new-benefit.com Open in urlscan Pro
136.243.110.236  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response new-benefit.com/gambl/FortuneTiger/br1-spin/	7 KB 3 KB	152ms 46ms	Document text/html	136.243.110.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://new-benefit.com/gambl/FortuneTiger/br1-spin/?trafficsource_name=PropellerAds&t1=3153670&trafficsource=21&uclick=h98p5mntvr&uclickhash=h98p5mntvr-h98p5mntvr-q5fvi4-0-gxj6bl-1zg5vr-1zg5i4-abfe48 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 136.243.110.236 Cologne, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.110.243.136.clients.your-server.de Software nginx/1.16.1 / Resource Hash 2182f30ea8c9b4d6d051bff5e278d3d060b0693404d6ed8d26951aee75517477 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-GB,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-type text/html date Wed, 19 Jun 2024 23:31:26 GMT etag W/"666b1690-1dc8" last-modified Thu, 13 Jun 2024 15:56:00 GMT server nginx/1.16.1 strict-transport-security max-age=31536000
GET H2	200	style.css new-benefit.com/gambl/FortuneTiger/br1-spin/css/	19 KB 19 KB	93ms 92ms	Stylesheet text/css	136.243.110.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://new-benefit.com/gambl/FortuneTiger/br1-spin/css/style.css Requested by Host: new-benefit.com URL: https://new-benefit.com/gambl/FortuneTiger/br1-spin/?trafficsource_name=PropellerAds&t1=3153670&trafficsource=21&uclick=h98p5mntvr&uclickhash=h98p5mntvr-h98p5mntvr-q5fvi4-0-gxj6bl-1zg5vr-1zg5i4-abfe48 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 136.243.110.236 Cologne, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.110.243.136.clients.your-server.de Software nginx/1.16.1 / Resource Hash 71ce7cebf9666954a11ff895ef6e80ee7646a2dcd1abd40af63a35f8ceec297e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://new-benefit.com/gambl/FortuneTiger/br1-spin/?trafficsource_name=PropellerAds&t1=3153670&trafficsource=21&uclick=h98p5mntvr&uclickhash=h98p5mntvr-h98p5mntvr-q5fvi4-0-gxj6bl-1zg5vr-1zg5i4-abfe48 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 19 Jun 2024 23:31:26 GMT strict-transport-security max-age=31536000 last-modified Thu, 16 May 2024 10:48:56 GMT server nginx/1.16.1 etag "6645e498-4c21" content-type text/css accept-ranges bytes content-length 19489
GET H2	200	sweetalert.css new-benefit.com/gambl/FortuneTiger/br1-spin/css/	25 KB 25 KB	94ms 93ms	Stylesheet text/css	136.243.110.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://new-benefit.com/gambl/FortuneTiger/br1-spin/css/sweetalert.css Requested by Host: new-benefit.com URL: https://new-benefit.com/gambl/FortuneTiger/br1-spin/?trafficsource_name=PropellerAds&t1=3153670&trafficsource=21&uclick=h98p5mntvr&uclickhash=h98p5mntvr-h98p5mntvr-q5fvi4-0-gxj6bl-1zg5vr-1zg5i4-abfe48 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 136.243.110.236 Cologne, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.110.243.136.clients.your-server.de Software nginx/1.16.1 / Resource Hash 515c300a0fad086bce036c4ca0498476a920d82f62b999643509d5588ed3db47 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://new-benefit.com/gambl/FortuneTiger/br1-spin/?trafficsource_name=PropellerAds&t1=3153670&trafficsource=21&uclick=h98p5mntvr&uclickhash=h98p5mntvr-h98p5mntvr-q5fvi4-0-gxj6bl-1zg5vr-1zg5i4-abfe48 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 19 Jun 2024 23:31:26 GMT strict-transport-security max-age=31536000 last-modified Thu, 16 May 2024 10:48:56 GMT server nginx/1.16.1 etag "6645e498-6390" content-type text/css accept-ranges bytes content-length 25488
