urlscan.io logo urlscan.io
SecurityTrails logo

payeermegabonus.ru
5.196.248.6 

Go To Rescan Add Verdict Report
URL: http://payeermegabonus.ru/
Submission: On September 20 via api from GB — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 5 countries across 14 domains to perform 83 HTTP transactions. The main IP is 5.196.248.6, located in Montaigu-de-Quercy, France and belongs to OVH, FR. The main domain is payeermegabonus.ru.
This is the only time payeermegabonus.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 5.196.248.6 16276 (OVH)
3 5 2a06:98c1:312... 13335 (CLOUDFLAR...)
24 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
8 5.181.109.142 198610 (BEGET-AS)
1 54.37.161.241 16276 (OVH)
4 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
10 95.217.100.37 24940 (HETZNER-AS)
1 149.202.17.208 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
6 136.243.22.74 24940 (HETZNER-AS)
1 2 88.212.201.204 39134 (UNITEDNET)
6 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
83 15
4    5.196.248.6 (Montaigu-de-Quercy, France)

ASN16276 (OVH, FR)
PTR: cpsfix.iphoster.net
payeermegabonus.ru
5    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
linkslot.ru
multibux.org
24    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
linkslot.ru
multibux.org
6    2606:4700:3037::ac43:96c5 (United States)

ASN13335 (CLOUDFLARENET, US)
adslinks.ru
8    5.181.109.142 (St Petersburg, Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: adrek.ru
adrek.ru
1    54.37.161.241 (France)

ASN16276 (OVH, FR)
PTR: bestchange.com
www.bestchange.ru
4    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2606:4700:3037::6815:1fcc (United States)

ASN13335 (CLOUDFLARENET, US)
linkslot.pro
10    95.217.100.37 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: www.people-group.su
ads.people-group.net
1    149.202.17.208 (France)

ASN16276 (OVH, FR)
PTR: node-9.1-208.17.202.149.vistnet.net
payeer.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    136.243.22.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.22.243.136.clients.your-server.de
ad.a-ads.com
static.a-ads.com
2    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru
counter.yadro.ru
6    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700:3037::6815:bf2 (United States)

ASN13335 (CLOUDFLARENET, US)
adslinks.ru
Apex Domain
Subdomains		 Transfer
26 linkslot.ru
linkslot.ru — Cisco Umbrella Rank: 403785
372 KB
10 people-group.net
ads.people-group.net
539 KB
8 adrek.ru
adrek.ru
31 KB
7 adslinks.ru
adslinks.ru
177 KB
6 gstatic.com
www.gstatic.com
600 KB
6 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 23932
static.a-ads.com — Cisco Umbrella Rank: 32505
774 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 11
33 KB
4 payeermegabonus.ru
payeermegabonus.ru
58 KB
3 multibux.org
multibux.org — Cisco Umbrella Rank: 685621
19 KB
3 linkslot.pro
linkslot.pro — Cisco Umbrella Rank: 824403
210 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 7583
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
1 KB
1 payeer.com
payeer.com — Cisco Umbrella Rank: 339512
59 KB
1 bestchange.ru
www.bestchange.ru — Cisco Umbrella Rank: 616343
20 KB
83 14
Domain Requested by
26 linkslot.ru 3 redirects payeermegabonus.ru
linkslot.ru
10 ads.people-group.net payeermegabonus.ru
ads.people-group.net
8 adrek.ru payeermegabonus.ru
adrek.ru
7 adslinks.ru 1 redirects payeermegabonus.ru
6 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com payeermegabonus.ru
www.gstatic.com
www.google.com
4 payeermegabonus.ru payeermegabonus.ru
3 static.a-ads.com ad.a-ads.com
3 ad.a-ads.com payeermegabonus.ru
3 multibux.org payeermegabonus.ru
3 linkslot.pro payeermegabonus.ru
2 counter.yadro.ru 1 redirects payeermegabonus.ru
1 fonts.googleapis.com payeermegabonus.ru
1 payeer.com payeermegabonus.ru
1 www.bestchange.ru payeermegabonus.ru
83 15
Subject Issuer Validity Valid
adslinks.ru
GTS CA 1P5		 2023-09-18 -
2023-12-17		 3 months crt.sh
adrek.ru
R3		 2023-09-20 -
2023-12-19		 3 months crt.sh
*.linkslot.ru
E1		 2023-08-24 -
2023-11-22		 3 months crt.sh
bestchange.com
R3		 2023-08-21 -
2023-11-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.payeer.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-29 -
2024-07-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
multibux.org
GTS CA 1P5		 2023-08-18 -
2023-11-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-10 -
2024-02-10		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh

This page contains 8 frames:

Primary Page: http://payeermegabonus.ru/
Frame ID: 84BBD01ACA9AFA8CEB985BC10CEF44F5
Requests: 63 HTTP requests in this frame

Frame: http://ad.a-ads.com/1376012?size=200x200
Frame ID: 48F766AE06BC4D4B37635E21B0A3DC05
Requests: 3 HTTP requests in this frame

Frame: http://ad.a-ads.com/1519822?size=468x60
Frame ID: 1EE0F42F374300969A1D975398B98F2D
Requests: 3 HTTP requests in this frame

Frame: http://ads.people-group.net/?hwn=MTUxMjgnOCcxJw&xm=1&swf=0&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695193510.3a88c94434&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F20%2F2023%2007%3A05%3A10%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.9037656205640048
Frame ID: 724C7784029E9E0FD593834467A4134A
Requests: 4 HTTP requests in this frame

Frame: http://ad.a-ads.com/1376018?size=240x400
Frame ID: BE7A57734981C155B78598636441E918
Requests: 3 HTTP requests in this frame

Frame: http://ads.people-group.net/?hwn=MTUxMjgnOCcyJw&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695193510.3a88c94434&xm=1&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F20%2F2023%2007%3A05%3A11%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.6041527014345809
Frame ID: DCB41D283786C0AFAC42044E5D47B156
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldl9e4UAAAAAH5-TUXOoWglCWz-SNilN4PPWwTs&co=aHR0cDovL3BheWVlcm1lZ2Fib251cy5ydTo4MA..&hl=fr&v=uEf7E1417z6GNSkRx7AyL8K8&size=normal&cb=cip8pkvksj3c
Frame ID: D8795FE888DDBD196087B3E5DAE59AB7
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=fr&v=uEf7E1417z6GNSkRx7AyL8K8&k=6Ldl9e4UAAAAAH5-TUXOoWglCWz-SNilN4PPWwTs
Frame ID: 480883A816B89458C37E63F5025800B6
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • <!--LiveInternet counter-->
  • <!--/LiveInternet-->
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

83
Requests

58 %
HTTPS

53 %
IPv6

14
Domains

15
Subdomains

15
IPs

5
Countries

2892 kB
Transfer

4118 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://linkslot.ru/bancode.php?id=285404 HTTP 301
  • https://linkslot.ru/bancode.php?id=285404
Request Chain 3
  • http://linkslot.ru/bancode.php?id=285406 HTTP 301
  • https://linkslot.ru/bancode.php?id=285406
Request Chain 4
  • http://linkslot.ru/bancode.php?id=301829 HTTP 301
  • https://linkslot.ru/bancode.php?id=301829
Request Chain 26
  • https://counter.yadro.ru/hit?t14.6;r;s1600*1200*24;uhttp%3A//payeermegabonus.ru/;h%u041F%u043E%u043B%u0443%u0447%u0430%u0439%u0442%u0435%20%u0440%u0443%u0431%u043B%u0451%u0432%u044B%u0435%20%u0431%u043E%u043D%u0443%u0441%u044B%20%u043D%u0430%20%u0432%u0430%u0448%20%u043A%u043E%u0448%u0435%u043B%u0451%u043A%20%u043A%u0430%u0436%u0434%u044B%u0435%2060%20%u043C%u0438%u043D;0.285363478313877 HTTP 302
  • https://counter.yadro.ru/hit?q;t14.6;r;s1600*1200*24;uhttp%3A//payeermegabonus.ru/;h%u041F%u043E%u043B%u0443%u0447%u0430%u0439%u0442%u0435%20%u0440%u0443%u0431%u043B%u0451%u0432%u044B%u0435%20%u0431%u043E%u043D%u0443%u0441%u044B%20%u043D%u0430%20%u0432%u0430%u0448%20%u043A%u043E%u0448%u0435%u043B%u0451%u043A%20%u043A%u0430%u0436%u0434%u044B%u0435%2060%20%u043C%u0438%u043D;0.285363478313877
Request Chain 51
  • http://adslinks.ru/img/buyb.png HTTP 301
  • https://adslinks.ru/img/buyb.png

83 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
payeermegabonus.ru/ 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://payeermegabonus.ru/
Protocol
HTTP/1.1
Server
5.196.248.6 Montaigu-de-Quercy, France, ASN16276 (OVH, FR),
Reverse DNS
cpsfix.iphoster.net
Software
nginx / PHP/5.4.45
Resource Hash
5636e9ec69e944760ea22463eacf7a3faaa27a47d0a3d0e0b8d561c8304e929b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 20 Sep 2023 07:05:10 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Nginx-Upstream-Cache-Status
MISS
X-Powered-By
PHP/5.4.45
X-Server-Powered-By
Engintron
X-XSS-Protection
1; mode=block
css.css
payeermegabonus.ru/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://payeermegabonus.ru/css.css
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Server
5.196.248.6 Montaigu-de-Quercy, France, ASN16276 (OVH, FR),
Reverse DNS
cpsfix.iphoster.net
Software
nginx /
Resource Hash
fe6b192507bbb2f9302d6e7760d921b2418cd12bca97e99303d251ea043ec797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Expires
Fri, 20 Oct 2023 07:05:10 GMT
Date
Wed, 20 Sep 2023 07:05:10 GMT
X-Server-Powered-By
Engintron
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Jul 2022 10:31:28 GMT
Server
nginx
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Nginx-Upstream-Cache-Status
STALE
bancode.php
linkslot.ru/
Redirect Chain
  • http://linkslot.ru/bancode.php?id=285404
  • https://linkslot.ru/bancode.php?id=285404
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=285404
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce424fe41e95d17d81477df7aa868f2b292817883f38eaa90c616e7930bd4ac9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:10 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1V8T%2BmPu9A4Fd96gb%2BQsuHtyBuIBydrMo2QVHuTuznsSD93uiCfBPh1bqRWeT8NfCHm1Z9Y0ClstGLAyrGII4u8zPaYg811O1%2Bcmaqv2rXMB8ysbHGzFEn0eHY8776rbEoF6WqDYmUFzfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
cf-ray
809837f29c0b9993-CDG
alt-svc
h3=":443"; ma=86400

