)
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
X-XSS-Protection
1; mode=block
/
ads.people-group.net/ Frame 5507 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ads.people-group.net/?hwn=MTUxMjgnOCcxJw&xm=1&swf=0&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695301487.7e36350645&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F21%2F2023%2013%3A04%3A47%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.3959057108337396
Requested by
Host: ads.people-group.net
URL: http://ads.people-group.net/15128/8/1/
Protocol
HTTP/1.1
Server
95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www.people-group.su
Software
nginx /
Resource Hash
a22aceaeeab22cd2f4fcedd52a3922045c0a0ce2f1e3cf7a3b06ca53ad1cc695
Security Headers
Name Value
X-Xss-Protection 0;

Request headers

Referer
http://payeermegabonus.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8;
Date
Thu, 21 Sep 2023 13:04:47 GMT
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-XSS-Protection
0;
1376018
ad.a-ads.com/ Frame FF43 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ad.a-ads.com/1376018?size=240x400
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Server
148.251.194.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.194.251.148.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
f8eaf925e57ff855b9c9b5c76f5ffe3903ce7e0321bab5f82fac8f1d133c0c13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://payeermegabonus.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Thu, 21 Sep 2023 13:04:47 GMT
Server
nginx
Status
200 OK
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding
X-Content-Type-Options
nosniff
X-Original-Referer
http://payeermegabonus.ru/
X-Powered-By
Phusion Passenger(R)
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
X-XSS-Protection
1; mode=block
/
ads.people-group.net/15128/8/2/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.people-group.net/15128/8/2/
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Server
95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www.people-group.su
Software
nginx /
Resource Hash
27f277d83db2939c5a8e12a4aef577f2231e9cd1b8b16fb8400a944cb7e127f5
Security Headers
Name Value
X-Xss-Protection 0;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 13:04:47 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Type
application/x-javascript;charset=UTF-8;
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
X-XSS-Protection
0;
468x60.png
adslinks.ru/promo/dummy/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adslinks.ru/promo/dummy/468x60.png
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:96c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1132789
alt-svc
h3=":443"; ma=86400
content-length
11802
last-modified
Sat, 25 Feb 2023 22:32:06 GMT
server
cloudflare
etag
"63fa8c66-2e1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7a97OHn2v7BPsTbBTOhvV%2FGaK1t1xpmxQekZCaYJKLdOqaE5ws0ET2Lvxzdbtz%2F29tV%2FDI2BNhq4aOXSEuveiA%2F28t3qy6Nee5wrLAObMHLFivZj37eKDQv5YlfdjbArP70Lkhnm8IpVXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
80a2841b3a8bd2e1-CDG
expires
Fri, 22 Sep 2023 10:24:58 GMT
view_b.php
adrek.ru/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adrek.ru/view_b.php?ref=&id=3224&h=1200&t=173&fr=n
Requested by
Host: adrek.ru
URL: https://adrek.ru/b.php?id=3224
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.181.109.142 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
adrek.ru
Software
nginx / PHP/7.4.1
Resource Hash
92fe1b01718f9095e52a2e1cc0a8e04b12d5d130d759980f07712482d9c82974

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 13:04:47 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/7.4.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 19 Nov 1981 08:52:00 GMT
view_l.php
adrek.ru/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adrek.ru/view_l.php?ref=&id=3669&h=1200&t=212&fr=n
Requested by
Host: adrek.ru
URL: https://adrek.ru/l.php?id=3669
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.181.109.142 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
adrek.ru
Software
nginx / PHP/7.4.1
Resource Hash
88a3529df5e5ba9290cab4f1d14503378c751acdd5c3139787478816322279a6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 13:04:47 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/7.4.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 19 Nov 1981 08:52:00 GMT
view_b.php
adrek.ru/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adrek.ru/view_b.php?ref=&id=14135&h=1200&t=1212&fr=n
Requested by
Host: adrek.ru
URL: https://adrek.ru/b.php?id=14135
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.181.109.142 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
adrek.ru
Software
nginx / PHP/7.4.1
Resource Hash
ca1309ae614f3cc176335ddb4955620be23cf1266d7d1f7f7f5afa4f95da4afd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 13:04:47 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/7.4.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 19 Nov 1981 08:52:00 GMT
fonts2.css
ads.people-group.net/bann/ Frame 5507 		121 KB
92 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ads.people-group.net/bann/fonts2.css
Requested by
Host: ads.people-group.net
URL: http://ads.people-group.net/?hwn=MTUxMjgnOCcxJw&xm=1&swf=0&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695301487.7e36350645&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F21%2F2023%2013%3A04%3A47%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.3959057108337396
