bon-x.ru Open in urlscan Pro
185.253.218.120 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bon-x.ru/
Effective URL:
https://bon-x.ru/
Submission Tags: tranco_l324
Submission: On May 10 via api (May 10th 2024, 10:25:26 am UTC) from DE — Scanned from NL

Summary HTTP 68 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 13 domains to perform 68 HTTP transactions. The main IP is 185.253.218.120, located in Netherlands and belongs to NETH-AS, UA. The main domain is bon-x.ru.
TLS certificate: Issued by R3 on May 4th 2024. Valid for: 3 months.

This is the only time bon-x.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	185.253.218.120 185.253.218.120	202302 (NETH-AS) (NETH-AS)
1 2	2606:4700::68... 2606:4700::6811:f8cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 8	142.250.186.164 142.250.186.164	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
5	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	95.217.100.37 95.217.100.37	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6812:bb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	213.239.209.209 213.239.209.209	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	172.67.223.248 172.67.223.248	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
68	20

14 185.253.218.120 (Netherlands)

ASN202302 (NETH-AS, UA)
PTR: s37.s-host.com.ua

bon-x.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f8cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

linkslot.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.164 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

multibux.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
multiwall-ads.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.217.100.37 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: www.people-group.su

ads.people-group.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.239.209.209 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 213-239-209-209.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.223.248 (United States)

ASN13335 (CLOUDFLARENET, US)

socpublic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	linkslot.ru linkslot.ru — Cisco Umbrella Rank: 790137	665 KB
14	bon-x.ru bon-x.ru	405 KB
11	gstatic.com t2.gstatic.com t3.gstatic.com t0.gstatic.com t1.gstatic.com www.gstatic.com fonts.gstatic.com	20 KB
9	google.com 8 redirects www.google.com — Cisco Umbrella Rank: 2 translate.google.com — Cisco Umbrella Rank: 1182	31 KB
5	people-group.net ads.people-group.net	21 KB
4	multibux.org multibux.org	19 KB
2	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 34036
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 380 translate.googleapis.com — Cisco Umbrella Rank: 866	102 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 771	12 KB
1	socpublic.com socpublic.com	2 KB
1	multiwall-ads.shop multiwall-ads.shop
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	33 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	2 KB
68	13

	Domain	Requested by
19	linkslot.ru	bon-x.ru linkslot.ru
14	bon-x.ru	bon-x.ru ajax.googleapis.com
8	www.google.com	8 redirects
5	ads.people-group.net	bon-x.ru ads.people-group.net
4	multibux.org	bon-x.ru
3	t2.gstatic.com	bon-x.ru
2	www.gstatic.com	www.gstatic.com
2	ad.a-ads.com	bon-x.ru
2	t1.gstatic.com	bon-x.ru
2	t3.gstatic.com	bon-x.ru
2	unpkg.com	1 redirects bon-x.ru
1	fonts.gstatic.com	bon-x.ru
1	socpublic.com	bon-x.ru
1	multiwall-ads.shop	bon-x.ru
1	translate.googleapis.com
1	ajax.googleapis.com	bon-x.ru
1	cdnjs.cloudflare.com	bon-x.ru
1	translate.google.com	bon-x.ru
1	cdn.jsdelivr.net	bon-x.ru
1	t0.gstatic.com	bon-x.ru
68	20

This site contains links to these domains. Also see Links.

Domain
payeer.com
socpublic.com
join-shortest.com
wmrfast.com
monitor-igr.blogspot.com
linkslot.ru
parabox.site
multibux.org
link.expreswallet.online

Subject Issuer	Validity	Valid
bon-x.ru R3	`2024-05-04` - `2024-08-02`	3 months	crt.sh
linkslot.ru E1	`2024-04-16` - `2024-07-15`	3 months	crt.sh
multibux.org GTS CA 1P5	`2024-04-14` - `2024-07-13`	3 months	crt.sh
ads.people-group.net Sectigo RSA Domain Validation Secure Server CA	`2024-03-31` - `2025-04-05`	a year	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-27` - `2025-01-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
multiwall-ads.shop GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
socpublic.com Cloudflare Inc ECC CA-3	`2023-11-02` - `2024-11-01`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://bon-x.ru/
Frame ID: 463EA42B5C0F05F87B1F0B0361BAE584
Requests: 63 HTTP requests in this frame

Frame: https://ad.a-ads.com/2282995?size=200x200
Frame ID: 05596C939CCCE56A595AB9D108B5B04C
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1274260?size=468x60&background_color=403c3c
Frame ID: 8175D50D0753586D1AAE9C02B9ADF3CB
Requests: 1 HTTP requests in this frame