Redirect headers

Date
Wed, 20 Sep 2023 07:05:10 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1y1jg0IaLMdvgQRMXYeRbpdVAuVa9gt9q70WTq%2FribqoRZmRf8aiQHmZOe50PufDuHDeM7vKZMc1OljgzxcMtqI1ZX%2FSjWZVPvhA8kTjtchul9n5nR6naWDfky4SjmBfz90VpDcw8IAwg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Location
https://linkslot.ru:443/bancode.php?id=285404
Connection
keep-alive
CF-RAY
809837f09c14f178-CDG
alt-svc
h3=":443"; ma=86400
mbcode.php
adslinks.ru/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adslinks.ru/mbcode.php?load=250
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:96c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.3
Resource Hash
4ea1d8ecf2ae95ffc0d064e926f7fc542b6048d67ccdafcf2113bda67c013325

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.3
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKtgUBCdpWPieCGeCju1si6twdQb145BezZMbMg5KKHA%2BrqNVTL9PZg2JOykdEE9krvvIeqoFZqQqXl7vnOxPJfYXX7qx1iZzbHH87VJtZlv0yiLEeLw6STuOBKFUd%2Fx8AuwE9gDIrx1vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
809837f0eefed255-CDG
alt-svc
h3=":443"; ma=86400
bancode.php
linkslot.ru/
Redirect Chain
  • http://linkslot.ru/bancode.php?id=285406
  • https://linkslot.ru/bancode.php?id=285406
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=285406
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H3
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ecb8d2fde8a453cd885986b0819a73783023b0e74fc25365221a71ba2d182a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:11 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMcbuYNbwzIw5CaUlsV%2FmoN3OFZrcsWaFV2DbIlRNdorBQUl1Dq7DMetXtwpy7CDDxmNRKM4FojYMiJacNWgm8z71Ae5EZd6Ces%2FxnEH5QrwSQWJtXwbF6v3YQYViHihi%2FYPDAAL7wbsRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
cf-ray
809837f2ed15d5e9-CDG
alt-svc
h3=":443"; ma=86400

Redirect headers

Date
Wed, 20 Sep 2023 07:05:10 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MaepclhcGWj6Wvu9dR4PQR%2F0o94ang47UuXWB9Vri3Fu4sPCdRqa0iFZ%2Fq4v6NnELeO2hptBPwMZ4lq1K9WDJ1skCwBxneXC7iPFTTiDLEDJvmbnePuXnCcOxmk09q780RAeLHUpeDcBlg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Location
https://linkslot.ru:443/bancode.php?id=285406
Connection
keep-alive
CF-RAY
809837f09ad9d686-CDG
alt-svc
h3=":443"; ma=86400
bancode.php
linkslot.ru/
Redirect Chain
  • http://linkslot.ru/bancode.php?id=301829
  • https://linkslot.ru/bancode.php?id=301829
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=301829
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H3
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b9ef84fceaf33559b2cbc1ac4192f241b14cc8defbbc4e4425eb992ad9246d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:11 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FL7eIksnXd97%2FaZcUJQQIfkKQ6Z9sWtrWDxLaQAtuUagzYJLZp9wU7P6z5O8Caf24bmu6VLY8OoibNJaZkx3ERIuk%2FvGfY%2FucPMc%2BMxRz57Sbx6ee1NtsOuOqdSTzvwZjl92KF3PJW%2B7EA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
cf-ray
809837f2dd0fd5e9-CDG
alt-svc
h3=":443"; ma=86400

Redirect headers

Date
Wed, 20 Sep 2023 07:05:10 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bJsmR4NyeahIGR2vToKD5fpGU5sdwTvlndjEn0aomfgf4V0Yz4LMGHhHzxoCqIzUBcNniBAUrPuM0CvyRK8I0VSFHLrco%2Fq1KPegLNlQazilwPoZcVc07SFn8IkP9BVpEc%2FhRJPxlyulg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Location
https://linkslot.ru:443/bancode.php?id=301829
Connection
keep-alive
CF-RAY
809837f09d27f0d7-CDG
alt-svc
h3=":443"; ma=86400
b.php
adrek.ru/ 		901 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adrek.ru/b.php?id=3224
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.181.109.142 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
adrek.ru
Software
nginx / PHP/7.4.1
Resource Hash
29953f11106bf6790e746d19a7fe93a34d3d8c98ea94909d2cb8e7401a1b42b8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 07:05:10 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/7.4.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 19 Nov 1981 08:52:00 GMT
l.php
adrek.ru/ 		811 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adrek.ru/l.php?id=3669
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.181.109.142 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
adrek.ru
Software
nginx / PHP/7.4.1
Resource Hash
87f8d7901dc7a41d63742fab2ee281f4b6b662bf3b0667eddb9bf714b6584c41

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 07:05:10 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/7.4.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 19 Nov 1981 08:52:00 GMT
bancode.php
linkslot.ru/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=285407
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a21950145f415951cc2f038be147071dfd4388fdfb519b997aa728c095bb174
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:11 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmomx0F9NSLG6SiliDNy6Uwej2btIpDKUlI5zlphr6XaI6lMjKAT3e6cUeSQ6fTxoRydwznAxk5e7dKBPm09d8dNUn41jx6sUQNrgGV0NrVBDrRBb0ji%2F1JcNhRZY7Th0%2FXEjcna0iJPeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
cf-ray
809837f0ead19993-CDG
alt-svc
h3=":443"; ma=86400
lincode.php
linkslot.ru/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/lincode.php?id=285409
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
875a9ab37a852c3a0b3f2d27871f6f947d9b2bfe3565724baff89fcefe72d2ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:11 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pIwKBSGW2OxBOyh%2FjYfr1S%2BNOji7FMzZor4XOgYJ91IvAzwgb3%2F1bPkyQ1Rk7tyO%2Fmrvr%2Bi0SF2twjuNEbyPUjJoAZ58VtOjqiACUjZAO1k07jl9KAYssooOj66YAu5NTNKVPEikg0tZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
cf-ray
809837f0ead49993-CDG
alt-svc
h3=":443"; ma=86400
200x80-8.jpg
www.bestchange.ru/images/banners/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bestchange.ru/images/banners/200x80-8.jpg
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.161.241 , France, ASN16276 (OVH, FR),
Reverse DNS
bestchange.com
Software
nginx /
Resource Hash
da221bad2fcfba7ce853791581307fa0fed5da32c32b2eb82616fef658b72b7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:10 GMT
strict-transport-security
max-age=31536000;
last-modified
Sat, 12 Nov 2022 19:18:54 GMT
server
nginx
etag
"636ff19e-4dd8"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
19928
expires
Fri, 20 Oct 2023 07:05:10 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
181a120d7d4ba8699238dbf9d61db01a5b1c3693e864dd31468b2a4cd1e9bcdc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
835
x-xss-protection
1; mode=block
expires
Wed, 20 Sep 2023 07:05:10 GMT
bancode.php
linkslot.pro/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://linkslot.pro/bancode.php?id=4075
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Server
2606:4700:3037::6815:1fcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1db0a6b86e7df8d8e9939bbf7a5fa4ff67fc79286698146ad8215966468fefd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 07:05:10 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDwi3CTKZkmR8dJkwNdJDJdqYDFh0jzQfaxeBPcYUtBNtjSr3vt1Kb6qUNjcfvhchjF7LPwr3eOQQPsqal7uFYURYYDe%2Bgv9YrRNZrsWjywOmsFRb5on%2FQKz2P8MIo5xJj7jWLp2dfNeieg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
CF-RAY
809837f16ce403f1-CDG
alt-svc
h3=":443"; ma=86400
Expires
Thu, 19 Nov 1981 08:52:00 GMT
bancode.php
linkslot.ru/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=285412
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3df9b929b8234c82ce754721c262c9d1ef7b29fa983f28e1d089bc6c9afc30f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:11 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rUx568roI8kHQF8o0HD7VJGSkCop7WFbY5rHieZQN4K%2FqrO3lLwOpnMhcLbiIxa2xx9AreParWpWYf7TDcDM6RDODgzc13eyODG1l40%2BUTYxbBd3X%2FQSffUUUuJhkDhnNihfPycWmyfkgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
cf-ray
809837f11af09993-CDG
alt-svc
h3=":443"; ma=86400
bancode.php
linkslot.ru/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=301830
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc58ffad76c33a3453597d8aa41554781eae9bf4c20b7e400b168ea0499a20c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:11 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ygzvlkye0EvKP5YtRKL4Jo6ML%2F0%2FC8%2FORzx4uuwS55CHMIr1WGo0%2BKIy8cX%2FXSU1RjE1bKG0W3o8xHFqqIhlM0ppruRuECrMbzWJjjM3TEudTYlDqxJZFVAxftd%2FoV6IsOcC1oe9NAaRNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
cf-ray
809837f11af19993-CDG
alt-svc
h3=":443"; ma=86400
bancode.php
multibux.org/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://multibux.org/bancode.php?id=12600
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a60371ecb53df04e300cc841e493fad746a29e8afbb7f3a91f6e608722d2f5a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 07:05:10 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=753I%2BRcehH0exGJqd7F1NrN%2BIO4EoS7A0C62xSaMb9zbs%2F0OzFRBkYnvQNDfQ%2FdDlXXqbpP8xvi%2B3I1nXqejKZ3Fa7MzgthUOjg%2FBhWorMvslXpuld5ro1ie9zA%2BsxjnnwTOxsseAatrFag%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
CF-RAY
809837f16fcdd652-CDG
alt-svc
h3=":443"; ma=86400
Expires
Thu, 19 Nov 1981 08:52:00 GMT
/
ads.people-group.net/15128/8/1/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.people-group.net/15128/8/1/
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Server
95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www.people-group.su
Software
nginx /
Resource Hash
57cb44617108914c4fb122d75cc0035ef23f616b578c8aadb4ed5b73f3c47fe3
Security Headers
Name Value
X-Xss-Protection 0;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 07:05:10 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Type
application/x-javascript;charset=UTF-8;
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
X-XSS-Protection
0;
bancode.php
adslinks.ru/ 		894 B
872 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adslinks.ru/bancode.php?id=1307
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:96c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.3
Resource Hash
32653f581aa0ee49dfe17a62382f26f1f69613f24cf3b3f649c10703f5174f6b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.3
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwrIs3PjzvA6ZK9EyGM4tQ92fc1gJHc6to2iYtLh0aFF0eMhA5sGqxBp0XY1cv4aMdrJdpgHzwWCk5CnDuXH9IyOgqU%2BDzmEpPu8ax1l8B3E5nM5KxZ%2Bhlyuzq1oSRnmjnAPBBNYhUke9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
809837f12f29d255-CDG
access-control-allow-headers
*
expires
Thu, 19 Nov 1981 08:52:00 GMT
bancode.php
linkslot.ru/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=285411
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f6526b97c6d995c135109e8b2a12d07c471ada7aa2b176bd96514e08fda4025
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:10 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bmvlko3AWVQQjUOiyYmuQScjhVfs4w1RMRhVUNP3%2FpieOquWnNSaPVizOyQdMAWyozt%2FeNtVM0L2lRxdap8XyIEGdRYRqAz83cZlQgJDdWrn9y5%2BXBPaeO8qbwpc6bekJIu2Djm%2FUabJsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
cf-ray
809837f12b009993-CDG
alt-svc
h3=":443"; ma=86400
b.php
adrek.ru/ 		904 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adrek.ru/b.php?id=14135
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.181.109.142 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
adrek.ru
Software
nginx / PHP/7.4.1
Resource Hash
c750060a03efc96337340d2885dddd974815cae0cedea6719c9fa72c48e2a824

