www.take-money.fun Open in urlscan Pro
2a03:6f00:1::5c35:6014 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.take-money.fun/
Submission: On February 06 via automatic, source certstream-suspicious (February 6th 2021, 8:15:00 am UTC)

Summary HTTP 199 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 23 domains to perform 199 HTTP transactions. The main IP is 2a03:6f00:1::5c35:6014, located in Russian Federation and belongs to TIMEWEB-AS, RU. The main domain is www.take-money.fun.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 22nd 2020. Valid for: 3 months.

This is the only time www.take-money.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2a03:6f00:1::... 2a03:6f00:1::5c35:6014	9123 (TIMEWEB-AS) (TIMEWEB-AS)
12	2606:4700:20:... 2606:4700:20::ac43:49a4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	37.139.1.242 37.139.1.242	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	88.99.165.109 88.99.165.109	24940 (HETZNER-AS) (HETZNER-AS)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	193.232.121.29 193.232.121.29	50214 (QWARTA) (QWARTA)
43	46.4.121.26 46.4.121.26	24940 (HETZNER-AS) (HETZNER-AS)
24	5.254.23.213 5.254.23.213	3223 (VOXILITY) (VOXILITY)
11	159.69.74.6 159.69.74.6	24940 (HETZNER-AS) (HETZNER-AS)
1	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	95.213.133.116 95.213.133.116	49505 (SELECTEL) (SELECTEL)
8 22	104.16.201.58 104.16.201.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 21	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
4	23.111.200.117 23.111.200.117	7979 (SERVERS-COM) (SERVERS-COM)
14	2606:4700::68... 2606:4700::6810:4036	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	194.176.118.216 194.176.118.216	49352 (LOGOL-AS) (LOGOL-AS)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
4 6	176.99.5.102 176.99.5.102	49352 (LOGOL-AS) (LOGOL-AS)
2 2	217.66.147.168 217.66.147.168	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.207 213.87.44.207	13174 (MTSNET Mo...) (MTSNET Moscow)
1	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1 2	138.201.34.239 138.201.34.239	24940 (HETZNER-AS) (HETZNER-AS)
1 1	88.212.233.36 88.212.233.36	7979 (SERVERS-COM) (SERVERS-COM)
1	88.99.149.88 88.99.149.88	24940 (HETZNER-AS) (HETZNER-AS)
1	82.202.224.34 82.202.224.34	50340 (SELECTEL-MSK) (SELECTEL-MSK)
199	25

17 2a03:6f00:1::5c35:6014 (Russian Federation)

ASN9123 (TIMEWEB-AS, RU)

www.take-money.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::ac43:49a4 (United States)

ASN13335 (CLOUDFLARENET, US)

linkslot.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 37.139.1.242 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

multibux.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
push.multibux.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.165.109 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz858026.sapientru.net

ddnk.advertur.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.232.121.29 (Russian Federation)

ASN50214 (QWARTA, RU)

cdn-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 46.4.121.26 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1271109.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 5.254.23.213 (Germany)

ASN3223 (VOXILITY, GB)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 159.69.74.6 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1290922.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::2 (Germany)

ASN60068 (CDN77 (^_^)/, GB)

p1.dircont3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.213.133.116 (Russian Federation)

ASN49505 (SELECTEL, RU)

ps.ntvk1.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.16.201.58 (United States) 8 redirects

ASN13335 (CLOUDFLARENET, US)

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2001:6d0:4001::226 (Russian Federation) 5 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.111.200.117 (Russian Federation)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6810:4036 (United States)

ASN13335 (CLOUDFLARENET, US)

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.176.118.216 (Russian Federation)

ASN49352 (LOGOL-AS, RU)
PTR: d40666.acod.regrucolo.ru

ps5.ntvk1.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 176.99.5.102 (Russian Federation) 4 redirects

ASN49352 (LOGOL-AS, RU)
PTR: d41228.acod.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.66.147.168 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-168-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.207 (Moscow, Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.34.239 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.239.34.201.138.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.233.36 (Russian Federation) 1 redirects

ASN7979 (SERVERS-COM, US)

api.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.149.88 (Germany)

ASN24940 (HETZNER-AS, DE)

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.202.224.34 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)

rtb.beroll.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	acint.net www.acint.net	17 KB
28	betweendigital.com cache.betweendigital.com ads.betweendigital.com	588 KB
22	yabidos.com 8 redirects pixel.yabidos.com	157 KB
21	tns-counter.ru 5 redirects www.tns-counter.ru	8 KB
17	take-money.fun www.take-money.fun	5 MB
14	glotgrx.com pre.glotgrx.com	2 KB
14	multibux.org multibux.org push.multibux.org	252 KB
12	sape.ru cdn-rtb.sape.ru ssp-rtb.sape.ru	30 KB
12	linkslot.ru linkslot.ru	37 KB
9	gstatic.com fonts.gstatic.com	97 KB
6	rktch.com 4 redirects ut.rktch.com	2 KB
5	yandex.ru 1 redirects mc.yandex.ru an.yandex.ru	43 KB
3	mts.ru 3 redirects sm.rtb.mts.ru tech.rtb.mts.ru	2 KB
2	buzzoola.com 1 redirects exchange.buzzoola.com	550 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	542 B
2	ntvk1.ru ps.ntvk1.ru ps5.ntvk1.ru	5 KB
2	advertur.ru ddnk.advertur.ru	5 KB
1	beroll.ru rtb.beroll.ru	86 B
1	1dmp.io sync.1dmp.io	376 B
1	advarkads.com 1 redirects api.advarkads.com	455 B
1	dircont3.com p1.dircont3.com	9 KB
1	googleapis.com fonts.googleapis.com	954 B
1	fontawesome.com use.fontawesome.com	455 KB
199	23

	Domain	Requested by
43	www.acint.net	cdn-rtb.sape.ru www.acint.net
24	cache.betweendigital.com	cdn-rtb.sape.ru cache.betweendigital.com www.take-money.fun
22	pixel.yabidos.com	8 redirects www.take-money.fun pixel.yabidos.com
21	www.tns-counter.ru	5 redirects www.take-money.fun
17	www.take-money.fun	www.take-money.fun
14	pre.glotgrx.com	www.take-money.fun
13	multibux.org	www.take-money.fun multibux.org
12	linkslot.ru	www.take-money.fun
11	ssp-rtb.sape.ru	cdn-rtb.sape.ru
9	fonts.gstatic.com	fonts.googleapis.com
6	ut.rktch.com	4 redirects
4	ads.betweendigital.com	cache.betweendigital.com
4	mc.yandex.ru	1 redirects cdn-rtb.sape.ru
2	exchange.buzzoola.com	1 redirects
2	sm.rtb.mts.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	ddnk.advertur.ru	www.take-money.fun ddnk.advertur.ru
1	rtb.beroll.ru
1	sync.1dmp.io
1	api.advarkads.com	1 redirects
1	an.yandex.ru
1	tech.rtb.mts.ru	1 redirects
1	ps5.ntvk1.ru	www.take-money.fun
1	ps.ntvk1.ru	p1.dircont3.com
1	p1.dircont3.com	cdn-rtb.sape.ru
1	cdn-rtb.sape.ru	ddnk.advertur.ru
1	fonts.googleapis.com	www.take-money.fun
1	push.multibux.org	www.take-money.fun
1	use.fontawesome.com	www.take-money.fun
199	29

This site contains links to these domains. Also see Links.

Domain
t.me
linkslot.ru
deslife.blogspot.com
multibux.org
weblider.net
prtglp.ru
bizoninvest.com
1wvls.top
topbirds.biz
robots-money.biz
profitcoin.cc
shop-empire.info

Subject Issuer	Validity	Valid
take-money.fun Let's Encrypt Authority X3	`2020-11-22` - `2021-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-05-24` - `2021-05-24`	a year	crt.sh
*.multibux.org GoGetSSL RSA DV CA	`2020-09-05` - `2021-09-05`	a year	crt.sh
*.advertur.ru R3	`2020-12-17` - `2021-03-17`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.sape.ru R3	`2020-12-17` - `2021-03-17`	3 months	crt.sh
*.acint.net Let's Encrypt Authority X3	`2020-11-29` - `2021-02-27`	3 months	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-08` - `2022-02-05`	2 years	crt.sh
1088415191.rsc.cdn77.org R3	`2020-12-28` - `2021-03-28`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.ntvk1.ru Sectigo RSA Domain Validation Secure Server CA	`2020-05-11` - `2021-08-09`	a year	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2020-11-10` - `2021-12-12`	a year	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-19` - `2021-12-20`	a year	crt.sh
*.glotgrx.com Go Daddy Secure Certificate Authority - G2	`2020-12-14` - `2022-01-12`	a year	crt.sh
ut.rktch.com R3	`2021-01-05` - `2021-04-05`	3 months	crt.sh
an.yandex.by Yandex CA	`2020-10-01` - `2021-04-01`	6 months	crt.sh
*.buzzoola.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-30` - `2022-09-28`	2 years	crt.sh
sync.1dmp.io R3	`2021-01-21` - `2021-04-21`	3 months	crt.sh
*.beroll.ru AlphaSSL CA - SHA256 - G2	`2020-02-15` - `2021-02-16`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.take-money.fun/
Frame ID: 8BB858D00909F995A3F54DE61B7D34E6
Requests: 126 HTTP requests in this frame

Frame: https://cache.betweendigital.com/sections/2/3921845.js
Frame ID: 4B68769D1922CEA4C0CB5CED7763240C
Requests: 9 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=14
Frame ID: E0F088EEDF60928F0A369DE4E5DF14E6
Requests: 1 HTTP requests in this frame

Frame: https://cache.betweendigital.com/sections/2/3921837.js
Frame ID: 7F6FC53FF2D6ACCF872210A3208B2650
Requests: 9 HTTP requests in this frame

Frame: https://cache.betweendigital.com/sections/2/3921840.js
Frame ID: 221DB5948696EBF0F17301D8B61E56B2
Requests: 7 HTTP requests in this frame

Frame: https://cache.betweendigital.com/sections/2/3921843.js
Frame ID: 232DC62522C2926548F66F85EF54A7DD
Requests: 9 HTTP requests in this frame

Frame: https://ads.betweendigital.com/adi?frl=1&subid=1469102.162403192&pos=atf&ref=https%3A%2F%2Fwww.take-money.fun%2F&tz=-60&fl=0&ord=5852221200860355&rr=direct&c2s=1&r_seq=0&tld=d3d3LnRha2UtbW9uZXkuZnVu&tagType=adi&w=468&h=60&s=3921845&jst=ai
Frame ID: 7B806FED5BC4BF6B173F04E183D4EAA6
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/adi?frl=1&subid=1469102.162403179&pos=atf&ref=https%3A%2F%2Fwww.take-money.fun%2F&tz=-60&fl=0&ord=8855964171232062&rr=direct&c2s=1&r_seq=0&tld=d3d3LnRha2UtbW9uZXkuZnVu&tagType=adi&w=468&h=60&s=3921843&jst=ai
Frame ID: 39A09099F8F32D9BF9E011BB20425264
Requests: 1 HTTP requests in this frame

Frame: https://cache.betweendigital.com/sections/2/3921842.js
Frame ID: 99BB766809BBA9D314A0A26289BC6600
Requests: 9 HTTP requests in this frame

Frame: https://cache.betweendigital.com/sections/2/3921844.js
Frame ID: 38858E4FDB3EF12251C52B24AE960902
Requests: 9 HTTP requests in this frame

Frame: https://ads.betweendigital.com/adi?frl=1&subid=1469102.162403188&pos=atf&ref=https%3A%2F%2Fwww.take-money.fun%2F&tz=-60&fl=0&ord=7039540925265957&rr=direct&r_seq=0&tld=d3d3LnRha2UtbW9uZXkuZnVu&tagType=adi&w=468&h=60&s=3921842&jst=ai
Frame ID: 06623DAC94CD532344AC0B0A249A1EE7
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/adi?frl=1&subid=1469102.162403201&pos=atf&ref=https%3A%2F%2Fwww.take-money.fun%2F&tz=-60&fl=0&ord=1746493877800390.2&rr=direct&r_seq=0&tld=d3d3LnRha2UtbW9uZXkuZnVu&tagType=adi&w=468&h=60&s=3921844&jst=ai
Frame ID: 577AF6556B16E2F0DC3908FE596638C5
Requests: 1 HTTP requests in this frame

Frame: https://cache.betweendigital.com/sections/2/3921838.js
Frame ID: 6A6CA12F27102884A45B7DE3F1D3AEB2
Requests: 7 HTTP requests in this frame

Frame: https://cache.betweendigital.com/sections/2/3921839.js
Frame ID: 5012CAC89057E32034009D3B0C635BDF
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /mc\.yandex\.ru\/metrika\/watch\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

199
Requests

98 %
HTTPS

32 %
IPv6

23
Domains

29
Subdomains

25
IPs

4
Countries

6819 kB
Transfer

9950 kB
Size

1
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/joinchat/AAAAAETvDpAneED0ys6IFA

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner.php?id=291032

Search URL Search Domain Scan URL

URL: https://deslife.blogspot.com/

Search URL Search Domain Scan URL

URL: https://multibux.org/banners/bannersshop/id=2132

Search URL Search Domain Scan URL

URL: https://multibux.org/

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner.php?id=291033

Search URL Search Domain Scan URL

URL: https://weblider.net/index.php?r=240827

Search URL Search Domain Scan URL

URL: https://multibux.org/banners/bannersshop/id=2133

Search URL Search Domain Scan URL

URL: https://multibux.org/linblocks/shop/id=316
Title: Купить ссылку здесь за 3 руб.

Search URL Search Domain Scan URL

URL: https://prtglp.ru/affiliate/8897792
Title: лучший из лучших заработок

Search URL Search Domain Scan URL

URL: https://bizoninvest.com/?i=158792
Title: Бессрочно без ограничений на вывод

Search URL Search Domain Scan URL

URL: https://1wvls.top/v2/landing-page/casino#zzx9
Title: Пр. код. 249748 на 50000 рублей.

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner.php?id=291034

Search URL Search Domain Scan URL

URL: https://topbirds.biz/?i=3

Search URL Search Domain Scan URL

URL: https://multibux.org/banners/bannersshop/id=2135

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner.php?id=291035

Search URL Search Domain Scan URL

URL: https://linkslot.ru/link.php?id=293052
Title: Купить ссылку здесь за 3 руб.

Search URL Search Domain Scan URL

URL: https://robots-money.biz/?i=4
Title: Бомба 2021 Года! Смотрите сами!