Frame: https://multiwall-ads.shop/videom.php?mwvideo=745&size=180
Frame ID: 1DF4F84A01D552C770065BAD84396748
Requests: 1 HTTP requests in this frame

Frame: https://ads.people-group.net/?hwn=MzMyODE5JzEzJzMn&xm=1&swf=0&hrf=https%3A%2F%2Fbon-x.ru%2F&stg=1715336718.53186e7085&s=MTYwMCUzQTAlM0ExMjAw&h=05%2F10%2F2024%2012%3A25%3A19%27%5E%271%27%5E%27&k=BON-X%20%7C%20%D0%91%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20Bon-x.ru%20-%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20payeer%2C%20wmz%2C%20Y&0.7861891338395015
Frame ID: 88A97DA5C1187D55104FFE44B7934CEC
Requests: 1 HTTP requests in this frame

Frame: https://ads.people-group.net/?hwn=MzMyODE5JzEzJzIn&xm=1&swf=0&hrf=https%3A%2F%2Fbon-x.ru%2F&stg=1715336718.53186e7085&s=MTYwMCUzQTAlM0ExMjAw&h=05%2F10%2F2024%2012%3A25%3A19%27%5E%271%27%5E%27&k=BON-X%20%7C%20%D0%91%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20Bon-x.ru%20-%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20payeer%2C%20wmz%2C%20Y&0.8164184180638572
Frame ID: 84783BFA19B8776570053F79ADED8376
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 9868C0A6C76B31CB72A6D5325BB14437
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BON-X | Бонусы

Page URL History Show full URLs

http://bon-x.ru/ HTTP 307
https://bon-x.ru/ Page URL

Detected technologies

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+?href="[^"]+sweetalert2(?:\.min)?\.css

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

68
Requests

79 %
HTTPS

58 %
IPv6

13
Domains

20
Subdomains

20
IPs

5
Countries

1313 kB
Transfer

1950 kB
Size

4
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://payeer.com/01682721
Title: Payeer регистрация

Search URL Search Domain Scan URL

URL: https://socpublic.com/?i=1441428&slide=1
Title: socpublic

Search URL Search Domain Scan URL

URL: http://join-shortest.com/ru/ref/98f8577cbb
Title: shorte.st

Search URL Search Domain Scan URL

URL: https://wmrfast.com/?r=372812
Title: Wmrfast

Search URL Search Domain Scan URL

URL: https://monitor-igr.blogspot.com/

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=320612

Search URL Search Domain Scan URL

URL: https://parabox.site/r/invest957

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=320614

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=353192

Search URL Search Domain Scan URL

URL: https://multibux.org/banners/bannersshop/id=8576

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=269521

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=271820

Search URL Search Domain Scan URL

URL: https://link.expreswallet.online/?a=user&r=30111

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=271821

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bon-x.ru/ HTTP 307
https://bon-x.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://unpkg.com/sweetalert/dist/sweetalert.min.js HTTP 302
https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

Request Chain 14

https://www.google.com/s2/favicons?domain=https://offers4all.net&sz=128 HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://offers4all.net&size=128

Request Chain 15

https://www.google.com/s2/favicons?domain=https://skippyads.com&sz=128 HTTP 301
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://skippyads.com&size=128

Request Chain 16

https://www.google.com/s2/favicons?domain=https://cpx-research.com&sz=128 HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cpx-research.com&size=128

Request Chain 17

https://www.google.com/s2/favicons?domain=https://monlix.com&sz=128 HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://monlix.com&size=128

Request Chain 18

https://www.google.com/s2/favicons?domain=https://bitcotasks.com&sz=128 HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://bitcotasks.com&size=128

Request Chain 19

https://www.google.com/s2/favicons?domain=https://unitbux.ru&sz=128 HTTP 301
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://unitbux.ru&size=128

Request Chain 20

https://www.google.com/s2/favicons?domain=https://multibux.org&sz=128 HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://multibux.org&size=128

Request Chain 21

https://www.google.com/s2/favicons?domain=https://notik.me&sz=128 HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://notik.me&size=128

68 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
bon-x.ru/
Redirect Chain

http://bon-x.ru/
https://bon-x.ru/

22 KB
7 KB

282ms
85ms

Document
text/html

185.253.218.120
NETH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bon-x.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.253.218.120 , Netherlands, ASN202302 (NETH-AS, UA),
Reverse DNS: s37.s-host.com.ua
Software: Apache / PHP/7.0.33
Resource Hash: 7139632d7a7a0944edc3fed5fd4490b6cd7efea2573726e98ac0b9658751b411