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 07:05:10 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/7.4.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 19 Nov 1981 08:52:00 GMT
728x90-1.jpg
payeer.com/style/images/banner/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payeer.com/style/images/banner/728x90-1.jpg
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.202.17.208 , France, ASN16276 (OVH, FR),
Reverse DNS
node-9.1-208.17.202.149.vistnet.net
Software
iCore Proxy Module /
Resource Hash
0e2995f3777c6ca5f4a36535525df1c61776fd85aa5cf742ee7f21b397bcd31a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Wed, 20 Sep 2023 07:05:10 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Wed, 16 Oct 2019 07:32:45 GMT
Server
iCore Proxy Module
ETag
"5da6c79d-e98f"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
close
Content-Length
59791
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Roboto:400,100,300
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/css.css
Protocol
HTTP/1.1
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
db27cd20b1c3dc3380e5aedaa72dbd5b26e2c8f4e3c9c3fc53efc7e694d65362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Wed, 20 Sep 2023 07:05:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Wed, 20 Sep 2023 07:05:10 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Wed, 20 Sep 2023 07:05:10 GMT
bg-light.png
payeermegabonus.ru/img/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://payeermegabonus.ru/img/bg-light.png
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/css.css
Protocol
HTTP/1.1
Server
5.196.248.6 Montaigu-de-Quercy, France, ASN16276 (OVH, FR),
Reverse DNS
cpsfix.iphoster.net
Software
nginx /
Resource Hash
b42911b5048af162381904225b708a742f9a955bce496006ac7ac5bd0465dfc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/css.css
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Expires
Sun, 19 Nov 2023 07:05:10 GMT
Date
Wed, 20 Sep 2023 07:05:10 GMT
X-Server-Powered-By
Engintron
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Jul 2022 10:33:09 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48489
X-XSS-Protection
1; mode=block
X-Nginx-Upstream-Cache-Status
STALE
moneta.png
payeermegabonus.ru/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://payeermegabonus.ru/img/moneta.png
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/css.css
Protocol
HTTP/1.1
Server
5.196.248.6 Montaigu-de-Quercy, France, ASN16276 (OVH, FR),
Reverse DNS
cpsfix.iphoster.net
Software
nginx /
Resource Hash
e9101e7dcc47e45a2f63cae20b2ccf50b8fb18be25788db6694d1d5af748cd55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/css.css
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Expires
Sun, 19 Nov 2023 07:05:10 GMT
Date
Wed, 20 Sep 2023 07:05:10 GMT
X-Server-Powered-By
Engintron
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Jul 2022 10:33:10 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2566
X-XSS-Protection
1; mode=block
X-Nginx-Upstream-Cache-Status
STALE
mbcode.php
adslinks.ru/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adslinks.ru/mbcode.php?id=250&loader=JS&cs=0&i=0&l=0&h=89a0a125c99db319499beaa44d600084
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:96c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.3
Resource Hash
b43e7b7365a483cc446e5db5291e1cf8fbac26aadd1b25014c3affa7a4788448

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.3
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Cpvw0sZ1L4zDzL5U9WFI9dqwlGxwhGEtuXKakmC24kzSxNnTPuzyjoqdIZz2lNJ%2FQMUhAj3veciLB7SvI4rpoOJsNKT9JUkByGGUL%2Fl1%2FRwAKqxup2Sgrez%2BDZOfzleh3fFcAL1fT%2B0yA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
809837f2d86dd255-CDG
alt-svc
h3=":443"; ma=86400
1376012
ad.a-ads.com/ Frame 48F7 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ad.a-ads.com/1376012?size=200x200
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Server
136.243.22.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.22.243.136.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
a79f4c670a8141ff0be48dd4b415cd49090ce310b189b3c3b24b0f0d07c32cf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://payeermegabonus.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Wed, 20 Sep 2023 07:05:10 GMT
Server
nginx
Status
200 OK
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding
X-Content-Type-Options
nosniff
X-Original-Referer
http://payeermegabonus.ru/
X-Powered-By
Phusion Passenger(R)
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
X-XSS-Protection
1; mode=block
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/gif
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t14.6;r;s1600*1200*24;uhttp%3A//payeermegabonus.ru/;h%u041F%u043E%u043B%u0443%u0447%u0430%u0439%u0442%u0435%20%u0440%u0443%u0431%u043B%u0451%u0432%u044B%u0435%20%u0431%...
  • https://counter.yadro.ru/hit?q;t14.6;r;s1600*1200*24;uhttp%3A//payeermegabonus.ru/;h%u041F%u043E%u043B%u0443%u0447%u0430%u0439%u0442%u0435%20%u0440%u0443%u0431%u043B%u0451%u0432%u044B%u0435%20%u043...
208 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t14.6;r;s1600*1200*24;uhttp%3A//payeermegabonus.ru/;h%u041F%u043E%u043B%u0443%u0447%u0430%u0439%u0442%u0435%20%u0440%u0443%u0431%u043B%u0451%u0432%u044B%u0435%20%u0431%u043E%u043D%u0443%u0441%u044B%20%u043D%u0430%20%u0432%u0430%u0448%20%u043A%u043E%u0448%u0435%u043B%u0451%u043A%20%u043A%u0430%u0436%u0434%u044B%u0435%2060%20%u043C%u0438%u043D;0.285363478313877
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
188a3d9cb74263c49702ed8b3700c923c6534f8f0bcdfc46ba533bd4a32f8bdd
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 07:05:11 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
208
Expires
Mon, 19 Sep 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 07:05:11 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;t14.6;r;s1600*1200*24;uhttp%3A//payeermegabonus.ru/;h%u041F%u043E%u043B%u0443%u0447%u0430%u0439%u0442%u0435%20%u0440%u0443%u0431%u043B%u0451%u0432%u044B%u0435%20%u0431%u043E%u043D%u0443%u0441%u044B%20%u043D%u0430%20%u0432%u0430%u0448%20%u043A%u043E%u0448%u0435%u043B%u0451%u043A%20%u043A%u0430%u0436%u0434%u044B%u0435%2060%20%u043C%u0438%u043D;0.285363478313877
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Mon, 19 Sep 2022 21:00:00 GMT
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ 		456 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ce37ea84857112dcc89ee3ffbb8f40e997280dbdd8d19fab36e53ccc0ed4afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://payeermegabonus.ru/
Origin
http://payeermegabonus.ru
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Mon, 18 Sep 2023 22:40:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116656
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187392
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 18:47:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Sep 2024 22:40:54 GMT
1519822
ad.a-ads.com/ Frame 1EE0 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ad.a-ads.com/1519822?size=468x60
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Server
136.243.22.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.22.243.136.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
6a18fbd44bdb2ee3eac8b3122f2e59e6f7407fd402582eca8c655a5e04f9eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://payeermegabonus.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Wed, 20 Sep 2023 07:05:10 GMT
Server
nginx
Status
200 OK
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding
X-Content-Type-Options
nosniff
X-Original-Referer
http://payeermegabonus.ru/
X-Powered-By
Phusion Passenger(R)
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
X-XSS-Protection
1; mode=block
/
ads.people-group.net/ Frame 724C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ads.people-group.net/?hwn=MTUxMjgnOCcxJw&xm=1&swf=0&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695193510.3a88c94434&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F20%2F2023%2007%3A05%3A10%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.9037656205640048
Requested by
Host: ads.people-group.net
URL: http://ads.people-group.net/15128/8/1/
Protocol
HTTP/1.1
Server
95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www.people-group.su
Software
nginx /
Resource Hash
20e99b236326761f0a6a557832d1d4aa34ceb5e51be23d0dbbe070a68ec7abfe
Security Headers
Name Value
X-Xss-Protection 0;

