urlscan.io logo urlscan.io
SecurityTrails logo

m246dd4.perfectmoneyland.com Open in urlscan Pro
104.21.62.138  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://casino-spincity.ru/
Effective URL: https://m246dd4.perfectmoneyland.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk&rh=7f6db3056656536b4be220f9e00814ff
Submission: On November 16 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 13 domains to perform 29 HTTP transactions. The main IP is 104.21.62.138, located in Shahr, Iran, Islamic Republic Of and belongs to CLOUDFLARENET, US. The main domain is m246dd4.perfectmoneyland.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 7th 2022. Valid for: a year.
This is the only time m246dd4.perfectmoneyland.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 3 104.21.42.27 13335 (CLOUDFLAR...)
15 188.114.96.3 13335 (CLOUDFLAR...)
1 172.67.175.1 13335 (CLOUDFLAR...)
2 104.21.62.138 13335 (CLOUDFLAR...)
1 104.21.49.125 13335 (CLOUDFLAR...)
4 188.114.97.3 13335 (CLOUDFLAR...)
1 172.67.180.178 13335 (CLOUDFLAR...)
1 104.21.69.64 13335 (CLOUDFLAR...)
1 172.67.143.155 13335 (CLOUDFLAR...)
29 10
1    2606:4700:3034::ac43:cd32 (United States)

ASN13335 (CLOUDFLARENET, US)
casino-spincity.ru
1    2606:4700:3030::6815:4293 (United States)

ASN13335 (CLOUDFLARENET, US)
casino-spincity.ru
3    104.21.42.27 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
m8d09ab.playthisslot.com
15    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.ext-files.net
cdnl.ext-files.net
1    172.67.175.1 (United States)

ASN13335 (CLOUDFLARENET, US)
aloginpro.com
2    104.21.62.138 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
m246dd4.perfectmoneyland.com
1    104.21.49.125 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
md0094f.slotforjoy.com
4    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
mdbce9a.slotforjoy.net
mfc1f77.wowlucky.net
m22ed69.enjoyslot.net
slogin.biz
1    172.67.180.178 (United States)

ASN13335 (CLOUDFLARENET, US)
m8bc6bf.successfulslot.com
1    104.21.69.64 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
mb8e053.successfulslot.net
1    172.67.143.155 (United States)

ASN13335 (CLOUDFLARENET, US)
m457ce3.wowcasino.net
Domain Requested by
11 cdnl.ext-files.net m246dd4.perfectmoneyland.com
cdnl.ext-files.net
4 www.ext-files.net m8d09ab.playthisslot.com
www.ext-files.net
3 m8d09ab.playthisslot.com 1 redirects casino-spincity.ru
2 m246dd4.perfectmoneyland.com www.ext-files.net
2 casino-spincity.ru 1 redirects
1 slogin.biz m246dd4.perfectmoneyland.com
1 m22ed69.enjoyslot.net
1 mfc1f77.wowlucky.net
1 m457ce3.wowcasino.net
1 mb8e053.successfulslot.net
1 m8bc6bf.successfulslot.com
1 mdbce9a.slotforjoy.net
1 md0094f.slotforjoy.com
1 aloginpro.com m8d09ab.playthisslot.com
29 14

This site contains no links.

Subject Issuer Validity Valid
*.casino-spincity.ru
GTS CA 1P5		 2022-10-08 -
2023-01-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-28 -
2023-05-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://m246dd4.perfectmoneyland.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk&rh=7f6db3056656536b4be220f9e00814ff
Frame ID: 68C80805E873AE41F19F28816D5370E5
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Онлайн казино Spin City официальный сайт игровых автоматов онлайн

Page URL History Show full URLs

  1. http://casino-spincity.ru/ HTTP 301
    https://casino-spincity.ru/ Page URL
  2. https://m8d09ab.playthisslot.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk Page URL
  3. https://m8d09ab.playthisslot.com/redirect?t=1.021&reason=success_ping&ri=0&ro=m&to=Lz9scD1zY193bzRfcnUmdHJhY2... HTTP 302
    https://m246dd4.perfectmoneyland.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk&rh=7f6db3056656536b4be220f9e00814ff Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

100 %
HTTPS

18 %
IPv6

13
Domains

14
Subdomains

10
IPs

3
Countries

283 kB
Transfer

388 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://casino-spincity.ru/ HTTP 301
    https://casino-spincity.ru/ Page URL
  2. https://m8d09ab.playthisslot.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk Page URL
  3. https://m8d09ab.playthisslot.com/redirect?t=1.021&reason=success_ping&ri=0&ro=m&to=Lz9scD1zY193bzRfcnUmdHJhY2tDb2RlPWFmZl9hNDhhNjhfMjdfdms= HTTP 302
    https://m246dd4.perfectmoneyland.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk&rh=7f6db3056656536b4be220f9e00814ff Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://casino-spincity.ru/ HTTP 301
  • https://casino-spincity.ru/