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 6972
content-type: text/html; charset=utf-8
date: Fri, 10 May 2024 10:25:17 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding
x-powered-by: PHP/7.0.33

Redirect headers

Location: https://bon-x.ru/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 jbook.js Show response
bon-x.ru/js/ 87 KB
30 KB 182ms
178ms Script
application/javascript 185.253.218.120
NETH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bon-x.ru/js/jbook.js
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.253.218.120 , Netherlands, ASN202302 (NETH-AS, UA),
Reverse DNS: s37.s-host.com.ua
Software: Apache /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:17 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2024 17:56:14 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2628000, public
accept-ranges: bytes
content-length: 30902
expires: Sun, 09 Jun 2024 10:25:17 GMT

GET
H2 200 css-21.css
bon-x.ru/css/ 69 KB
12 KB 127ms
123ms Stylesheet
text/css 185.253.218.120
NETH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bon-x.ru/css/css-21.css
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.253.218.120 , Netherlands, ASN202302 (NETH-AS, UA),
Reverse DNS: s37.s-host.com.ua
Software: Apache /
Resource Hash: fc417dee3505e55374bde6aae1259f4b33eeea10f492772a97ceda52ff1810f7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:17 GMT
content-encoding: gzip
last-modified: Fri, 01 Mar 2024 15:52:05 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2628000, public
accept-ranges: bytes
content-length: 12122
expires: Sun, 09 Jun 2024 10:25:17 GMT

GET
H2 200 alertcssBlack.css
bon-x.ru/css/ 1 KB
555 B 73ms
69ms Stylesheet
text/css 185.253.218.120
NETH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bon-x.ru/css/alertcssBlack.css
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.253.218.120 , Netherlands, ASN202302 (NETH-AS, UA),
Reverse DNS: s37.s-host.com.ua
Software: Apache /
Resource Hash: 4e604acd208d8bc6ce960982c0e9d1100f8083488951447c0af87c7dcc1b2296

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:17 GMT
content-encoding: gzip
last-modified: Fri, 01 Mar 2024 15:52:05 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2628000, public
accept-ranges: bytes
content-length: 445
expires: Sun, 09 Jun 2024 10:25:17 GMT

GET
H2 200 sweetalert2.min.css
bon-x.ru/css/ 30 KB
4 KB 74ms
71ms Stylesheet
text/css 185.253.218.120
NETH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bon-x.ru/css/sweetalert2.min.css
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.253.218.120 , Netherlands, ASN202302 (NETH-AS, UA),
Reverse DNS: s37.s-host.com.ua
Software: Apache /
Resource Hash: 5fbdef4b06a2f251d6b53984888d52b3d0029c6d5ee2cf64939afd46fd2baea9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:17 GMT
content-encoding: gzip
last-modified: Fri, 01 Mar 2024 15:52:05 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2628000, public
accept-ranges: bytes
content-length: 4395
expires: Sun, 09 Jun 2024 10:25:17 GMT

GET
H2 200 mob-21.css
bon-x.ru/css/ 56 KB
10 KB 181ms
177ms Stylesheet
text/css 185.253.218.120
NETH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bon-x.ru/css/mob-21.css
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.253.218.120 , Netherlands, ASN202302 (NETH-AS, UA),
Reverse DNS: s37.s-host.com.ua
Software: Apache /
Resource Hash: 77b6b3d2be58f6bc54391f9b3ccc58993f0ff3eb5725a276b4df736752c66c4b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:17 GMT
content-encoding: gzip
last-modified: Fri, 01 Mar 2024 15:52:05 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2628000, public
accept-ranges: bytes
content-length: 10461
expires: Sun, 09 Jun 2024 10:25:17 GMT

GET
H2

200

sweetalert.min.js Show response
unpkg.com/sweetalert@2.1.2/dist/
Redirect Chain

https://unpkg.com/sweetalert/dist/sweetalert.min.js
https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

40 KB
12 KB

37ms
37ms

Script
application/javascript

2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

Requested by

Host: bon-x.ru
URL: https://bon-x.ru/

Protocol

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://bon-x.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Fri, 10 May 2024 10:25:17 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 4988550
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRWB3SZNK0GX33W7PMCSHNEN-ams
server: cloudflare
etag: W/"9f68-Kj2qvHAjLGNQq0jTJgXcSmrB8fo"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 88193976687db7b8-AMS