Request headers

Referer
http://payeermegabonus.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8;
Date
Wed, 20 Sep 2023 07:05:10 GMT
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-XSS-Protection
0;
1376018
ad.a-ads.com/ Frame BE7A 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ad.a-ads.com/1376018?size=240x400
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Server
136.243.22.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.22.243.136.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
60b368b43c2c389596d9dc8461920a3e52733ab9d9b9363cf0ba3b4f9ea95b9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://payeermegabonus.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Wed, 20 Sep 2023 07:05:10 GMT
Server
nginx
Status
200 OK
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding
X-Content-Type-Options
nosniff
X-Original-Referer
http://payeermegabonus.ru/
X-Powered-By
Phusion Passenger(R)
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
X-XSS-Protection
1; mode=block
/
ads.people-group.net/15128/8/2/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.people-group.net/15128/8/2/
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Server
95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www.people-group.su
Software
nginx /
Resource Hash
a56ce3a2683fcdcfc67a031ee9a4237ca4f36d002e3bad8f3afc9e3d053c3a40
Security Headers
Name Value
X-Xss-Protection 0;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 07:05:10 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Type
application/x-javascript;charset=UTF-8;
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
X-XSS-Protection
0;
gate.php
multibux.org/ 		2 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://multibux.org/gate.php?d1=d3cbe4cfcbd3d9d8d294c8d3cfe8d794d3e8879795a09b9a89918fa4a163968792a5949684e0d3e0ccd6d7cb95969aa38b5bd2cdcfe8dca181d4d2cad5d9d4ce86929cae8ba6d391c2a5949bd69c84c7d3dad7cfddc6ceded4a7959994aa929997938cd1cbded8d69281d8dcd69886cbc6d6cfd58a93c7ced5d9d8cf95929da99963949999a7999492a49886d0d9cdd3d2c68ce6cc99c7d6caa2999998a1979c918d9ee4c9d2dedba096cb99c2a3949691a39496939a9b9a96919ca39b63969491a387968496959c9c9f9ca399969da3a4639e8792
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RyuJrPKGwQiWsXLlcPzy8k%2FP8s83j4fX1ciyFFiYTFmQF70WBQ7Iz%2BQEqSAQoTEjMfDgemWiRWsZeUmTjoV9r%2FHKPCtwdAzrQMA16xRHLLiB0TQFQpnKfXx1rDMehDxoVpVsgRa9%2B%2BNRUjU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
*
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
cf-ray
809837f3be2202a3-CDG
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
468x60.jpg
multibux.org/images/i/banners/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://multibux.org/images/i/banners/468x60.jpg
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cfc8a9a730200df9f466a193724559757e32326e88745af05dc37e7ae7ef7e8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Wed, 20 Sep 2023 07:05:10 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2162
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
11929
Last-Modified
Thu, 17 Mar 2022 08:41:16 GMT
Server
cloudflare
ETag
"6232f42c-2e99"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1mODE79pLW8r6BsKK3ALZcdMaPdmvCaUWbjFqZh5QTj2DqcMMUeIrsHNfMZmh9NhPPq1BFn58cQC4aBJ%2BqGaRWQTAScpPu4e9%2FW5Dgwrv48WPFvN57CmLM5U37hJlLuzrmDmg9mfAumwsxs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
809837f349aad652-CDG
Expires
Wed, 20 Sep 2023 07:29:08 GMT
468x60.png
adslinks.ru/promo/dummy/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adslinks.ru/promo/dummy/468x60.png
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:96c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1028193
alt-svc
h3=":443"; ma=86400
content-length
11802
last-modified
Sat, 25 Feb 2023 22:32:06 GMT
server
cloudflare
etag
"63fa8c66-2e1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VU%2Be7YLQqRq%2F2%2FgN0Ebbq4M2wf6bqIox1peKYkuRlhLX%2BeAmb4SZTFtGJHemJ%2BvUg3RrJ1m6R3%2BbXoNiEfaeFcS9wqk1qrfpqLAGhnXrCS5C1EqIn39CuoYIvLgW0MW5%2BR16Z8E5T7P1VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
809837f34a240492-CDG
expires
Fri, 22 Sep 2023 09:28:37 GMT
gate.php
linkslot.ru/ 		2 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9bb296a699988b94a1959a95989baa9195d5d6e2ccd7d1cba19c97aa819ad4d0d6d8e3a08ad3d5cdecd0dbcc879993a685dddf94caac91a7dd9088c4dbd5d6d7decedcccdbdc969d96a2939da88791e5c9e6d5d39483d7ced5d787d0dfc4ddd79088c6d3d7d9dfcc98ab92a896979698a3999fa0989aae81dfd7c9d1cfd085ddd3cdcaeccaa19d9a9f919e9b98959ba0b1cceac99998dddbd29aa29799aa91a2989798939b959aa29799aa91a2988a98868e96a0ab9c9ab394a79997a194a3
Requested by
Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=285411
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:11 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4T7Q1MPAGKSGXQbOXf%2Bm8YqHHW8ksLpbxJtfd2Px9g1PKDvdCG2xYO23%2BUKpid13TWFxXvDnmpalUQm8TXRvGKNkkUMQJ%2Bco70jOBTCMIRMbh7kUjC5NmQFCk6rOcLFbB%2BtNaR19E48EyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
access-control-allow-origin
*
cf-ray
809837f388aa3cbd-CDG
alt-svc
h3=":443"; ma=86400
240x400.jpg
linkslot.ru/promo/dummy/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/promo/dummy/240x400.jpg
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4d920a2ed21f9d8be489073ca76b3d8dcb7008a92b0c286054917cefa6a67c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:10 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7235462
alt-svc
h3=":443"; ma=86400
content-length
25660
last-modified
Mon, 05 Jun 2023 11:22:27 GMT
server
cloudflare
etag
"647dc573-643c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhHutQF8jUxYxPa5CBjKajsLZNZ7e%2Fgr27uRAW%2FSznsXYsX15aiAXkEOEO%2F%2FLzQP8MZ6Z7vkkRbvEDgG4utDc07VFm9nJk0z8iiMTAm8zZ2sy4iLgSYV%2FOOYIScZX%2FzQ6Xd2PaW3%2F%2BMqMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
809837f36d72d5e9-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
view_b.php
adrek.ru/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adrek.ru/view_b.php?ref=&id=3224&h=1200&t=173&fr=n
Requested by
Host: adrek.ru
URL: https://adrek.ru/b.php?id=3224
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.181.109.142 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
adrek.ru
Software
nginx / PHP/7.4.1
Resource Hash
4fc1004b8eb11460f253be1616e7735b915a8d4bd17943875b015fb35c1a3b67