GET H2	200	propush_script_gambl.js Show response new-benefit.com/scripts/	3 KB 3 KB	139ms 138ms	Script application/javascript	136.243.110.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://new-benefit.com/scripts/propush_script_gambl.js Requested by Host: new-benefit.com URL: https://new-benefit.com/gambl/FortuneTiger/br1-spin/?trafficsource_name=PropellerAds&t1=3153670&trafficsource=21&uclick=h98p5mntvr&uclickhash=h98p5mntvr-h98p5mntvr-q5fvi4-0-gxj6bl-1zg5vr-1zg5i4-abfe48 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 136.243.110.236 Cologne, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.110.243.136.clients.your-server.de Software nginx/1.16.1 / Resource Hash 4865d239a44b148233fc8ddae161443066cff95888eb80097985922ab9ff374d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://new-benefit.com/gambl/FortuneTiger/br1-spin/?trafficsource_name=PropellerAds&t1=3153670&trafficsource=21&uclick=h98p5mntvr&uclickhash=h98p5mntvr-h98p5mntvr-q5fvi4-0-gxj6bl-1zg5vr-1zg5i4-abfe48 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 19 Jun 2024 23:31:26 GMT strict-transport-security max-age=31536000 last-modified Wed, 19 Jun 2024 18:21:11 GMT server nginx/1.16.1 etag "66732197-cef" content-type application/javascript accept-ranges bytes content-length 3311
GET H2	200	lights.gif new-benefit.com/gambl/FortuneTiger/br1-spin/images/	112 KB 113 KB	139ms 139ms	Image image/gif	136.243.110.236 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://new-benefit.com/gambl/FortuneTiger/br1-spin/images/lights.gif Requested by Host: new-benefit.com URL: https://new-benefit.com/gambl/FortuneTiger/br1-spin/?trafficsource_name=PropellerAds&t1=3153670&trafficsource=21&uclick=h98p5mntvr&uclickhash=h98p5mntvr-h98p5mntvr-q5fvi4-0-gxj6bl-1zg5vr-1zg5i4-abfe48 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 136.243.110.236 Cologne, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.110.243.136.clients.your-server.de Software nginx/1.16.1 / Resource Hash b9e30dd8e2f1ca97763dce505a1a3d1ec176e3b3448ce64dbc692eb0bcb636d6 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://new-benefit.com/gambl/FortuneTiger/br1-spin/?trafficsource_name=PropellerAds&t1=3153670&trafficsource=21&uclick=h98p5mntvr&uclickhash=h98p5mntvr-h98p5mntvr-q5fvi4-0-gxj6bl-1zg5vr-1zg5i4-abfe48 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 19 Jun 2024 23:31:26 GMT strict-transport-security max-age=31536000 last-modified Thu, 16 May 2024 10:48:57 GMT server nginx/1.16.1 etag "6645e499-1c12a" content-type image/gif accept-ranges bytes content-length 114986
GET H2	200	22.png new-benefit.com/gambl/FortuneTiger/br1-spin/images/	274 KB 274 KB	140ms 139ms	Image image/png	136.243.110.236 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://new-benefit.com/gambl/FortuneTiger/br1-spin/images/22.png Requested by Host: new-benefit.com URL: https://new-benefit.com/gambl/FortuneTiger/br1-spin/?trafficsource_name=PropellerAds&t1=3153670&trafficsource=21&uclick=h98p5mntvr&uclickhash=h98p5mntvr-h98p5mntvr-q5fvi4-0-gxj6bl-1zg5vr-1zg5i4-abfe48 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 136.243.110.236 Cologne, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.110.243.136.clients.your-server.de Software nginx/1.16.1 / Resource Hash cac1300524b49ffc51f8461cc15414a7a5bbbad6860344463300e3cd0bfe27a5 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://new-benefit.com/gambl/FortuneTiger/br1-spin/?trafficsource_name=PropellerAds&t1=3153670&trafficsource=21&uclick=h98p5mntvr&uclickhash=h98p5mntvr-h98p5mntvr-q5fvi4-0-gxj6bl-1zg5vr-1zg5i4-abfe48 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 19 Jun 2024 23:31:26 GMT strict-transport-security max-age=31536000 last-modified Thu, 16 May 2024 10:48:57 GMT server nginx/1.16.1 etag "6645e499-446cc" content-type image/png accept-ranges bytes content-length 280268