Redirect headers

date: Fri, 10 May 2024 10:25:17 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01HXH085M9T878MC2BE1YNG3P8-ams
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 331
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /sweetalert@2.1.2/dist/sweetalert.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 88193976386ab7b8-AMS

GET
H2 200 for_all_2.js Show response
bon-x.ru/js/ 2 KB
1 KB 73ms
70ms Script
application/javascript 185.253.218.120
NETH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bon-x.ru/js/for_all_2.js
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.253.218.120 , Netherlands, ASN202302 (NETH-AS, UA),
Reverse DNS: s37.s-host.com.ua
Software: Apache /
Resource Hash: e73aff8195627ec9d56a05ceddd2ada89338c6d6a83558ef98ec96a17ac5b387

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:17 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2024 17:56:14 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2628000, public
accept-ranges: bytes
content-length: 963
expires: Sun, 09 Jun 2024 10:25:17 GMT

GET
H2 200 user2.png
bon-x.ru/img/ 10 KB
10 KB 102ms
51ms Image
image/png 185.253.218.120
NETH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bon-x.ru/img/user2.png
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.253.218.120 , Netherlands, ASN202302 (NETH-AS, UA),
Reverse DNS: s37.s-host.com.ua
Software: Apache /
Resource Hash: 4a48373d6201bae90b68c44604dcb3f72c3bc5e1de8bb45613e2a06b50212273

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:18 GMT
content-encoding: gzip
last-modified: Sun, 11 Jun 2023 13:44:32 GMT
server: Apache
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 9954
expires: Sun, 09 Jun 2024 10:25:18 GMT

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
4 KB 494ms
145ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=320612
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b09f7014f4d2686ba5fb22b6067c285b7d1ea9039f8ebc41445e3baaf6be066a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 10 May 2024 10:25:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nDW7sSzrFrkUxAdx0AYapRQR2WWao00%2FqE5hTwfuI8xh3ELFmtREyeqVmdQUFArftRuPIm%2FWgXTjecXhs54ajG%2FEN3ETq3%2FnUQKdPu%2FgbjBfA86kDZFSoxlkMdxdxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 881939796a5628aa-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
4 KB 464ms
130ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=320614
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d66dc0e4bc315ce4d368014fec94acf31c4259cafbfe517b03e08820508641b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 10 May 2024 10:25:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AQickdwG8qbSKI2TZY9IGfI0U52dgaAgIveClJJtIyNwyzPz%2BUTj5y07Dq2MKKue01KKQXrMCF3nTnGH%2BwiU%2FFqKCb9rpzOup9RQXE86HRXgLlRpYnjZysBZLpyuRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 881939796a5428aa-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode_new.php Show response
linkslot.ru/ 7 KB
3 KB 465ms
125ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode_new.php?id=353192
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aba048bd5800e8698047b2e1cc001f14d2104fa31c74928d2834865dd1f9a7a6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 10 May 2024 10:25:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KZZih7LOGquQDubS9xzWwn56a%2B0lGCzsJZLI2tFZKlAnZm2sZ5u0S7d%2BkukS4nevhZqtwMqET%2Flf5zEqMK27mTdNEn2E4PyjE6goUU1lEktiG9UU1dvJGSr3LAHMlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 881939797a5928aa-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 payeer.png
bon-x.ru/wallet/i/ 19 KB
18 KB 74ms
71ms Image
image/png 185.253.218.120
NETH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bon-x.ru/wallet/i/payeer.png
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.253.218.120 , Netherlands, ASN202302 (NETH-AS, UA),
Reverse DNS: s37.s-host.com.ua
Software: Apache /
Resource Hash: aebb9a1e213ac085e39ecb62381b15c529f431cc5b0f7782e8deff69228f436d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:17 GMT
content-encoding: gzip
last-modified: Thu, 14 Dec 2023 15:05:57 GMT
server: Apache
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 18528
expires: Sun, 09 Jun 2024 10:25:17 GMT

GET
H2 200 advcash.png
bon-x.ru/wallet/i/ 42 KB
42 KB 126ms
124ms Image
image/png 185.253.218.120
NETH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bon-x.ru/wallet/i/advcash.png
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.253.218.120 , Netherlands, ASN202302 (NETH-AS, UA),
Reverse DNS: s37.s-host.com.ua
Software: Apache /
Resource Hash: e6550f9f99cd9a877daf7e3dafb2f2ccca9d6902163c61ea3a564e7011d9a0b0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:17 GMT
content-encoding: gzip
last-modified: Thu, 14 Dec 2023 15:05:57 GMT
server: Apache
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 42997
expires: Sun, 09 Jun 2024 10:25:17 GMT