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 07:05:10 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/7.4.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 19 Nov 1981 08:52:00 GMT
view_l.php
adrek.ru/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adrek.ru/view_l.php?ref=&id=3669&h=1200&t=212&fr=n
Requested by
Host: adrek.ru
URL: https://adrek.ru/l.php?id=3669
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.181.109.142 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
adrek.ru
Software
nginx / PHP/7.4.1
Resource Hash
88a3529df5e5ba9290cab4f1d14503378c751acdd5c3139787478816322279a6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 07:05:10 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/7.4.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 19 Nov 1981 08:52:00 GMT
view_b.php
adrek.ru/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adrek.ru/view_b.php?ref=&id=14135&h=1200&t=1212&fr=n
Requested by
Host: adrek.ru
URL: https://adrek.ru/b.php?id=14135
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.181.109.142 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
adrek.ru
Software
nginx / PHP/7.4.1
Resource Hash
114dd828976567f0d75d89661693bb2980963da2bccd8549a2a96b39f198487e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Pragma
no-cache
Date
Wed, 20 Sep 2023 07:05:10 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/7.4.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 19 Nov 1981 08:52:00 GMT
9345f66c1048d8ade3cc0ba5c679a67c.gif
linkslot.pro/uploads/ 		204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.pro/uploads/9345f66c1048d8ade3cc0ba5c679a67c.gif
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1fcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee13955c0886a18bb51a3709d0cf6af7f5907c4d327b89b36a6667364ff1fade
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:11 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1643
alt-svc
h3=":443"; ma=86400
content-length
209308
last-modified
Sun, 17 Sep 2023 08:25:30 GMT
server
cloudflare
etag
"6506b7fa-3319c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zd2RO20mHLDoP3nXh9AFeu%2BMYSFStWlCrxPubS8Gelt6KzhmlCzJG5%2Fvs77L5Ob7al0eR7Ta6K%2BXOSah%2FlChYSgBk0CiNQlRc%2FDK5UjjWXhPbT%2BnrWZgGr4A8alJArrsxrd6SPyebSIkZo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
809837f3e8c4d3a3-CDG
buyb.png
linkslot.pro/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.pro/img/buyb.png
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1fcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:11 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4532
alt-svc
h3=":443"; ma=86400
content-length
2585
last-modified
Thu, 06 Apr 2023 09:20:44 GMT
server
cloudflare
etag
"642e8eec-a19"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1CUTI2DUM8fFwNA3bNLTP4DB145BpH1RbmRzh7RIRa4Zkl%2FgswrytDtJvh%2BfHcCHWWl3weI0E793mVU1uwG4rXox9IB8TpbNEkahsxPvwr9orGuG9QnRc4n3c1GWlyXRlYGcHA5VEqHstts%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
809837f3e8c6d3a3-CDG
fonts2.css
ads.people-group.net/bann/ Frame 724C 		121 KB
92 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ads.people-group.net/bann/fonts2.css
Requested by
Host: ads.people-group.net
URL: http://ads.people-group.net/?hwn=MTUxMjgnOCcxJw&xm=1&swf=0&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695193510.3a88c94434&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F20%2F2023%2007%3A05%3A10%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.9037656205640048
Protocol
HTTP/1.1
Server
95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www.people-group.su
Software
nginx /
Resource Hash
6c98f1112b2719030cce8ff7c37d67f0851b3536dd98435fce9a4fb946570be7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ads.people-group.net/?hwn=MTUxMjgnOCcxJw&xm=1&swf=0&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695193510.3a88c94434&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F20%2F2023%2007%3A05%3A10%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.9037656205640048
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Wed, 20 Sep 2023 07:05:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Aug 2014 18:44:43 GMT
Server
nginx
ETag
W/"53e51a9b-1e2d2"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=3600
Connection
keep-alive
Expires
Wed, 20 Sep 2023 08:05:10 GMT
jquery.min.js
ads.people-group.net/bann/ Frame 724C 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.people-group.net/bann/jquery.min.js
Requested by
Host: ads.people-group.net
URL: http://ads.people-group.net/?hwn=MTUxMjgnOCcxJw&xm=1&swf=0&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695193510.3a88c94434&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F20%2F2023%2007%3A05%3A10%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.9037656205640048
Protocol
HTTP/1.1
Server
95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www.people-group.su
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ads.people-group.net/?hwn=MTUxMjgnOCcxJw&xm=1&swf=0&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695193510.3a88c94434&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F20%2F2023%2007%3A05%3A10%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.9037656205640048
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Wed, 20 Sep 2023 07:05:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Oct 2014 12:03:32 GMT
Server
nginx
ETag
W/"54352814-1762a"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=3600
Connection
keep-alive
Expires
Wed, 20 Sep 2023 08:05:11 GMT
200x200
static.a-ads.com/a-ads-banners/360436/ Frame 48F7 		195 KB
196 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.a-ads.com/a-ads-banners/360436/200x200?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: http://ad.a-ads.com/1376012?size=200x200
Protocol
HTTP/1.1
Server
136.243.22.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.22.243.136.clients.your-server.de
Software
nginx /
Resource Hash
bedec1daea0cb5541c512a6ff23b9dc2773ca55e606c1b7ab35f925781fc39e6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Wed, 20 Sep 2023 07:05:11 GMT
x-amz-version-id
O4D2yGVuWygWR.7DTEUnFlrou8Ww4oNn
Last-Modified
Tue, 08 Mar 2022 12:10:51 GMT
Server
nginx
x-amz-request-id
7N1Y88JB45P59QFK
ETag
"c1520ae5a945cd2c69f3a8bb1be4fc35"
Content-Type
image/gif
Cache-Control
max-age=315360000
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
199704
x-amz-id-2
g7Y2B+0W+b9+Bt+9oy1q5Ek7uHIU8nWxoHi5+zcvsuQNNODi3p/X9mujWdsBMzAmTfZ0kFBKqbU=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
468x60
static.a-ads.com/a-ads-banners/117614/ Frame 1EE0 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.a-ads.com/a-ads-banners/117614/468x60?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: http://ad.a-ads.com/1519822?size=468x60
Protocol
HTTP/1.1
Server
136.243.22.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.22.243.136.clients.your-server.de
Software
nginx /
Resource Hash
3d285ed1fe07a83d5e1bf07ea6286563c6f1a34d9fca06fffbebeb5aab9d029a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Wed, 20 Sep 2023 07:05:11 GMT
x-amz-version-id
RiqlbFUXWzMloNmKcFxQkdDqraCFWLWD
Last-Modified
Sun, 19 Apr 2020 16:07:32 GMT
Server
nginx
x-amz-request-id
GPRAMKT4NFG387QJ
ETag
"71fa04f4b751182f94820520d348d289"
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
169525
x-amz-id-2
YNCcBfLMw3aqDHbCDST3o+mUb1O0WsrcJKhflnIL6leT1nb+7ChuhHp2RYsxeDlxV/1VGVhU19A=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
240x400
static.a-ads.com/a-ads-banners/360439/ Frame BE7A 		397 KB
397 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.a-ads.com/a-ads-banners/360439/240x400?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: http://ad.a-ads.com/1376018?size=240x400
Protocol
HTTP/1.1
Server
136.243.22.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.22.243.136.clients.your-server.de
Software
nginx /
Resource Hash
503f22aa60b2d9fe5793278e9cedb7ddcbb778684a28c96f7c85a7ee0917580f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Wed, 20 Sep 2023 07:05:11 GMT
x-amz-version-id
LW753v_eE1uiek0XLelzJNQ0iDKvkjzj
Last-Modified
Tue, 08 Mar 2022 12:10:51 GMT
Server
nginx
x-amz-request-id
V7ETD8Y1YVZKE1XR
ETag
"d80ea1cd298d944c2cbc980ee58d5030"
Content-Type
image/gif
Cache-Control
max-age=315360000
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
406143
x-amz-id-2
Bo+9PS9ZnWANKJfljYpR9if5CSoAMFphcfwfXcynTHtJdOMLU6BrzvdhUP4qzhK+ENGaMSOeQnY=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame 48F7 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1EE0 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/svg+xml
truncated
/ Frame BE7A 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/svg+xml
650958da4785b.gif
adslinks.ru/uploads/ 		156 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adslinks.ru/uploads/650958da4785b.gif
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:96c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
023ed202244b21c0e166e76cf406862639d08478fa4ed18d9c49474b16fdc62e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81588
alt-svc
h3=":443"; ma=86400
content-length
159732
last-modified
Tue, 19 Sep 2023 08:16:26 GMT
server
cloudflare
etag
"650958da-26ff4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YleK%2F4ncDFQxPWfNVC43wfRH6XlziY3FnrCl8fxBLuMpEUBrTAw5JEyR%2FUAt8ZsTa5ki%2FLerEiCOTu4lMPMe9rVSIeOmtl55qz3WrbMfhwesOFPEla8ImpfsWpDy3aVY%2BYrcvmwjleAMzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
809837f3eac70492-CDG
expires
Tue, 03 Oct 2023 08:25:23 GMT
buyb.png
adslinks.ru/img/
Redirect Chain
  • http://adslinks.ru/img/buyb.png
  • https://adslinks.ru/img/buyb.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adslinks.ru/img/buyb.png
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H3
Server
2606:4700:3037::ac43:96c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cce722f381a31d616be4036852e2990121132057010f09cf2ef253ba68d2875f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1017072
alt-svc
h3=":443"; ma=86400
content-length
2013
last-modified
Sat, 25 Feb 2023 22:31:38 GMT
server
cloudflare
etag
"63fa8c4a-7dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AiB5EdRJD0qS6Ahorr0RBo3xKey2TxWdP9ZOyneNSWQ4mixXMemWuD30H%2FsTC12OV9bPe9rIOSHXRin51m6FQlNSBOyi6LVXriskhSzh7klGxnNVL7MiMShXUuvS4OEUJDYl0CiTqhWgyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
809837f4db8f0492-CDG
expires
Fri, 22 Sep 2023 12:33:59 GMT

Redirect headers

Date
Wed, 20 Sep 2023 07:05:11 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nciuw1sEnhumAwi2PFt3%2FiceQIh6opCVd%2FHvirr%2BOcigH2ZvzMKmsUkIr%2B1F3km3Hklm5Pdbxc3mK25V0smuj1mx7xvY%2Fryz8UD%2FOOG9PEPxPoCUpXltniqA0SYgUSDIgobi0lKllCCfVg%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://adslinks.ru/img/buyb.png
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
809837f47888d68e-CDG
alt-svc
h3=":443"; ma=86400
Expires
Wed, 20 Sep 2023 08:05:11 GMT
gate.php
linkslot.ru/ 		2 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9bb296a6989b8b94a1959a95989baa9195d5d6e2ccd7d1cba19c97aa819ad4d0d6d8e3a08ad3d5cdecd0dbcc879993a685dddf94caac91a7dd9088c4dbd5d6d7decedcccdbdc969d96a2939da88791e5c9e6d5d39483d7ced5d787d0dfc4ddd79088c6d3d7d9dfcc98ab92a896979698a3999fa0989aae81dfd7c9d1cfd085ddd3cdcaeccaa19d9a9f919e9b98959de0b3c4e3a0dbd7d39cd49aa29799aa91a2989798939b959aa29799aa91a28b978b869c9ba3a798a2ad96a39997999b
Requested by
Host: linkslot.ru
URL: http://linkslot.ru/bancode.php?id=285404
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:11 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5qce3b4WQCi2euG3KqnbrUQSA00wFljnbZKP3NxwJJSSkSxUzmU%2FR1H6%2B5YEN0s%2FGpFogCGrGENmY8S1639Rv0KRWO8ufOvVrnfG0Oabu7ErZQCPduq7zUM%2F2FMH8ppZhk0ETlo9izFX8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
access-control-allow-origin
*
cf-ray
809837f3f92d3cbd-CDG
alt-svc
h3=":443"; ma=86400
c1dffa4a359dfdf1d6c9fbf2c3e097e2.gif
linkslot.ru/uploads/ 		279 KB
280 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/uploads/c1dffa4a359dfdf1d6c9fbf2c3e097e2.gif
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd07b42b17f5b086f90f27e8b306ec1e9ed40d2d294592b563003f2ea99461a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:11 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56942
alt-svc
h3=":443"; ma=86400
content-length
285671
last-modified
Tue, 19 Sep 2023 15:13:45 GMT
server
cloudflare
etag
"6509baa9-45be7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2paw6phtDNrVB58XryNWVBbEe%2BOFPol1jVOu9BwVg%2BpDPGAN87l%2Fr3wPpcvWSiRaJMqK1v5Z5W5XhLSWgQWTMkyhxSGVHhzdzh9MoRDMm4zcKzDLZiOdx%2FqCQyTJbSGAc0odGTf%2F2DHog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
809837f3fde7d5e9-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
buyb.png
linkslot.ru/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/img/buyb.png
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:11 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7235525
alt-svc
h3=":443"; ma=86400
content-length
2585
last-modified
Mon, 05 Jun 2023 11:22:27 GMT
server
cloudflare
etag
"647dc573-a19"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1m2qQ4TVLNO24VQFZMRw67CiLA%2BJmf5Q%2FLjhewU%2F6CwIKQrt5nVrNBqzFGUQEFIjtqEs%2FwEg%2BG2E%2FY9jIhP1OQdz1TqLs5EMIc5lUZV55UTy4B9C9daJVw2GUQwtxFBHsKCfahdGSSEkjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
809837f3fde9d5e9-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
ads.people-group.net/ Frame DCB4 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ads.people-group.net/?hwn=MTUxMjgnOCcyJw&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695193510.3a88c94434&xm=1&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F20%2F2023%2007%3A05%3A11%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.6041527014345809
Requested by
Host: ads.people-group.net
URL: http://ads.people-group.net/15128/8/2/
Protocol
HTTP/1.1
Server
95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www.people-group.su
Software
nginx /
Resource Hash
76f3536cf95db770b237603c8c389ca00341513ff2e0e0f579196e5e75f77256
Security Headers
Name Value
X-Xss-Protection 0;