GET H2	200	bonus.png new-benefit.com/gambl/FortuneTiger/br1-spin/images/	19 KB 19 KB	134ms 130ms	Image image/png	136.243.110.236 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://new-benefit.com/gambl/FortuneTiger/br1-spin/images/bonus.png Requested by Host: new-benefit.com URL: https://new-benefit.com/gambl/FortuneTiger/br1-spin/?trafficsource_name=PropellerAds&t1=3153670&trafficsource=21&uclick=h98p5mntvr&uclickhash=h98p5mntvr-h98p5mntvr-q5fvi4-0-gxj6bl-1zg5vr-1zg5i4-abfe48 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 136.243.110.236 Cologne, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.110.243.136.clients.your-server.de Software nginx/1.16.1 / Resource Hash a698cdf002c97dd52109b7ab97be8bc17541bd07575465842bd3b79dfbd9f55c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://new-benefit.com/gambl/FortuneTiger/br1-spin/?trafficsource_name=PropellerAds&t1=3153670&trafficsource=21&uclick=h98p5mntvr&uclickhash=h98p5mntvr-h98p5mntvr-q5fvi4-0-gxj6bl-1zg5vr-1zg5i4-abfe48 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 19 Jun 2024 23:31:26 GMT strict-transport-security max-age=31536000 last-modified Thu, 16 May 2024 10:48:57 GMT server nginx/1.16.1 etag "6645e499-4b1a" content-type image/png accept-ranges bytes content-length 19226
GET H2	200	casino.jpg new-benefit.com/gambl/FortuneTiger/br1-spin/images/	19 KB 20 KB	135ms 131ms	Image image/jpeg	136.243.110.236 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://new-benefit.com/gambl/FortuneTiger/br1-spin/images/casino.jpg Requested by Host: new-benefit.com URL: https://new-benefit.com/gambl/FortuneTiger/br1-spin/?trafficsource_name=PropellerAds&t1=3153670&trafficsource=21&uclick=h98p5mntvr&uclickhash=h98p5mntvr-h98p5mntvr-q5fvi4-0-gxj6bl-1zg5vr-1zg5i4-abfe48 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 136.243.110.236 Cologne, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.110.243.136.clients.your-server.de Software nginx/1.16.1 / Resource Hash 81e6aa2cd89564079c576b95706ded262933f0a2ede6e6025bc0b189a0ca56b1 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://new-benefit.com/gambl/FortuneTiger/br1-spin/?trafficsource_name=PropellerAds&t1=3153670&trafficsource=21&uclick=h98p5mntvr&uclickhash=h98p5mntvr-h98p5mntvr-q5fvi4-0-gxj6bl-1zg5vr-1zg5i4-abfe48 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 19 Jun 2024 23:31:26 GMT strict-transport-security max-age=31536000 last-modified Thu, 16 May 2024 10:48:57 GMT server nginx/1.16.1 etag "6645e499-4d51" content-type image/jpeg accept-ranges bytes content-length 19793
GET H2	200	jquery.js Show response new-benefit.com/gambl/FortuneTiger/br1-spin/js/	88 KB 88 KB	135ms 131ms	Script application/javascript	136.243.110.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://new-benefit.com/gambl/FortuneTiger/br1-spin/js/jquery.js Requested by Host: new-benefit.com URL: https://new-benefit.com/gambl/FortuneTiger/br1-spin/?trafficsource_name=PropellerAds&t1=3153670&trafficsource=21&uclick=h98p5mntvr&uclickhash=h98p5mntvr-h98p5mntvr-q5fvi4-0-gxj6bl-1zg5vr-1zg5i4-abfe48 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 136.243.110.236 Cologne, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.110.243.136.clients.your-server.de Software nginx/1.16.1 / Resource Hash ca489b1532466fa8a70192f1d715794784c17ecf65e9c181c2b6c1c66318cd97 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://new-benefit.com/gambl/FortuneTiger/br1-spin/?trafficsource_name=PropellerAds&t1=3153670&trafficsource=21&uclick=h98p5mntvr&uclickhash=h98p5mntvr-h98p5mntvr-q5fvi4-0-gxj6bl-1zg5vr-1zg5i4-abfe48 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 19 Jun 2024 23:31:26 GMT strict-transport-security max-age=31536000 last-modified Thu, 16 May 2024 10:48:58 GMT server nginx/1.16.1 etag "6645e49a-15f67" content-type application/javascript accept-ranges bytes content-length 89959