GET
H2 200 dash.png
bon-x.ru/wallet/i/ 11 KB
11 KB 63ms
62ms Image
image/png 185.253.218.120
NETH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bon-x.ru/wallet/i/dash.png
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.253.218.120 , Netherlands, ASN202302 (NETH-AS, UA),
Reverse DNS: s37.s-host.com.ua
Software: Apache /
Resource Hash: 97f8af3ead80e2db6e98bb68d69257d1ef57af392029f0574b2b1dd422bc4959

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:17 GMT
content-encoding: gzip
last-modified: Thu, 14 Dec 2023 15:05:57 GMT
server: Apache
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 11447
expires: Sun, 09 Jun 2024 10:25:17 GMT

GET
H2

200

faviconV2
t2.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=https://offers4all.net&sz=128
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://offers4all.net&size=128

1 KB
1 KB

672ms
52ms

Image
image/png

2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://offers4all.net&size=128

Requested by

Host: bon-x.ru
URL: https://bon-x.ru/

Protocol

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44454314e4b48bc5000979128d8719200aadf7c7a61a01834183689d057b0da0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://bon-x.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Tue, 07 May 2024 13:57:37 GMT
x-content-type-options: nosniff
age: 246461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1340
x-xss-protection: 0
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.offers4all.net/templates/ModernBlue/css/images/custom/favicon.png
expires: Tue, 14 May 2024 13:57:37 GMT

Redirect headers

date: Fri, 10 May 2024 10:05:10 GMT
x-content-type-options: nosniff
server: sffe
age: 1208
content-type: text/html; charset=UTF-8
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://offers4all.net&size=128
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 336
x-xss-protection: 0
expires: Fri, 10 May 2024 10:35:10 GMT

GET
H2

404

faviconV2
t3.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=https://skippyads.com&sz=128
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://skippyads.com&size=128

726 B
917 B

719ms
99ms

Image
image/png

2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://skippyads.com&size=128

Requested by

Host: bon-x.ru
URL: https://bon-x.ru/

Protocol

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://bon-x.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Fri, 10 May 2024 10:25:18 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/png
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 726
x-xss-protection: 0

Redirect headers

date: Fri, 10 May 2024 10:05:10 GMT
x-content-type-options: nosniff
server: sffe
age: 1208
content-type: text/html; charset=UTF-8
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://skippyads.com&size=128
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 335
x-xss-protection: 0
expires: Fri, 10 May 2024 10:35:10 GMT

GET
H2

200

faviconV2
t0.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=https://cpx-research.com&sz=128
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cpx-research.com&size=128

966 B
1 KB

688ms
69ms

Image
image/png

2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cpx-research.com&size=128

Requested by

Host: bon-x.ru
URL: https://bon-x.ru/

Protocol

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dafa80d915e6d3420a45c6461f55fb833929faa263b18630610f8952a1b43596

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://bon-x.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Tue, 07 May 2024 06:09:10 GMT
x-content-type-options: nosniff
age: 274568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 966
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 09:12:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.cpx-research.com/main/en/assets/img/fav.svg
expires: Tue, 14 May 2024 06:09:10 GMT

Redirect headers

date: Fri, 10 May 2024 10:05:10 GMT
x-content-type-options: nosniff
server: sffe
age: 1208
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cpx-research.com&size=128
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 338
x-xss-protection: 0
expires: Fri, 10 May 2024 10:35:10 GMT

GET
H2

200

faviconV2
t2.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=https://monlix.com&sz=128
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://monlix.com&size=128

2 KB
2 KB

658ms
38ms

Image
image/png

2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://monlix.com&size=128

Requested by

Host: bon-x.ru
URL: https://bon-x.ru/

Protocol

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f4aa26fa44c257812bac55854e9307efbf186df8f3dc7132a96422fe5fb7f7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://bon-x.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Sun, 05 May 2024 23:22:47 GMT
x-content-type-options: nosniff
age: 385351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1587
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 12:50:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://monlix.com/favicon.png
expires: Sun, 12 May 2024 23:22:47 GMT

Redirect headers

date: Fri, 10 May 2024 10:05:10 GMT
x-content-type-options: nosniff
server: sffe
age: 1208
content-type: text/html; charset=UTF-8
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://monlix.com&size=128
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 10 May 2024 10:35:10 GMT

GET
H2

200

faviconV2
t1.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=https://bitcotasks.com&sz=128
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://bitcotasks.com&size=128