Request headers

Referer
http://payeermegabonus.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8;
Date
Wed, 20 Sep 2023 07:05:11 GMT
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-XSS-Protection
0;
close.png
ads.people-group.net/bann/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ads.people-group.net/bann/close.png
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Server
95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www.people-group.su
Software
nginx /
Resource Hash
324b9d944e39c915922db7058a276bd708e68ea5d86762741f14864af2324607

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Wed, 20 Sep 2023 07:05:11 GMT
Last-Modified
Wed, 20 Feb 2013 14:07:40 GMT
Server
nginx
ETag
"5124d8ac-3bb7"
Content-Type
image/png
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15287
Expires
Wed, 20 Sep 2023 08:05:11 GMT
200x300.gif
adrek.ru/images/promo/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adrek.ru/images/promo/200x300.gif
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.181.109.142 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
adrek.ru
Software
nginx /
Resource Hash
3930a676cb9be3b6cd55a354d0ea2cbe65f2ab1337db329ed5cd2e56401084a2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Wed, 20 Sep 2023 07:05:11 GMT
Last-Modified
Sat, 01 Aug 2020 12:01:45 GMT
Server
nginx
ETag
"5f2559a9-2bd1"
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
11217
Expires
Thu, 31 Dec 2037 23:55:55 GMT
240x400.gif
adrek.ru/images/promo/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adrek.ru/images/promo/240x400.gif
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.181.109.142 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
adrek.ru
Software
nginx /
Resource Hash
a190deb2753995e16ff1c55635ff7ecb9bab672176fa54d70a38aa12b7d2bab6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Wed, 20 Sep 2023 07:05:11 GMT
Last-Modified
Sat, 01 Aug 2020 12:01:46 GMT
Server
nginx
ETag
"5f2559aa-2f41"
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
12097
Expires
Thu, 31 Dec 2037 23:55:55 GMT
fonts2.css
ads.people-group.net/bann/ Frame DCB4 		121 KB
92 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ads.people-group.net/bann/fonts2.css
Requested by
Host: ads.people-group.net
URL: http://ads.people-group.net/?hwn=MTUxMjgnOCcyJw&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695193510.3a88c94434&xm=1&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F20%2F2023%2007%3A05%3A11%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.6041527014345809
Protocol
HTTP/1.1
Server
95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www.people-group.su
Software
nginx /
Resource Hash
6c98f1112b2719030cce8ff7c37d67f0851b3536dd98435fce9a4fb946570be7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ads.people-group.net/?hwn=MTUxMjgnOCcyJw&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695193510.3a88c94434&xm=1&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F20%2F2023%2007%3A05%3A11%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.6041527014345809
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Wed, 20 Sep 2023 07:05:11 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Aug 2014 18:44:43 GMT
Server
nginx
ETag
W/"53e51a9b-1e2d2"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=3600
Connection
keep-alive
Expires
Wed, 20 Sep 2023 08:05:11 GMT
jquery.min.js
ads.people-group.net/bann/ Frame DCB4 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.people-group.net/bann/jquery.min.js
Requested by
Host: ads.people-group.net
URL: http://ads.people-group.net/?hwn=MTUxMjgnOCcyJw&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695193510.3a88c94434&xm=1&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F20%2F2023%2007%3A05%3A11%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.6041527014345809
Protocol
HTTP/1.1
Server
95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www.people-group.su
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ads.people-group.net/?hwn=MTUxMjgnOCcyJw&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695193510.3a88c94434&xm=1&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F20%2F2023%2007%3A05%3A11%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.6041527014345809
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Wed, 20 Sep 2023 07:05:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Oct 2014 12:03:32 GMT
Server
nginx
ETag
W/"54352814-1762a"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=3600
Connection
keep-alive
Expires
Wed, 20 Sep 2023 08:05:11 GMT
anchor
www.google.com/recaptcha/api2/ Frame D879 		55 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldl9e4UAAAAAH5-TUXOoWglCWz-SNilN4PPWwTs&co=aHR0cDovL3BheWVlcm1lZ2Fib251cy5ydTo4MA..&hl=fr&v=uEf7E1417z6GNSkRx7AyL8K8&size=normal&cb=cip8pkvksj3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__fr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
471573e54519f80349212ce2a4d5b35d8121cee479e0b949115977e6ef51d663
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9rrm8t_JR5h2_xO5XlX1ZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://payeermegabonus.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
30827
content-security-policy
script-src 'report-sample' 'nonce-9rrm8t_JR5h2_xO5XlX1ZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:05:11 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
339294_1.gif
ads.people-group.net/bann/3/3/9/2/ Frame 724C 		254 KB
254 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ads.people-group.net/bann/3/3/9/2/339294_1.gif
Requested by
Host: ads.people-group.net
URL: http://ads.people-group.net/?hwn=MTUxMjgnOCcxJw&xm=1&swf=0&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695193510.3a88c94434&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F20%2F2023%2007%3A05%3A10%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.9037656205640048
Protocol
HTTP/1.1
Server
95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www.people-group.su
Software
nginx /
Resource Hash
9e9c167cc06d1fbfaa252d44ad29d76e019754b32ee18b939464b26f292f3d57