Protocol
HTTP/1.1
Server
95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www.people-group.su
Software
nginx /
Resource Hash
6c98f1112b2719030cce8ff7c37d67f0851b3536dd98435fce9a4fb946570be7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ads.people-group.net/?hwn=MTUxMjgnOCcxJw&xm=1&swf=0&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695301487.7e36350645&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F21%2F2023%2013%3A04%3A47%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.3959057108337396
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Thu, 21 Sep 2023 13:04:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Aug 2014 18:44:43 GMT
Server
nginx
ETag
W/"53e51a9b-1e2d2"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=3600
Connection
keep-alive
Expires
Thu, 21 Sep 2023 14:04:47 GMT
jquery.min.js
ads.people-group.net/bann/ Frame 5507 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.people-group.net/bann/jquery.min.js
Requested by
Host: ads.people-group.net
URL: http://ads.people-group.net/?hwn=MTUxMjgnOCcxJw&xm=1&swf=0&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695301487.7e36350645&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F21%2F2023%2013%3A04%3A47%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.3959057108337396
Protocol
HTTP/1.1
Server
95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www.people-group.su
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ads.people-group.net/?hwn=MTUxMjgnOCcxJw&xm=1&swf=0&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695301487.7e36350645&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F21%2F2023%2013%3A04%3A47%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.3959057108337396
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Thu, 21 Sep 2023 13:04:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Oct 2014 12:03:32 GMT
Server
nginx
ETag
W/"54352814-1762a"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=3600
Connection
keep-alive
Expires
Thu, 21 Sep 2023 14:04:47 GMT
gate.php
linkslot.ru/ 		2 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9bb296a698a08b94a1959a95989baa9195d5d6e2ccd7d1cba19c97aa819ad4d0d6d8e3a08ad3d5cdecd0dbcc879993a685dddf94caac91a7dd9088c4dbd5d6d7decedcccdbdc969d96a2939da88791e5c9e6d5d39483d7ced5d787d0dfc4ddd79088c6d3d7d9dfcc98ab92a896979698a3999fa0989aae81dfd7c9d1cfd085ddd3cdcaeccaa19d9a9f919e9b989599a0b2d9e1ddd2d2c99b97dda29799aa91a2989798939b959aa29799aa91a2988a98868e96a0ab9c9caa92a6a09ea1999b
Requested by
Host: linkslot.ru
URL: https://linkslot.ru/lincode.php?id=285409
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:48 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxxRldXaFvYXheMPq4UPzf4nyXhjRfOI4f2PrWzpziV%2FwqlIQfVwSlfnjqYcxtyxI6Hh7AElTlgBH7o6SwoQ%2BBRFaTP5LMzMyD7g9h42eyQR7SeoY5bOykDssmXWK00b59bQd9mv6E%2BHYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
access-control-allow-origin
*
cf-ray
80a2841dfc2b008e-CDG
alt-svc
h3=":443"; ma=86400
truncated
/ Frame E5A6 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/svg+xml
468x60
static.a-ads.com/a-ads-banners/117614/ Frame 0639 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.a-ads.com/a-ads-banners/117614/468x60?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: http://ad.a-ads.com/1519822?size=468x60
Protocol
HTTP/1.1
Server
148.251.194.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.194.251.148.clients.your-server.de
Software
nginx /
Resource Hash
3d285ed1fe07a83d5e1bf07ea6286563c6f1a34d9fca06fffbebeb5aab9d029a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Thu, 21 Sep 2023 13:04:48 GMT
x-amz-version-id
RiqlbFUXWzMloNmKcFxQkdDqraCFWLWD
Last-Modified
Sun, 19 Apr 2020 16:07:32 GMT
Server
nginx
x-amz-request-id
EM420S6XN1CM1YP4
ETag
"71fa04f4b751182f94820520d348d289"
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
169525
x-amz-id-2
I8TD/ek4Hb6dCn82Ed4yUJ/DExn4W2O5gFlVIfV3PtpQhfa95gpGrSKYcpR/csYdJzntZzxrIhM=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
ads.people-group.net/ Frame AE8E 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ads.people-group.net/?hwn=MTUxMjgnOCcyJw&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695301487.7e36350645&xm=1&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F21%2F2023%2013%3A04%3A47%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.07111502638439204
Requested by
Host: ads.people-group.net
URL: http://ads.people-group.net/15128/8/2/
Protocol
HTTP/1.1
Server
95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www.people-group.su
Software
nginx /
Resource Hash
67472cd71bbdd59ce74fef136f327cf677f1d669fc23e0662310f767b9b60ddd
Security Headers
Name Value
X-Xss-Protection 0;

Request headers

Referer
http://payeermegabonus.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8;
Date
Thu, 21 Sep 2023 13:04:48 GMT
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-XSS-Protection
0;
close.png
ads.people-group.net/bann/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ads.people-group.net/bann/close.png
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Server
95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www.people-group.su
Software
nginx /
Resource Hash
324b9d944e39c915922db7058a276bd708e68ea5d86762741f14864af2324607

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Thu, 21 Sep 2023 13:04:48 GMT