GET H2	200	common.js Show response new-benefit.com/gambl/FortuneTiger/br1-spin/js/	2 KB 2 KB	135ms 132ms	Script application/javascript	136.243.110.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://new-benefit.com/gambl/FortuneTiger/br1-spin/js/common.js Requested by Host: new-benefit.com URL: https://new-benefit.com/gambl/FortuneTiger/br1-spin/?trafficsource_name=PropellerAds&t1=3153670&trafficsource=21&uclick=h98p5mntvr&uclickhash=h98p5mntvr-h98p5mntvr-q5fvi4-0-gxj6bl-1zg5vr-1zg5i4-abfe48 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 136.243.110.236 Cologne, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.110.243.136.clients.your-server.de Software nginx/1.16.1 / Resource Hash 4c9319a0e3a0258aa211be7bdb837848f806133339b66464426e78bc2ea571e6 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://new-benefit.com/gambl/FortuneTiger/br1-spin/?trafficsource_name=PropellerAds&t1=3153670&trafficsource=21&uclick=h98p5mntvr&uclickhash=h98p5mntvr-h98p5mntvr-q5fvi4-0-gxj6bl-1zg5vr-1zg5i4-abfe48 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 19 Jun 2024 23:31:26 GMT strict-transport-security max-age=31536000 last-modified Thu, 16 May 2024 10:48:58 GMT server nginx/1.16.1 etag "6645e49a-6bb" content-type application/javascript accept-ranges bytes content-length 1723
GET H2	200	https-v2.js Show response news-zacine.com/code/	8 KB 9 KB	136ms 42ms	Script application/javascript	193.108.118.106 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL https://news-zacine.com/code/https-v2.js?uid=138148&site=1222735510&banadu=0&sub1=Gambl&sub2=PropellerAds&sub3=sub3&sub4=sub4 Requested by Host: new-benefit.com URL: https://new-benefit.com/scripts/propush_script_gambl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.106 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 106-118-108-193.clients.gthost.com Software nginx / Resource Hash 173f7a5c9e8c70e9c50e9532ae0f44d36cef79bfc7c9e4056cad50a7fa7badd6 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://new-benefit.com/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 19 Jun 2024 23:31:26 GMT last-modified Tue, 18 Jun 2024 10:10:56 GMT server nginx etag "66715d30-21c2" content-type application/javascript cache-control max-age=315360000 accept-ranges bytes content-length 8642 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	process.js Show response news-xtusisi.com/	31 KB 11 KB	185ms 43ms	Script application/javascript	193.108.118.16 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL https://news-xtusisi.com/process.js?id=1222735510&p1=Gambl&p2=PropellerAds&p3=sub3&p4=sub4 Requested by Host: new-benefit.com URL: https://new-benefit.com/scripts/propush_script_gambl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 16-118-108-193.clients.gthost.com Software nginx / Resource Hash 61aa59ed619f498f891c051a1baea1e89228d930392e60cbb158f429602e0503 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://new-benefit.com/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 19 Jun 2024 23:31:26 GMT content-encoding gzip server nginx vary Origin, Accept-Encoding content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, must-revalidate expires 0