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
casino-spincity.ru/
Redirect Chain
  • http://casino-spincity.ru/
  • https://casino-spincity.ru/
1 KB
978 B 		Document
General
Check archive.org
Download Go to
Full URL
https://casino-spincity.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
76b05157bc04f3e3-LHR
content-encoding
br
content-type
text/html
date
Wed, 16 Nov 2022 12:44:23 GMT
last-modified
Mon, 17 Oct 2022 11:34:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMP93zkks77pzAKrmA8e6YRTIbqr75fEJHAKwlTiG92kRANlDbFXAIYQ5islnmNkc3nDAnHJs7or4t441JB0KLEl5w0xf3mZ9%2FckWc7%2BLx6g0CC%2BDPvImUc%2Bj63IlTAqWcjejIR89Sy9UTvCk7FyIf4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
76b05156bc3388af-LHR
Cache-Control
max-age=3600
Connection
keep-alive
Date
Wed, 16 Nov 2022 12:44:23 GMT
Expires
Wed, 16 Nov 2022 13:44:23 GMT
Location
https://casino-spincity.ru/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJ3u0RVp1Eug0CIb3AJR1eOJ7FUFh0BTMA24Daiwa7z3HpqSbrjLoaZTIEMO1jP6qIr7p8lb4eofWiH2JZMKIdC5Qne98JIutL5N74U9tcJF0kL4k%2FTTDXZY3CbCNfu0393AGivyB%2FCnRlxbwKdlVpg%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
m8d09ab.playthisslot.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m8d09ab.playthisslot.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk
Requested by
Host: casino-spincity.ru
URL: https://casino-spincity.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.42.27 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1c316ad18308dd5ff853a61a24b1c16f74102ed52bc2804e18f6346bea3d75b

Request headers

Referer
https://casino-spincity.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
76b0515929497773-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 12:44:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3pXs69%2FS2dszznxBF1u2HXouanW1cr8fVVaerm71sePdiMUH%2BbA2%2F7YM1TGDpOtaYp0MaTXL7ChDyULBMhb3SEiPQrsoygTbkMwRKL7nNNob9mfJw3C5lS5nauqkh0CcFKYnL6AqkpYRngE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-application
redirector
style.css
www.ext-files.net/redirector/land-sc/css/ 		1 KB
736 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ext-files.net/redirector/land-sc/css/style.css
Requested by
Host: m8d09ab.playthisslot.com
URL: https://m8d09ab.playthisslot.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09bb5f42fd92a7e247760abb5a39de7b78db3957941524265a1dac2d19bfd8d0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://m8d09ab.playthisslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:24 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 23 Jul 2018 13:10:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4e0-571aa5e7a36c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zt%2BKll1RdjUpuSD3aTMFSztB4vUlQUcUkQHfz7MtV36zLv36%2FGIDTE8JJRrhayVB098KWSt8T%2Bk9xvTBXwA%2FetgKc0BjbEhKJfTXNyuElQS5WysIBrwmMHRnLn%2BKW1VeiRPMyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
76b0515abd35f42f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
preloader.css
www.ext-files.net/redirector/land-sc/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ext-files.net/redirector/land-sc/css/preloader.css
Requested by
Host: m8d09ab.playthisslot.com
URL: https://m8d09ab.playthisslot.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
914e690cbbbbbedcbbc987cd8ce7b38a7fef9c4ae05c24692a9dc3919b34a57b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://m8d09ab.playthisslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:24 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 23 Jul 2018 13:10:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"d99-571aa5e7a36c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhnjK4AsJ0q4UrnJmBbRNyrx%2Bh2X6U81UIi52x9CelvGrPhWsM%2FwibmYjbBIyFFX9FYOPEStC%2FrNwhI2WcLot%2Bw1Qmez%2Fc8R63crd644HxVJp9GUPyHWvZJIOFrCJQYR9xB9mA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
76b0515abd36f42f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
redirmin.js
www.ext-files.net/redirector/common/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ext-files.net/redirector/common/js/redirmin.js?v=1668602663
Requested by
Host: m8d09ab.playthisslot.com
URL: https://m8d09ab.playthisslot.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49447cd5a44e7a1ba79c162bc11da584cf454c776effe2a4daa65309cc07ba51