Last-Modified
Wed, 20 Feb 2013 14:07:40 GMT
Server
nginx
ETag
"5124d8ac-3bb7"
Content-Type
image/png
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15287
Expires
Thu, 21 Sep 2023 14:04:48 GMT
truncated
/ Frame 0639 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/svg+xml
200x300.gif
adrek.ru/images/promo/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adrek.ru/images/promo/200x300.gif
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.181.109.142 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
adrek.ru
Software
nginx /
Resource Hash
3930a676cb9be3b6cd55a354d0ea2cbe65f2ab1337db329ed5cd2e56401084a2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Thu, 21 Sep 2023 13:04:48 GMT
Last-Modified
Sat, 01 Aug 2020 12:01:45 GMT
Server
nginx
ETag
"5f2559a9-2bd1"
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
11217
Expires
Thu, 31 Dec 2037 23:55:55 GMT
240x400.gif
adrek.ru/images/promo/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adrek.ru/images/promo/240x400.gif
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.181.109.142 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
adrek.ru
Software
nginx /
Resource Hash
a190deb2753995e16ff1c55635ff7ecb9bab672176fa54d70a38aa12b7d2bab6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Thu, 21 Sep 2023 13:04:48 GMT
Last-Modified
Sat, 01 Aug 2020 12:01:46 GMT
Server
nginx
ETag
"5f2559aa-2f41"
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
12097
Expires
Thu, 31 Dec 2037 23:55:55 GMT
240x400
static.a-ads.com/a-ads-banners/360439/ Frame FF43 		397 KB
397 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.a-ads.com/a-ads-banners/360439/240x400?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: http://ad.a-ads.com/1376018?size=240x400
Protocol
HTTP/1.1
Server
148.251.194.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.194.251.148.clients.your-server.de
Software
nginx /
Resource Hash
503f22aa60b2d9fe5793278e9cedb7ddcbb778684a28c96f7c85a7ee0917580f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Thu, 21 Sep 2023 13:04:48 GMT
x-amz-version-id
LW753v_eE1uiek0XLelzJNQ0iDKvkjzj
Last-Modified
Tue, 08 Mar 2022 12:10:51 GMT
Server
nginx
x-amz-request-id
ZPHXTZTQAQVZFW6G
ETag
"d80ea1cd298d944c2cbc980ee58d5030"
Content-Type
image/gif
Cache-Control
max-age=315360000
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
406143
x-amz-id-2
l9UzB/jpROKqjTCKmVfCx8RiLsyRufBCbD6dUPJ9EsmpMCEch7q2TUANa/ZpIlco/h8uY8DUOv4=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame FF43 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/svg+xml
gate.php
linkslot.ru/ 		2 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9bb296a6989e8b94a1959a95989baa9195d5d6e2ccd7d1cba19c97aa819ad4d0d6d8e3a08ad3d5cdecd0dbcc879993a685dddf94caac91a7dd9088c4dbd5d6d7decedcccdbdc969d96a2939da88791e5c9e6d5d39483d7ced5d787d0dfc4ddd79088c6d3d7d9dfcc98ab92a896979698a3999fa0989aae81dfd7c9d1cfd085ddd3cdcaeccaa19d9a9f919e9b9895999be5c6a2ded6d5ccd69acda29799aa91a2989798939b959aa29799aa91a2988a98868e96a0ab9c9caa92a6a09f989c9f
Requested by
Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=285407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:48 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9oUEIfkwoUykxUXLp8SaxZ5W4EirDd13gCHb1ufw6N3DGmEfmGbmPlAaiGEP0cgNHn0T97%2BhsIdiDEZUdvrFK7LfKgL3cbXm7PuBDoLHC5Jif6UZMN4tAUeIB3GW3qhxaWnOhKsmoaNgOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
access-control-allow-origin
*
cf-ray
80a2841e8ce8008e-CDG
alt-svc
h3=":443"; ma=86400
200x300.jpg
linkslot.ru/promo/dummy/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/promo/dummy/200x300.jpg
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bb25991538ca880c81d25f85b9c9ac7430f2a3815afe6b2486047480316a82b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:48 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7343505
alt-svc
h3=":443"; ma=86400
content-length
17574
last-modified
Mon, 05 Jun 2023 11:22:27 GMT
server
cloudflare
etag
"647dc573-44a6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KlYulQg5n1WPOBaKx9Jxg47VuY0%2BTqJlApSV4dvDy4pIOkSQr2%2F1V5HinJjdbdyxzYjzQarnG5rSk%2BjNNzkBEMOm%2FCKtL6h8Ke%2FIiFjGsi86MisOjiVbFgz7Ysc50Co3y23FLUvsj%2FajUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
80a2841cac98d646-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
271233_102.gif
ads.people-group.net/bann/2/7/1/2/ Frame 5507 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ads.people-group.net/bann/2/7/1/2/271233_102.gif
Requested by
Host: ads.people-group.net
URL: http://ads.people-group.net/?hwn=MTUxMjgnOCcxJw&xm=1&swf=0&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695301487.7e36350645&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F21%2F2023%2013%3A04%3A47%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.3959057108337396
Protocol
HTTP/1.1
Server
95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www.people-group.su
Software
nginx /
Resource Hash
bba87aa33870d85c111ec2fad2b392026bd83deeea80c9f5a6fd2886e031ea4f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ads.people-group.net/?hwn=MTUxMjgnOCcxJw&xm=1&swf=0&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695301487.7e36350645&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F21%2F2023%2013%3A04%3A47%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.3959057108337396
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Thu, 21 Sep 2023 13:04:48 GMT