Search URL Search Domain Scan URL

URL: https://profitcoin.cc/?ref=aleks55111
Title: Новый майнинг 200 Gh/s за регистрацию

Search URL Search Domain Scan URL

URL: https://shop-empire.info/
Title: 🔔 Слив PHP скриптов ➜FREE

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921845&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921845&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

Request Chain 91

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/97618702 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/97618702

Request Chain 98

https://mc.yandex.ru/watch/71281900?wmode=7&page-url=https%3A%2F%2Fwww.take-money.fun%2F&charset=utf-8&site-info=%7B%22site_id%22%3A112933%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjb%3Afp%3A312%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A465297688485%3Ahid%3A242236314%3Az%3A60%3Ai%3A20210206091444%3Aet%3A1612599285%3Ac%3A1%3Arn%3A500016132%3Arqn%3A1%3Au%3A1612599285932455112%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1612599283707%3Ads%3A1%2C81%2C50%2C1%2C0%2C0%2C%2C237%2C0%2C561%2C561%2C1%2C494%3Adsn%3A1%2C81%2C50%2C1%2C0%2C0%2C%2C239%2C0%2C562%2C562%2C0%2C494%3Arqnl%3A1%3Ati%3A2%3Ast%3A1612599285%3At%3ATAKE-MONEY HTTP 302
https://mc.yandex.ru/watch/71281900/1?wmode=7&page-url=https%3A%2F%2Fwww.take-money.fun%2F&charset=utf-8&site-info=%7B%22site_id%22%3A112933%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjb%3Afp%3A312%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A465297688485%3Ahid%3A242236314%3Az%3A60%3Ai%3A20210206091444%3Aet%3A1612599285%3Ac%3A1%3Arn%3A500016132%3Arqn%3A1%3Au%3A1612599285932455112%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1612599283707%3Ads%3A1%2C81%2C50%2C1%2C0%2C0%2C%2C237%2C0%2C561%2C561%2C1%2C494%3Adsn%3A1%2C81%2C50%2C1%2C0%2C0%2C%2C239%2C0%2C562%2C562%2C0%2C494%3Arqnl%3A1%3Ati%3A2%3Ast%3A1612599285%3At%3ATAKE-MONEY

Request Chain 100

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921837&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921837&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

Request Chain 101

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/80067241 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/80067241

Request Chain 102

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921840&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921840&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

Request Chain 103

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/97845262 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/97845262

Request Chain 104

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921843&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921843&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

Request Chain 105

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/30156933 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/30156933

Request Chain 107

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/84050059 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/84050059

Request Chain 123

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D&bounce=1&random=81683459 HTTP 302
https://ut.rktch.com/matchspm?pi=1000006&pui=hJ.awqSUx7gPWpMdswnf6e

Request Chain 125

https://ut.rktch.com/matchbt?bi=29 HTTP 302
https://sm.rtb.mts.ru/p?ssp=natimatica&id=211e39cc55aeda3cf73b250adafcdd5c546c HTTP 301
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D0af3a3ef-aa90-4a55-b38b-8ef09387cf9f&ssp=natimatica&exu=211e39cc55aeda3cf73b250adafcdd5c546c HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=0af3a3ef-aa90-4a55-b38b-8ef09387cf9f&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FCvOj76qQSlWzi47wk4fPnw%3Flocation%3Dhttps%253A%252F%252Fut.rktch.com%252Fmatchsbm%253Fbi%253D29%2526bui%253D0af3a3ef-aa90-4a55-b38b-8ef09387cf9f%26sign%3D11418638 HTTP 302
https://an.yandex.ru/setud/mts_banner/CvOj76qQSlWzi47wk4fPnw?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D0af3a3ef-aa90-4a55-b38b-8ef09387cf9f&sign=11418638

Request Chain 126

https://ut.rktch.com/matchbt?bi=27 HTTP 302
https://exchange.buzzoola.com/cookiesync/ssp/natimatica?uid=211e39cc55aeda3cf73b250adafcdd5c546c HTTP 307
https://exchange.buzzoola.com/cookiesync/ssp/natimatica?set_buzzoola_cookie=t&uid=211e39cc55aeda3cf73b250adafcdd5c546c

Request Chain 127

https://ut.rktch.com/matchbt?bi=50 HTTP 302
https://api.advarkads.com/api/statistic/match?id=8067-1-1&uid=211e39cc55aeda3cf73b250adafcdd5c546c HTTP 302
https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d5c801-5524-425e-8150-44d7fd8e1e13

Request Chain 128

https://ut.rktch.com/matchbt?bi=39 HTTP 302
https://rtb.beroll.ru/uuid?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D39%26bui%3D

Request Chain 141

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921842&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921842&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

Request Chain 143

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921844&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921844&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

Request Chain 176

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921839&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921839&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

Request Chain 178

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921838&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921838&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

199 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.take-money.fun/ 15 KB
4 KB 133ms
50ms Document
text/html 2a03:6f00:1::5c35:6014
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:1::5c35:6014 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 86e59269fd67d3d88c0ea1de7eda8ddf67d6d20854345de6df3ef6dc0b17ff52

Request headers

:method: GET
:authority: www.take-money.fun
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx/1.16.1
date: Sat, 06 Feb 2021 08:14:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=54848964624ce9cba578adbe4b6ab330; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip

GET
H2 200 bootstrap.min.css
www.take-money.fun/template/MDB/css/ 138 KB
21 KB 46ms
45ms Stylesheet
text/css 2a03:6f00:1::5c35:6014
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.take-money.fun/template/MDB/css/bootstrap.min.css
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:1::5c35:6014 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:43 GMT
content-encoding: gzip
last-modified: Tue, 23 Jun 2020 18:07:53 GMT
server: nginx/1.16.1
etag: W/"5ef244f9-22688"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
expires: Tue, 09 Mar 2021 08:14:43 GMT

GET
H2 200 mdb.min.css
www.take-money.fun/template/MDB/css/ 231 KB
25 KB 85ms
84ms Stylesheet
text/css 2a03:6f00:1::5c35:6014
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.take-money.fun/template/MDB/css/mdb.min.css
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:1::5c35:6014 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: c182de453ddec632f2525f386a24f5c3b214c8ee775954ac46740fc81287c545

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:43 GMT
content-encoding: gzip
last-modified: Tue, 23 Jun 2020 18:07:53 GMT
server: nginx/1.16.1
etag: W/"5ef244f9-39cd1"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
expires: Tue, 09 Mar 2021 08:14:43 GMT

GET
H2 200 style.css
www.take-money.fun/template/MDB/css/ 3 KB
1 KB 86ms
84ms Stylesheet
text/css 2a03:6f00:1::5c35:6014
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.take-money.fun/template/MDB/css/style.css?2
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:1::5c35:6014 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: c08da55e19525062cc30652aa8ab11cde8785b87b124f9101d74a75be785482f

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:43 GMT
content-encoding: gzip
last-modified: Tue, 23 Jun 2020 18:24:41 GMT
server: nginx/1.16.1
etag: W/"5ef248e9-a2d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2678400
expires: Tue, 09 Mar 2021 08:14:43 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
www.take-money.fun/template/MDB/js/ 85 KB
30 KB 124ms
123ms Script
application/x-javascript 2a03:6f00:1::5c35:6014
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.take-money.fun/template/MDB/js/jquery-3.3.1.min.js
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:1::5c35:6014 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:43 GMT
content-encoding: gzip
last-modified: Tue, 23 Jun 2020 18:07:53 GMT
server: nginx/1.16.1
etag: W/"5ef244f9-1538f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Tue, 09 Mar 2021 08:14:43 GMT

GET
H2 200 sender.js Show response
www.take-money.fun/template/js/ 1 KB
794 B 124ms
123ms Script
application/x-javascript 2a03:6f00:1::5c35:6014
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.take-money.fun/template/js/sender.js?6
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:1::5c35:6014 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 8d042fbbd6585653d67a50125d86c128c34576b7b2a0c2022fed5d78ac24d97b

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:43 GMT
content-encoding: gzip
last-modified: Tue, 23 Jun 2020 18:44:38 GMT
server: nginx/1.16.1
etag: W/"5ef24d96-56a"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Tue, 09 Mar 2021 08:14:43 GMT

GET
H2 200 telegram.png
www.take-money.fun/template/img/ 99 KB
99 KB 73ms
68ms Image
image/png 2a03:6f00:1::5c35:6014
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.take-money.fun/template/img/telegram.png
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:1::5c35:6014 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: a55861b65db1b9961244a210d9305d4ff16c9d6e16a441a103d498762112de8e

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
last-modified: Tue, 08 Dec 2020 18:19:56 GMT
server: nginx/1.16.1
etag: "5fcfc3cc-18b09"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 101129
expires: Tue, 09 Mar 2021 08:14:44 GMT

GET
H2 200 mark-and-john.gif
www.take-money.fun/template/img/ 4 MB
4 MB 88ms
83ms Image
image/gif 2a03:6f00:1::5c35:6014
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.take-money.fun/template/img/mark-and-john.gif
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:1::5c35:6014 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: fd7627dee0df960045a212e5e2c101ae75784fd18782a857ef3a3461fc384570

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
last-modified: Tue, 23 Jun 2020 18:07:54 GMT
server: nginx/1.16.1
etag: "5ef244fa-3f9762"
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 4167522
expires: Tue, 09 Mar 2021 08:14:44 GMT

GET
H2 200 bancode.php Show response
linkslot.ru/ 14 KB
5 KB 98ms
77ms Script
application/javascript 2606:4700:20::ac43:49a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=291032
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f0b4eb4293ab696c1922922bb3f370fce06c205abcc3b9198798974b1e84a08

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id: 0818016929000016f288967000000001
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
date: Sat, 06 Feb 2021 08:14:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QWmhWbtnSKBcz9Wpbeelq3Ue9PJVxW6R9Tz9pnMixY0B3z6UL2sVLCtCG6pZKCsjzIu3gspm2ng5s2lHoh%2Bhd%2FQrgvc1tfNYUv9MWW6hPpblWXQLswvY9w%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=windows-1251
cf-ray: 61d36b5508b116f2-FRA

GET
H/1.1 200
OK bancode.php Show response
multibux.org/ 12 KB
6 KB 80ms
27ms Script
text/javascript 37.139.1.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://multibux.org/bancode.php?id=2132
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PHP/5.5.9-1ubuntu4.26
Resource Hash: 883687891e98e56324ec82c61febcb8536bcf7e29922cd71dd60cdb769b33bd1

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Feb 2021 08:14:43 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.5.9-1ubuntu4.26
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 bancode.php Show response
linkslot.ru/ 14 KB
5 KB 91ms
70ms Script
application/javascript 2606:4700:20::ac43:49a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=291033
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d624782e39d3e90f862b87d5a90be1741509df9288efda0349bbe1c10c553b0

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id: 081801692a000016f24c395000000001
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
date: Sat, 06 Feb 2021 08:14:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sTFylYjezV%2FiVXPUMPyWhJoGpTT%2F0LkxrW5SOUP%2BPoF83Mnalm%2FxMkK16SxXxJYG8F6AMtdGwCDXVsJ9iRXqeRSatTFYENrsHm0Pjohl3rruQ%2B4M2e5sKw%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=windows-1251
cf-ray: 61d36b5508b316f2-FRA

GET
H/1.1 200
OK bancode.php Show response
multibux.org/ 12 KB
6 KB 87ms
35ms Script
text/javascript 37.139.1.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://multibux.org/bancode.php?id=2133
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PHP/5.5.9-1ubuntu4.26
Resource Hash: 485275e86f9225dc7b1849997dbfe31ba31c913198d4797c3e2b778e135d1ec1

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Feb 2021 08:14:43 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.5.9-1ubuntu4.26
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK loader.js Show response
ddnk.advertur.ru/v1/s/ 19 KB
4 KB 111ms
26ms Script
application/javascript 88.99.165.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ddnk.advertur.ru/v1/s/loader.js
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 88.99.165.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz858026.sapientru.net
Software: nginx / React/alpha
Resource Hash: 356516691883389ee335e3d4ce9f286214ac10fc14df72f97353f6a4dfee5824

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:44 GMT
Content-Encoding: gzip
ETag: "7dbf38cddb4d1e41a7317490d70e006df2551540ab6373fc9c66d1e5d9df04fb"
Last-Modified: Fri, 07 Aug 2020 08:40:20 GMT
Server: nginx
X-Powered-By: React/alpha
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=60
Connection: keep-alive
Content-Length: 4036
Expires: Sat, 06 Feb 2021 08:15:44 GMT

GET
H/1.1 200
OK lincode.php Show response
multibux.org/ 8 KB
3 KB 86ms
30ms Script
text/javascript 37.139.1.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://multibux.org/lincode.php?id=316
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PHP/5.5.9-1ubuntu4.26
Resource Hash: f12a4c027f010051050e13f04ca952fb5348647c0b0851ec5362a93ff0c6816c

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Feb 2021 08:14:43 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.5.9-1ubuntu4.26
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 white.gif
www.take-money.fun/template/img/ 692 KB
693 KB 87ms
83ms Image
image/gif 2a03:6f00:1::5c35:6014
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.take-money.fun/template/img/white.gif
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:1::5c35:6014 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: a55be779f27ba3db06ec0a30826930e1ba7ab0a5e47bc27f0273c30db9579bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
last-modified: Tue, 23 Jun 2020 18:07:54 GMT
server: nginx/1.16.1
etag: "5ef244fa-ad13b"
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 708923
expires: Tue, 09 Mar 2021 08:14:44 GMT

GET
H2 200 bancode.php Show response
linkslot.ru/ 14 KB
5 KB 89ms
69ms Script
application/javascript 2606:4700:20::ac43:49a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=291034
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e7c2c4674b9b9de35d3024cb0e125aece3fd4f8c0ece4790ab7dd1b6ed6db94

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id: 081801692a000016f2900ae000000001
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
date: Sat, 06 Feb 2021 08:14:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FZDvZrzef6OnF0%2FAtGdelE%2FZkxOCcVbgYu9LzviRdJB3eYrKY%2FG7uLlRmYb8hp1DcL5YHgsD36OyKwmHcgX%2BasA%2F5AqtlSx6Z1Bxfut5s3v9NY6PyGlEEA%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=windows-1251
cf-ray: 61d36b5508b516f2-FRA

GET
H/1.1 200
OK bancode.php Show response
multibux.org/ 11 KB
6 KB 89ms
32ms Script
text/javascript 37.139.1.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://multibux.org/bancode.php?id=2135
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PHP/5.5.9-1ubuntu4.26
Resource Hash: b03bb5640e9f1b4b1c506b5425c741fbeef2fc5649071987df510240d4fbc67a

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Feb 2021 08:14:43 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.5.9-1ubuntu4.26
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 bancode.php Show response
linkslot.ru/ 14 KB
5 KB 84ms
64ms Script
application/javascript 2606:4700:20::ac43:49a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=291035
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bf7297e67f011edda2221f6970d05f454c2915b95504678f8770089bc4a425b

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id: 081801692a000016f262a9c000000001
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
date: Sat, 06 Feb 2021 08:14:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b%2FJDa57XcYF2WMDU73D9VMpBgda%2Bu9lFcoOTCl%2F5lrs3uygdUBTwJj%2FYu0SxOka%2BiisCZnRR8THYg%2BA9EyzR0nJ00j58Kqpw3%2Fb15xF%2B64QdhEg3Mx0z2g%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=windows-1251
cf-ray: 61d36b5508b816f2-FRA

GET
H2 200 lincode.php Show response
linkslot.ru/ 14 KB
5 KB 88ms
69ms Script
application/javascript 2606:4700:20::ac43:49a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/lincode.php?id=293052
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6f8f2f8786e9f043ebd9110f94f91da156ef343290e78fae1411172678403fa

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id: 081801692b000016f2a4910000000001
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
date: Sat, 06 Feb 2021 08:14:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZPgBsWNIp%2BXioc8nlRTxVkNbO26ER9UT%2B4wImUq0uv%2Fjp6FCTC7I%2B%2FBAhu%2Bxhl%2F2jUZ7uF2FIKiNjO0xWLM3NdciHMd%2FWXtSg%2B9CSPghARftB82dVhmiNg%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=windows-1251
cf-ray: 61d36b5508ba16f2-FRA

GET
H2 200 ssl.png
www.take-money.fun/template/img/ 16 KB
16 KB 86ms
83ms Image
image/png 2a03:6f00:1::5c35:6014
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.take-money.fun/template/img/ssl.png?2
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:1::5c35:6014 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 9900f9b5adf569be3c70f51f0784a4bdca0242628d2d09151a30eb1b013d4bef

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
last-modified: Tue, 23 Jun 2020 18:07:54 GMT
server: nginx/1.16.1
etag: "5ef244fa-3e21"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 15905
expires: Tue, 09 Mar 2021 08:14:44 GMT

GET
H2 200 ddos-protection.png
www.take-money.fun/template/img/ 4 KB
4 KB 86ms
83ms Image
image/png 2a03:6f00:1::5c35:6014
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.take-money.fun/template/img/ddos-protection.png?2
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:1::5c35:6014 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: a1cedfc39995508192f8f6092897d6be2d604a423df16e4c39516788f0a9e618

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
last-modified: Tue, 23 Jun 2020 18:07:53 GMT
server: nginx/1.16.1
etag: "5ef244f9-f4a"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 3914
expires: Tue, 09 Mar 2021 08:14:44 GMT

GET
H2 200 payeer.png
www.take-money.fun/template/img/ 4 KB
4 KB 87ms
83ms Image
image/png 2a03:6f00:1::5c35:6014
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.take-money.fun/template/img/payeer.png?2
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:1::5c35:6014 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4208b24d5c060ad480f04526592edef451108af6ab41a2e9f4dff95bf13648ef

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
last-modified: Tue, 23 Jun 2020 18:07:54 GMT
server: nginx/1.16.1
etag: "5ef244fa-e8b"
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 3723
expires: Tue, 09 Mar 2021 08:14:44 GMT

GET
H2 200 popper.min.js Show response
www.take-money.fun/template/MDB/js/ 20 KB
7 KB 41ms
41ms Script
application/x-javascript 2a03:6f00:1::5c35:6014
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.take-money.fun/template/MDB/js/popper.min.js
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:1::5c35:6014 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 58cb6a78afc204b7165e947c965cbce6296ee0e587fbab3e12c0d2b6378e9004

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:43 GMT
content-encoding: gzip
last-modified: Tue, 23 Jun 2020 18:07:53 GMT
server: nginx/1.16.1
etag: W/"5ef244f9-5039"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Tue, 09 Mar 2021 08:14:43 GMT

GET
H2 200 bootstrap.min.js Show response
www.take-money.fun/template/MDB/js/ 50 KB
14 KB 44ms
44ms Script
application/x-javascript 2a03:6f00:1::5c35:6014
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.take-money.fun/template/MDB/js/bootstrap.min.js
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:1::5c35:6014 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:43 GMT
content-encoding: gzip
last-modified: Tue, 23 Jun 2020 18:07:53 GMT
server: nginx/1.16.1
etag: W/"5ef244f9-c75f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Tue, 09 Mar 2021 08:14:43 GMT