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://m8d09ab.playthisslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 14 Aug 2019 08:21:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1940-5900f725a8f40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOnQGnQhvXRFFzOK2s5hbwzxJ4UD2xm0c3weAYaUSZWdmZnuwzHRZzZkyBDbNPsBCo0P262j2MPsmmKD%2BtRM9e5ZsTuAUSEpDCtOG4TBSBK1H0U2z7DppBReYW6%2F8KgP6t3eDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
76b0515abd37f42f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
redirector.js
aloginpro.com/sc/land-sc/ 		0
663 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aloginpro.com/sc/land-sc/redirector.js
Requested by
Host: m8d09ab.playthisslot.com
URL: https://m8d09ab.playthisslot.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.175.1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Fat-Free Framework
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://m8d09ab.playthisslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:24 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Fat-Free Framework
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 16 Nov 2022 12:44:24 +0000
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VT8zDr2zt1DuGANZ466Zf2KvNG7itJUjvAxUWBcTQSibonR74swsSg6K3NKWQ0ss%2B2FYH5Z4c70CF%2Fe7BjdvOx0FV2H0MXhbMmgou%2FXBDHZZR4uunj6wIqvQknyc%2FsCR"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
76b0515ab9d8f3fb-LHR
expires
Wed, 16 Nov 2022 12:44:23 +0000
logo.png
www.ext-files.net/redirector/land-sc/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ext-files.net/redirector/land-sc/img/logo.png
Requested by
Host: www.ext-files.net
URL: https://www.ext-files.net/redirector/land-sc/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96c6c0fc1fd140b3972ff1b1263382e36241298a95c4e1b23252b7198d666081