GET H2	200	click.php xxx-benefit.com/	0 144 B	184ms 74ms	Image text/html	136.243.110.236 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://xxx-benefit.com/click.php?event10=0 Requested by Host: new-benefit.com URL: https://new-benefit.com/gambl/FortuneTiger/br1-spin/?trafficsource_name=PropellerAds&t1=3153670&trafficsource=21&uclick=h98p5mntvr&uclickhash=h98p5mntvr-h98p5mntvr-q5fvi4-0-gxj6bl-1zg5vr-1zg5i4-abfe48 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 136.243.110.236 Cologne, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.110.243.136.clients.your-server.de Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://new-benefit.com/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 19 Jun 2024 23:31:26 GMT strict-transport-security max-age=31536000 content-encoding gzip server nginx/1.16.1 content-type text/html; charset=UTF-8
GET H2	200	33.png new-benefit.com/gambl/FortuneTiger/br1-spin/images/	3 KB 3 KB	130ms 129ms	Image image/png	136.243.110.236 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://new-benefit.com/gambl/FortuneTiger/br1-spin/images/33.png Requested by Host: new-benefit.com URL: https://new-benefit.com/gambl/FortuneTiger/br1-spin/css/style.css Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 136.243.110.236 Cologne, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.110.243.136.clients.your-server.de Software nginx/1.16.1 / Resource Hash e86d9efc28a34b761dc69536b5ce5771f1b06252829ec6cd3ca737c92af2d69c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://new-benefit.com/gambl/FortuneTiger/br1-spin/css/style.css Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 19 Jun 2024 23:31:26 GMT strict-transport-security max-age=31536000 last-modified Thu, 16 May 2024 10:48:57 GMT server nginx/1.16.1 etag "6645e499-cfc" content-type image/png accept-ranges bytes content-length 3324
GET H2	404	favicon.ico new-benefit.com/	555 B 256 B	46ms 46ms	Other text/html	136.243.110.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://new-benefit.com/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 136.243.110.236 Cologne, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.110.243.136.clients.your-server.de Software nginx/1.16.1 / Resource Hash 1d86ad203d9f732075a57918233257f12d7689499451b75db4bf8318b54b50d3 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://new-benefit.com/gambl/FortuneTiger/br1-spin/?trafficsource_name=PropellerAds&t1=3153670&trafficsource=21&uclick=h98p5mntvr&uclickhash=h98p5mntvr-h98p5mntvr-q5fvi4-0-gxj6bl-1zg5vr-1zg5i4-abfe48 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 19 Jun 2024 23:31:26 GMT content-encoding gzip server nginx/1.16.1 content-type text/html
GET H3	200	script.js Show response userstat.net/get/	129 B 649 B	110ms 58ms	Script text/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://userstat.net/get/script.js?referrer=https://new-benefit.com/gambl/FortuneTiger/br1-spin/?trafficsource_name=PropellerAds&t1=3153670&trafficsource=21&uclick=h98p5mntvr&uclickhash=h98p5mntvr-h98p5mntvr-q5fvi4-0-gxj6bl-1zg5vr-1zg5i4-abfe48 Requested by Host: new-benefit.com URL: https://new-benefit.com/gambl/FortuneTiger/br1-spin/js/jquery.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.2.1 Resource Hash 15ce5c1c9ba32dcc6ad17bb12d61ead8aafba652147c3c51d0e200a16a992d67 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://new-benefit.com/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 19 Jun 2024 23:31:27 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.2.1 vary Accept-Encoding access-control-allow-methods GET, POST content-type text/javascript; charset=utf-8 access-control-allow-origin https://new-benefit.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wPurhPBJDi0npEtPVbSRq%2FuPWoo%2F%2FCkeuWYNv0CbP7S%2BJYxfKseiWskD4TOaL7gzcMhWNxsXFfENPmU5RKnVj7j2yOrW7iOZhklixGvTpTYeOQD6hXcvxPEZTOS56bI%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 896750135f94943c-LHR access-control-allow-headers X-Requested-With,content-type alt-svc h3=":443"; ma=86400