GET
H2 200 mdb.min.js Show response
www.take-money.fun/template/MDB/js/ 205 KB
62 KB 50ms
44ms Script
application/x-javascript 2a03:6f00:1::5c35:6014
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.take-money.fun/template/MDB/js/mdb.min.js
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:1::5c35:6014 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: ece6f302b06274a67a322bc99836659428e5b9883e57b5425b562030fd3fc975

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
content-encoding: gzip
last-modified: Tue, 23 Jun 2020 18:07:53 GMT
server: nginx/1.16.1
etag: W/"5ef244f9-3324d"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Tue, 09 Mar 2021 08:14:44 GMT

GET
H2 200 sweetalert2.all.min.js Show response
www.take-money.fun/template/library/ 62 KB
15 KB 72ms
67ms Script
application/x-javascript 2a03:6f00:1::5c35:6014
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.take-money.fun/template/library/sweetalert2.all.min.js
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:1::5c35:6014 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f86b0a4594e3f68aeda13429290a9fe299c128206c960084f5b2c9edfa8a8906

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
content-encoding: gzip
last-modified: Tue, 23 Jun 2020 18:07:54 GMT
server: nginx/1.16.1
etag: W/"5ef244fa-f9f7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2678400
expires: Tue, 09 Mar 2021 08:14:44 GMT

GET
H2 200 all.js Show response
use.fontawesome.com/releases/v5.6.3/js/ 1 MB
455 KB 60ms
29ms Script
application/javascript 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/js/all.js
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 80f7935587fcf36206dc79d2b46332eca6ff6cc40a12ce09fe66efd02336d97e

Request headers

Origin: https://www.take-money.fun
Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
content-encoding: gzip
last-modified: Thu, 20 Dec 2018 17:45:16 GMT
server: NetDNA-cache/2.2
etag: W/"7b6ab1d5b8de4d3b0e2d8084ad292818"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H/1.1 200
OK push.js Show response
push.multibux.org/ 158 B
511 B 78ms
19ms Script
application/javascript 37.139.1.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://push.multibux.org/push.js?id=44
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PHP/5.5.9-1ubuntu4.26
Resource Hash: 0ae808fef00054d3e03dd2d6f067646358627edf6e8677fc0f72252887124164

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Feb 2021 08:14:43 GMT
Content-Encoding: gzip
Last-Modified: Sat, 06 Feb 2021 08:14:43 GMT
Server: nginx
X-Powered-By: PHP/5.5.9-1ubuntu4.26
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 143

GET
H2 200 css2
fonts.googleapis.com/ 15 KB
954 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: www.take-money.fun
URL: https://www.take-money.fun/template/MDB/css/style.css?2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

145d3e8cb436d0585e5e1259c8cfe54dc5602ef8554a3b6ff0e5de038192b7b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.take-money.fun/template/MDB/css/style.css?2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Feb 2021 08:14:43 GMT
server: ESF
date: Sat, 06 Feb 2021 08:14:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Feb 2021 08:14:43 GMT

GET
H2 200 texture.jpg
www.take-money.fun/template/img/ 47 KB
48 KB 84ms
83ms Image
image/jpeg 2a03:6f00:1::5c35:6014
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.take-money.fun/template/img/texture.jpg
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/template/MDB/css/style.css?2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:6f00:1::5c35:6014 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 1df57af03da9225c44c40384c8f0637addf3c84e7d4bedf82f6ab8eb10562dbc

Request headers

Referer: https://www.take-money.fun/template/MDB/css/style.css?2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
last-modified: Tue, 23 Jun 2020 18:07:54 GMT
server: nginx/1.16.1
etag: "5ef244fa-bd25"
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
content-length: 48421
expires: Tue, 09 Mar 2021 08:14:44 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.take-money.fun
Referer: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 17:21:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 399201
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Tue, 01 Feb 2022 17:21:22 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_epG3g3D_vx3rCubqg.woff2
fonts.gstatic.com/s/montserrat/v15/ 8 KB
8 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_epG3g3D_vx3rCubqg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c6555a2e4d168491dcbef7d65f22065077b9f9cc98c843b57aa866635f0d0fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.take-money.fun
Referer: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 04:26:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:22 GMT
server: sffe
age: 100119
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7740
x-xss-protection: 0
expires: Sat, 05 Feb 2022 04:26:04 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_epG3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 12 KB
12 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_epG3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d5585f2965f7d5080769a4286d580a98d722b18964b999ef6b87ba13c11f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.take-money.fun
Referer: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 04:25:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:14:10 GMT
server: sffe
age: 100138
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12504
x-xss-protection: 0
expires: Sat, 05 Feb 2022 04:25:45 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_cJD3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 38ms
23ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_cJD3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.take-money.fun
Referer: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 04:25:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:43 GMT
server: sffe
age: 100150
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13560
x-xss-protection: 0
expires: Sat, 05 Feb 2022 04:25:34 GMT

GET
H3-Q050 200 JTUSjIg1_i6t8kCHKm459W1hyyTh89ZNpQ.woff2
fonts.gstatic.com/s/montserrat/v15/ 8 KB
8 KB 32ms
21ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459W1hyyTh89ZNpQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1529224e7f0d1dbb6cb34912d804e6bdcb2e7a6dff585eae58f53771ef544475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.take-money.fun
Referer: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 12:56:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:59 GMT
server: sffe
age: 155900
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8108
x-xss-protection: 0
expires: Fri, 04 Feb 2022 12:56:24 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 25ms
21ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.take-money.fun
Referer: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 12:56:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:51 GMT
server: sffe
age: 155898
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13464
x-xss-protection: 0
expires: Fri, 04 Feb 2022 12:56:26 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 26ms
23ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.take-money.fun
Referer: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 04:25:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:15 GMT
server: sffe
age: 100150
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Sat, 05 Feb 2022 04:25:34 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_bZF3g3D_vx3rCubqg.woff2
fonts.gstatic.com/s/montserrat/v15/ 8 KB
8 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3g3D_vx3rCubqg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2807363e414bd864292a9555556ce345e6046bb2c9eb090586c96848dc200a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.take-money.fun
Referer: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 18:32:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:52 GMT
server: sffe
age: 308556
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7984
x-xss-protection: 0
expires: Wed, 02 Feb 2022 18:32:08 GMT

GET
H/1.1 200
OK gate.php Show response
multibux.org/ 2 B
383 B 81ms
32ms XHR
text/html 37.139.1.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://multibux.org/gate.php?d1=dae1e298dac2d7d898a0d5d2c6ec92ccd6e18798949d9d8d96849da99b63899593a39489cee2decfcfd6cc999b8f9c9393a0c7c7cae1d8d5d4db9f86ccd8dfcfd281d9d4ce53d5d781eb849791d2959ac29f948ac7d1dcdfd0aacbc6ccdcd89596a69b9496a08b92d1c9e0e0d75f86d0cadec986c8d8c7d1d2938bcdced3dbe0d0629e978fa3929a92a39794999b8bddc7c7cde5d4629b9798a1979c84dfd9d0ccdad5d5cf96dede9b63969491a3949691a39496939a9b9a96919ca38e63898792a9959896ac9d989b9e9ba39f849d
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PHP/5.5.9-1ubuntu4.26
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:43 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.5.9-1ubuntu4.26
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 22
Keep-Alive: timeout=60

GET
H/1.1 200
OK 5e34b881c2b3a.gif
multibux.org/uploads/ 22 KB
22 KB 21ms
20ms Image
image/gif 37.139.1.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://multibux.org/uploads/5e34b881c2b3a.gif
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: ba7cb44c4bd1e4964f8c50886ed495d083edd2839d28550877ab509c32643920

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:43 GMT
Last-Modified: Fri, 31 Jan 2020 23:30:09 GMT
Server: nginx
ETag: "5e34b881-5843"
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 22595
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK buyb2.png
multibux.org/images/ 5 KB
6 KB 17ms
16ms Image
image/png 37.139.1.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://multibux.org/images/buyb2.png
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e21c873b121f9ce4577e92b944e0c5d9d11484b16bd94304616ee02af3da9870

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:43 GMT
Last-Modified: Mon, 11 Nov 2019 19:04:34 GMT
Server: nginx
ETag: "5dc9b0c2-14fe"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 5374
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK recl2.gif
multibux.org/images/ 4 KB
4 KB 16ms
15ms Image
image/gif 37.139.1.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://multibux.org/images/recl2.gif
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 55b1cb45ec461148ba57cfe04c4c697d531dbfac95a1d2faaed9d2c43d01341c

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:43 GMT
Last-Modified: Thu, 21 Nov 2019 07:45:33 GMT
Server: nginx
ETag: "5dd6409d-f08"
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 3848
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gate.php Show response
linkslot.ru/ 2 B
626 B 74ms
59ms XHR
text/html 2606:4700:20::ac43:49a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=dae2dc98e6c8d4df8edfd7d5cddc99cbdfe08a9bb392a29b9c8b94a1959a95989baa9195d5d6e2ccd7d1cba19c97aa819ad5c8cbccd9d9d9e5cfa49acae0dcccd483d8c6cd92d6dc9ad9929997c7949fc49f9b87caead1decddecdc5d6cedea19c9cb18fa59e8790ced3d9d7de9389e6caddcd87cfc8ced0d99b87cce2d3e1d5cc979b9e939aa09b9aaa94a09e9888d6cccbcbe4d098af94a9969a9e869fd2cfa3d7caf294d4d8d898939b959aa29799aa91a2989798939b959aa297999d91958b989e949d9aa3ab99a1ae92a29e
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.8
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-powered-by: PHP/7.4.8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RmbcuoYg8s7zBNHsdUATAjWKrfmp%2FYnDIabwbgXH%2FpRCSCc9ZMGSIamuatsJfeRFTUM%2B6uIy2IsTmJ1GJU7tFyGk5cUP5rPkUIUihrdxvjZn7%2FD%2B0TBnOA%3D%3D"}],"max_age":604800}
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 61d36b55cce6dfef-FRA
content-length: 2
cf-request-id: 081801699e0000dfef2020e000000001

GET
H2 200 468x60.jpg
linkslot.ru/promo/dummy/ 12 KB
12 KB 18ms
18ms Image
image/jpeg 2606:4700:20::ac43:49a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/promo/dummy/468x60.jpg
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 961
content-length: 11802
cf-request-id: 081801698f000016f23b374000000001
last-modified: Tue, 21 Jul 2015 17:32:18 GMT
server: cloudflare
etag: "55ae8222-2e1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fHHr70Vou%2FBd%2BqDkAHH2NXLcuMzngp27oxsQQmPXvpEicNLb6b%2FM5DfVOipjS4WpNMd7VUMHq%2Fq1DoYM2JHrzsgU3RUeRFgDkVWti%2FP3kFdWIL9MGK07pQ%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61d36b55b99b16f2-FRA
cf-bgj: h2pri

GET
H/1.1 200
OK gate.php Show response
multibux.org/ 2 B
383 B 67ms
20ms XHR
text/html 37.139.1.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://multibux.org/gate.php?dl1=dae1e298dac2d7d898a0d5d2c6ec92ccd6e1879994a08e9b96919ca3986c999594a09c9f92a48797999a9b8d97939ca38ea0d5decadfd0c790a892968392d8cbc9cadae7daa6ce9f81dcd2dac6df84d3c4cd8bd9d981e4939c63c59595d2998f81d4d4d6cfcfe2cfc8ccd5e79a68999b8fa69a8689deccdad0d6978ad2cad7d88b9acbc7cce28d86c4dbd6d5d0cf9aa2998f9ca19f6496978fa99586d4d4cac7d5d39a9f99989aa6a15699cdd9dccedb95e6d2d8d69a9b9a96919ca39b63969491a3949691a39496939a8e9a89849da99c659b9d9aa59c9a92a39d8994
Requested by: Host: multibux.org
URL: https://multibux.org/lincode.php?id=316
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PHP/5.5.9-1ubuntu4.26
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:43 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.5.9-1ubuntu4.26
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 22
Keep-Alive: timeout=60

GET
H/1.1 200
OK gate.php Show response
multibux.org/ 2 B
383 B 68ms
21ms XHR
text/html 37.139.1.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://multibux.org/gate.php?d1=dae1e298dac2d7d898a0d5d2c6ec92ccd6e18798949d9e8d96849da99b63899593a39489cee2decfcfd6cc999b8f9c9393a0c7c7cae1d8d5d4db9f86ccd8dfcfd281d9d4ce53d5d781eb849791d2959ac29f948ac7d1dcdfd0aacbc6ccdcd89596a69b9496a08b92d1c9e0e0d75f86d0cadec986c8d8c7d1d2938bcdced3dbe0d0629e978fa3929a92a39794999b8bddc7c7cde5d4629b9798a1979c84a6dadcd3dcdfdcddc8d3e29b63969491a3949691a39496939a9b9a96919ca39b56968784a49a9793a89d9f95a29f9b97928fa4
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PHP/5.5.9-1ubuntu4.26
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:43 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.5.9-1ubuntu4.26
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 22
Keep-Alive: timeout=60

GET
H/1.1 200
OK 5e66355cb8911.gif
multibux.org/uploads/ 18 KB
18 KB 21ms
19ms Image
image/gif 37.139.1.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://multibux.org/uploads/5e66355cb8911.gif
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ace026e37d5f227c52371219f71a5af12f488e80f77c7c8d89db97a81fdf9e5

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:43 GMT
Last-Modified: Mon, 09 Mar 2020 12:23:56 GMT
Server: nginx
ETag: "5e66355c-4615"
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 17941
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gate.php Show response
linkslot.ru/ 2 B
280 B 76ms
69ms XHR
text/html 2606:4700:20::ac43:49a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=dae2dc98e6c8d4df8edfd7d5cddc99cbdfe08a9bb394a29d998b94a1959a95989baa9195d5d6e2ccd7d1cba19c97aa819ad5c8cbccd9d9d9e5cfa49acae0dcccd483d8c6cd92d6dc9ad9929997c7949fc49f9b87caead1decddecdc5d6cedea19c9cb18fa59e8790ced3d9d7de9389e6caddcd87cfc8ced0d99b87cce2d3e1d5cc979b9e939aa09b9aaa94a09e9888d6cccbcbe4d098af94a9969a9e869c9ed0eae1a0ea91d599ca98939b959aa29799aa91a2989798939b959aa297999d91958b989e949d9aa3ab99a1ae92a39d
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.8
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-powered-by: PHP/7.4.8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ltUNxdxCYiwkscm4dFvhzAnIpDXCTSvyNWh3VZghyqafBf1O8icqmHct5mCCMKmI31xgxUs0J9jlaHfqmOSjPwogVPQpdsMKB80rkJgGd%2BBs%2BDmGI0LuXQ%3D%3D"}],"max_age":604800}
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 61d36b55cce7dfef-FRA
content-length: 2
cf-request-id: 081801699e0000dfef4a83a000000001

GET
H2 200 gate.php Show response
linkslot.ru/ 2 B
283 B 68ms
64ms XHR
text/html 2606:4700:20::ac43:49a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=dae2dc98e6c8d4df8edfd7d5cddc99cbdfe08a9bb392a29b9b8b94a1959a95989baa9195d5d6e2ccd7d1cba19c97aa819ad5c8cbccd9d9d9e5cfa49acae0dcccd483d8c6cd92d6dc9ad9929997c7949fc49f9b87caead1decddecdc5d6cedea19c9cb18fa59e8790ced3d9d7de9389e6caddcd87cfc8ced0d99b87cce2d3e1d5cc979b9e939aa09b9aaa94a09e9888d6cccbcbe4d098af94a9969a9e869dd09ea9d7d7b1cea798e098939b959aa29799aa91a2989798939b959aa297999d91958b989e949d9aa3ab99a1ae92a3a1
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.8
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-powered-by: PHP/7.4.8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Z35M47yttoMwpDQ1hMgA52VVnMTYYQwbuR7CK9RQnMuEsExuDwae8zm2dDFYEdXR4XpB%2FKqKWUqriPjJLM23Fban8sOZ3mxM%2FMBxvgEfp%2Bwyiz4hnDlM6Q%3D%3D"}],"max_age":604800}
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 61d36b55cce8dfef-FRA
content-length: 2
cf-request-id: 081801699f0000dfef0a1b9000000001

GET
H/1.1 200
OK gate.php Show response
multibux.org/ 2 B
383 B 50ms
20ms XHR
text/html 37.139.1.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://multibux.org/gate.php?d1=dae1e298dac2d7d898a0d5d2c6ec92ccd6e18798949da08d96849da99b63899593a39489cee2decfcfd6cc999b8f9c9393a0c7c7cae1d8d5d4db9f86ccd8dfcfd281d9d4ce53d5d781eb849791d2959ac29f948ac7d1dcdfd0aacbc6ccdcd89596a69b9496a08b92d1c9e0e0d75f86d0cadec986c8d8c7d1d2938bcdced3dbe0d0629e978fa3929a92a39794999b8bddc7c7cde5d4629b9798a1979c84a5d09ccdcde4cedc93d8d69b63969491a3949691a39496939a9b9a96919ca39b56968784a49a9793a89d9f95a29f9b98928fa4
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PHP/5.5.9-1ubuntu4.26
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:43 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.5.9-1ubuntu4.26
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 22
Keep-Alive: timeout=60