407 B
563 B

581ms
80ms

Image
image/jpeg

2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://bitcotasks.com&size=128

Requested by

Host: bon-x.ru
URL: https://bon-x.ru/

Protocol

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

842989b890b0357fee8ffe20165676b164deae5aa7d2d5e4fb8d9dfd622817a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://bon-x.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Thu, 09 May 2024 21:06:16 GMT
x-content-type-options: nosniff
age: 47942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 407
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 14:20:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://bitcotasks.com/assets/img/favicon.ico
expires: Thu, 16 May 2024 21:06:16 GMT

Redirect headers

date: Fri, 10 May 2024 10:05:10 GMT
x-content-type-options: nosniff
server: sffe
age: 1208
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://bitcotasks.com&size=128
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 336
x-xss-protection: 0
expires: Fri, 10 May 2024 10:35:10 GMT

GET
H2

200

faviconV2
t3.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=https://unitbux.ru&sz=128
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://unitbux.ru&size=128

654 B
1 KB

606ms
106ms

Image
image/png

2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://unitbux.ru&size=128

Requested by

Host: bon-x.ru
URL: https://bon-x.ru/

Protocol

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

235c23b425b17b508bcee803e9fff98e6498a5a0a9563fd19c2cce793cddf8c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://bon-x.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Fri, 10 May 2024 10:25:18 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 654
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 05:59:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://unitbux.ru/favicon.ico
expires: Fri, 17 May 2024 10:25:18 GMT

Redirect headers

date: Fri, 10 May 2024 10:05:10 GMT
x-content-type-options: nosniff
server: sffe
age: 1208
content-type: text/html; charset=UTF-8
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://unitbux.ru&size=128
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 10 May 2024 10:35:10 GMT

GET
H2

200

faviconV2
t2.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=https://multibux.org&sz=128
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://multibux.org&size=128

1 KB
2 KB

566ms
66ms

Image
image/png

2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://multibux.org&size=128

Requested by

Host: bon-x.ru
URL: https://bon-x.ru/

Protocol

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef403dabf06caadee50c090b24a53bf07b6e481b78b95cd21680e17e4b03a648

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://bon-x.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Tue, 07 May 2024 14:30:32 GMT
x-content-type-options: nosniff
age: 244486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1516
x-xss-protection: 0
last-modified: Wed, 26 Jun 2019 09:42:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://multibux.org/favicon/apple-icon-144x144.png
expires: Tue, 14 May 2024 14:30:32 GMT

Redirect headers

date: Fri, 10 May 2024 10:05:10 GMT
x-content-type-options: nosniff
server: sffe
age: 1208
content-type: text/html; charset=UTF-8
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://multibux.org&size=128
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 10 May 2024 10:35:10 GMT

GET
H2

200

faviconV2
t1.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=https://notik.me&sz=128
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://notik.me&size=128

115 B
650 B

562ms
71ms

Image
image/png

2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://notik.me&size=128

Requested by

Host: bon-x.ru
URL: https://bon-x.ru/

Protocol

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6738502696282378abb6e2097b011ed14c7cbca2b65dfab475ee5c1e5a003398

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://bon-x.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Tue, 07 May 2024 12:55:21 GMT
x-content-type-options: nosniff
age: 250197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115
x-xss-protection: 0
last-modified: Mon, 22 Jun 2020 22:35:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://notik.me/favicon.ico
expires: Tue, 14 May 2024 12:55:21 GMT

Redirect headers

date: Fri, 10 May 2024 10:13:01 GMT
x-content-type-options: nosniff
server: sffe
age: 737
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://notik.me&size=128
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
expires: Fri, 10 May 2024 10:43:01 GMT

GET
H3 200 bancode.php Show response
multibux.org/ 2 KB
2 KB 489ms
60ms Script
text/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://multibux.org/bancode.php?id=8576
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fe5a7fc66d7f46a95cc628ba5401bf8a6ee73eadda870b506999bbfd1c884a3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XuRYz86gnp%2FMU5PT2sfWm9pDlQWlF19F%2BgL2vcMo3CwEmQFyNtWHlVloww6BgKsSU4fPjo%2Bp4uR1C7Kl2pOm8UII8TGBz1PnMmGgjxc5N0ZgfBEDlgwEnOD96fpkYk8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cf-ray: 8819397c79d066c3-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode_new.php Show response
linkslot.ru/ 7 KB
3 KB 109ms
92ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode_new.php?id=269521
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d5be465d511184b0e370affd7c66271964b6aa06827cdc36963682438de084b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 10 May 2024 10:25:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4RfJ%2Fwk5R32bHHB7Q6Y4OUzqVxhyxEdIn2kf55MAnI4GSu%2FeQMAKx27lfWsCO0uRbDV5o59vAOkGYeKfvkc7LVqnUIfJFkRWoVp0F%2FO7f5efAit4N7DkQdvSdL%2BWeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 88193979eaf028aa-AMS
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK / Show response
ads.people-group.net/332819/13/2/1/ 21 KB
7 KB 712ms
139ms Script
application/x-javascript 95.217.100.37
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.people-group.net/332819/13/2/1/