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.ext-files.net/redirector/land-sc/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:24 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 23 Jul 2018 13:10:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3bab-571aa5e7a36c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jK9xgP6U1QFJWck2bBFiDs1KjmHonVOd7NwezzHnk8n3Mqo8iDadjpv7oSRnnrOqvDZlIaLqLTPX9J9pMOdjoQ9ENXQb6%2Br%2BALGU1GlQm9v%2FdndOvJa8%2F5rgnhg6FCinFJj%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
76b0515badf8f42f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15275
ping.png
m246dd4.perfectmoneyland.com/ 		121 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m246dd4.perfectmoneyland.com/ping.png?t=1668602664540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.62.138 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://m8d09ab.playthisslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
121
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Fri, 28 Oct 2022 10:43:09 GMT
server
cloudflare
etag
"635bb23d-79"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMU%2Bhku2T5GXWG17C3aNsmT1MDhkqWJDENLRkp3kpSfB0EhB89nH%2BMY2oQcNkvP1oWZF%2BOBxn8HrA9%2FQ7rxLowo4Y17QCL4jmgiLNjus4PKGvzEfVZ57qcmRWYplFerxdA%2FGZTtJD7Xesz6gnhCD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
x-robots-tag
noarchive, notranslate, noarchive, notranslate
cf-ray
76b0515e2847dcd3-LHR
ping.png
md0094f.slotforjoy.com/ 		121 B
777 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://md0094f.slotforjoy.com/ping.png?t=1668602664540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.49.125 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://m8d09ab.playthisslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
121
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Fri, 28 Oct 2022 10:43:09 GMT
server
cloudflare
etag
"635bb23d-79"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMGVFdYHQ%2BanX0eW8%2FTsR7mkZgeylvq2493cP5X75qcvMsxLctCpbQ2mhySau26V0wrpX8x8%2BjqITJI0J3BYff11ReuUAAvTXmH96DpfrHWORWe6d57ioUFIKDfIqaQIrTCSYEe%2FklhV"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
x-robots-tag
noarchive, notranslate, noarchive, notranslate
cf-ray
76b0515e3c067714-LHR
ping.png
mdbce9a.slotforjoy.net/ 		121 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mdbce9a.slotforjoy.net/ping.png?t=1668602664540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://m8d09ab.playthisslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
121
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Fri, 28 Oct 2022 10:43:09 GMT
server
cloudflare
etag
"635bb23d-79"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2FPRc8F%2F6gywBlK4jyb62wvOWBY17vXZ38qRWRB%2Bt92OAy52JncdQRjxeYpW1i%2B1jIz3ghHhwLTATeISPMsNQK61IU%2B7j%2BkAgMuFDP2dh%2BKyxmjDYveUyrld%2Fl%2B1oug%2BYMGUiCttub7i"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
x-robots-tag
noarchive, notranslate, noarchive, notranslate
cf-ray
76b0515e3a5d406c-LHR
ping.png
m8bc6bf.successfulslot.com/ 		121 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m8bc6bf.successfulslot.com/ping.png?t=1668602664541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.180.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://m8d09ab.playthisslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
121
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Fri, 28 Oct 2022 10:43:09 GMT
server
cloudflare
etag
"635bb23d-79"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWGgxy6Q3w%2BgGwaD%2BogpJp%2F6W2fbQ6%2B40%2BFLQ%2FRxDM8UCkd7AtqpbUAQ%2BQL3WeQtGxjFlgeXgCj0lLqafTLqLBaJporro8JY3SWem9Z3ak04DS8kzRf0b4nGmFQ%2BByVVtASyioqm2bX7f5kq2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
x-robots-tag
noarchive, notranslate, noarchive, notranslate
cf-ray
76b0515e3b57778f-LHR
ping.png
mb8e053.successfulslot.net/ 		121 B
789 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mb8e053.successfulslot.net/ping.png?t=1668602664541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.69.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://m8d09ab.playthisslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
121
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Fri, 28 Oct 2022 10:43:09 GMT
server
cloudflare
etag
"635bb23d-79"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXap1BMALCxiZV728EKEH3HTXe8l5jaQXZtDubM7B%2B9q%2BtKtV2T%2B5A100k20iNf%2B7NQP6bJ0WqBoIRCRJGTCCijsAbZUEgOMoM4CSZJ97eI4AhE0%2Fp5Eye6c1j8M6%2Fgt1c4zHMSBMPicqrKqFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
x-robots-tag
noarchive, notranslate, noarchive, notranslate
cf-ray
76b0515e3d6c7719-LHR
ping.png
m457ce3.wowcasino.net/ 		121 B
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m457ce3.wowcasino.net/ping.png?t=1668602664541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.143.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://m8d09ab.playthisslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
121
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Fri, 28 Oct 2022 10:43:09 GMT
server
cloudflare
etag
"635bb23d-79"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YavvZVXn7uZIvh%2Bd9%2Fso9x0PaLvWdvX0Mk83bsBCp%2BElhfu5I7HzruiT38UJdbFbojQGKd29s%2F6aqX7IS4G7ZFnYpPGuKcAHyIHevw6UZ7Gev%2Bu%2BqdfMvaFZOj6e7yN8%2FVku5wlnMmg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
x-robots-tag
noarchive, notranslate, noarchive, notranslate
cf-ray
76b0515e4edc06dd-LHR
ping.png
mfc1f77.wowlucky.net/ 		121 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mfc1f77.wowlucky.net/ping.png?t=1668602664541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://m8d09ab.playthisslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
121
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Fri, 28 Oct 2022 10:43:09 GMT
server
cloudflare
etag
"635bb23d-79"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rrnu0CICYceg%2B9hP%2BZaDuaiy6RZMFdUnFafQ12Z9hv5SDmBp7XQd8M5wwLI6hM%2F7ixTmnRknmTglprigFoCrgCVVXOaRy7iFZrKNQpmYyalP8RSOvhJ7QXbi93OSzXus5ZSNfFgVbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
x-robots-tag
noarchive, notranslate, noarchive, notranslate
cf-ray
76b0515e3f4bdc87-LHR
ping.png
m22ed69.enjoyslot.net/ 		121 B
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m22ed69.enjoyslot.net/ping.png?t=1668602664541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://m8d09ab.playthisslot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
121
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Fri, 28 Oct 2022 10:43:09 GMT
server
cloudflare
etag
"635bb23d-79"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wT5k8YnShqIX3rTvHVLy8ay8ErGpFeSQlVAKgFUb%2FK4n6kcAmLrPluMhR2qTRtA02znK51RbBPYROqs1CAjmLHIYyOS%2Fw9Ua4GXQYL6xoaWbUSdhNHuptpzUWWYZbrHJTY6ihz0Sovk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