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://ads.people-group.net/?hwn=MTUxMjgnOCcxJw&xm=1&swf=0&hrf=http%3A%2F%2Fpayeermegabonus.ru%2F&stg=1695193510.3a88c94434&s=MTYwMCUzQTAlM0ExMjAw&h=09%2F20%2F2023%2007%3A05%3A10%27%5E%271%27%5E%27&k=%D0%9F%D0%BE%D0%BB%D1%83%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20%D1%80%D1%83%D0%B1%D0%BB%D1%91%D0%B2%D1%8B%D0%B5%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%BA%D0%BE%D1%88%D0%B5%D0%BB%D1%91%D0%BA%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B5%2060&0.9037656205640048
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Wed, 20 Sep 2023 07:05:11 GMT
Last-Modified
Wed, 20 Sep 2023 06:37:02 GMT
Server
nginx
ETag
"650a930e-3f6e6"
Content-Type
image/gif
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
259814
Expires
Wed, 20 Sep 2023 08:05:11 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ Frame D879 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldl9e4UAAAAAH5-TUXOoWglCWz-SNilN4PPWwTs&co=aHR0cDovL3BheWVlcm1lZ2Fib251cy5ydTo4MA..&hl=fr&v=uEf7E1417z6GNSkRx7AyL8K8&size=normal&cb=cip8pkvksj3c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 04:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 18:47:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Sep 2024 04:10:06 GMT
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ Frame D879 		456 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldl9e4UAAAAAH5-TUXOoWglCWz-SNilN4PPWwTs&co=aHR0cDovL3BheWVlcm1lZ2Fib251cy5ydTo4MA..&hl=fr&v=uEf7E1417z6GNSkRx7AyL8K8&size=normal&cb=cip8pkvksj3c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ce37ea84857112dcc89ee3ffbb8f40e997280dbdd8d19fab36e53ccc0ed4afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Mon, 18 Sep 2023 22:40:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116657
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187392
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 18:47:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Sep 2024 22:40:54 GMT
gate.php
linkslot.ru/ 		2 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9bb296a6989e8b94a1959a95989baa9195d5d6e2ccd7d1cba19c97aa819ad4d0d6d8e3a08ad3d5cdecd0dbcc879993a685dddf94caac91a7dd9088c4dbd5d6d7decedcccdbdc969d96a2939da88791e5c9e6d5d39483d7ced5d787d0dfc4ddd79088c6d3d7d9dfcc98ab92a896979698a3999fa0989aae81dfd7c9d1cfd085ddd3cdcaeccaa19d9a9f919e9b9895cfe3e996eae2d1d6c5ce959aa29799aa91a2989798939b959aa29799aa91a28b978b869c9ba3a798a2ad96a3999c9c94
Requested by
Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=285407
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:12 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKfx3i%2Bcy998o%2FFRJ1JOC9wqWfVC39CY4jlp5sbw6hgL3KoM1zgiJoZMsBwZzRSwiQGxRXEBwtkwE%2FlK6LzTbubSmabbkHlpelD5u3lYJ3%2FiNxPfDNBuBusXPH9TA%2BxJPfg6ZP3nDL3gGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
access-control-allow-origin
*
cf-ray
809837f73c5d3cbd-CDG
alt-svc
h3=":443"; ma=86400
200x300.jpg
linkslot.ru/promo/dummy/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/promo/dummy/200x300.jpg
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bb25991538ca880c81d25f85b9c9ac7430f2a3815afe6b2486047480316a82b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:11 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1777009
alt-svc
h3=":443"; ma=86400
content-length
17574
last-modified
Mon, 05 Jun 2023 11:22:27 GMT
server
cloudflare
etag
"647dc573-44a6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bqbr%2BM7hPqRa%2BYxntc%2Fd4lJDlS%2FVrluKSl8uJ0ZwypDWwNqu0Q18vr6jI1zD6MHe4OOaX7mRaikNCtyHdvJrkJiwm50uUnnCVtRo4LjmvcTYyiESQOiuBMZhW%2BzAtwsj3Z5csxFH0idGIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
809837f73857d5e9-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
gate.php
linkslot.ru/ 		2 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9bb296a698a08b94a1959a95989baa9195d5d6e2ccd7d1cba19c97aa819ad4d0d6d8e3a08ad3d5cdecd0dbcc879993a685dddf94caac91a7dd9088c4dbd5d6d7decedcccdbdc969d96a2939da88791e5c9e6d5d39483d7ced5d787d0dfc4ddd79088c6d3d7d9dfcc98ab92a896979698a3999fa0989aae81dfd7c9d1cfd085ddd3cdcaeccaa19d9a9f919e9b989599d9ad95e0cf9cd3c5df979aa29799aa91a2989798939b959aa29799aa91a2988a98868e96a0ab9c9ab394a799989d989e
Requested by
Host: linkslot.ru
URL: https://linkslot.ru/lincode.php?id=285409
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:12 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PU8RymOzwwpyjAk0dIf5GU9U0VexzWcpxbge9oXMiTPmFybBrjMzVjDxNblafpY4SIAvT%2BX27RhWmnh96tUyyfUHwleVZdwtmxpfzK3ALibfNtWEScqpBLB%2Fz3z3SGprIl%2FJomhdvu7qog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
access-control-allow-origin
*
cf-ray
809837f75c933cbd-CDG
alt-svc
h3=":443"; ma=86400
gate.php
linkslot.ru/ 		2 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9bb296a699998b94a1959a95989baa9195d5d6e2ccd7d1cba19c97aa819ad4d0d6d8e3a08ad3d5cdecd0dbcc879993a685dddf94caac91a7dd9088c4dbd5d6d7decedcccdbdc969d96a2939da88791e5c9e6d5d39483d7ced5d787d0dfc4ddd79088c6d3d7d9dfcc98ab92a896979698a3999fa0989aae81dfd7c9d1cfd085ddd3cdcaeccaa19d9a9f919e9b98959bcedcd0a69c98d2d3a2979aa29799aa91a2989798939b959aa29799aa91a2988a98868e96a0ab9c9ab394a799989d999c
Requested by
Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=285412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:12 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qknLzU6t0Trz02P94%2B3kJQCFEBMDO9NvvEoIlEyKM%2BKvXxdgrTOYi94KUM%2F9MJ0X4fRDaVGg8WnS0ow%2BjekEIuEyErqaqb2XkFWxPlVjRLbKjApMZm6oppI%2BhBUPwKhQaA298dbfrBeuKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
access-control-allow-origin
*
cf-ray
809837f75c953cbd-CDG
alt-svc
h3=":443"; ma=86400
468x60.jpg
linkslot.ru/promo/dummy/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/promo/dummy/468x60.jpg
Requested by
Host: payeermegabonus.ru
URL: http://payeermegabonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:11 GMT
strict-transport-security
max-age=31536000;
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7235495
alt-svc
h3=":443"; ma=86400
content-length
11802
last-modified
Mon, 05 Jun 2023 11:22:27 GMT
server
cloudflare
etag
"647dc573-2e1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T43l0jPLqH6vzPIYyeeQhBFIcr94FXaruMysubXAsxUYx1vc6Epj3h4OcqlnwYzqZlcr682TA0sMkQkqHc%2BN2xtnkR3jzP5J%2F4FTXneJ9nO%2BNU%2FiMfI5JCZqcFuqd0dAIfckiG%2BnTXTjrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
809837f75869d5e9-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
gate.php
linkslot.ru/ 		2 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9caa92aa9b978b94a1959a95989baa9195d5d6e2ccd7d1cba19c97aa819ad4d0d6d8e3a08ad3d5cdecd0dbcc879993a685dddf94caac91a7dd9088c4dbd5d6d7decedcccdbdc969d96a2939da88791e5c9e6d5d39483d7ced5d787d0dfc4ddd79088c6d3d7d9dfcc98ab92a896979698a3999fa0989aae81dfd7c9d1cfd085ddd3cdcaeccaa19d9a9f919e9b98959acfedd2e7d99edad0e3dc9aa29799aa91a2989798939b959aa29799aa91a2988a98868e96a0ab9c9ab394a799989e959f
Requested by
Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=301830
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:11 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vs76SOjV%2BzOaCjdlFi7K2ukJQ0BXqPTo6RMyU2I0fLuYwCoIhWX6%2B5hdfkaSZov7rKRj9xUEOdk0PKsxTDWHDg%2FTqCouv654TQc%2FUhSVt%2BfpbRYRKVgdJu9fX1aoceLQxgo0dabgOYn1pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
access-control-allow-origin
*
cf-ray
809837f7bd0c3cbd-CDG
alt-svc
h3=":443"; ma=86400
gate.php
linkslot.ru/ 		2 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9caa92aa9aa08b94a1959a95989baa9195d5d6e2ccd7d1cba19c97aa819ad4d0d6d8e3a08ad3d5cdecd0dbcc879993a685dddf94caac91a7dd9088c4dbd5d6d7decedcccdbdc969d96a2939da88791e5c9e6d5d39483d7ced5d787d0dfc4ddd79088c6d3d7d9dfcc98ab92a896979698a3999fa0989aae81dfd7c9d1cfd085ddd3cdcaeccaa19d9a9f919e9b98959bcfdecda3dbc9cad4d89d9aa29799aa91a2989798939b959aa29799aa91a2988a98868e96a0ab9c9ab394a799989f939f
Requested by
Host: linkslot.ru
URL: http://linkslot.ru/bancode.php?id=301829
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:11 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5tqMm3kWwxxGVJoHjvY8mCrMrwNvxtNGnPVVDn5T06tVOqdJUN4O1CVigIhh5yy8GgXOo1lxU8B289iTyB24C4Dl62wV1K%2F7xT5OcCbT%2FOoPeB%2FKLd9F8POyDZdEi%2F5WEpjpO6wjDeoIBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
access-control-allow-origin
*
cf-ray
809837f83d7a3cbd-CDG
alt-svc
h3=":443"; ma=86400
gate.php
linkslot.ru/ 		2 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9bb296a6989d8b94a1959a95989baa9195d5d6e2ccd7d1cba19c97aa819ad4d0d6d8e3a08ad3d5cdecd0dbcc879993a685dddf94caac91a7dd9088c4dbd5d6d7decedcccdbdc969d96a2939da88791e5c9e6d5d39483d7ced5d787d0dfc4ddd79088c6d3d7d9dfcc98ab92a896979698a3999fa0989aae81dfd7c9d1cfd085ddd3cdcaeccaa19d9a9f919e9b98959a9cefd5a7ca97dd94e0ce9aa29799aa91a2989798939b959aa29799aa91a2988a98868e96a0ab9c9ab394a799989f96a1
Requested by
Host: linkslot.ru
URL: http://linkslot.ru/bancode.php?id=285406
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:12 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uft87Ln1D5qBnnvAcBfI7q144jOzDRN7yt5R76iUF0ICPDgb4iPTlKBm6tcgBY%2FUdgkFR4%2B6mhW5wFDBbJ%2FA31d9ZumCo0A9MdKPXd58Iyl%2BImw%2BOvn%2FoVBVXxs27uDv%2FrFDPv2XAJIw4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
access-control-allow-origin
*
cf-ray
809837f86da53cbd-CDG
alt-svc
h3=":443"; ma=86400
truncated
/ Frame D879 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/png
truncated
/ Frame D879 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D879 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/styles__ltr.css
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 16 Sep 2023 06:02:48 GMT
x-content-type-options
nosniff
age
349343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 23 Sep 2023 06:02:48 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame D879 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=fr&v=uEf7E1417z6GNSkRx7AyL8K8
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldl9e4UAAAAAH5-TUXOoWglCWz-SNilN4PPWwTs&co=aHR0cDovL3BheWVlcm1lZ2Fib251cy5ydTo4MA..&hl=fr&v=uEf7E1417z6GNSkRx7AyL8K8&size=normal&cb=cip8pkvksj3c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2bc1d0b05d00bb3f3676cb86da2ca2ae7054f725916c86cd51785d156c06b3dc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldl9e4UAAAAAH5-TUXOoWglCWz-SNilN4PPWwTs&co=aHR0cDovL3BheWVlcm1lZ2Fib251cy5ydTo4MA..&hl=fr&v=uEf7E1417z6GNSkRx7AyL8K8&size=normal&cb=cip8pkvksj3c
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Wed, 20 Sep 2023 07:05:11 GMT
bframe
www.google.com/recaptcha/api2/ Frame 4808 		9 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=fr&v=uEf7E1417z6GNSkRx7AyL8K8&k=6Ldl9e4UAAAAAH5-TUXOoWglCWz-SNilN4PPWwTs
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__fr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b6c9e5ffaf1162e784861070698ef3d3f073a78009a8dbcdbd00537e89482ab9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GWE3aBxDarAaY8Y56jBbFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://payeermegabonus.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1241
content-security-policy
script-src 'report-sample' 'nonce-GWE3aBxDarAaY8Y56jBbFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 07:05:12 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ Frame 4808 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=fr&v=uEf7E1417z6GNSkRx7AyL8K8&k=6Ldl9e4UAAAAAH5-TUXOoWglCWz-SNilN4PPWwTs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 04:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 18:47:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Sep 2024 04:10:06 GMT
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/ Frame 4808 		456 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=fr&v=uEf7E1417z6GNSkRx7AyL8K8&k=6Ldl9e4UAAAAAH5-TUXOoWglCWz-SNilN4PPWwTs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ce37ea84857112dcc89ee3ffbb8f40e997280dbdd8d19fab36e53ccc0ed4afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Mon, 18 Sep 2023 22:40:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116658
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187392
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 18:47:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Sep 2024 22:40:54 GMT
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		2 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d2=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9bb296a6989b8b938e958da28a9ab09aa799a09b989c96a1a59d
Requested by
Host: linkslot.ru
URL: http://linkslot.ru/bancode.php?id=285404
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:16 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irUCAgNeyOHd56w2gwPfV3K8bufMtgoJvCxP96fVT%2B4ewbh4DFw6cwQLTGfxZ%2F1x6%2FbYNflw6fo93KqB3B5PpnZrbsAYmpelwuz2hCmcCRfEkil9j7ViVOXHSsziVyvBpyOrQwB2V0Wgmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
access-control-allow-origin
*
cf-ray
8098381338933cbd-CDG
alt-svc
h3=":443"; ma=86400
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		2 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d2=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9bb296a6989d8b938e958da28a9ab09aa799a09b989c96a1a59d
Requested by
Host: linkslot.ru
URL: http://linkslot.ru/bancode.php?id=285406
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://payeermegabonus.ru/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 20 Sep 2023 07:05:16 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuJugJygx6Ri%2Ftut5O9wPLlmIzbHp2sPICGXxbjyls%2BnKkDn4lh7KqHM1AZotPnH4RHXl%2BPs606icOZVIXJ3MdbCFuVk5PXTNvLmSUC5SCYJmZMDfFqjSQTeZYih6WKUugIbXZyHm07ORg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
access-control-allow-origin
*
cf-ray
80983817bd2d3cbd-CDG
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9bb296a699988b938e958da28a9ab09aa799a09b989c96a1a59d
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9bb296a6989e8b938e958da28a9ab09aa799a09b989c96a1a59d
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9bb296a698a08b938e958da28a9ab09aa799a09b989c96a1a59d
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9bb296a699998b938e958da28a9ab09aa799a09b989c96a1a59d
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9caa92aa9b978b938e958da28a9ab09aa799a09b989c96a1a59d
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=d3ccdecfd7d9d6dfc8d3cad6d6d8de93dce78a9caa92aa9aa08b938e958da28a9ab09aa799a09b989c96a1a59d