Requested by

Host: bon-x.ru
URL: https://bon-x.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

www.people-group.su

Software

nginx /

Resource Hash

5c2cb5c4f05c46d519888671293320028a5f3c7055abade6b2f1a6919317c898

Security Headers

Name	Value
X-Xss-Protection	0;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Fri, 10 May 2024 10:25:18 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Type: application/x-javascript;charset=UTF-8;
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
X-XSS-Protection: 0;

GET
H/1.1 200
OK / Show response
ads.people-group.net/332819/13/3/1/ 21 KB
7 KB 620ms
138ms Script
application/x-javascript 95.217.100.37
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.people-group.net/332819/13/3/1/

Requested by

Host: bon-x.ru
URL: https://bon-x.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

www.people-group.su

Software

nginx /

Resource Hash

6206db77eab3a16873610d56edf70e3dae6fe09504a52e35ff89a7acb1ba7bb4

Security Headers

Name	Value
X-Xss-Protection	0;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Fri, 10 May 2024 10:25:18 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Type: application/x-javascript;charset=UTF-8;
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
X-XSS-Protection: 0;

GET
H/1.1 200
OK / Show response
ads.people-group.net/332819/13/5/1/ 21 KB
7 KB 620ms
139ms Script
application/x-javascript 95.217.100.37
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.people-group.net/332819/13/5/1/

Requested by

Host: bon-x.ru
URL: https://bon-x.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

www.people-group.su

Software

nginx /

Resource Hash

f58f360be8685b65d36509fedbebd7e77aa1b1c5966034c9e2d06c9ebfe2a0d6

Security Headers

Name	Value
X-Xss-Protection	0;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Fri, 10 May 2024 10:25:18 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Type: application/x-javascript;charset=UTF-8;
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
X-XSS-Protection: 0;

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 91ms
89ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=271820
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a561c1dbde1f8434d6500682755b97b7681e9f672a3ab34cc50193979b6b7b5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 10 May 2024 10:25:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mwbEY02vDnWgakkJXRJbSo%2Bc4vscgqciXvVlmysN81glo52FbfZG5SBJwdNAZRTxME03u9iUgp%2BECuFSxy0iZmb5zP9C3gunibBkoak7YVdwSpyIbkfkJ13%2BAVLISQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 8819397a7b6d28aa-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
4 KB 78ms
75ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=271821
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 575202f79d0d25543e09ff7e1b43932b080211c961108de9c0d8acfc15123a47

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 10 May 2024 10:25:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lo6sP1G0emn%2BLCg3iNM3dyw5TmNZt5DxqoAckSDKRFcKaevrgHf%2FD7dLzpReDpSRW8fVpPmRCbjhfYBnfjlb2M35un6UoYH41PWUsA1eBhQUMf3yzjE%2BmNR8kGLl8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 8819397a7b6e28aa-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 js.cookie.min.js Show response
cdn.jsdelivr.net/npm/js-cookie@2/src/ 2 KB
2 KB 337ms
34ms Script
application/javascript 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js

Requested by

Host: bon-x.ru
URL: https://bon-x.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 36231
x-jsd-version: 2.2.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1078
x-served-by: cache-fra-eddf8230099-FRA, cache-lga21943-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QZAhP3C23NiRKfl14iRFENL8B5tNy99e4gjLtr10rdELngcDvDBzN1HksfOhOaxMSNY7gbI%2BASSZot21hodu465oTmjMoe6JM6A12S%2BwnVWg14aehDEuN%2BEicHctQfFSKJBFqTV930vkCMKfO3E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88193978adb90bd6-AMS

GET
H2 200 google-translate.js Show response
bon-x.ru/js/ 3 KB
1 KB 55ms
54ms Script
application/javascript 185.253.218.120
NETH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bon-x.ru/js/google-translate.js
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.253.218.120 , Netherlands, ASN202302 (NETH-AS, UA),
Reverse DNS: s37.s-host.com.ua
Software: Apache /
Resource Hash: 8d6bdb2d244234ab981b37a95a78d13f648e40014f73fdf57dae5564e390ff00