GET
H/1.1 200
OK 601d96b5a9e2a.gif
multibux.org/uploads/ 179 KB
180 KB 20ms
19ms Image
image/gif 37.139.1.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://multibux.org/uploads/601d96b5a9e2a.gif
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 126d3bdcf4496b9dc25a14396dd5c8abe2780850e78896d38135e3ee370c5cd3

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:43 GMT
Last-Modified: Fri, 05 Feb 2021 19:04:21 GMT
Server: nginx
ETag: "601d96b5-2cd59"
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 183641
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gate.php Show response
linkslot.ru/ 2 B
283 B 62ms
62ms XHR
text/html 2606:4700:20::ac43:49a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=dae2dc98e6c8d4df8edfd7d5cddc99cbdfe08a9bb392a29b9a8b94a1959a95989baa9195d5d6e2ccd7d1cba19c97aa819ad5c8cbccd9d9d9e5cfa49acae0dcccd483d8c6cd92d6dc9ad9929997c7949fc49f9b87caead1decddecdc5d6cedea19c9cb18fa59e8790ced3d9d7de9389e6caddcd87cfc8ced0d99b87cce2d3e1d5cc979b9e939aa09b9aaa94a09e9888d6cccbcbe4d098af94a9969a9e86d4d8d7e0d5cce1d8e1dd9798939b959aa29799aa91a2989798939b959aa2978caa8495999d9995a09ea3a49f9dab95a8
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.8
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-powered-by: PHP/7.4.8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3DWTpOa4RYk2H3EA%2B%2Fb7UIRt%2F8rHrFfNDmCVxi2DPHiJZItQJ4xT2CS6AAvuWyjcM%2Fwsprc5L5B8Deuyhu136ToKFtO2BytSy4B6GXibe1oS3qg%2FuJgmbg%3D%3D"}],"max_age":604800}
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 61d36b55ed1edfef-FRA
content-length: 2
cf-request-id: 08180169b50000dfef27978000000001

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_dJE3g3D_vx3rCubqg.woff2
fonts.gstatic.com/s/montserrat/v15/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3g3D_vx3rCubqg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b257dc12266c8455c5187bc9234d5ea37d0ef84f6d7027434e48f39108139cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.take-money.fun
Referer: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 17:21:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:06 GMT
server: sffe
age: 399201
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8004
x-xss-protection: 0
expires: Tue, 01 Feb 2022 17:21:23 GMT

GET
H2 200 gate.php Show response
linkslot.ru/ 2 B
285 B 72ms
70ms XHR
text/html 2606:4700:20::ac43:49a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=dae2dc98e6c8d4df8edfd7d5cddc99cbdfe08a9bb392a29b998b94a1959a95989baa9195d5d6e2ccd7d1cba19c97aa819ad5c8cbccd9d9d9e5cfa49acae0dcccd483d8c6cd92d6dc9ad9929997c7949fc49f9b87caead1decddecdc5d6cedea19c9cb18fa59e8790ced3d9d7de9389e6caddcd87cfc8ced0d99b87cce2d3e1d5cc979b9e939aa09b9aaa94a09e9888d6cccbcbe4d098af94a9969a9e869dd1ddd9d7dce49aa8a1de98939b959aa29799aa91a2989798939b959aa297999d91958b989e949d9aa3ab99a1ae92a89a
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.8
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-powered-by: PHP/7.4.8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HXgIJvKY6MhA0B92V3yvNkPq7xl4LoVjDVGb9lS18fSZOUYE%2ByNp9V0pdfzpp6PgcEUegyIC%2BF%2BJjetKDBE6iS1MTBNK6cT0LmXyYvDWGhzbVQ3GocPP%2FQ%3D%3D"}],"max_age":604800}
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 61d36b560d48dfef-FRA
content-length: 2
cf-request-id: 08180169c70000dfef7cbef000000001

GET
H/1.1 200
OK info Show response
ddnk.advertur.ru/v2/sections/ 359 B
455 B 105ms
27ms XHR
application/json 88.99.165.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ddnk.advertur.ru/v2/sections/info?id%5B%5D=276613&id%5B%5D=276614&id%5B%5D=276611&id%5B%5D=276612
Requested by: Host: ddnk.advertur.ru
URL: https://ddnk.advertur.ru/v1/s/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 88.99.165.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz858026.sapientru.net
Software: nginx / React/alpha
Resource Hash: e59b87fae56383d7f640ad3be54ceb2459ed467bcc71316f74d524eafebde3ac

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:44 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: React/alpha
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 145
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 112933.js Show response
cdn-rtb.sape.ru/rtb-b/js/933/2/ 78 KB
26 KB 226ms
104ms Script
application/javascript 193.232.121.29
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-rtb.sape.ru/rtb-b/js/933/2/112933.js

Requested by

Host: ddnk.advertur.ru
URL: https://ddnk.advertur.ru/v1/s/loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.232.121.29 , Russian Federation, ASN50214 (QWARTA, RU),

Reverse DNS

Software

nginx /

Resource Hash

87fb77c59f6c6cfb18cc06491252c78b3821f47a33261143d41265edd4957e25

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
content-encoding: gzip
last-modified: Thu, 28 Jan 2021 02:53:48 GMT
server: nginx
x-amz-request-id: 165E45C4E9258076
etag: W/"868493d8a81b5789a77b9f931b0d568a"
x-cache-status: HIT
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
content-security-policy: block-all-mixed-content
x-xss-protection: 1; mode=block
expires: Sat, 06 Feb 2021 09:14:44 GMT

GET
H2 200 aci.js Show response
www.acint.net/ 21 KB
7 KB 83ms
26ms Script
application/x-javascript 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/933/2/112933.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: 8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
content-encoding: gzip
last-modified: Sat, 02 Jan 2021 18:29:12 GMT
server: openresty
etag: "5ff0bb78-1baf"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7087
expires: Sat, 06 Feb 2021 20:14:44 GMT

GET
H2 200 3921845.js Show response
cache.betweendigital.com/sections/2/ Frame 4B68 9 KB
3 KB 131ms
22ms Script
application/javascript 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/sections/2/3921845.js
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/933/2/112933.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 9e5a402c8c5cf4d79c5606689629d1ddaf8a2b11ba22a58e34b1d09b0f886858

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
content-encoding: gzip
last-modified: Thu, 28 Jan 2021 03:30:13 GMT
server: nginx
etag: W/"60122fc5-2375"
content-type: application/javascript

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/data/ 30 B
528 B 141ms
79ms Script
application/javascript 159.69.74.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/data/?callback=sapeRTB_601e4ff48_38809072&srtbid=112933&scids=162403142,162403165,162403178&sx=1600&sy=1200&ref=&u=https%3A%2F%2Fwww.take-money.fun%2F&allimps=1&fl=0&v=2&tz=%2B01%3A00
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/933/2/112933.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.74.6 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1290922.sapientru.net
Software: openresty /
Resource Hash: ea39995ca52d3e9dd9cd796d3edcbdb25af38a2dbab1738574bc06c782810d6b

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:44 GMT
Server: openresty
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 30
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 nv.js Show response
p1.dircont3.com/ 50 KB
9 KB 113ms
30ms Script
application/javascript 2a02:6ea0:c700::2
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://p1.dircont3.com/nv.js

Requested by

Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/933/2/112933.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::2 , Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

cbaa8ef425a6100998d1e5ad67b9c05a5a465217c6d49553347218a72c720d73

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1ry8Dh/vvcAIAAA==
date: Sat, 06 Feb 2021 08:14:44 GMT
content-encoding: br
etag: W/"601d43ea-c7cb"
last-modified: Fri, 05 Feb 2021 13:11:06 GMT
server: CDN77-Turbo
x-77-nzt-ray: OM7p9+6uH7A=
strict-transport-security: max-age=604800
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 624
x-77-pop: frankfurtDE
expires: Thu, 18 Feb 2021 08:04:20 GMT

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/data/ 30 B
528 B 92ms
31ms Script
application/javascript 159.69.74.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/data/?callback=sapeRTB_601e4ff48_65920743&srtbid=95403&scids=93390459&sx=1600&sy=1200&ref=&allimps=0&fl=0&v=2&tz=%2B01%3A00&u=https%3A%2F%2Fwww.take-money.fun%2F
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/933/2/112933.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.74.6 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1290922.sapientru.net
Software: openresty /
Resource Hash: 2c0dc58b09d35edcf971e043e55aa411f92a652e20e7889b255139d24f663723

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:44 GMT
Server: openresty
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 30
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 118 KB
41 KB 130ms
43ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/933/2/112933.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f8da8cf51991751a899ade13231b19579025cd9017cdf01b882c4070f7f1719e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
content-encoding: br
last-modified: Fri, 05 Feb 2021 13:53:06 GMT
etag: "60196cb4-a2de"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 41694
expires: Sat, 06 Feb 2021 09:14:44 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
341 B 74ms
29ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A112933%2C%22sc%22%3A0%2C%22pl%22%3A0%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A463%7D&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599285
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
339 B 73ms
28ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=16&id=112933.551475.162403142.0.0.45&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599285
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
340 B 72ms
28ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A112933%2C%22sc%22%3A0%2C%22pl%22%3A551475%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599285
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
340 B 73ms
29ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=16&id=112933.551477.162403165.0.0.45&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599285
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 28ms
26ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A112933%2C%22sc%22%3A0%2C%22pl%22%3A551477%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599285
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 28ms
26ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=16&id=112933.551478.162403178.0.0.45&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599285
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 29ms
27ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A112933%2C%22sc%22%3A0%2C%22pl%22%3A551478%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599285
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 29ms
27ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=7&id=112933.551479.162403192.3.1.183&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599285
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 29ms
27ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A112933%2C%22sc%22%3A0%2C%22pl%22%3A551479%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599285
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 30ms
28ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A112933%2C%22sc%22%3A0%2C%22pl%22%3A551479%2C%22ev%22%3A%22vis0%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599285
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 29ms
27ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=16&id=95403.446640.93390459&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&r=wtt5k54sze58
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 /
www.acint.net/mc/ Frame E0F0 0
0 28ms
27ms Document
text/html 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=14
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash

Request headers

:method: GET
:authority: www.acint.net
:scheme: https
:path: /mc/?dp=14
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.take-money.fun/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: aid=fwAAAWAeT/Q9HAGdGcU4AjDDsxxS794Bf2fb7+I4jLj5xzw+
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.take-money.fun/

Response headers

server: openresty
date: Sat, 06 Feb 2021 08:14:44 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1612599284; expires=Mon, 08-Mar-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp14v3=1612599284; expires=Mon, 08-Mar-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp17=1612599284; expires=Mon, 08-Mar-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp32=1612599284; expires=Mon, 08-Mar-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp45v3=1612599284; expires=Sun, 07-Feb-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp54v2=1612599284; expires=Mon, 08-Mar-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp62=1612599284; expires=Mon, 08-Mar-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp67v2=1612599284; expires=Mon, 08-Mar-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp68=1612599284; expires=Mon, 08-Mar-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp77=1612599284; expires=Sat, 20-Feb-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp84=1612599284; expires=Mon, 08-Mar-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp85=1612599284; expires=Mon, 08-Mar-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp88=1612599284; expires=Mon, 08-Mar-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp95v2=1612599284; expires=Mon, 08-Mar-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp101=1612599284; expires=Mon, 08-Mar-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp104v2=1612599284; expires=Sat, 20-Feb-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp107=1612599284; expires=Mon, 08-Mar-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp111v2=1612599284; expires=Sat, 20-Feb-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp112v2=1612599284; expires=Mon, 08-Mar-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp125=1612599284; expires=Mon, 08-Mar-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp126=1612599284; expires=Mon, 08-Mar-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp127=1612599284; expires=Mon, 08-Mar-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp136=1612599284; expires=Mon, 08-Mar-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp138=1612599284; expires=Mon, 08-Mar-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp144=1612599284; expires=Mon, 08-Mar-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp146=1612599284; expires=Mon, 08-Mar-21 08:14:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip

GET
H2 200 /
www.acint.net/hit/ 43 B
224 B 27ms
26ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.3.0&uid=1a0102da-265d-4818-b547-c054678cdd81&dp=14&tz=%2B01%3A00&nc=83281829&u=https%3A%2F%2Fwww.take-money.fun%2F&r=&rs=1600x1200&t=TAKE-MONEY&oE=1&oP=1&dT=2021-02-06T09%3A14%3A44.622&fu=c59bc789-aa00-4275-ba2f-501324c280d3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 26ms
26ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=16&id=95403.446640.93390459&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&r=v2g7zzt16a3g
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H/1.1 200
OK / Show response
ps.ntvk1.ru/nv/ 4 KB
4 KB 216ms
76ms XHR
text/plain 95.213.133.116
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://ps.ntvk1.ru/nv/?top_href=https%3A%2F%2Fwww.take-money.fun%2F

Requested by

Host: p1.dircont3.com
URL: https://p1.dircont3.com/nv.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.213.133.116 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx/1.15.7 /

Resource Hash

3b961fb5648e811c522b78003392037b88710e5924df7cd47b6ac391a86c1941

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 06 Feb 2021 08:14:44 GMT
Access-Control-Request-Method: POST
Server: nginx/1.15.7
Accept-Language: en-US,en;q=0.8
Strict-Transport-Security: max-age=604800
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.take-money.fun
Accept: */*
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-Nativka-Host: ps2.ntvk1.ru
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Key, Cookie, Referer, User-Agent, Host, Connection
Content-Length: 3779
Access-Control-Request-Headers: origin, content-type

GET
H2 200 async_rtb.js Show response
cache.betweendigital.com/code/ Frame 4B68 261 KB
70 KB 27ms
25ms Script
application/javascript 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/async_rtb.js
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/3921845.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: f1fe3829e93573dd0c3a08a462b97f381394e03e7240c56907562970a32667c5

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: public, max-age=900, immutable
last-modified: Wed, 03 Feb 2021 10:35:29 GMT
server: nginx
content-encoding: gzip
etag: W/"601a7c71-41368"
content-type: application/javascript

GET
H2 200 1x1.gif
cache.betweendigital.com/code/ Frame 4B68 43 B
172 B 71ms
70ms Image
image/gif 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.betweendigital.com/code/1x1.gif
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
last-modified: Tue, 08 Oct 2019 15:27:01 GMT
server: nginx
accept-ranges: bytes
etag: "5d9caac5-2b"
content-length: 43
content-type: image/gif

GET
H2 200 3921837.js Show response
cache.betweendigital.com/sections/2/ Frame 7F6F 9 KB
3 KB 65ms
64ms Script
application/javascript 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/sections/2/3921837.js
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/933/2/112933.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 49829e097bba4e40575cc59d6511af83d80df90fc6ff72c04a61c8948211b009

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
content-encoding: gzip
last-modified: Thu, 28 Jan 2021 03:30:11 GMT
server: nginx
etag: W/"60122fc3-2375"
content-type: application/javascript

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 61ms
60ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=16&id=112933.551475.162403142.0.0.45&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599285
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 61ms
60ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=7&id=112933.551475.162403143.0.4.183&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599285
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 61ms
60ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A112933%2C%22sc%22%3A0%2C%22pl%22%3A551475%2C%22ev%22%3A%22vis0%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599285
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 3921840.js Show response
cache.betweendigital.com/sections/2/ Frame 221D 9 KB
3 KB 75ms
75ms Script
application/javascript 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/sections/2/3921840.js
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/933/2/112933.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: bf428a85a050a74f3a682597fdb612ef66aaa74f4edc8cc3f255e5804822bc49

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
content-encoding: gzip
last-modified: Thu, 28 Jan 2021 03:30:12 GMT
server: nginx
etag: W/"60122fc4-2375"
content-type: application/javascript

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 57ms
56ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=16&id=112933.551477.162403165.0.0.45&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599285
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 57ms
56ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=7&id=112933.551477.162403166.0.4.183&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599285
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 57ms
56ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A112933%2C%22sc%22%3A0%2C%22pl%22%3A551477%2C%22ev%22%3A%22vis0%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599285
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 3921843.js Show response
cache.betweendigital.com/sections/2/ Frame 232D 9 KB
3 KB 71ms
70ms Script
application/javascript 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/sections/2/3921843.js
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/933/2/112933.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 82ad9c8df5049ce6ef23b88c4440044d51feafdb0bee85791031d33abfaabfc6

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
content-encoding: gzip
last-modified: Thu, 28 Jan 2021 03:30:12 GMT
server: nginx
etag: W/"60122fc4-2375"
content-type: application/javascript