Last-Modified
Fri, 08 Sep 2023 15:24:36 GMT
Server
nginx
ETag
"64fb3cb4-10657"
Content-Type
image/gif
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
67159
Expires
Thu, 21 Sep 2023 14:04:48 GMT
gate.php
linkslot.ru/ 		2 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9caa92aa9b978b94a1959a95989baa9195d5d6e2ccd7d1cba19c97aa819ad4d0d6d8e3a08ad3d5cdecd0dbcc879993a685dddf94caac91a7dd9088c4dbd5d6d7decedcccdbdc969d96a2939da88791e5c9e6d5d39483d7ced5d787d0dfc4ddd79088c6d3d7d9dfcc98ab92a896979698a3999fa0989aae81dfd7c9d1cfd085ddd3cdcaeccaa19d9a9f919e9b98959aa2b397d59bd1d5d6d2de9aa29799aa91a2989798939b959aa29799aa91a2988a98868e96a0ab9c9caa92a6a09f9997a2
Requested by
Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=301830
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:48 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyh2P%2BfaX6113Wnvvw6MG7YRzc2SSSbUnxQQONl9%2B7%2BJ5erJUgnkTEvXOjf7aPqbqm%2B732Utkb5jhn1d12OGkCq3whUAEEKrIIF35K6grF8%2B3PUGv5EYk5qVYJ8AO14T024GkXIv%2BJJsxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
access-control-allow-origin
*
cf-ray
80a2841eed47008e-CDG
alt-svc
h3=":443"; ma=86400
468x60.jpg
linkslot.ru/promo/dummy/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/promo/dummy/468x60.jpg
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:48 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7343515
alt-svc
h3=":443"; ma=86400
content-length
11802
last-modified
Mon, 05 Jun 2023 11:22:27 GMT
server
cloudflare
etag
"647dc573-2e1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JE6dQVfiyy%2B7PJaH0s%2FTaBxMIw10UU1y7jkCiZVe6rEC0p516hupVtyGlfAHU5U%2FtLEMqYVj5RNPa8jTeuL7bRm%2F9EK8acg7BiX%2FNhyenlhOW6Eq3nQ15%2FF%2F4K6%2BSQcanH3viQ06e6ANsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
80a2841cfd52d646-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
anchor
www.google.com/recaptcha/api2/ Frame 055D 		54 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldl9e4UAAAAAH5-TUXOoWglCWz-SNilN4PPWwTs&co=aHR0cDovL3BheWVlcm1lZ2Fib251cy5ydTo4MA..&hl=fr&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=yeycbr3vxhsg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__fr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f8773bd78241ac3311b7d73f8dafe0a650bb6c50571521846d288150152d797d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JlRWqYlmxOfEvOcjo3eOsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://payeermegabonus.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-JlRWqYlmxOfEvOcjo3eOsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 13:04:48 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gate.php
linkslot.ru/ 		2 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9bb296a699998b94a1959a95989baa9195d5d6e2ccd7d1cba19c97aa819ad4d0d6d8e3a08ad3d5cdecd0dbcc879993a685dddf94caac91a7dd9088c4dbd5d6d7decedcccdbdc969d96a2939da88791e5c9e6d5d39483d7ced5d787d0dfc4ddd79088c6d3d7d9dfcc98ab92a896979698a3999fa0989aae81dfd7c9d1cfd085ddd3cdcaeccaa19d9a9f919e9b989599cae897a2a1cbd598d1dea2a29799aa91a2989798939b959aa29799aa91a28b978b869c9ba3a79a99ab95aaa099a093
Requested by
Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=285412
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:48 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgtvHxJFyAzIPyaHbGWsKM4vwSXF53VumnMPxL2wP05vKl1VUF0Xj9lHkGH%2F8CUjVSGT3dhAzH42D1DQG4TSUPmi%2BSs0f7zJ4kfctHY6FEkI0o7kMCvRFDR%2F1QptqzguFoLEiU9%2BEAqZaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
access-control-allow-origin
*
cf-ray
80a2841fae1c008e-CDG
alt-svc
h3=":443"; ma=86400
gate.php
linkslot.ru/ 		2 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9bb296a699988b94a1959a95989baa9195d5d6e2ccd7d1cba19c97aa819ad4d0d6d8e3a08ad3d5cdecd0dbcc879993a685dddf94caac91a7dd9088c4dbd5d6d7decedcccdbdc969d96a2939da88791e5c9e6d5d39483d7ced5d787d0dfc4ddd79088c6d3d7d9dfcc98ab92a896979698a3999fa0989aae81dfd7c9d1cfd085ddd3cdcaeccaa19d9a9f919e9b989599deabdad9d799cbc5dcc89aa29799aa91a2989798939b959aa29799aa91a2988a98868e96a0ab9c9caa92a6a09f9a9b9d
Requested by
Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=285411
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:48 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMkVnLwTkdq72uNE2v8X8EhN%2BrXAehnedH1RDg16IIS4RmoKJkHTyH6hr5jDwJSKsj506IlPIYiPgohYkYi4a03DIwP6F8DQFlu9J75yD%2BWrNOKfFCVlHOAHDhNKLBjgV5T2FR%2BJGyykxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
access-control-allow-origin
*
cf-ray
80a2841fbe2b008e-CDG
alt-svc
h3=":443"; ma=86400
240x400.jpg
linkslot.ru/promo/dummy/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/promo/dummy/240x400.jpg
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4d920a2ed21f9d8be489073ca76b3d8dcb7008a92b0c286054917cefa6a67c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:48 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7343532
alt-svc
h3=":443"; ma=86400
content-length
25660
last-modified
Mon, 05 Jun 2023 11:22:27 GMT
server
cloudflare
etag
"647dc573-643c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FPlv3pyNh62K7zNy51HA2ZKlPbmXYTCgEiJ7SZIBEBtqDB5KiPTWhzpMgtGTCahyi2GF6UiP2H7u1SZKid0Ff%2Fqr7D%2FdZxRqtFABYBceFQjh9kK6GpghnFxyt4ggYMTYstvklwJqSGi4WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
80a2841dde57d646-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
gate.php