GET H2	200	backdrop.css news-zacine.com/code/css/	2 KB 2 KB	42ms 42ms	Stylesheet text/css	193.108.118.106 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL https://news-zacine.com/code/css/backdrop.css Requested by Host: news-zacine.com URL: https://news-zacine.com/code/https-v2.js?uid=138148&site=1222735510&banadu=0&sub1=Gambl&sub2=PropellerAds&sub3=sub3&sub4=sub4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.108.118.106 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS 106-118-108-193.clients.gthost.com Software nginx / Resource Hash eb0c77dc8e3554bc35c4d6e2d37dd4d675406c32e88f78b91926e4e19b576972 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://new-benefit.com/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 19 Jun 2024 23:31:29 GMT last-modified Tue, 11 May 2021 16:26:38 GMT server nginx etag "609ab03e-8bc" content-type text/css cache-control max-age=315360000 accept-ranges bytes content-length 2236 expires Thu, 31 Dec 2037 23:55:55 GMT

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| monthNames object| now string| nowStringTommorow function| getParameterByName object| o function| pushToTrackerViaImage function| pushAfterTimeout number| TIMEOUT_IN_SECONDS object| mydate number| year number| day number| month number| daym object| dayarray object| montharray function| a0_0x4015 function| encrypt_url function| a0_0x577b function| revoInit function| addSubscriber function| pagelocker function| $ function| jQuery object| _PHV2SITE object| webpackChunklands_static object| Sentry object| _phv2Activator

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			new-benefit.com/gambl/FortuneTiger/br1-spin	1970-01-20 21:27:59	Name: PHPREFS Value: full

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://new-benefit.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: https://new-benefit.com/gambl/FortuneTiger/br1-spin/?trafficsource_name=PropellerAds&t1=3153670&trafficsource=21&uclick=h98p5mntvr&uclickhash=h98p5mntvr-h98p5mntvr-q5fvi4-0-gxj6bl-1zg5vr-1zg5i4-abfe48# Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

new-benefit.com
news-xtusisi.com
news-zacine.com
userstat.net
xxx-benefit.com
136.243.110.236
188.114.96.3
193.108.118.106
193.108.118.16
15ce5c1c9ba32dcc6ad17bb12d61ead8aafba652147c3c51d0e200a16a992d67
173f7a5c9e8c70e9c50e9532ae0f44d36cef79bfc7c9e4056cad50a7fa7badd6
1d86ad203d9f732075a57918233257f12d7689499451b75db4bf8318b54b50d3
2182f30ea8c9b4d6d051bff5e278d3d060b0693404d6ed8d26951aee75517477
4865d239a44b148233fc8ddae161443066cff95888eb80097985922ab9ff374d
4c9319a0e3a0258aa211be7bdb837848f806133339b66464426e78bc2ea571e6
515c300a0fad086bce036c4ca0498476a920d82f62b999643509d5588ed3db47
61aa59ed619f498f891c051a1baea1e89228d930392e60cbb158f429602e0503
71ce7cebf9666954a11ff895ef6e80ee7646a2dcd1abd40af63a35f8ceec297e
81e6aa2cd89564079c576b95706ded262933f0a2ede6e6025bc0b189a0ca56b1
a698cdf002c97dd52109b7ab97be8bc17541bd07575465842bd3b79dfbd9f55c
b9e30dd8e2f1ca97763dce505a1a3d1ec176e3b3448ce64dbc692eb0bcb636d6
ca489b1532466fa8a70192f1d715794784c17ecf65e9c181c2b6c1c66318cd97
cac1300524b49ffc51f8461cc15414a7a5bbbad6860344463300e3cd0bfe27a5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86d9efc28a34b761dc69536b5ce5771f1b06252829ec6cd3ca737c92af2d69c
eb0c77dc8e3554bc35c4d6e2d37dd4d675406c32e88f78b91926e4e19b576972