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 53ms
52ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=16&id=112933.551478.162403178.0.0.45&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599285
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 53ms
52ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=7&id=112933.551478.162403179.0.4.183&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599285
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 53ms
52ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A112933%2C%22sc%22%3A0%2C%22pl%22%3A551478%2C%22ev%22%3A%22vis0%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599285
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

fltiukqt.js Show response
pixel.yabidos.com/ Frame 4B68
Redirect Chain

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921845&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921845&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

3 KB
2 KB

23ms
21ms

Script
application/javascript

104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921845&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6816e29afd28ec19a8117347057ebac92b311321e5383b9ec9db06ef542d2934

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:22 GMT
server: cloudflare
age: 5980
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b5a4f24d8f5-AMS
content-length: 1579
cf-request-id: 0818016c6c0000d8f5b7a82000000001
expires: Sat, 06 Feb 2021 10:14:44 GMT

Redirect headers

date: Sat, 06 Feb 2021 08:14:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921845&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
cache-control: max-age=3600
cf-ray: 61d36b5a1eecd8f5-AMS
cf-request-id: 0818016c530000d8f5208dc000000001
expires: Sat, 06 Feb 2021 09:14:44 GMT

GET
H2

200

97618702
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/ Frame 4B68
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/97618702
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/97618702

43 B
297 B

45ms
41ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/97618702
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: tns-counter-3.1.0/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:44 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: tns-counter-3.1.0/1.18.0
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:44 GMT
server: tns-counter-3.1.0/1.18.0
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/97618702
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 1x1.gif
cache.betweendigital.com/code/ Frame 7F6F 43 B
172 B 22ms
21ms Image
image/gif 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.betweendigital.com/code/1x1.gif
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/3921837.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
last-modified: Tue, 08 Oct 2019 15:27:01 GMT
server: nginx
accept-ranges: bytes
etag: "5d9caac5-2b"
content-length: 43
content-type: image/gif

GET
H2 200 async_rtb.js Show response
cache.betweendigital.com/code/ Frame 7F6F 261 KB
70 KB 25ms
24ms Script
application/javascript 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/async_rtb.js
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/3921837.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: f1fe3829e93573dd0c3a08a462b97f381394e03e7240c56907562970a32667c5

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: public, max-age=900, immutable
last-modified: Wed, 03 Feb 2021 10:35:29 GMT
server: nginx
content-encoding: gzip
etag: W/"601a7c71-41368"
content-type: application/javascript

GET
H2 200 1x1.gif
cache.betweendigital.com/code/ Frame 221D 43 B
172 B 25ms
25ms Image
image/gif 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.betweendigital.com/code/1x1.gif
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/3921840.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
last-modified: Tue, 08 Oct 2019 15:27:01 GMT
server: nginx
accept-ranges: bytes
etag: "5d9caac5-2b"
content-length: 43
content-type: image/gif

GET
H2 200 async_rtb.js Show response
cache.betweendigital.com/code/ Frame 221D 261 KB
70 KB 28ms
28ms Script
application/javascript 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/async_rtb.js
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/3921840.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: f1fe3829e93573dd0c3a08a462b97f381394e03e7240c56907562970a32667c5

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: public, max-age=900, immutable
last-modified: Wed, 03 Feb 2021 10:35:29 GMT
server: nginx
content-encoding: gzip
etag: W/"601a7c71-41368"
content-type: application/javascript

GET
H2 200 1x1.gif
cache.betweendigital.com/code/ Frame 232D 43 B
172 B 36ms
36ms Image
image/gif 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.betweendigital.com/code/1x1.gif
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/3921843.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
last-modified: Tue, 08 Oct 2019 15:27:01 GMT
server: nginx
accept-ranges: bytes
etag: "5d9caac5-2b"
content-length: 43
content-type: image/gif

GET
H2 200 async_rtb.js Show response
cache.betweendigital.com/code/ Frame 232D 261 KB
70 KB 37ms
37ms Script
application/javascript 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/async_rtb.js
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/3921843.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: f1fe3829e93573dd0c3a08a462b97f381394e03e7240c56907562970a32667c5

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cache-control: public, max-age=900, immutable
last-modified: Wed, 03 Feb 2021 10:35:29 GMT
server: nginx
content-encoding: gzip
etag: W/"601a7c71-41368"
content-type: application/javascript

GET
H2

200

1 Show response
mc.yandex.ru/watch/71281900/
Redirect Chain

https://mc.yandex.ru/watch/71281900?wmode=7&page-url=https%3A%2F%2Fwww.take-money.fun%2F&charset=utf-8&site-info=%7B%22site_id%22%3A112933%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjb%3...
https://mc.yandex.ru/watch/71281900/1?wmode=7&page-url=https%3A%2F%2Fwww.take-money.fun%2F&charset=utf-8&site-info=%7B%22site_id%22%3A112933%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjb...

167 B
249 B

47ms
45ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/71281900/1?wmode=7&page-url=https%3A%2F%2Fwww.take-money.fun%2F&charset=utf-8&site-info=%7B%22site_id%22%3A112933%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjb%3Afp%3A312%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A465297688485%3Ahid%3A242236314%3Az%3A60%3Ai%3A20210206091444%3Aet%3A1612599285%3Ac%3A1%3Arn%3A500016132%3Arqn%3A1%3Au%3A1612599285932455112%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1612599283707%3Ads%3A1%2C81%2C50%2C1%2C0%2C0%2C%2C237%2C0%2C561%2C561%2C1%2C494%3Adsn%3A1%2C81%2C50%2C1%2C0%2C0%2C%2C239%2C0%2C562%2C562%2C0%2C494%3Arqnl%3A1%3Ati%3A2%3Ast%3A1612599285%3At%3ATAKE-MONEY

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

9fce9febb8e85566473385adcab011206a9d9d5bb48abfaa79ffe2706a9dcc12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:44 GMT
x-content-type-options: nosniff
last-modified: Sat, 06-Feb-2021 08:14:44 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.take-money.fun
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Sat, 06-Feb-2021 08:14:44 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:44 GMT
last-modified: Sat, 06-Feb-2021 08:14:44 GMT
location: /watch/71281900/1?wmode=7&page-url=https%3A%2F%2Fwww.take-money.fun%2F&charset=utf-8&site-info=%7B%22site_id%22%3A112933%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Adeodhc9w27kzjb%3Afp%3A312%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A465297688485%3Ahid%3A242236314%3Az%3A60%3Ai%3A20210206091444%3Aet%3A1612599285%3Ac%3A1%3Arn%3A500016132%3Arqn%3A1%3Au%3A1612599285932455112%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1612599283707%3Ads%3A1%2C81%2C50%2C1%2C0%2C0%2C%2C237%2C0%2C561%2C561%2C1%2C494%3Adsn%3A1%2C81%2C50%2C1%2C0%2C0%2C%2C239%2C0%2C562%2C562%2C0%2C494%3Arqnl%3A1%3Ati%3A2%3Ast%3A1612599285%3At%3ATAKE-MONEY
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.take-money.fun
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Sat, 06-Feb-2021 08:14:44 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 42ms
42ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
last-modified: Fri, 05 Feb 2021 13:53:06 GMT
etag: "60196cb4-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 06 Feb 2021 09:14:44 GMT

GET
H2

200

fltiukqt.js Show response
pixel.yabidos.com/ Frame 7F6F
Redirect Chain

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921837&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921837&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

3 KB
2 KB

23ms
23ms

Script
application/javascript

104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921837&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6816e29afd28ec19a8117347057ebac92b311321e5383b9ec9db06ef542d2934

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:22 GMT
server: cloudflare
age: 5980
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b5a8fadd8f5-AMS
content-length: 1579
cf-request-id: 0818016c960000d8f5fc939000000001
expires: Sat, 06 Feb 2021 10:14:44 GMT

Redirect headers

date: Sat, 06 Feb 2021 08:14:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921837&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
cache-control: max-age=3600
cf-ray: 61d36b5a4f3dd8f5-AMS
cf-request-id: 0818016c720000d8f5f5897000000001
expires: Sat, 06 Feb 2021 09:14:44 GMT

GET
H2

200

80067241
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/ Frame 7F6F
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/80067241
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/80067241

43 B
297 B

45ms
42ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/80067241
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: tns-counter-3.1.0/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:44 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: tns-counter-3.1.0/1.18.0
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:44 GMT
server: tns-counter-3.1.0/1.18.0
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/80067241
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

fltiukqt.js Show response
pixel.yabidos.com/ Frame 221D
Redirect Chain

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921840&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921840&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

3 KB
2 KB

25ms
24ms

Script
application/javascript

104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921840&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6816e29afd28ec19a8117347057ebac92b311321e5383b9ec9db06ef542d2934

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:22 GMT
server: cloudflare
age: 5980
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b5a8fb2d8f5-AMS
content-length: 1579
cf-request-id: 0818016c9a0000d8f5ca977000000001
expires: Sat, 06 Feb 2021 10:14:44 GMT

Redirect headers

date: Sat, 06 Feb 2021 08:14:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921840&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
cache-control: max-age=3600
cf-ray: 61d36b5a5f59d8f5-AMS
cf-request-id: 0818016c780000d8f5c4368000000001
expires: Sat, 06 Feb 2021 09:14:44 GMT

GET
H2

200

97845262
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/ Frame 221D
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/97845262
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/97845262

43 B
297 B

44ms
42ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/97845262
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: tns-counter-3.1.0/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:44 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: tns-counter-3.1.0/1.18.0
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:44 GMT
server: tns-counter-3.1.0/1.18.0
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/97845262
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

fltiukqt.js Show response
pixel.yabidos.com/ Frame 232D
Redirect Chain

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921843&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921843&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

3 KB
2 KB

33ms
32ms

Script
application/javascript

104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921843&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6816e29afd28ec19a8117347057ebac92b311321e5383b9ec9db06ef542d2934

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:22 GMT
server: cloudflare
age: 5980
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b5a8fb3d8f5-AMS
content-length: 1579
cf-request-id: 0818016c9a0000d8f5fc93a000000001
expires: Sat, 06 Feb 2021 10:14:44 GMT

Redirect headers

date: Sat, 06 Feb 2021 08:14:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921843&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
cache-control: max-age=3600
cf-ray: 61d36b5a5f64d8f5-AMS
cf-request-id: 0818016c7c0000d8f5cebb0000000001
expires: Sat, 06 Feb 2021 09:14:44 GMT

GET
H2

200

30156933
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/ Frame 232D
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/30156933
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/30156933

43 B
297 B

45ms
42ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/30156933
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: tns-counter-3.1.0/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:44 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: tns-counter-3.1.0/1.18.0
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:44 GMT
server: tns-counter-3.1.0/1.18.0
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/30156933
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 adi
ads.betweendigital.com/ Frame 7B80 0
0 68ms
67ms Document
text/html 23.111.200.117
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adi?frl=1&subid=1469102.162403192&pos=atf&ref=https%3A%2F%2Fwww.take-money.fun%2F&tz=-60&fl=0&ord=5852221200860355&rr=direct&c2s=1&r_seq=0&tld=d3d3LnRha2UtbW9uZXkuZnVu&tagType=adi&w=468&h=60&s=3921845&jst=ai
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/async_rtb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.200.117 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ads.betweendigital.com
:scheme: https
:path: /adi?frl=1&subid=1469102.162403192&pos=atf&ref=https%3A%2F%2Fwww.take-money.fun%2F&tz=-60&fl=0&ord=5852221200860355&rr=direct&c2s=1&r_seq=0&tld=d3d3LnRha2UtbW9uZXkuZnVu&tagType=adi&w=468&h=60&s=3921845&jst=ai
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.take-money.fun/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: dc=mow1; tuuid=9e7b622d-e554-5125-bdeb-8226ddf5cdd2; ut=YB5P9AAMhwgNnZ7QnSg3meqBQlJyKmJsZx9HdA==; ss=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.take-money.fun/

Response headers

content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip

GET
H2

200

84050059
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 4B68
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/84050059
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/84050059

43 B
297 B

42ms
41ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/84050059
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: tns-counter-3.1.0/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: tns-counter-3.1.0/1.18.0
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:44 GMT
server: tns-counter-3.1.0/1.18.0
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/84050059
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ Frame 4B68 30 KB
24 KB 24ms
24ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1612599284881&ver1=2.2.4&qid=53532313f523632313f5436393&rnd=dia06t1m101v&cid=964
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921845&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:22 GMT
server: cloudflare
age: 5980
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b5a9fbed8f5-AMS
content-length: 23972
cf-request-id: 0818016ca00000d8f5b6083000000001
expires: Sat, 06 Feb 2021 10:14:44 GMT

GET
H2 200 impimg.gif
pre.glotgrx.com/ Frame 221D 26 B
446 B 45ms
23ms Image
image/gif 2606:4700::6810:4036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/impimg.gif?cb=1612599284908&qid=53532313f523632313f5436393&cid=964&s=https://www.take-money.fun&p=BX&x=&adtg=3921840&nsi=&si=&nci=&nai=&ua=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&ai=&flsrc=1
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:17 GMT
server: cloudflare
age: 3841
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b5ade222bb9-FRA
content-length: 26
cf-request-id: 0818016cc600002bb98f082000000001
expires: Sat, 06 Feb 2021 10:14:44 GMT

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ Frame 7F6F 30 KB
24 KB 34ms
30ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1612599284906&ver1=2.2.4&qid=53532313f523632313f5436393&rnd=4a15ohnk8g0t&cid=964
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921837&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:22 GMT
server: cloudflare
age: 5980
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b5acfefd8f5-AMS
content-length: 23972
cf-request-id: 0818016cbc0000d8f5e40ae000000001
expires: Sat, 06 Feb 2021 10:14:44 GMT

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ Frame 232D 30 KB
24 KB 32ms
31ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1612599284914&ver1=2.2.4&qid=53532313f523632313f5436393&rnd=e3dv1u850zq0&cid=964
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921843&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:22 GMT
server: cloudflare
age: 5980
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b5acff6d8f5-AMS
content-length: 23972
cf-request-id: 0818016cbf0000d8f50c9d9000000001
expires: Sat, 06 Feb 2021 10:14:44 GMT

GET
H2 200 vbl.gif
pre.glotgrx.com/ Frame 4B68 26 B
114 B 13ms
11ms Image
image/gif 2606:4700::6810:4036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1612599284940&rnd=dia06t1m101v&ifm=2&uai=2&cid=964&s=https%253A//www.take-money.fun&p=BX&x=&adtg=3921845&ats=0&atf=srtb_iframe_551479_7&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:17 GMT
server: cloudflare
age: 3847
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b5afe612bb9-FRA
content-length: 26
cf-request-id: 0818016cdb00002bb99b285000000001
expires: Sat, 06 Feb 2021 10:14:44 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ Frame 4B68 26 B
110 B 16ms
15ms Image
image/gif 2606:4700::6810:4036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1612599284934637&ver=1.2r81&qid=53532313f523632313f5436393&p=BX&s=https%253A//www.take-money.fun&x=&cid=964&od1=&od2=&adtg=3921845&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=dia06t1m101v&impid=&tps=6&ver1=2.2.4&lon=&lat=&ua=&os=&mm=&di=&ip=&ci=&pp=&bp=&w=&h=&pn=&1=6f0ee731b7b4ce8ac0f9c16acf24ceb7&2=1.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%2267%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=srtb_iframe_551479_7&dbgcid=964&ifm=2&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=0&icp=&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-26-p-fl-2-s-fl-26-x-fl-0-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-7-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-lon-fl-0-lat-fl-0-ua-fl-0-os-fl-0-mm-fl-0-di-fl-0-ip-fl-0-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-0-h-fl-0-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andMacIntel&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=468x60&gpu=undefined&ncf=4g_9_undefined_null_0_undefined_false&fli=3429136985&flerr=0&trim=&fio=15
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:17 GMT
server: cloudflare
age: 3847
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b5afe642bb9-FRA
content-length: 26
cf-request-id: 0818016cdd00002bb9c8945000000001
expires: Sat, 06 Feb 2021 10:14:44 GMT

GET
H2 200 23719939
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 7F6F 43 B
415 B 42ms
41ms Image
image/gif 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/23719939

Requested by

Host: www.take-money.fun
URL: https://www.take-money.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),

Reverse DNS

Software

tns-counter-3.1.0/1.18.0 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: tns-counter-3.1.0/1.18.0
strict-transport-security: max-age=2678400
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 32634933
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 221D 43 B
415 B 42ms
41ms Image
image/gif 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/32634933

Requested by

Host: www.take-money.fun
URL: https://www.take-money.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),