linkslot.ru/ 		2 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9caa92aa9aa08b94a1959a95989baa9195d5d6e2ccd7d1cba19c97aa819ad4d0d6d8e3a08ad3d5cdecd0dbcc879993a685dddf94caac91a7dd9088c4dbd5d6d7decedcccdbdc969d96a2939da88791e5c9e6d5d39483d7ced5d787d0dfc4ddd79088c6d3d7d9dfcc98ab92a896979698a3999fa0989aae81dfd7c9d1cfd085ddd3cdcaeccaa19d9a9f919e9b98959c9bafd5a2ccd0dbd6d5d49aa29799aa91a2989798939b959aa29799aa91a2988a98868e96a0ab9c9caa92a6a09f9b939e
Requested by
Host: linkslot.ru
URL: http://linkslot.ru/bancode.php?id=301829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:48 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0Mz9a7eHjfwy5ttu%2FskfC6M7cJY5d9b70yXvJJ7JpFC1CLdadReQcCmCrylXYFb%2FcRTT4ctngmJDjyxTEAXTaY%2B9olAH7hYeM6GeHeeshpz44YVQhdnYpYgNGvZwuOMC1v%2FgCi9aLDdsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
access-control-allow-origin
*
cf-ray
80a2841fde44008e-CDG
alt-svc
h3=":443"; ma=86400
gate.php
linkslot.ru/ 		2 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9bb296a6989b8b94a1959a95989baa9195d5d6e2ccd7d1cba19c97aa819ad4d0d6d8e3a08ad3d5cdecd0dbcc879993a685dddf94caac91a7dd9088c4dbd5d6d7decedcccdbdc969d96a2939da88791e5c9e6d5d39483d7ced5d787d0dfc4ddd79088c6d3d7d9dfcc98ab92a896979698a3999fa0989aae81dfd7c9d1cfd085ddd3cdcaeccaa19d9a9f919e9b98959bd4e198d9d4cbdac9d4dc9aa29799aa91a2989798939b959aa29799aa91a2988a98868e96a0ab9c9caa92a6a09f9b93a1
Requested by
Host: linkslot.ru
URL: http://linkslot.ru/bancode.php?id=285404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:48 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhNGkinfWwp4sT9LAKrx7GLoMC7so2Zlm9w4NmJDaYbA%2FFO8fAzheKrk8%2FmAvHZwMlIs%2FQDSYP6I95hldgqj%2Bs05BPuTZ78HI3EsYO24HG%2BpVqh9ImQLgUm%2FRAk%2BtDlMc%2FV01MlXUJTg1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
access-control-allow-origin
*
cf-ray
80a2841dfc2c008e-CDG
alt-svc
h3=":443"; ma=86400
c1dffa4a359dfdf1d6c9fbf2c3e097e2.gif
linkslot.ru/uploads/ 		279 KB
280 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/uploads/c1dffa4a359dfdf1d6c9fbf2c3e097e2.gif
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd07b42b17f5b086f90f27e8b306ec1e9ed40d2d294592b563003f2ea99461a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:48 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
164750
alt-svc
h3=":443"; ma=86400
content-length
285671
last-modified
Tue, 19 Sep 2023 15:13:45 GMT
server
cloudflare
etag
"6509baa9-45be7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5xA%2BgdRvlAFptm%2FpDEeNhKO%2BacT1%2BBZmhQ9xz%2FNpqiUoPvoaIbiRdn7cbUTgXbM%2ByFiLj7s%2FYRTtE%2BHkM1u5zjUudFtemjDW%2FPzn57r9IYAb8RVHfqhF7Afmi2Q%2BP3EjT1MaLD2xmDFYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
80a2841dfe7ad646-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
buyb.png
linkslot.ru/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/img/buyb.png
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:48 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7343515
alt-svc
h3=":443"; ma=86400
content-length
2585
last-modified
Mon, 05 Jun 2023 11:22:27 GMT
server
cloudflare
etag
"647dc573-a19"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUJFPelxelnKxjRfYereH%2FdzeCxPZVgONTEpz%2BgIidWsfF4%2FxfvHHIY9PX%2BmejhQmVf8OCMdTrQig6Qc0JvSTAV6yxs4EIDC3QivB1YdDec30eaiTHHWAFLbHkn7tN8G1qxiU1DhHy4UYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
80a2841dfe7cd646-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
gate.php
linkslot.ru/ 		2 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9bb296a6989d8b94a1959a95989baa9195d5d6e2ccd7d1cba19c97aa819ad4d0d6d8e3a08ad3d5cdecd0dbcc879993a685dddf94caac91a7dd9088c4dbd5d6d7decedcccdbdc969d96a2939da88791e5c9e6d5d39483d7ced5d787d0dfc4ddd79088c6d3d7d9dfcc98ab92a896979698a3999fa0989aae81dfd7c9d1cfd085ddd3cdcaeccaa19d9a9f919e9b9895999ff0d1d49f99d298ddd9e1a29799aa91a2989798939b959aa29799aa91a2988a98868e96a0ab9c9caa92a6a09f9b93a4
Requested by
Host: linkslot.ru
URL: http://linkslot.ru/bancode.php?id=285406
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:48 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJXFZbEK7UFaT5QmbwQ5b1U%2BmRsRWDWJ%2Fsf7iA2LrYGYWVfCZTPe5AiJQez%2BAUHyDfEbJyFzbkcjNHXTKmoRMLKKrGL%2F1CEwOoxlibdKZcxVpk4GR%2BQs1u2H8LHYZsi%2FzoAorUMDzjyLGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
access-control-allow-origin
*
cf-ray
80a2841dfc30008e-CDG
alt-svc
h3=":443"; ma=86400
65043d6454153.png
adslinks.ru/uploads/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adslinks.ru/uploads/65043d6454153.png
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:96c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fc6b8464f6776850586adb0e6e15da1bd6cfe7193a3d21d70681a1c65024061

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
520327
alt-svc
h3=":443"; ma=86400
content-length
23891
last-modified
Fri, 15 Sep 2023 11:17:56 GMT
server
cloudflare
etag
"65043d64-5d53"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cj%2FM525XqPFzgWY6IYwYgCUXFCVbrAEA%2FxqXeAZHPE85EY5cYXy6S8uq4aJ3bNamymqvLENqhaeyaqsyzOprZyeBRODahuntdbi5KlEranQAkFYg9qqtc0ZHG6x6UNxSPKR8%2FgAxbje%2FmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
80a2841dfc72d2e1-CDG
expires
Fri, 29 Sep 2023 12:32:41 GMT
buyb.png
adslinks.ru/img/
Redirect Chain
  • http://adslinks.ru/img/buyb.png
  • https://adslinks.ru/img/buyb.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adslinks.ru/img/buyb.png
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H3
Server