x-robots-tag
noarchive, notranslate, noarchive, notranslate
cf-ray
76b0515e382e0639-LHR
Primary Request /
m246dd4.perfectmoneyland.com/
Redirect Chain
  • https://m8d09ab.playthisslot.com/redirect?t=1.021&reason=success_ping&ri=0&ro=m&to=Lz9scD1zY193bzRfcnUmdHJhY2tDb2RlPWFmZl9hNDhhNjhfMjdfdms=
  • https://m246dd4.perfectmoneyland.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk&rh=7f6db3056656536b4be220f9e00814ff
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m246dd4.perfectmoneyland.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk&rh=7f6db3056656536b4be220f9e00814ff
Requested by
Host: www.ext-files.net
URL: https://www.ext-files.net/redirector/common/js/redirmin.js?v=1668602663
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.62.138 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f7ef542441a759e00189c5801d2c3e410db32b333dc64bf1f787a00f376010a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://m8d09ab.playthisslot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
76b051638e2c7443-LHR
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 16 Nov 2022 12:44:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DmR7iOQK2OyF9m8mslllQH7p1knOCowC8b5F2QzcqYjlgUSXq7sfI5FxDYb0HNX89tnqQND%2FubBBaTWc30S7Kuv993Df0IjTFofAg48CkauWb%2FIhy01tIpGWJRZyUaD3%2FeDt73ZkSDkom%2FR%2FEKx"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
noarchive, notranslate
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
76b0516269dbf43b-LHR
content-type
text/html; charset=UTF-8
date
Wed, 16 Nov 2022 12:44:25 GMT
location
https://m246dd4.perfectmoneyland.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk&rh=7f6db3056656536b4be220f9e00814ff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FTDrNkYBu937jcwBSy7wES1l%2BpY%2BYU3mHyIohk2N%2FS9cOVT6LrlQUktlG5atKWmZ3rj55%2FGdNZ9TQ3Qj3En1HedrrIWzwv3yYBtAKXgjmyJGtDZvH8OofRse2WHE%2BbXFQnjayoet2NB66o%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-application
redirector
send-stats
m8d09ab.playthisslot.com/ 		121 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m8d09ab.playthisslot.com/send-stats?domains[aHR0cHM6Ly9tMjQ2ZGQ0LnBlcmZlY3Rtb25leWxhbmQuY29t]=1&domains[aHR0cHM6Ly9tZDAwOTRmLnNsb3Rmb3Jqb3kuY29t]=1&domains[aHR0cHM6Ly9tZGJjZTlhLnNsb3Rmb3Jqb3kubmV0]=1&domains[aHR0cHM6Ly9tOGJjNmJmLnN1Y2Nlc3NmdWxzbG90LmNvbQ%3D%3D]=1&domains[aHR0cHM6Ly9tYjhlMDUzLnN1Y2Nlc3NmdWxzbG90Lm5ldA%3D%3D]=1&domains[aHR0cHM6Ly9tNDU3Y2UzLndvd2Nhc2luby5uZXQ%3D]=1&domains[aHR0cHM6Ly9tZmMxZjc3Lndvd2x1Y2t5Lm5ldA%3D%3D]=1&domains[aHR0cHM6Ly9tMjJlZDY5LmVuam95c2xvdC5uZXQ%3D]=1&ri=0ro=m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.42.27 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://m8d09ab.playthisslot.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-application
redirector
date
Wed, 16 Nov 2022 12:44:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7TzG9PV2fKVBvDPlh1oemPQiY%2B10QxSh3tzYoEFkn%2Bpp13x3a7k%2FDKH99cs5f6ZnSyTuz9fL9q8QcUva%2BNcoA%2BAQ8Xk%2Fe%2FWhZkhpitcUUAK1EBUb%2Bt4f5913acyw9Gsw3WJbuWSuGk049Aw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cf-ray
76b0516269ddf43b-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
121
style.css
cdnl.ext-files.net/landings/web/sc_wo4_ru/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnl.ext-files.net/landings/web/sc_wo4_ru/css/style.css?v=1668591625
Requested by
Host: m246dd4.perfectmoneyland.com
URL: https://m246dd4.perfectmoneyland.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk&rh=7f6db3056656536b4be220f9e00814ff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eefcfa46f15839fc576773e90233116387d5d4e724cb63ab6635cfefd3f2fd68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://m246dd4.perfectmoneyland.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk&rh=7f6db3056656536b4be220f9e00814ff
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 28 Oct 2022 10:43:12 GMT
server
cloudflare
etag
W/"635bb240-238a"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZQgl50MJgtV7NMUJ%2Bw6ZsnwxIqbibIAuJBRMaz811ToN7rWz4gmWbWHbRxpIJ9VdFQygBg7slpqWGLjFiUNZslG1%2F14UmB9IFzuPCg63iJHbfgu6a6ELdyjJFsqX%2F1uL3Ay3Qs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
x-robots-tag
noarchive, notranslate
cf-ray
76b051646e07f42f-LHR
jquery.min.js
cdnl.ext-files.net/landings/common/web/js/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnl.ext-files.net/landings/common/web/js/jquery.min.js?v=1668591625
Requested by
Host: m246dd4.perfectmoneyland.com
URL: https://m246dd4.perfectmoneyland.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk&rh=7f6db3056656536b4be220f9e00814ff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://m246dd4.perfectmoneyland.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk&rh=7f6db3056656536b4be220f9e00814ff
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 28 Oct 2022 10:43:08 GMT
server
cloudflare
etag
W/"635bb23c-1499c"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2wQfhzlc5bUZOhYrR0WngQy6cuIx9wOjtZcbTpXakuZMyv2dYQ86Bs3Q9A0bCsg%2B%2FMK7oj5Nc6WpCJg0fKAbdvG2n4CRcdKQw36BGJdRE7F7C01qZ4jZTrtlG3AQlTl7WtYHU8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
x-robots-tag
noarchive, notranslate
cf-ray
76b051646e0ff42f-LHR
sc_reg.js
cdnl.ext-files.net/landings/common/_default/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnl.ext-files.net/landings/common/_default/js/sc_reg.js?v=1668591625
Requested by
Host: m246dd4.perfectmoneyland.com
URL: https://m246dd4.perfectmoneyland.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk&rh=7f6db3056656536b4be220f9e00814ff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2df796ef1292ee99e3363a6b81c1fc8fb85facaac454ac8969a5a7d143c085dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://m246dd4.perfectmoneyland.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk&rh=7f6db3056656536b4be220f9e00814ff
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 28 Oct 2022 10:43:08 GMT
server
cloudflare
etag
W/"635bb23c-111a"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P74ev12jryr5AW5SfHjqW%2FmzWaR1Rvp2bWMKxIvg%2F8siWd%2BkgAt3G%2FsLvMtXelxTEPL69VL4EEaTxUWKiCn8U3hW8hQSHX33rQ1fPxZNe2eMpgicIMObIlvsvRZbSPVoUtEf%2B%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
x-robots-tag
noarchive, notranslate
cf-ray
76b051646e0cf42f-LHR
slogin.js
slogin.biz/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slogin.biz/slogin.js?v=1668591625
Requested by
Host: m246dd4.perfectmoneyland.com
URL: https://m246dd4.perfectmoneyland.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk&rh=7f6db3056656536b4be220f9e00814ff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc10605b0632ab286434d6eb5e3609d4efd7cd053cf0f91b3dc645b3425988