Verdicts & Comments Add Verdict or Comment

166 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 function| LThNFaMEhMhxNza function| LThNFaMEhMhxNzb function| LThNFaMEhMhxNz function| nSettmPCAUa function| nSettmPCAUb function| nSettmPCAU function| getCookie number| inIframe number| lbID_250 object| loader_250 function| loaderMbBan_250show number| c_start object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| swfobject function| code function| peoplegroup_altss function| URI function| peoplegroup_hstn string| peoplegroup_host string| peoplegroup_width string| peoplegroup_height string| peoplegroup_hwn string| peoplegroup_kws object| peoplegroup_metas string| peoplegroup_xm string| peoplegroup_hrf string| peoplegroup_stg string| peoplegroup_url string| btwads number| btws undefined| timid undefined| e undefined| el1 undefined| el2 undefined| s function| pgstrbt function| btwrld function| btwsg string| peoplegroup_frame object| MbCoDe_12600 function| LTFZBtCgEETa function| LTFZBtCgEETb function| LTFZBtCgEET function| lfRoMrJZtxya function| lfRoMrJZtxyb function| lfRoMrJZtxy function| mbOrder function| mbStHex function| dXC2 function| dXC function| encode function| urldecode function| utf8_encode function| GH1 function| tv6 function| I1r object| myd function| Wfc string| welcome string| url number| mbSY number| mbPZ number| mbMX number| mbMY string| mbPR number| mbMi number| mbUi number| mbUc function| mbRT object| mbDS object| mbDv string| hostname string| mbID string| mbPD string| test3 string| test2 string| test1 string| mbRX number| tdata boolean| mbIFram string| hash string| mbNA number| fl function| mbSF function| mbMF function| loadXMLDoc_1307 object| ls_b1307 object| ls_code function| lsOrder function| lsStHex function| LiNKsloT string| lsGT number| lsSY number| lsPZ number| lsMX number| lsMY string| lsPR function| lsRT object| lsHT object| lsDS object| lsDv string| lsLN string| lsID string| lsPD string| x string| lsRX number| lsT0 boolean| lsIFram string| lsNA function| lsSF function| lsMF object| ls number| qwe_timer boolean| qwe_isFramed function| lsReq object| lsHttp string| adsMBtxt function| YHvxosUjvORYnkFa function| YHvxosUjvORYnkFb function| YHvxosUjvORYnkF function| McEHLfpSANozfha function| McEHLfpSANozfhb function| McEHLfpSANozfh function| createCookie number| fadeTO_250 object| bl_1695193510643 object| bl_1695193510643_dom string| bl_1695193510643_cont string| bl_1695193510643_keey number| peoplegroup_gwidth number| peoplegroup_gheight number| peoplegroup_gself string| peoplegroup_cl string| peoplegroup_wwh string| peoplegroup_whh string| peoplegroup_ref number| peoplegroup_prnok object| pgsxel1 object| pgsxel2 undefined| pgsxel3 undefined| idview undefined| el undefined| img undefined| newdiv object| div boolean| traf object| divpr object| recaptcha object| closure_lm_941791 object| l_price string| bt1 string| bt2 string| bt3 function| listBlink function| Blinky

7 Cookies

Domain/Path Name / Value
payeermegabonus.ru/ Name: PHPSESSID
Value: sorfn5kc9ejj1d2tdsdk74uut7
adrek.ru/ Name: SID
Value: nl1fl5d8egv42cga46db3eb320
adrek.ru/ Name: dt
Value: 20.09.23
adrek.ru/ Name: adr
Value: %7C3322%7C
payeermegabonus.ru/ Name: adslinks_vmb_
Value: 0|13551
.yadro.ru/ Name: FTID
Value: 1b2fcd1V3Yee1b2fcd002GJ7
.yadro.ru/ Name: VID
Value: 2O-avW3TX5Oe1b2fcd002GKF

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
adrek.ru
ads.people-group.net
adslinks.ru
counter.yadro.ru
fonts.googleapis.com
linkslot.pro
linkslot.ru
multibux.org
payeer.com
payeermegabonus.ru
static.a-ads.com
www.bestchange.ru
www.google.com
www.gstatic.com
linkslot.ru
136.243.22.74
149.202.17.208
2606:4700:3037::6815:1fcc
2606:4700:3037::6815:bf2
2606:4700:3037::ac43:96c5
2a00:1450:4001:827::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2004
2a06:98c1:3120::3
2a06:98c1:3121::3
5.181.109.142
5.196.248.6
54.37.161.241
88.212.201.204
95.217.100.37
023ed202244b21c0e166e76cf406862639d08478fa4ed18d9c49474b16fdc62e
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0e2995f3777c6ca5f4a36535525df1c61776fd85aa5cf742ee7f21b397bcd31a
0f6526b97c6d995c135109e8b2a12d07c471ada7aa2b176bd96514e08fda4025
114dd828976567f0d75d89661693bb2980963da2bccd8549a2a96b39f198487e
181a120d7d4ba8699238dbf9d61db01a5b1c3693e864dd31468b2a4cd1e9bcdc
188a3d9cb74263c49702ed8b3700c923c6534f8f0bcdfc46ba533bd4a32f8bdd
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bb25991538ca880c81d25f85b9c9ac7430f2a3815afe6b2486047480316a82b
20e99b236326761f0a6a557832d1d4aa34ceb5e51be23d0dbbe070a68ec7abfe
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29953f11106bf6790e746d19a7fe93a34d3d8c98ea94909d2cb8e7401a1b42b8
2bc1d0b05d00bb3f3676cb86da2ca2ae7054f725916c86cd51785d156c06b3dc
324b9d944e39c915922db7058a276bd708e68ea5d86762741f14864af2324607
32653f581aa0ee49dfe17a62382f26f1f69613f24cf3b3f649c10703f5174f6b
3930a676cb9be3b6cd55a354d0ea2cbe65f2ab1337db329ed5cd2e56401084a2
3d285ed1fe07a83d5e1bf07ea6286563c6f1a34d9fca06fffbebeb5aab9d029a
3df9b929b8234c82ce754721c262c9d1ef7b29fa983f28e1d089bc6c9afc30f2
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
471573e54519f80349212ce2a4d5b35d8121cee479e0b949115977e6ef51d663
4a60371ecb53df04e300cc841e493fad746a29e8afbb7f3a91f6e608722d2f5a
4b9ef84fceaf33559b2cbc1ac4192f241b14cc8defbbc4e4425eb992ad9246d2
4ce37ea84857112dcc89ee3ffbb8f40e997280dbdd8d19fab36e53ccc0ed4afc
4ea1d8ecf2ae95ffc0d064e926f7fc542b6048d67ccdafcf2113bda67c013325
4fc1004b8eb11460f253be1616e7735b915a8d4bd17943875b015fb35c1a3b67
503f22aa60b2d9fe5793278e9cedb7ddcbb778684a28c96f7c85a7ee0917580f
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5636e9ec69e944760ea22463eacf7a3faaa27a47d0a3d0e0b8d561c8304e929b
57cb44617108914c4fb122d75cc0035ef23f616b578c8aadb4ed5b73f3c47fe3
5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29
60b368b43c2c389596d9dc8461920a3e52733ab9d9b9363cf0ba3b4f9ea95b9f
6a18fbd44bdb2ee3eac8b3122f2e59e6f7407fd402582eca8c655a5e04f9eed0
6c98f1112b2719030cce8ff7c37d67f0851b3536dd98435fce9a4fb946570be7
76f3536cf95db770b237603c8c389ca00341513ff2e0e0f579196e5e75f77256
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
875a9ab37a852c3a0b3f2d27871f6f947d9b2bfe3565724baff89fcefe72d2ea
87f8d7901dc7a41d63742fab2ee281f4b6b662bf3b0667eddb9bf714b6584c41
88a3529df5e5ba9290cab4f1d14503378c751acdd5c3139787478816322279a6
8a21950145f415951cc2f038be147071dfd4388fdfb519b997aa728c095bb174
8cfc8a9a730200df9f466a193724559757e32326e88745af05dc37e7ae7ef7e8
8ecb8d2fde8a453cd885986b0819a73783023b0e74fc25365221a71ba2d182a5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b