2606:4700:3037::ac43:96c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cce722f381a31d616be4036852e2990121132057010f09cf2ef253ba68d2875f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
510024
alt-svc
h3=":443"; ma=86400
content-length
2013
last-modified
Sat, 25 Feb 2023 22:31:38 GMT
server
cloudflare
etag
"63fa8c4a-7dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XiKnqK8O%2Fqk0E1OvPmjExVRnGeYcxgmO%2BBKxISHSx05SVV8zFsMPaf0RQueZ2XjL4p%2FO%2BnWWE1dcfHqrLjMw5ofyXcDPiIul0WvyePwFCRwIOJhoqij48VDSePPHAY4XiPDMPqlh3KBnQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
80a2841e6cc3d2e1-CDG
expires
Fri, 29 Sep 2023 15:24:24 GMT

Redirect headers

Date
Thu, 21 Sep 2023 13:04:48 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDgbu8%2F8RaAecvZiE3HL8E3%2BfkElA4K%2B4gwcTf2GaC0Y8HYt%2Bi2P5mz8Z1DZgsrQ8%2FB99zPVkXV%2BmdfM9%2BGxv3qelPa%2BH1W0l2q4lnpae8KFAkOsv%2B8rxFEjFLBfLGxYmkdu2WJXg5SUNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://adslinks.ru/img/buyb.png
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
80a2841e18c901c9-CDG
alt-svc
h3=":443"; ma=86400
Expires
Thu, 21 Sep 2023 14:04:48 GMT
fonts2.css
ads.people-group.net/bann/ Frame AE8E 		121 KB
92 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ads.people-group.net/bann/fonts2.css
Requested by
Host: ads.people-group.net
URL: http://ads.people-group.net/?hwn=MTUxMjgnOCcyJw&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695301487.7e36350645&xm=1&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F21%2F2023%2013%3A04%3A47%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.07111502638439204
Protocol
HTTP/1.1
Server
95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www.people-group.su
Software
nginx /
Resource Hash
6c98f1112b2719030cce8ff7c37d67f0851b3536dd98435fce9a4fb946570be7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ads.people-group.net/?hwn=MTUxMjgnOCcyJw&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695301487.7e36350645&xm=1&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F21%2F2023%2013%3A04%3A47%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.07111502638439204
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Thu, 21 Sep 2023 13:04:48 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Aug 2014 18:44:43 GMT
Server
nginx
ETag
W/"53e51a9b-1e2d2"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=3600
Connection
keep-alive
Expires
Thu, 21 Sep 2023 14:04:48 GMT
jquery.min.js
ads.people-group.net/bann/ Frame AE8E 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.people-group.net/bann/jquery.min.js
Requested by
Host: ads.people-group.net
URL: http://ads.people-group.net/?hwn=MTUxMjgnOCcyJw&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695301487.7e36350645&xm=1&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F21%2F2023%2013%3A04%3A47%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.07111502638439204
Protocol
HTTP/1.1
Server
95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www.people-group.su
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ads.people-group.net/?hwn=MTUxMjgnOCcyJw&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695301487.7e36350645&xm=1&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F21%2F2023%2013%3A04%3A47%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.07111502638439204
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Thu, 21 Sep 2023 13:04:48 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Oct 2014 12:03:32 GMT
Server
nginx
ETag
W/"54352814-1762a"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=3600
Connection
keep-alive
Expires
Thu, 21 Sep 2023 14:04:48 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 055D 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldl9e4UAAAAAH5-TUXOoWglCWz-SNilN4PPWwTs&co=aHR0cDovL3BheWVlcm1lZ2Fib251cy5ydTo4MA..&hl=fr&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=yeycbr3vxhsg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 13:12:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85960
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 04:01:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Sep 2024 13:12:08 GMT
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 055D 		457 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldl9e4UAAAAAH5-TUXOoWglCWz-SNilN4PPWwTs&co=aHR0cDovL3BheWVlcm1lZ2Fib251cy5ydTo4MA..&hl=fr&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=yeycbr3vxhsg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
914f2794e0de11620e79209bdc54d5dd5cfc36b0c9e4674ed357c0e932401b29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Mon, 18 Sep 2023 16:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
246827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187717
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 04:01:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Sep 2024 16:31:01 GMT
truncated
/ Frame 055D 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/png
truncated
/ Frame 055D 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 055D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 16 Sep 2023 06:02:48 GMT
x-content-type-options
nosniff
age
457320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 23 Sep 2023 06:02:48 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 055D 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=fr&v=Ai7lOI0zKMDPHxlv62g7oMoJ