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://m246dd4.perfectmoneyland.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk&rh=7f6db3056656536b4be220f9e00814ff
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 16 Nov 2022 12:44:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FTYbS0DD4NzfR2Nh1mZl6USA29Z7mjij9NjmbNzUBqc%2BTsVdjTcanGSOvzHEoX%2FudENGg3njh7D1ZqTPwQP6nZnvcnj60D4HfJrw%2FXpgXbzJSjgoUh0Un0Hog2to"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
76b051650afcdc51-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
slogin_init.js
cdnl.ext-files.net/landings/common/web/js/ 		365 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnl.ext-files.net/landings/common/web/js/slogin_init.js?v=1668591625
Requested by
Host: m246dd4.perfectmoneyland.com
URL: https://m246dd4.perfectmoneyland.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk&rh=7f6db3056656536b4be220f9e00814ff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3171e0a73c2018e3628d3b103acabd6cc20617763f21bfa346c736399849c071
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://m246dd4.perfectmoneyland.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk&rh=7f6db3056656536b4be220f9e00814ff
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 28 Oct 2022 10:43:08 GMT
server
cloudflare
etag
W/"635bb23c-16d"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpiOzkVb46q8vZw2iZ4%2FZ6IBkvFi4wlmW5oWPpdI2eMFRarWaETf7S7DOGKRBOWNQoB%2FdubSL3tiU6uC0unvr7nkDsx3tt%2BmH1BA0eprTgEJmtPIKf43qahCcf%2BdeZheaYXyPmo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
x-robots-tag
noarchive, notranslate
cf-ray
76b051646e08f42f-LHR
webview-redirect.js
cdnl.ext-files.net/landings/common/web/js/ 		402 B
503 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnl.ext-files.net/landings/common/web/js/webview-redirect.js?v=1668591625
Requested by
Host: m246dd4.perfectmoneyland.com
URL: https://m246dd4.perfectmoneyland.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk&rh=7f6db3056656536b4be220f9e00814ff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
409f921d2d0a2382f9c70e96a77ed375c073688cc75db45d914fb6a67524fd62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://m246dd4.perfectmoneyland.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk&rh=7f6db3056656536b4be220f9e00814ff
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 28 Oct 2022 10:43:08 GMT
server
cloudflare
etag
W/"635bb23c-192"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=heBRv9m0ZpYBUXfSoZB3%2F96Hb8%2FBEI5aMvm6Zv3z7bCRQCGrB3Y98kSFT0cdo9lcs45Lw8m37nlFlvUS7ocoox3%2BVmAIhyJOywIXECwcxjyCME6PsoYrXX6wA%2BkcASZ9%2BH9aHjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
x-robots-tag
noarchive, notranslate
cf-ray
76b051646e0af42f-LHR
bg.jpg
cdnl.ext-files.net/landings/web/sc_wo4_ru/img/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnl.ext-files.net/landings/web/sc_wo4_ru/img/bg.jpg
Requested by
Host: cdnl.ext-files.net
URL: https://cdnl.ext-files.net/landings/web/sc_wo4_ru/css/style.css?v=1668591625
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6305a9d221bcb64c8b86506798f46b29c004b119590195b86905230ce184399a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdnl.ext-files.net/landings/web/sc_wo4_ru/css/style.css?v=1668591625
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85352
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 28 Oct 2022 10:43:12 GMT
server
cloudflare
etag
"635bb240-14d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n89zToR3xqReHjkLgLe5aosdmRH55L6uKQJo6zaPYk%2Bm%2BLtB5atOIaIp9wbeKmppQNIfN8zwQUzWA6sorMhazNlce4gZE8qnCQgRNL2DE4Je5%2FL1yJ%2Bo0a91YrAdtzeESjN7prk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
x-robots-tag
noarchive, notranslate
cf-ray
76b05164fc55886e-LHR
logo.svg
cdnl.ext-files.net/landings/web/sc_wo4_ru/img/ 		36 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnl.ext-files.net/landings/web/sc_wo4_ru/img/logo.svg
Requested by
Host: cdnl.ext-files.net
URL: https://cdnl.ext-files.net/landings/web/sc_wo4_ru/css/style.css?v=1668591625
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11d729e4e96e6e75e5a8974a2c2392aed8a38cb55d76be58d9e885b598518981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdnl.ext-files.net/landings/web/sc_wo4_ru/css/style.css?v=1668591625
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 28 Oct 2022 10:43:12 GMT
server
cloudflare
etag
W/"635bb240-9058"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mr2TuzrxEFMjqr%2BLUr1w1CIfCpYvjXQ%2B0VpYS2xaoc8e9JiEwTxObHh21r%2Fasms8Rhlgm1hVcsaROxM7jPx%2BbW1o2yC9db315PSj7e2OCetiD5xmodDjSwNYLuwiUSniPvLv%2Bho%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