Reverse DNS

Software

tns-counter-3.1.0/1.18.0 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: tns-counter-3.1.0/1.18.0
strict-transport-security: max-age=2678400
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 adi
ads.betweendigital.com/ Frame 39A0 0
0 78ms
78ms Document
text/html 23.111.200.117
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adi?frl=1&subid=1469102.162403179&pos=atf&ref=https%3A%2F%2Fwww.take-money.fun%2F&tz=-60&fl=0&ord=8855964171232062&rr=direct&c2s=1&r_seq=0&tld=d3d3LnRha2UtbW9uZXkuZnVu&tagType=adi&w=468&h=60&s=3921843&jst=ai
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/async_rtb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.200.117 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ads.betweendigital.com
:scheme: https
:path: /adi?frl=1&subid=1469102.162403179&pos=atf&ref=https%3A%2F%2Fwww.take-money.fun%2F&tz=-60&fl=0&ord=8855964171232062&rr=direct&c2s=1&r_seq=0&tld=d3d3LnRha2UtbW9uZXkuZnVu&tagType=adi&w=468&h=60&s=3921843&jst=ai
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.take-money.fun/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: dc=mow1; tuuid=9e7b622d-e554-5125-bdeb-8226ddf5cdd2; ut=YB5P9AAMhwgNnZ7QnSg3meqBQlJyKmJsZx9HdA==; ss=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.take-money.fun/

Response headers

content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip

GET
H2 200 37042157
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 232D 43 B
415 B 43ms
41ms Image
image/gif 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/37042157

Requested by

Host: www.take-money.fun
URL: https://www.take-money.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),

Reverse DNS

Software

tns-counter-3.1.0/1.18.0 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: tns-counter-3.1.0/1.18.0
strict-transport-security: max-age=2678400
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 vbl.gif
pre.glotgrx.com/ Frame 7F6F 26 B
110 B 12ms
12ms Image
image/gif 2606:4700::6810:4036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1612599284979&rnd=4a15ohnk8g0t&ifm=2&uai=2&cid=964&s=https%253A//www.take-money.fun&p=BX&x=&adtg=3921837&ats=0&atf=srtb_iframe_551475_7&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:17 GMT
server: cloudflare
age: 3847
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b5b2eb12bb9-FRA
content-length: 26
cf-request-id: 0818016cfa00002bb9d531c000000001
expires: Sat, 06 Feb 2021 10:14:44 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ Frame 7F6F 26 B
110 B 10ms
10ms Image
image/gif 2606:4700::6810:4036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1612599284975118&ver=1.2r81&qid=53532313f523632313f5436393&p=BX&s=https%253A//www.take-money.fun&x=&cid=964&od1=&od2=&adtg=3921837&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=4a15ohnk8g0t&impid=&tps=6&ver1=2.2.4&lon=&lat=&ua=&os=&mm=&di=&ip=&ci=&pp=&bp=&w=&h=&pn=&1=6f0ee731b7b4ce8ac0f9c16acf24ceb7&2=1.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%2267%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=srtb_iframe_551475_7&dbgcid=964&ifm=2&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=0&icp=&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-26-p-fl-2-s-fl-26-x-fl-0-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-7-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-lon-fl-0-lat-fl-0-ua-fl-0-os-fl-0-mm-fl-0-di-fl-0-ip-fl-0-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-0-h-fl-0-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andMacIntel&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=468x60&gpu=undefined&ncf=4g_9_undefined_null_0_undefined_false&fli=3429136985&flerr=0&trim=&fio=8
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:44 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:17 GMT
server: cloudflare
age: 3847
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b5b2eb32bb9-FRA
content-length: 26
cf-request-id: 0818016cfa00002bb9eeabd000000001
expires: Sat, 06 Feb 2021 10:14:44 GMT

GET
H2 200 vbl.gif
pre.glotgrx.com/ Frame 232D 26 B
265 B 12ms
10ms Image
image/gif 2606:4700::6810:4036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1612599284997&rnd=e3dv1u850zq0&ifm=2&uai=2&cid=964&s=https%253A//www.take-money.fun&p=BX&x=&adtg=3921843&ats=0&atf=srtb_iframe_551478_7&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:17 GMT
server: cloudflare
age: 3848
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b5b4eef2bb9-FRA
content-length: 26
cf-request-id: 0818016d0e00002bb98821d000000001
expires: Sat, 06 Feb 2021 10:14:45 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ Frame 232D 26 B
110 B 13ms
11ms Image
image/gif 2606:4700::6810:4036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1612599284991733&ver=1.2r81&qid=53532313f523632313f5436393&p=BX&s=https%253A//www.take-money.fun&x=&cid=964&od1=&od2=&adtg=3921843&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=e3dv1u850zq0&impid=&tps=6&ver1=2.2.4&lon=&lat=&ua=&os=&mm=&di=&ip=&ci=&pp=&bp=&w=&h=&pn=&1=6f0ee731b7b4ce8ac0f9c16acf24ceb7&2=1.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%2267%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=srtb_iframe_551478_7&dbgcid=964&ifm=2&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=0&icp=&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-26-p-fl-2-s-fl-26-x-fl-0-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-7-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-lon-fl-0-lat-fl-0-ua-fl-0-os-fl-0-mm-fl-0-di-fl-0-ip-fl-0-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-0-h-fl-0-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andMacIntel&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=468x60&gpu=undefined&ncf=4g_9_undefined_null_0_undefined_false&fli=3429136985&flerr=0&trim=&fio=10
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:17 GMT
server: cloudflare
age: 3848
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b5b4ef42bb9-FRA
content-length: 26
cf-request-id: 0818016d0e00002bb97e1f2000000001
expires: Sat, 06 Feb 2021 10:14:45 GMT

GET
H/1.1 200
OK / Show response
ps5.ntvk1.ru/ 102 B
437 B 432ms
66ms XHR
application/json 194.176.118.216
LOGOL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ps5.ntvk1.ru/?r=u75n4r8bn3j
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.176.118.216 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS: d40666.acod.regrucolo.ru
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2d06e396ae3e665587c28f5ab65944261d284a6d4597f89f741c12ed8354bd5d

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:45 GMT
Server: nginx/1.10.3 (Ubuntu)
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.take-money.fun
Access-Control-Expose-Headers: Content-Length,Date,Server
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 102

GET
H/1.1

204
No Content

matchspm
ut.rktch.com/
Redirect Chain

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D&bounce=1&random=81683459
https://ut.rktch.com/matchspm?pi=1000006&pui=hJ.awqSUx7gPWpMdswnf6e

0
287 B

56ms
56ms

Image
text/plain

176.99.5.102
LOGOL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000006&pui=hJ.awqSUx7gPWpMdswnf6e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.99.5.102 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS: d41228.acod.regrucolo.ru
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:46 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.14.2
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS

Redirect headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:46 GMT
via: 1.1 google
last-modified: Sat, 06 Feb 2021 08:14:46 GMT
server: nginx/1.12.0
location: https://ut.rktch.com/matchspm?pi=1000006&pui=hJ.awqSUx7gPWpMdswnf6e
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 204
No Content matchspm
ut.rktch.com/ 0
287 B 58ms
57ms Image
text/plain 176.99.5.102
LOGOL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=2&pui=b0bf1cd545e24f71af87ff7d327bfbaf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.99.5.102 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS: d41228.acod.regrucolo.ru
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.14.2
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS

GET
H2

404

CvOj76qQSlWzi47wk4fPnw
an.yandex.ru/setud/mts_banner/
Redirect Chain

https://ut.rktch.com/matchbt?bi=29
https://sm.rtb.mts.ru/p?ssp=natimatica&id=211e39cc55aeda3cf73b250adafcdd5c546c
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D0af3a3ef-aa90-4a55-b38b-8ef09387cf9f&ssp=natimatica&exu=211e39cc55aeda3cf73b250adafcdd5c546c
https://tech.rtb.mts.ru/?dsp_uid=0af3a3ef-aa90-4a55-b38b-8ef09387cf9f&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FCvOj76qQSlWzi47wk4fPnw%3Flocation%3Dhttps%253A%252F%252Fut.rktch.c...
https://an.yandex.ru/setud/mts_banner/CvOj76qQSlWzi47wk4fPnw?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D0af3a3ef-aa90-4a55-b38b-8ef09387cf9f&sign=11418638

43 B
290 B

93ms
64ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/setud/mts_banner/CvOj76qQSlWzi47wk4fPnw?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D0af3a3ef-aa90-4a55-b38b-8ef09387cf9f&sign=11418638
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:46 GMT
last-modified: Sat, 06 Feb 2021 08:14:46 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=windows-1251
content-length: 43
expires: Sat, 06 Feb 2021 08:14:46 GMT

Redirect headers

Date: Sat, 06 Feb 2021 08:14:46 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/CvOj76qQSlWzi47wk4fPnw?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D0af3a3ef-aa90-4a55-b38b-8ef09387cf9f&sign=11418638
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

natimatica
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain

https://ut.rktch.com/matchbt?bi=27
https://exchange.buzzoola.com/cookiesync/ssp/natimatica?uid=211e39cc55aeda3cf73b250adafcdd5c546c
https://exchange.buzzoola.com/cookiesync/ssp/natimatica?set_buzzoola_cookie=t&uid=211e39cc55aeda3cf73b250adafcdd5c546c

43 B
130 B

26ms
26ms

Image
image/gif

138.201.34.239
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.buzzoola.com/cookiesync/ssp/natimatica?set_buzzoola_cookie=t&uid=211e39cc55aeda3cf73b250adafcdd5c546c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.34.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.239.34.201.138.clients.your-server.de
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
server: nginx
content-length: 43
serverid: TODO
content-type: image/gif

Redirect headers

location: /cookiesync/ssp/natimatica?set_buzzoola_cookie=t&uid=211e39cc55aeda3cf73b250adafcdd5c546c
date: Sat, 06 Feb 2021 08:14:45 GMT
server: nginx
etag: W/"abe852c769ba7fd9997c4c757a0470cebaed4ded55643534ff50b96e46a3049f"
content-length: 129
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

pixel.gif
sync.1dmp.io/
Redirect Chain

https://ut.rktch.com/matchbt?bi=50
https://api.advarkads.com/api/statistic/match?id=8067-1-1&uid=211e39cc55aeda3cf73b250adafcdd5c546c
https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d5c801-5524-425e-8150-44d7fd8e1e13

35 B
376 B

25ms
25ms

Image
image/gif

88.99.149.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d5c801-5524-425e-8150-44d7fd8e1e13
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.99.149.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 06 Feb 2021 08:14:40 GMT
Server: nginx/1.14.1
X-Powered-By: ASP.NET
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Location: https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d5c801-5524-425e-8150-44d7fd8e1e13
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: -1

GET
H2

200

uuid
rtb.beroll.ru/
Redirect Chain

https://ut.rktch.com/matchbt?bi=39
https://rtb.beroll.ru/uuid?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D39%26bui%3D

0
86 B

193ms
61ms

Image
text/plain

82.202.224.34
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.beroll.ru/uuid?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D39%26bui%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.224.34 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
server: nginx/1.14.0
content-length: 0
content-type: application/octet-stream, text/plain

Redirect headers

Date: Sat, 06 Feb 2021 08:14:45 GMT
Server: nginx/1.14.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
location: https://rtb.beroll.ru/uuid?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D39%26bui%3D
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/crypme/ 102 B
439 B 40ms
40ms Script
application/javascript 159.69.74.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/crypme/?callback=sapeRTBreadBtwResponse_112933&place=551479&partner=7
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/933/2/112933.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.74.6 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1290922.sapientru.net
Software: openresty /
Resource Hash: a17b740671d97f092ad755305442b05207065041fefe512dcd048dfea0e683f4

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:45 GMT
Server: openresty
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 102
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 27ms
26ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=7&id=112933.551479.162403192.3.1.183&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599285
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 27ms
27ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=307&id=112933.551479.162403201.3.3.212&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599285
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/crypme/ 102 B
439 B 28ms
27ms Script
application/javascript 159.69.74.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/crypme/?callback=sapeRTBreadBtwResponse_112933&place=551478&partner=7
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/933/2/112933.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.74.6 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1290922.sapientru.net
Software: openresty /
Resource Hash: cf48c473a4d3caaa35237b7ab155103012be54603caf08dd42498f8c65f1776d

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:45 GMT
Server: openresty
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 102
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 26ms
26ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=7&id=112933.551478.162403179.0.4.183&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599285
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 27ms
26ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=307&id=112933.551478.162403188.0.6.212&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599285
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 3921842.js Show response
cache.betweendigital.com/sections/2/ Frame 99BB 9 KB
3 KB 22ms
21ms Script
application/javascript 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/sections/2/3921842.js
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/933/2/112933.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: ed4d8919b602414117f2b52d6de65134cd7f71561cca6d26c6af2161e80ec6f4

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
content-encoding: gzip
last-modified: Thu, 28 Jan 2021 03:38:47 GMT
server: nginx
etag: W/"601231c7-236c"
content-type: application/javascript

GET
H2 200 3921844.js Show response
cache.betweendigital.com/sections/2/ Frame 3885 9 KB
3 KB 21ms
21ms Script
application/javascript 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/sections/2/3921844.js
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/933/2/112933.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 37566204aec56597f218221a5bb013640ace133338877b8f0f1bb838c4925ad4

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
content-encoding: gzip
last-modified: Thu, 28 Jan 2021 03:38:48 GMT
server: nginx
etag: W/"601231c8-236c"
content-type: application/javascript

GET
H2 200 1x1.gif
cache.betweendigital.com/code/ Frame 99BB 43 B
172 B 22ms
21ms Image
image/gif 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.betweendigital.com/code/1x1.gif
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/3921842.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
last-modified: Tue, 08 Oct 2019 15:27:01 GMT
server: nginx
accept-ranges: bytes
etag: "5d9caac5-2b"
content-length: 43
content-type: image/gif

GET
H2 200 async_rtb.js Show response
cache.betweendigital.com/code/ Frame 99BB 261 KB
70 KB 23ms
21ms Script
application/javascript 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/async_rtb.js
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/3921842.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: f1fe3829e93573dd0c3a08a462b97f381394e03e7240c56907562970a32667c5

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
cache-control: public, max-age=900, immutable
last-modified: Wed, 03 Feb 2021 10:35:29 GMT
server: nginx
content-encoding: gzip
etag: W/"601a7c71-41368"
content-type: application/javascript

GET
H2 200 1x1.gif
cache.betweendigital.com/code/ Frame 3885 43 B
172 B 22ms
21ms Image
image/gif 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.betweendigital.com/code/1x1.gif
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/3921844.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
last-modified: Tue, 08 Oct 2019 15:27:01 GMT
server: nginx
accept-ranges: bytes
etag: "5d9caac5-2b"
content-length: 43
content-type: image/gif

GET
H2 200 async_rtb.js Show response
cache.betweendigital.com/code/ Frame 3885 261 KB
70 KB 23ms
22ms Script
application/javascript 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/async_rtb.js
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/3921844.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: f1fe3829e93573dd0c3a08a462b97f381394e03e7240c56907562970a32667c5

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
cache-control: public, max-age=900, immutable
last-modified: Wed, 03 Feb 2021 10:35:29 GMT
server: nginx
content-encoding: gzip
etag: W/"601a7c71-41368"
content-type: application/javascript

GET
H2

200

fltiukqt.js Show response
pixel.yabidos.com/ Frame 99BB
Redirect Chain

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921842&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921842&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

3 KB
2 KB

21ms
21ms

Script
application/javascript

104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921842&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6816e29afd28ec19a8117347057ebac92b311321e5383b9ec9db06ef542d2934

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:22 GMT
server: cloudflare
age: 5981
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b5ebf10d8f5-AMS
content-length: 1579
cf-request-id: 0818016f370000d8f5bb2c4000000001
expires: Sat, 06 Feb 2021 10:14:45 GMT

Redirect headers

date: Sat, 06 Feb 2021 08:14:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921842&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
cache-control: max-age=3600
cf-ray: 61d36b5e9ed6d8f5-AMS
cf-request-id: 0818016f1e0000d8f5ee3b8000000001
expires: Sat, 06 Feb 2021 09:14:45 GMT

GET
H2 200 40981404
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/ Frame 99BB 43 B
415 B 41ms
41ms Image
image/gif 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/40981404

Requested by

Host: www.take-money.fun
URL: https://www.take-money.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),

Reverse DNS

Software

tns-counter-3.1.0/1.18.0 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: tns-counter-3.1.0/1.18.0
strict-transport-security: max-age=2678400
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

fltiukqt.js Show response
pixel.yabidos.com/ Frame 3885
Redirect Chain

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921844&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921844&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

3 KB
2 KB

25ms
25ms

Script
application/javascript

104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921844&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6816e29afd28ec19a8117347057ebac92b311321e5383b9ec9db06ef542d2934

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:22 GMT
server: cloudflare
age: 5981
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b5eef60d8f5-AMS
content-length: 1579
cf-request-id: 0818016f540000d8f5c7b16000000001
expires: Sat, 06 Feb 2021 10:14:45 GMT

Redirect headers

date: Sat, 06 Feb 2021 08:14:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921844&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
cache-control: max-age=3600
cf-ray: 61d36b5ebf0ed8f5-AMS
cf-request-id: 0818016f370000d8f5b4160000000001
expires: Sat, 06 Feb 2021 09:14:45 GMT