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldl9e4UAAAAAH5-TUXOoWglCWz-SNilN4PPWwTs&co=aHR0cDovL3BheWVlcm1lZ2Fib251cy5ydTo4MA..&hl=fr&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=yeycbr3vxhsg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3e0fa288ef2a8ab0b24785e8c5eba6b0e3ada84c7c8acedc8bf6d1b0da9229de
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldl9e4UAAAAAH5-TUXOoWglCWz-SNilN4PPWwTs&co=aHR0cDovL3BheWVlcm1lZ2Fib251cy5ydTo4MA..&hl=fr&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=normal&cb=yeycbr3vxhsg
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 21 Sep 2023 13:04:48 GMT
bframe
www.google.com/recaptcha/api2/ Frame 8C0F 		9 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=fr&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6Ldl9e4UAAAAAH5-TUXOoWglCWz-SNilN4PPWwTs
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__fr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4d39b0f8c83a93869f6b250a9ac2580d6f2cbd1b878466026a4a15a0cd5e7ce6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ELJVgXlHkeTm1ys792cA7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://payeermegabonus.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ELJVgXlHkeTm1ys792cA7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 13:04:49 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 8C0F 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=fr&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6Ldl9e4UAAAAAH5-TUXOoWglCWz-SNilN4PPWwTs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 13:12:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 04:01:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Sep 2024 13:12:08 GMT
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 8C0F 		457 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=fr&v=Ai7lOI0zKMDPHxlv62g7oMoJ&k=6Ldl9e4UAAAAAH5-TUXOoWglCWz-SNilN4PPWwTs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
914f2794e0de11620e79209bdc54d5dd5cfc36b0c9e4674ed357c0e932401b29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Mon, 18 Sep 2023 16:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
246828
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187717
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 04:01:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Sep 2024 16:31:01 GMT
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		2 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d2=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9bb296a6989d8b938e958da28a9ab09aa79b979997a39d9da2a0
Requested by
Host: linkslot.ru
URL: http://linkslot.ru/bancode.php?id=285406
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 21 Sep 2023 13:04:53 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSfvdFrgFGyP9KHkF6q2GFWyFuBLkAreYsnm%2BwgM1Fthk0d%2BTJtrhMTX7EAuKdC0rFXtrvZ0iQ9aYRhcpHlFlhf%2FYYnT0bGm1CBlKY6Uc6E%2BB2MOestfxO021MHD4r9WCOoTxw%2FoAY84aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
access-control-allow-origin
*
cf-ray
80a2843d3c0c0222-CDG
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9bb296a698a08b938e958da28a9ab09aa79b979997a39d9da2a0
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9bb296a6989e8b938e958da28a9ab09aa79b979997a39d9da2a0
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9caa92aa9b978b938e958da28a9ab09aa79b979997a39d9da2a0
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9bb296a699998b938e958da28a9ab09aa79b979997a39d9da2a0
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9bb296a699988b938e958da28a9ab09aa79b979997a39d9da2a0
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9caa92aa9aa08b938e958da28a9ab09aa79b979997a39d9da2a0
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9bb296a6989b8b938e958da28a9ab09aa79b979997a39d9da2a0

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 function| DvBOLZaRzieLa function| DvBOLZaRzieLb function| DvBOLZaRzieL function| TZgfStAYHgECDLa function| TZgfStAYHgECDLb function| TZgfStAYHgECDL function| getCookie number| inIframe number| lbID_250 object| loader_250 function| loaderMbBan_250show number| c_start object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| ls number| qwe_timer boolean| qwe_isFramed function| lsReq object| lsHttp object| swfobject function| code function| peoplegroup_altss function| URI function| peoplegroup_hstn string| peoplegroup_host string| peoplegroup_width string| peoplegroup_height string| peoplegroup_hwn string| peoplegroup_kws object| peoplegroup_metas string| peoplegroup_xm string| peoplegroup_hrf string| peoplegroup_stg string| peoplegroup_url string| btwads number| btws undefined| timid undefined| e undefined| el1 undefined| el2 undefined| s function| pgstrbt function| btwrld function| btwsg string| peoplegroup_frame function| loadXMLDoc_1307 object| ls_b1307 object| ls_code object| l_price string| bt1 string| bt2 string| bt3 function| listBlink function| Blinky function| lsOrder function| lsStHex function| LiNKsloT string| welcome string| lsGT number| lsSY number| lsPZ number| lsMX number| lsMY string| lsPR function| lsRT object| lsHT object| lsDS object| lsDv string| lsLN string| lsID string| lsPD string| x string| lsRX number| lsT0 boolean| lsIFram string| hash string| lsNA number| fl function| lsSF function| lsMF number| peoplegroup_gwidth number| peoplegroup_gheight number| peoplegroup_gself string| peoplegroup_cl string| peoplegroup_wwh string| peoplegroup_whh string| peoplegroup_ref number| peoplegroup_prnok object| pgsxel1 object| pgsxel2 undefined| pgsxel3 undefined| idview undefined| el undefined| img undefined| newdiv object| div boolean| traf object| divpr object| recaptcha object| closure_lm_537340 string| adsMBtxt function| oYhkIZDGYDLza function| oYhkIZDGYDLzb function| oYhkIZDGYDLz function| mDtddgPjsHeYuxa function| mDtddgPjsHeYuxb function| mDtddgPjsHeYux function| createCookie number| fadeTO_250 object| bl_1695301487827 object| bl_1695301487827_dom string| bl_1695301487827_cont string| bl_1695301487827_keey