x-robots-tag
noarchive, notranslate
cf-ray
76b05164fc58886e-LHR
logo_line.png
cdnl.ext-files.net/landings/web/sc_wo4_ru/img/ 		783 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnl.ext-files.net/landings/web/sc_wo4_ru/img/logo_line.png
Requested by
Host: cdnl.ext-files.net
URL: https://cdnl.ext-files.net/landings/web/sc_wo4_ru/css/style.css?v=1668591625
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1662738a75b44c1961ac5935dfa6ccb971902f2892f818a95876839af3bc71fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdnl.ext-files.net/landings/web/sc_wo4_ru/css/style.css?v=1668591625
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
783
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 28 Oct 2022 10:43:12 GMT
server
cloudflare
etag
"635bb240-30f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKwNb%2BiM%2FNUQBEtl%2FDP27bSraHSNhz%2FaOnhUW2Zw%2B22zghWb%2B%2BzyP62bOiaqSbr3AZu%2B1pSULk4kI9kA0SbuFoa10aakvEDORDZvg%2FvH5B2z4qJCTSl09opQ3YwEqFvTNcnPH3w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
x-robots-tag
noarchive, notranslate
cf-ray
76b05164fc5a886e-LHR
social_icons_sprite.svg
cdnl.ext-files.net/landings/web/sc_wo4_ru/img/ 		13 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnl.ext-files.net/landings/web/sc_wo4_ru/img/social_icons_sprite.svg
Requested by
Host: cdnl.ext-files.net
URL: https://cdnl.ext-files.net/landings/web/sc_wo4_ru/css/style.css?v=1668591625
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b38a994aa974ffde8f2aec65e155cb6d9ecbb1ab1ee1339904bc4f209c0a60e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdnl.ext-files.net/landings/web/sc_wo4_ru/css/style.css?v=1668591625
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 28 Oct 2022 10:43:12 GMT
server
cloudflare
etag
W/"635bb240-348f"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W36M4nGVvJz888YvUCQTuzAh7l31GxAMgOy%2FdK7CHSgB5InVjQREOUd1oez7Cyc%2F0TYYthHV0GJ9fl%2BLhHGhAUelOFl2Sc9FdlGl1qJAhzHMyBdgkT56LcVQi%2FguHw%2Fz5xuvdmA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
x-robots-tag
noarchive, notranslate
cf-ray
76b051650c5e886e-LHR
a_bosanova.woff
cdnl.ext-files.net/landings/common/_default/fonts/ABosaNova/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnl.ext-files.net/landings/common/_default/fonts/ABosaNova/a_bosanova.woff
Requested by
Host: m246dd4.perfectmoneyland.com
URL: https://m246dd4.perfectmoneyland.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk&rh=7f6db3056656536b4be220f9e00814ff
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f48de8d46452c362041d54ab4364fe1f6f0dd32675f3f1cbb7f159433ec7b6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://m246dd4.perfectmoneyland.com/
Origin
https://m246dd4.perfectmoneyland.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14540
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 28 Oct 2022 10:43:08 GMT
server
cloudflare
etag
"635bb23c-38cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lqTGPLb7vJzrUaQ%2BcjePcS0LaKOvrv3VtUfyUc410CWxBT3LY1rDCNwCqEnK8P1ppKBgAErQ8mPlMPDdRIrgM9coXjrCQf8ZH%2FNvkiWlHjSUI9v0KANAQBhmoPiWYdrgQlJzr8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
x-robots-tag
noarchive, notranslate
cf-ray
76b051656f4b8885-LHR
PT_Sans-Caption_Bold.woff
cdnl.ext-files.net/landings/common/_default/fonts/PTSans/ 		99 KB
100 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnl.ext-files.net/landings/common/_default/fonts/PTSans/PT_Sans-Caption_Bold.woff
Requested by
Host: m246dd4.perfectmoneyland.com
URL: https://m246dd4.perfectmoneyland.com/?lp=sc_wo4_ru&trackCode=aff_a48a68_27_vk&rh=7f6db3056656536b4be220f9e00814ff
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb556903ce938eb5a6a923843db218e284dd83658f7c32aac810c77955e8b962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://m246dd4.perfectmoneyland.com/
Origin
https://m246dd4.perfectmoneyland.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 12:44:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
101524
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 28 Oct 2022 10:43:08 GMT
server
cloudflare
etag
"635bb23c-18c94"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2KSRHn%2FS80Qx%2Fb8zv%2FclzAsLkYz60Btzq6xZ1zdO324OS5S65XwahCuXGrx6rMZ3JhqACHlmNkAeZVtU%2BpwmSfpb2PIP7htHcHpzw9kKXeKxShFafaJChV1va%2B6yLXCrWs1e9Kc%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
x-robots-tag
noarchive, notranslate
cf-ray
76b051656f4d8885-LHR