GET
H2 200 91756181
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/ Frame 3885 43 B
415 B 41ms
41ms Image
image/gif 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/91756181

Requested by

Host: www.take-money.fun
URL: https://www.take-money.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),

Reverse DNS

Software

tns-counter-3.1.0/1.18.0 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: tns-counter-3.1.0/1.18.0
strict-transport-security: max-age=2678400
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ Frame 99BB 30 KB
24 KB 22ms
21ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1612599285582&ver1=2.2.4&qid=53532313f523632313f5436393&rnd=kz03f820wc2h&cid=964
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921842&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:22 GMT
server: cloudflare
age: 5981
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b5eff6fd8f5-AMS
content-length: 23972
cf-request-id: 0818016f590000d8f50ca08000000001
expires: Sat, 06 Feb 2021 10:14:45 GMT

GET
H2 200 vbl.gif
pre.glotgrx.com/ Frame 99BB 26 B
110 B 11ms
10ms Image
image/gif 2606:4700::6810:4036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1612599285622&rnd=kz03f820wc2h&ifm=2&uai=2&cid=964&s=https%253A//www.take-money.fun&p=BX&x=&adtg=3921842&ats=0&atf=srtb_iframe_551478_307&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:17 GMT
server: cloudflare
age: 3848
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b5f2e332bb9-FRA
content-length: 26
cf-request-id: 0818016f7c00002bb983bce000000001
expires: Sat, 06 Feb 2021 10:14:45 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ Frame 99BB 26 B
110 B 12ms
12ms Image
image/gif 2606:4700::6810:4036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1612599285617372&ver=1.2r81&qid=53532313f523632313f5436393&p=BX&s=https%253A//www.take-money.fun&x=&cid=964&od1=&od2=&adtg=3921842&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=kz03f820wc2h&impid=&tps=6&ver1=2.2.4&lon=&lat=&ua=&os=&mm=&di=&ip=&ci=&pp=&bp=&w=&h=&pn=&1=6f0ee731b7b4ce8ac0f9c16acf24ceb7&2=1.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%2267%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=srtb_iframe_551478_307&dbgcid=964&ifm=2&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=0&icp=&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-26-p-fl-2-s-fl-26-x-fl-0-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-7-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-lon-fl-0-lat-fl-0-ua-fl-0-os-fl-0-mm-fl-0-di-fl-0-ip-fl-0-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-0-h-fl-0-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andMacIntel&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=468x60&gpu=undefined&ncf=4g_9_undefined_null_0_undefined_false&fli=3429136985&flerr=0&trim=&fio=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:17 GMT
server: cloudflare
age: 3848
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b5f2e352bb9-FRA
content-length: 26
cf-request-id: 0818016f7d00002bb9b6238000000001
expires: Sat, 06 Feb 2021 10:14:45 GMT

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ Frame 3885 30 KB
24 KB 27ms
27ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1612599285608&ver1=2.2.4&qid=53532313f523632313f5436393&rnd=8p62b9kutq2e&cid=964
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921844&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:22 GMT
server: cloudflare
age: 5981
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b5f3fd9d8f5-AMS
content-length: 23972
cf-request-id: 0818016f860000d8f505a2c000000001
expires: Sat, 06 Feb 2021 10:14:45 GMT

GET
H2 200 adi
ads.betweendigital.com/ Frame 0662 0
0 65ms
64ms Document
text/html 23.111.200.117
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adi?frl=1&subid=1469102.162403188&pos=atf&ref=https%3A%2F%2Fwww.take-money.fun%2F&tz=-60&fl=0&ord=7039540925265957&rr=direct&r_seq=0&tld=d3d3LnRha2UtbW9uZXkuZnVu&tagType=adi&w=468&h=60&s=3921842&jst=ai
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/async_rtb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.200.117 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ads.betweendigital.com
:scheme: https
:path: /adi?frl=1&subid=1469102.162403188&pos=atf&ref=https%3A%2F%2Fwww.take-money.fun%2F&tz=-60&fl=0&ord=7039540925265957&rr=direct&r_seq=0&tld=d3d3LnRha2UtbW9uZXkuZnVu&tagType=adi&w=468&h=60&s=3921842&jst=ai
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.take-money.fun/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: dc=mow1; tuuid=9e7b622d-e554-5125-bdeb-8226ddf5cdd2; ut=YB5P9AAMhwgNnZ7QnSg3meqBQlJyKmJsZx9HdA==; ss=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.take-money.fun/

Response headers

content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip

GET
H2 200 39434043
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 99BB 43 B
415 B 41ms
41ms Image
image/gif 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/39434043

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),

Reverse DNS

Software

tns-counter-3.1.0/1.18.0 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: tns-counter-3.1.0/1.18.0
strict-transport-security: max-age=2678400
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 adi
ads.betweendigital.com/ Frame 577A 0
0 64ms
64ms Document
text/html 23.111.200.117
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adi?frl=1&subid=1469102.162403201&pos=atf&ref=https%3A%2F%2Fwww.take-money.fun%2F&tz=-60&fl=0&ord=1746493877800390.2&rr=direct&r_seq=0&tld=d3d3LnRha2UtbW9uZXkuZnVu&tagType=adi&w=468&h=60&s=3921844&jst=ai
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/async_rtb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.200.117 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ads.betweendigital.com
:scheme: https
:path: /adi?frl=1&subid=1469102.162403201&pos=atf&ref=https%3A%2F%2Fwww.take-money.fun%2F&tz=-60&fl=0&ord=1746493877800390.2&rr=direct&r_seq=0&tld=d3d3LnRha2UtbW9uZXkuZnVu&tagType=adi&w=468&h=60&s=3921844&jst=ai
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.take-money.fun/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: dc=mow1; tuuid=9e7b622d-e554-5125-bdeb-8226ddf5cdd2; ut=YB5P9AAMhwgNnZ7QnSg3meqBQlJyKmJsZx9HdA==; ss=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.take-money.fun/

Response headers

content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip

GET
H2 200 99367419
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 3885 43 B
415 B 42ms
41ms Image
image/gif 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/99367419

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),

Reverse DNS

Software

tns-counter-3.1.0/1.18.0 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: tns-counter-3.1.0/1.18.0
strict-transport-security: max-age=2678400
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 vbl.gif
pre.glotgrx.com/ Frame 3885 26 B
110 B 11ms
10ms Image
image/gif 2606:4700::6810:4036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1612599285679&rnd=8p62b9kutq2e&ifm=2&uai=2&cid=964&s=https%253A//www.take-money.fun&p=BX&x=&adtg=3921844&ats=0&atf=srtb_iframe_551479_307&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:17 GMT
server: cloudflare
age: 3848
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b5f8ec72bb9-FRA
content-length: 26
cf-request-id: 0818016fb600002bb975143000000001
expires: Sat, 06 Feb 2021 10:14:45 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ Frame 3885 26 B
110 B 12ms
11ms Image
image/gif 2606:4700::6810:4036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1612599285674303&ver=1.2r81&qid=53532313f523632313f5436393&p=BX&s=https%253A//www.take-money.fun&x=&cid=964&od1=&od2=&adtg=3921844&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=8p62b9kutq2e&impid=&tps=6&ver1=2.2.4&lon=&lat=&ua=&os=&mm=&di=&ip=&ci=&pp=&bp=&w=&h=&pn=&1=6f0ee731b7b4ce8ac0f9c16acf24ceb7&2=1.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%2267%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=srtb_iframe_551479_307&dbgcid=964&ifm=2&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=0&icp=&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-26-p-fl-2-s-fl-26-x-fl-0-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-7-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-lon-fl-0-lat-fl-0-ua-fl-0-os-fl-0-mm-fl-0-di-fl-0-ip-fl-0-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-0-h-fl-0-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andMacIntel&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=468x60&gpu=undefined&ncf=4g_9_undefined_null_0_undefined_false&fli=3429136985&flerr=0&trim=&fio=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:17 GMT
server: cloudflare
age: 3848
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b5f8ec92bb9-FRA
content-length: 26
cf-request-id: 0818016fb600002bb9dc8c9000000001
expires: Sat, 06 Feb 2021 10:14:45 GMT

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/data/ 30 B
366 B 37ms
37ms Script
application/javascript 159.69.74.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/data/?callback=sapeRTB_601e4ff5b_42487358&srtbid=112933&scids=162403178&sx=1600&sy=1200&ref=&u=https%3A%2F%2Fwww.take-money.fun%2F&allimps=0&fl=0&v=2&deal=9&tz=%2B01%3A00
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/933/2/112933.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.74.6 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1290922.sapientru.net
Software: openresty /
Resource Hash: fd6ecd8a69b9eacf138ae894c803a628a0fd4d045534cafb473a7e8734abcd75

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:45 GMT
Server: openresty
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 30
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 27ms
26ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=307&id=112933.551478.162403188.0.6.212&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599286
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 27ms
27ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A112933%2C%22sc%22%3A0%2C%22pl%22%3A551478%2C%22ev%22%3A%22cheap%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599286
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/data/ 30 B
366 B 82ms
81ms Script
application/javascript 159.69.74.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/data/?callback=sapeRTB_601e4ff5b_85996621&srtbid=112933&scids=162403191&sx=1600&sy=1200&ref=&u=https%3A%2F%2Fwww.take-money.fun%2F&allimps=0&fl=0&v=2&tz=%2B01%3A00
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/933/2/112933.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.74.6 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1290922.sapientru.net
Software: openresty /
Resource Hash: 9761cdaa7454cb9aab58616cb59c39370917bab3cc9b87d9294d0f12a3f89555

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:45 GMT
Server: openresty
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 30
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 27ms
26ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=307&id=112933.551479.162403201.3.3.212&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599286
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 28ms
27ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=16&id=112933.551479.162403191.3.6.45&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599286
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/data/ 30 B
366 B 45ms
44ms Script
application/javascript 159.69.74.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/data/?callback=sapeRTB_601e4ff5d_42305730&srtbid=112933&scids=162403191&sx=1600&sy=1200&ref=&u=https%3A%2F%2Fwww.take-money.fun%2F&allimps=0&fl=0&v=2&deal=9&tz=%2B01%3A00
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/933/2/112933.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.74.6 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1290922.sapientru.net
Software: openresty /
Resource Hash: 74b0089f52fc5ef6cbc915ff273625ab04dbb4b52ff6b341bf3b4c95d257cac8

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:45 GMT
Server: openresty
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 30
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 28ms
27ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=16&id=112933.551479.162403191.3.6.45&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599286
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 28ms
28ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A112933%2C%22sc%22%3A0%2C%22pl%22%3A551479%2C%22ev%22%3A%22cheap%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599286
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:45 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/crypme/ 102 B
439 B 37ms
36ms Script
application/javascript 159.69.74.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/crypme/?callback=sapeRTBreadBtwResponse_112933&place=551475&partner=7
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/933/2/112933.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.74.6 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1290922.sapientru.net
Software: openresty /
Resource Hash: e325e6d8d866c5345040417d70bd7604ee40a9f837a92b68e27000f93fd122fd

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:46 GMT
Server: openresty
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 102
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 27ms
26ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=7&id=112933.551475.162403143.0.4.183&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599287
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 28ms
27ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=307&id=112933.551475.162403152.0.6.212&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599287
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/crypme/ 102 B
439 B 33ms
32ms Script
application/javascript 159.69.74.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/crypme/?callback=sapeRTBreadBtwResponse_112933&place=551477&partner=7
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/933/2/112933.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.74.6 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1290922.sapientru.net
Software: openresty /
Resource Hash: bdda50498ae35fce6d4c0ffd3f99b3a074571fc112e4ae5830df05a154e28b48

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:46 GMT
Server: openresty
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 102
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 27ms
26ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=7&id=112933.551477.162403166.0.4.183&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599287
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 27ms
26ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=307&id=112933.551477.162403175.0.6.212&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599287
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 3921838.js Show response
cache.betweendigital.com/sections/2/ Frame 6A6C 9 KB
3 KB 22ms
22ms Script
application/javascript 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/sections/2/3921838.js
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/933/2/112933.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1573606dc8cc83e77868eb5a6540999b711a86a909c58e6325381c94ce6f3d1e

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:46 GMT
content-encoding: gzip
last-modified: Thu, 28 Jan 2021 03:38:46 GMT
server: nginx
etag: W/"601231c6-236c"
content-type: application/javascript

GET
H2 200 3921839.js Show response
cache.betweendigital.com/sections/2/ Frame 5012 9 KB
3 KB 22ms
21ms Script
application/javascript 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/sections/2/3921839.js
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/933/2/112933.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5dc5001c154da44c6f4c608b801f2e25d275d3f1cc406f5f39cc3125533f9415

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:46 GMT
content-encoding: gzip
last-modified: Thu, 28 Jan 2021 03:38:47 GMT
server: nginx
etag: W/"601231c7-236c"
content-type: application/javascript

GET
H2 200 1x1.gif
cache.betweendigital.com/code/ Frame 6A6C 43 B
172 B 22ms
21ms Image
image/gif 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.betweendigital.com/code/1x1.gif
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/3921838.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:46 GMT
last-modified: Tue, 08 Oct 2019 15:27:01 GMT
server: nginx
accept-ranges: bytes
etag: "5d9caac5-2b"
content-length: 43
content-type: image/gif

GET
H2 200 async_rtb.js Show response
cache.betweendigital.com/code/ Frame 6A6C 261 KB
70 KB 23ms
22ms Script
application/javascript 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/async_rtb.js
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/3921838.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: f1fe3829e93573dd0c3a08a462b97f381394e03e7240c56907562970a32667c5

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:46 GMT
cache-control: public, max-age=900, immutable
last-modified: Wed, 03 Feb 2021 10:35:29 GMT
server: nginx
content-encoding: gzip
etag: W/"601a7c71-41368"
content-type: application/javascript

GET
H2 200 1x1.gif
cache.betweendigital.com/code/ Frame 5012 43 B
172 B 24ms
23ms Image
image/gif 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.betweendigital.com/code/1x1.gif
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/3921839.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:46 GMT
last-modified: Tue, 08 Oct 2019 15:27:01 GMT
server: nginx
accept-ranges: bytes
etag: "5d9caac5-2b"
content-length: 43
content-type: image/gif

GET
H2 200 async_rtb.js Show response
cache.betweendigital.com/code/ Frame 5012 261 KB
70 KB 24ms
24ms Script
application/javascript 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/async_rtb.js
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/3921839.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: f1fe3829e93573dd0c3a08a462b97f381394e03e7240c56907562970a32667c5

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:46 GMT
cache-control: public, max-age=900, immutable
last-modified: Wed, 03 Feb 2021 10:35:29 GMT
server: nginx
content-encoding: gzip
etag: W/"601a7c71-41368"
content-type: application/javascript

GET
H2

200

fltiukqt.js Show response
pixel.yabidos.com/ Frame 5012
Redirect Chain

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921839&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921839&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

3 KB
2 KB

22ms
21ms

Script
application/javascript

104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921839&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6816e29afd28ec19a8117347057ebac92b311321e5383b9ec9db06ef542d2934

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:22 GMT
server: cloudflare
age: 5982
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b66ab67d8f5-AMS
content-length: 1579
cf-request-id: 081801742a0000d8f5c3b39000000001
expires: Sat, 06 Feb 2021 10:14:46 GMT

Redirect headers

date: Sat, 06 Feb 2021 08:14:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921839&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
cache-control: max-age=3600
cf-ray: 61d36b668b2ad8f5-AMS
cf-request-id: 08180174120000d8f5c7b66000000001
expires: Sat, 06 Feb 2021 09:14:46 GMT

GET
H2 200 25072783
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/ Frame 5012 43 B
415 B 41ms
41ms Image
image/gif 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/25072783

Requested by

Host: www.take-money.fun
URL: https://www.take-money.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),

Reverse DNS

Software

tns-counter-3.1.0/1.18.0 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:46 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: tns-counter-3.1.0/1.18.0
strict-transport-security: max-age=2678400
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

fltiukqt.js Show response
pixel.yabidos.com/ Frame 6A6C
Redirect Chain

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921838&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921838&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

3 KB
2 KB

21ms
21ms

Script
application/javascript

104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921838&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6816e29afd28ec19a8117347057ebac92b311321e5383b9ec9db06ef542d2934

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:22 GMT
server: cloudflare
age: 5982
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b66bb79d8f5-AMS
content-length: 1579
cf-request-id: 08180174350000d8f521164000000001
expires: Sat, 06 Feb 2021 10:14:46 GMT

Redirect headers

date: Sat, 06 Feb 2021 08:14:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921838&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
cache-control: max-age=3600
cf-ray: 61d36b669b4dd8f5-AMS
cf-request-id: 081801741f0000d8f5081ab000000001
expires: Sat, 06 Feb 2021 09:14:46 GMT

GET
H2 200 32799924
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/ Frame 6A6C 43 B
415 B 41ms
41ms Image
image/gif 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/32799924

Requested by

Host: www.take-money.fun
URL: https://www.take-money.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),