8 Cookies

Domain/Path Name / Value
payeermegabonus.ru/ Name: PHPSESSID
Value: a88kgpmaej94karmqpr35njj60
adrek.ru/ Name: SID
Value: k4jk1bgrdphp8maf66ud0i6ju0
adrek.ru/ Name: dt
Value: 21.09.23
adrek.ru/ Name: adr
Value: %7C3322%7C
payeermegabonus.ru/ Name: adslinks_vmb_
Value: 0|12786
payeermegabonus.ru/ Name: nova
Value: 26vpb72j5rtw00000000000000000000
.yadro.ru/ Name: FTID
Value: 1b33zm3wpCue1b33zm001CmV
.yadro.ru/ Name: VID
Value: 2VjiHb3V0aue1b33zm001CnA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
adrek.ru
ads.people-group.net
adslinks.ru
counter.yadro.ru
fonts.googleapis.com
linkslot.pro
linkslot.ru
multibux.org
payeer.com
payeermegabonus.ru
static.a-ads.com
www.bestchange.ru
www.google.com
www.gstatic.com
linkslot.ru
148.251.194.214
149.202.17.208
2606:4700:3037::6815:1fcc
2606:4700:3037::ac43:96c5
2a00:1450:4001:810::2004
2a00:1450:4001:813::200a
2a00:1450:4001:82b::2003
2a06:98c1:3120::3
2a06:98c1:3121::3
5.181.109.142
5.196.248.6
54.37.161.241
88.212.201.198
95.217.100.37
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0e2995f3777c6ca5f4a36535525df1c61776fd85aa5cf742ee7f21b397bcd31a
0f6526b97c6d995c135109e8b2a12d07c471ada7aa2b176bd96514e08fda4025
154cb2f59167d9a3df27c48931219ea258789a6474e211eefdd92a7a2d646d7f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bb25991538ca880c81d25f85b9c9ac7430f2a3815afe6b2486047480316a82b
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27f277d83db2939c5a8e12a4aef577f2231e9cd1b8b16fb8400a944cb7e127f5
29953f11106bf6790e746d19a7fe93a34d3d8c98ea94909d2cb8e7401a1b42b8
2fc6b8464f6776850586adb0e6e15da1bd6cfe7193a3d21d70681a1c65024061
324b9d944e39c915922db7058a276bd708e68ea5d86762741f14864af2324607
32653f581aa0ee49dfe17a62382f26f1f69613f24cf3b3f649c10703f5174f6b
3930a676cb9be3b6cd55a354d0ea2cbe65f2ab1337db329ed5cd2e56401084a2
3d285ed1fe07a83d5e1bf07ea6286563c6f1a34d9fca06fffbebeb5aab9d029a
3df9b929b8234c82ce754721c262c9d1ef7b29fa983f28e1d089bc6c9afc30f2
3e0fa288ef2a8ab0b24785e8c5eba6b0e3ada84c7c8acedc8bf6d1b0da9229de
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4b9ef84fceaf33559b2cbc1ac4192f241b14cc8defbbc4e4425eb992ad9246d2
4d39b0f8c83a93869f6b250a9ac2580d6f2cbd1b878466026a4a15a0cd5e7ce6
503f22aa60b2d9fe5793278e9cedb7ddcbb778684a28c96f7c85a7ee0917580f
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5636e9ec69e944760ea22463eacf7a3faaa27a47d0a3d0e0b8d561c8304e929b
5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29
67472cd71bbdd59ce74fef136f327cf677f1d669fc23e0662310f767b9b60ddd
6c98f1112b2719030cce8ff7c37d67f0851b3536dd98435fce9a4fb946570be7
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
86887572880e058980a785dc35d8dc3c4cc8e1269f84e021f1cfcda5f7113ca8
875a9ab37a852c3a0b3f2d27871f6f947d9b2bfe3565724baff89fcefe72d2ea
87f8d7901dc7a41d63742fab2ee281f4b6b662bf3b0667eddb9bf714b6584c41
88a3529df5e5ba9290cab4f1d14503378c751acdd5c3139787478816322279a6
8a21950145f415951cc2f038be147071dfd4388fdfb519b997aa728c095bb174
8ecb8d2fde8a453cd885986b0819a73783023b0e74fc25365221a71ba2d182a5
914f2794e0de11620e79209bdc54d5dd5cfc36b0c9e4674ed357c0e932401b29
92fe1b01718f9095e52a2e1cc0a8e04b12d5d130d759980f07712482d9c82974
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a190deb2753995e16ff1c55635ff7ecb9bab672176fa54d70a38aa12b7d2bab6
a22aceaeeab22cd2f4fcedd52a3922045c0a0ce2f1e3cf7a3b06ca53ad1cc695
ac1d7cce0fb0fdfbb504fad570d9438a16dbf864eaf014214ae6ec97b68a066d
aed63b53696cb9d08b486623d81d44bd27f676646f783d96d89a1c4943bfab91
b188de429061ee789b2fddfee95adb0d22592db281a8ac4ed76330cb395c4b4f
b33c60ceb433757bb60dd2390122ac52495c6942e1430977c0b2594b362fe596
b42911b5048af162381904225b708a742f9a955bce496006ac7ac5bd0465dfc3
ba4d920a2ed21f9d8be489073ca76b3d8dcb7008a92b0c286054917cefa6a67c
bba87aa33870d85c111ec2fad2b392026bd83deeea80c9f5a6fd2886e031ea4f
c1db0a6b86e7df8d8e9939bbf7a5fa4ff67fc79286698146ad8215966468fefd
c750060a03efc96337340d2885dddd974815cae0cedea6719c9fa72c48e2a824
ca00fccfb408989eddc401062c4d1219a6aceb6b9b55412357f1790862e8f178
ca1309ae614f3cc176335ddb4955620be23cf1266d7d1f7f7f5afa4f95da4afd
cce722f381a31d616be4036852e2990121132057010f09cf2ef253ba68d2875f
ce424fe41e95d17d81477df7aa868f2b292817883f38eaa90c616e7930bd4ac9
d06951de83978ca86f8be7bad5f9f3ae99b1cd626d82a7485603f0f48b05e704
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
da221bad2fcfba7ce853791581307fa0fed5da32c32b2eb82616fef658b72b7f
db27cd20b1c3dc3380e5aedaa72dbd5b26e2c8f4e3c9c3fc53efc7e694d65362
dd07b42b17f5b086f90f27e8b306ec1e9ed40d2d294592b563003f2ea99461a0
e9101e7dcc47e45a2f63cae20b2ccf50b8fb18be25788db6694d1d5af748cd55
ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857
ee13955c0886a18bb51a3709d0cf6af7f5907c4d327b89b36a6667364ff1fade
f8773bd78241ac3311b7d73f8dafe0a650bb6c50571521846d288150152d797d
f8eaf925e57ff855b9c9b5c76f5ffe3903ce7e0321bab5f82fac8f1d133c0c13
fc58ffad76c33a3453597d8aa41554781eae9bf4c20b7e400b168ea0499a20c0
fe6b192507bbb2f9302d6e7760d921b2418cd12bca97e99303d251ea043ec797