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| sloginHost object| slogin function| redirectForm function| sloginCallback string| ua boolean| isAndroid boolean| isInstagram boolean| isTelegram boolean| isFacebook

4 Cookies

Domain/Path Name / Value
m8d09ab.playthisslot.com/ Name: redirected-hash
Value: 08c91ec50bafcf66b054d8a341db1533
m8d09ab.playthisslot.com/ Name: redirected
Value: %7B%2208c91ec50bafcf66b054d8a341db1533%22%3A%22aHR0cHM6Ly9tMjQ2ZGQ0LnBlcmZlY3Rtb25leWxhbmQuY29tLz9scD1zY193bzRfcnUmdHJhY2tDb2RlPWFmZl9hNDhhNjhfMjdfdms%3D%22%7D
m246dd4.perfectmoneyland.com/ Name: pid
Value: 4
m246dd4.perfectmoneyland.com/ Name: ForwardParameter
Value: lp%3Dsc_wo4_ru%26rh%3D7f6db3056656536b4be220f9e00814ff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aloginpro.com
casino-spincity.ru
cdnl.ext-files.net
m22ed69.enjoyslot.net
m246dd4.perfectmoneyland.com
m457ce3.wowcasino.net
m8bc6bf.successfulslot.com
m8d09ab.playthisslot.com
mb8e053.successfulslot.net
md0094f.slotforjoy.com
mdbce9a.slotforjoy.net
mfc1f77.wowlucky.net
slogin.biz
www.ext-files.net
104.21.42.27
104.21.49.125
104.21.62.138
104.21.69.64
172.67.143.155
172.67.175.1
172.67.180.178
188.114.96.3
188.114.97.3
2606:4700:3030::6815:4293
2606:4700:3034::ac43:cd32
09bb5f42fd92a7e247760abb5a39de7b78db3957941524265a1dac2d19bfd8d0
11d729e4e96e6e75e5a8974a2c2392aed8a38cb55d76be58d9e885b598518981
1662738a75b44c1961ac5935dfa6ccb971902f2892f818a95876839af3bc71fb
1f7ef542441a759e00189c5801d2c3e410db32b333dc64bf1f787a00f376010a
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
2df796ef1292ee99e3363a6b81c1fc8fb85facaac454ac8969a5a7d143c085dc
3171e0a73c2018e3628d3b103acabd6cc20617763f21bfa346c736399849c071
409f921d2d0a2382f9c70e96a77ed375c073688cc75db45d914fb6a67524fd62
49447cd5a44e7a1ba79c162bc11da584cf454c776effe2a4daa65309cc07ba51
4b38a994aa974ffde8f2aec65e155cb6d9ecbb1ab1ee1339904bc4f209c0a60e
5f48de8d46452c362041d54ab4364fe1f6f0dd32675f3f1cbb7f159433ec7b6e
6305a9d221bcb64c8b86506798f46b29c004b119590195b86905230ce184399a
6adc10605b0632ab286434d6eb5e3609d4efd7cd053cf0f91b3dc645b3425988
914e690cbbbbbedcbbc987cd8ce7b38a7fef9c4ae05c24692a9dc3919b34a57b
96c6c0fc1fd140b3972ff1b1263382e36241298a95c4e1b23252b7198d666081
a1c316ad18308dd5ff853a61a24b1c16f74102ed52bc2804e18f6346bea3d75b
a726e0e872c406e6a653918672758808bb8aa2da9da46765219fdf2d25b856e9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb556903ce938eb5a6a923843db218e284dd83658f7c32aac810c77955e8b962
eefcfa46f15839fc576773e90233116387d5d4e724cb63ab6635cfefd3f2fd68