Reverse DNS

Software

tns-counter-3.1.0/1.18.0 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:46 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: tns-counter-3.1.0/1.18.0
strict-transport-security: max-age=2678400
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ Frame 5012 30 KB
24 KB 27ms
27ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1612599286841&ver1=2.2.4&qid=53532313f523632313f5436393&rnd=40bqcq192t3r&cid=964
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://www.take-money.fun&x=&nci=&adtg=3921839&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:22 GMT
server: cloudflare
age: 5982
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b66db9dd8f5-AMS
content-length: 23972
cf-request-id: 08180174490000d8f5e8984000000001
expires: Sat, 06 Feb 2021 10:14:46 GMT

GET
H2 200 impimg.gif
pre.glotgrx.com/ Frame 6A6C 26 B
265 B 13ms
12ms Image
image/gif 2606:4700::6810:4036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/impimg.gif?cb=1612599286853&qid=53532313f523632313f5436393&cid=964&s=https://www.take-money.fun&p=BX&x=&adtg=3921838&nsi=&si=&nci=&nai=&ua=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&ai=&flsrc=1
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:46 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:17 GMT
server: cloudflare
age: 3843
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b66dbf22bb9-FRA
content-length: 26
cf-request-id: 081801744900002bb9ed92c000000001
expires: Sat, 06 Feb 2021 10:14:46 GMT

GET
H2 200 vbl.gif
pre.glotgrx.com/ Frame 5012 26 B
110 B 13ms
12ms Image
image/gif 2606:4700::6810:4036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1612599286888&rnd=40bqcq192t3r&ifm=2&uai=2&cid=964&s=https%253A//www.take-money.fun&p=BX&x=&adtg=3921839&ats=0&atf=srtb_iframe_551477_307&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:46 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:17 GMT
server: cloudflare
age: 3849
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b671c5b2bb9-FRA
content-length: 26
cf-request-id: 081801746f00002bb9c2b2b000000001
expires: Sat, 06 Feb 2021 10:14:46 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ Frame 5012 26 B
114 B 12ms
11ms Image
image/gif 2606:4700::6810:4036
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1612599286881831&ver=1.2r81&qid=53532313f523632313f5436393&p=BX&s=https%253A//www.take-money.fun&x=&cid=964&od1=&od2=&adtg=3921839&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=40bqcq192t3r&impid=&tps=6&ver1=2.2.4&lon=&lat=&ua=&os=&mm=&di=&ip=&ci=&pp=&bp=&w=&h=&pn=&1=6f0ee731b7b4ce8ac0f9c16acf24ceb7&2=1.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%2267%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=srtb_iframe_551477_307&dbgcid=964&ifm=2&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=0&icp=&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-26-p-fl-2-s-fl-26-x-fl-0-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-7-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-lon-fl-0-lat-fl-0-ua-fl-0-os-fl-0-mm-fl-0-di-fl-0-ip-fl-0-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-0-h-fl-0-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andMacIntel&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=468x60&gpu=undefined&ncf=4g_9_undefined_null_0_undefined_false&fli=3429136985&flerr=0&trim=&fio=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:46 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Feb 2021 21:37:17 GMT
server: cloudflare
age: 3849
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 61d36b671c5d2bb9-FRA
content-length: 26
cf-request-id: 081801746f00002bb9ac80e000000001
expires: Sat, 06 Feb 2021 10:14:46 GMT

GET
H2 200 71891281
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 5012 43 B
415 B 41ms
41ms Image
image/gif 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/71891281

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),

Reverse DNS

Software

tns-counter-3.1.0/1.18.0 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:46 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: tns-counter-3.1.0/1.18.0
strict-transport-security: max-age=2678400
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 47613035
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 6A6C 43 B
415 B 41ms
41ms Image
image/gif 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/47613035

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),

Reverse DNS

Software

tns-counter-3.1.0/1.18.0 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Feb 2021 08:14:46 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: tns-counter-3.1.0/1.18.0
strict-transport-security: max-age=2678400
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 /
www.acint.net/ping/ 43 B
224 B 27ms
26ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.3.0&uid=1a0102da-265d-4818-b547-c054678cdd81&dp=14&tz=%2B01%3A00&nc=65989531&dT=2021-02-06T09%3A14%3A47.624
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:47 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/data/ 30 B
366 B 32ms
31ms Script
application/javascript 159.69.74.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/data/?callback=sapeRTB_601e4ff8b_91034665&srtbid=112933&scids=162403142&sx=1600&sy=1200&ref=&u=https%3A%2F%2Fwww.take-money.fun%2F&allimps=0&fl=0&v=2&deal=9&tz=%2B01%3A00
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/933/2/112933.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.74.6 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1290922.sapientru.net
Software: openresty /
Resource Hash: 8766f9946d37e8e3f4d394d1a2fdd84d7b5781af48eb6a2897c46ef21375b086

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:48 GMT
Server: openresty
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 30
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 27ms
26ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=307&id=112933.551475.162403152.0.6.212&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599289
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 28ms
27ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A112933%2C%22sc%22%3A0%2C%22pl%22%3A551475%2C%22ev%22%3A%22cheap%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599289
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/data/ 30 B
366 B 65ms
64ms Script
application/javascript 159.69.74.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/data/?callback=sapeRTB_601e4ff8b_98674616&srtbid=112933&scids=162403165&sx=1600&sy=1200&ref=&u=https%3A%2F%2Fwww.take-money.fun%2F&allimps=0&fl=0&v=2&deal=9&tz=%2B01%3A00
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/933/2/112933.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.74.6 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1290922.sapientru.net
Software: openresty /
Resource Hash: a58440ae9f13f7af7a46aec94e6ef41e265e0a5decb9d5c8e0b1f097817f423d

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 08:14:48 GMT
Server: openresty
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 30
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 27ms
26ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=307&id=112933.551477.162403175.0.6.212&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599289
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 28ms
27ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A112933%2C%22sc%22%3A0%2C%22pl%22%3A551477%2C%22ev%22%3A%22cheap%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=601e4ff4-872b-04oe-rgss-0w405lnuu5td&ref=https%3A%2F%2Fwww.take-money.fun%2F&r=1612599289
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET gate.php
linkslot.ru/ 0
0

GET
H2 200 gate.php Show response
linkslot.ru/ 2 B
420 B 59ms
58ms XHR
text/html 2606:4700:20::ac43:49a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d2=dae2dc98e6c8d4df8edfd7d5cddc99cbdfe08a9bb392a29b998b938e958da28a9ab092a49da0a195a3999ba899
Requested by: Host: www.take-money.fun
URL: https://www.take-money.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.8
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.take-money.fun/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:14:49 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-powered-by: PHP/7.4.8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cc2CHCMQa8e7Sezz6pO0vm%2B%2FnJ5DsauOYBfJV8wr5AJqNMxUX92YVHtTmjJ7qBpjGmy5FNeMFzJeCoWaomlj6SEBby%2FMc%2ByqDZ%2BW2kBR8RD%2BN8tpUmT0ew%3D%3D"}],"max_age":604800}
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 61d36b7549d0dfef-FRA
content-length: 2
cf-request-id: 0818017d4e0000dfef0a2d5000000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: linkslot.ru
URL: https://linkslot.ru/gate.php?d2=dae2dc98e6c8d4df8edfd7d5cddc99cbdfe08a9bb392a29b9c8b938e958da28a9ab092a49da0a195a3999ba899

Domain: linkslot.ru
URL: https://linkslot.ru/gate.php?d2=dae2dc98e6c8d4df8edfd7d5cddc99cbdfe08a9bb394a29d998b938e958da28a9ab092a49da0a195a3999ba899

Domain: linkslot.ru
URL: https://linkslot.ru/gate.php?d2=dae2dc98e6c8d4df8edfd7d5cddc99cbdfe08a9bb392a29b9b8b938e958da28a9ab092a49da0a195a3999ba899

Domain: linkslot.ru
URL: https://linkslot.ru/gate.php?d2=dae2dc98e6c8d4df8edfd7d5cddc99cbdfe08a9bb392a29b9a8b938e958da28a9ab092a49da0a195a3999ba899

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.take-money.fun/	1969-12-31 23:59:59	Name: PHPSESSID Value: 54848964624ce9cba578adbe4b6ab330

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.betweendigital.com
an.yandex.ru
api.advarkads.com
cache.betweendigital.com
cdn-rtb.sape.ru
ddnk.advertur.ru
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
linkslot.ru
mc.yandex.ru
multibux.org
p1.dircont3.com
pixel.yabidos.com
pre.glotgrx.com
ps.ntvk1.ru
ps5.ntvk1.ru
push.multibux.org
redirect.frontend.weborama.fr
rtb.beroll.ru
sm.rtb.mts.ru
ssp-rtb.sape.ru
sync.1dmp.io
tech.rtb.mts.ru
use.fontawesome.com
ut.rktch.com
www.acint.net
www.take-money.fun
www.tns-counter.ru
linkslot.ru
104.16.201.58
138.201.34.239
159.69.74.6
176.99.5.102
193.232.121.29
194.176.118.216
2001:6d0:4001::226
213.87.44.207
217.66.147.168
23.111.200.117
23.111.9.35
2606:4700:20::ac43:49a4
2606:4700::6810:4036
2a00:1450:4001:811::2003
2a00:1450:4001:813::200a
2a02:6b8::1:119
2a02:6b8::90
2a02:6ea0:c700::2
2a03:6f00:1::5c35:6014
35.190.16.14
37.139.1.242
46.4.121.26
5.254.23.213
82.202.224.34
88.212.233.36
88.99.149.88
88.99.165.109
95.213.133.116
03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab
0ae808fef00054d3e03dd2d6f067646358627edf6e8677fc0f72252887124164
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
126d3bdcf4496b9dc25a14396dd5c8abe2780850e78896d38135e3ee370c5cd3
145d3e8cb436d0585e5e1259c8cfe54dc5602ef8554a3b6ff0e5de038192b7b7
1529224e7f0d1dbb6cb34912d804e6bdcb2e7a6dff585eae58f53771ef544475
1573606dc8cc83e77868eb5a6540999b711a86a909c58e6325381c94ce6f3d1e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1b257dc12266c8455c5187bc9234d5ea37d0ef84f6d7027434e48f39108139cf
1df57af03da9225c44c40384c8f0637addf3c84e7d4bedf82f6ab8eb10562dbc
24d5585f2965f7d5080769a4286d580a98d722b18964b999ef6b87ba13c11f2b
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c0dc58b09d35edcf971e043e55aa411f92a652e20e7889b255139d24f663723
2d06e396ae3e665587c28f5ab65944261d284a6d4597f89f741c12ed8354bd5d
2f0b4eb4293ab696c1922922bb3f370fce06c205abcc3b9198798974b1e84a08
356516691883389ee335e3d4ce9f286214ac10fc14df72f97353f6a4dfee5824
37566204aec56597f218221a5bb013640ace133338877b8f0f1bb838c4925ad4
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b961fb5648e811c522b78003392037b88710e5924df7cd47b6ac391a86c1941
4208b24d5c060ad480f04526592edef451108af6ab41a2e9f4dff95bf13648ef
485275e86f9225dc7b1849997dbfe31ba31c913198d4797c3e2b778e135d1ec1
49829e097bba4e40575cc59d6511af83d80df90fc6ff72c04a61c8948211b009
4ace026e37d5f227c52371219f71a5af12f488e80f77c7c8d89db97a81fdf9e5
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55b1cb45ec461148ba57cfe04c4c697d531dbfac95a1d2faaed9d2c43d01341c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
58cb6a78afc204b7165e947c965cbce6296ee0e587fbab3e12c0d2b6378e9004
5dc5001c154da44c6f4c608b801f2e25d275d3f1cc406f5f39cc3125533f9415
6816e29afd28ec19a8117347057ebac92b311321e5383b9ec9db06ef542d2934
6bf7297e67f011edda2221f6970d05f454c2915b95504678f8770089bc4a425b
74b0089f52fc5ef6cbc915ff273625ab04dbb4b52ff6b341bf3b4c95d257cac8
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
80f7935587fcf36206dc79d2b46332eca6ff6cc40a12ce09fe66efd02336d97e
82ad9c8df5049ce6ef23b88c4440044d51feafdb0bee85791031d33abfaabfc6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86e59269fd67d3d88c0ea1de7eda8ddf67d6d20854345de6df3ef6dc0b17ff52
8766f9946d37e8e3f4d394d1a2fdd84d7b5781af48eb6a2897c46ef21375b086
87fb77c59f6c6cfb18cc06491252c78b3821f47a33261143d41265edd4957e25
883687891e98e56324ec82c61febcb8536bcf7e29922cd71dd60cdb769b33bd1
8c6555a2e4d168491dcbef7d65f22065077b9f9cc98c843b57aa866635f0d0fa
8d042fbbd6585653d67a50125d86c128c34576b7b2a0c2022fed5d78ac24d97b
8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b
9761cdaa7454cb9aab58616cb59c39370917bab3cc9b87d9294d0f12a3f89555
9900f9b5adf569be3c70f51f0784a4bdca0242628d2d09151a30eb1b013d4bef
9d624782e39d3e90f862b87d5a90be1741509df9288efda0349bbe1c10c553b0
9e5a402c8c5cf4d79c5606689629d1ddaf8a2b11ba22a58e34b1d09b0f886858
9e7c2c4674b9b9de35d3024cb0e125aece3fd4f8c0ece4790ab7dd1b6ed6db94
9fce9febb8e85566473385adcab011206a9d9d5bb48abfaa79ffe2706a9dcc12
a17b740671d97f092ad755305442b05207065041fefe512dcd048dfea0e683f4
a1cedfc39995508192f8f6092897d6be2d604a423df16e4c39516788f0a9e618
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df
a55861b65db1b9961244a210d9305d4ff16c9d6e16a441a103d498762112de8e
a55be779f27ba3db06ec0a30826930e1ba7ab0a5e47bc27f0273c30db9579bda
a58440ae9f13f7af7a46aec94e6ef41e265e0a5decb9d5c8e0b1f097817f423d
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
b03bb5640e9f1b4b1c506b5425c741fbeef2fc5649071987df510240d4fbc67a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6f8f2f8786e9f043ebd9110f94f91da156ef343290e78fae1411172678403fa
ba7cb44c4bd1e4964f8c50886ed495d083edd2839d28550877ab509c32643920
bdda50498ae35fce6d4c0ffd3f99b3a074571fc112e4ae5830df05a154e28b48
bf428a85a050a74f3a682597fdb612ef66aaa74f4edc8cc3f255e5804822bc49
c08da55e19525062cc30652aa8ab11cde8785b87b124f9101d74a75be785482f
c182de453ddec632f2525f386a24f5c3b214c8ee775954ac46740fc81287c545
cbaa8ef425a6100998d1e5ad67b9c05a5a465217c6d49553347218a72c720d73
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf48c473a4d3caaa35237b7ab155103012be54603caf08dd42498f8c65f1776d
e21c873b121f9ce4577e92b944e0c5d9d11484b16bd94304616ee02af3da9870
e325e6d8d866c5345040417d70bd7604ee40a9f837a92b68e27000f93fd122fd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59b87fae56383d7f640ad3be54ceb2459ed467bcc71316f74d524eafebde3ac
ea39995ca52d3e9dd9cd796d3edcbdb25af38a2dbab1738574bc06c782810d6b
ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857
ece6f302b06274a67a322bc99836659428e5b9883e57b5425b562030fd3fc975
ed4d8919b602414117f2b52d6de65134cd7f71561cca6d26c6af2161e80ec6f4
f12a4c027f010051050e13f04ca952fb5348647c0b0851ec5362a93ff0c6816c
f1fe3829e93573dd0c3a08a462b97f381394e03e7240c56907562970a32667c5
f2807363e414bd864292a9555556ce345e6046bb2c9eb090586c96848dc200a5
f86b0a4594e3f68aeda13429290a9fe299c128206c960084f5b2c9edfa8a8906
f8da8cf51991751a899ade13231b19579025cd9017cdf01b882c4070f7f1719e
fd6ecd8a69b9eacf138ae894c803a628a0fd4d045534cafb473a7e8734abcd75
fd7627dee0df960045a212e5e2c101ae75784fd18782a857ef3a3461fc384570

www.take-money.fun Open in urlscan Pro 2a03:6f00:1::5c35:6014 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

199 Requests

98 %HTTPS

32 %IPv6

23 Domains

29 Subdomains

25 IPs

4 Countries

6819 kBTransfer

9950 kBSize

1 Cookies

20 Outgoing links

Redirected requests

199 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.take-money.fun Open in urlscan Pro
2a03:6f00:1::5c35:6014 Public Scan

Screenshot
Live screenshot

Full Image

199
Requests

98 %
HTTPS

32 %
IPv6

23
Domains

29
Subdomains

25
IPs

4
Countries

6819 kB
Transfer

9950 kB
Size

1
Cookies

199 HTTP transactions
0 data transactions