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:17 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2024 17:56:14 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2628000, public
accept-ranges: bytes
content-length: 1277
expires: Sun, 09 Jun 2024 10:25:17 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 87 KB
31 KB 494ms
52ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=TranslateInit

Requested by

Host: bon-x.ru
URL: https://bon-x.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7e85387ce4ba26ad59ae7730d686b99c4b453334895b700c8457523bbe83ca3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 10 May 2024 10:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.3/ 112 KB
33 KB 390ms
30ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.3/TweenMax.min.js

Requested by

Host: bon-x.ru
URL: https://bon-x.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb58e1784321d9201089afb299ee54bc723bf32145f50816f1a1f96060fc3150

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 126816
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 33383
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1c0ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JO9qWMKIHLYJEM8vBseNgdZil8HPbhJDXd47OzSnoTEW33J92vNKtVRFp7461%2FN5aRrDwYLUw7bS8AQdTmo0vDm8YhSpj1EtoKWAkIuIhtkyC0Kk8FLrdgSo5GoeF%2Bm5wuZfYfTr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 881939797c129fea-AMS
expires: Wed, 30 Apr 2025 10:25:18 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 385ms
24ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: bon-x.ru
URL: https://bon-x.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 18:16:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 May 2025 18:16:53 GMT

GET
H2 200 2282995
ad.a-ads.com/ Frame 0559 0
0 339ms
43ms Document
text/html 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2282995?size=200x200

Requested by

Host: bon-x.ru
URL: https://bon-x.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

213-239-209-209.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://bon-x.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Fri, 10 May 2024 10:25:18 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://bon-x.ru/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 1274260
ad.a-ads.com/ Frame 8175 0
0 335ms
43ms Document
text/html 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1274260?size=468x60&background_color=403c3c

Requested by

Host: bon-x.ru
URL: https://bon-x.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

213-239-209-209.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://bon-x.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Fri, 10 May 2024 10:25:18 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://bon-x.ru/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
450 B 111ms
84ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad397ea95dbef84a59a979e949f889ba897999d92a498978bd0dadfd3ded3caa996a0988790dad4d3cee1dedc9acfe6889898919ba08ae9d0d7b095ad88df9e979485cbe2d7d5dfd8d7cad2d1d79a9a9da9959cb0819ad3cfdcd0d7918aded0d4df81d9cdcad3d29485cddad9d8e7c6a199999c919b939aa09789edc2d8c9d9d192a098a1a09a9f9d92dd9f9fcad1ce99cfd7dbccaa91a2989798939b959aa29799aa91a2989798938e958d9598a0ab96a59b9d9f94a399a0a7
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=320614
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 10 May 2024 10:25:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FnwSi4ftQbv%2F19%2FMI1r6zfqJwUZr8a6JEFoP%2BRiE1SPlS0JuZn7RpOIL%2Fnn6%2B%2FcXia%2F4g86VABt4vBNAxj2ij9IDRUrvguim8Eo36S%2F7kI6cYg1YLvwUvyEerZaNUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 8819397aabb5b8f4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 2ce320618b17753c004674dc6fd81cc1.gif
linkslot.ru/uploads/ 384 KB
385 KB 58ms
56ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/uploads/2ce320618b17753c004674dc6fd81cc1.gif
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c774a27f77c33a93aac9a6a60549a617c819835d9f049aade38375ea849a89b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:18 GMT
cf-cache-status: HIT
last-modified: Fri, 10 May 2024 00:13:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "663d6697-5ffef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QERKuPxiiBNvwhV0FlDeJIlh5nlwYc801lKeieOTlxOCvaSxQUA7PTeKe47qBbiXh%2FW0puVeYrYZn4Jv8uGxp9Oxu09TXBohB79P2IGcyEIdkngi7bStYhZSWEaQBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 8819397a7b6f28aa-AMS
alt-svc: h3=":443"; ma=86400
content-length: 393199

GET
H3 200 buyb.png
linkslot.ru/img/ 3 KB
3 KB 30ms
28ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/img/buyb.png
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:18 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Jun 2023 11:22:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4
etag: "647dc573-a19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cklg%2B5sc2ITuWOTbAYZ57XMIrNSRQ7B5DqP4n02n3Nj4PGeKbIdX9uqVeqK5XwawdGr1CQ7YhsyFI%2B%2BOmqgdFFxI29Nw7TH0%2FzYYEfWMeOWXr5SIjeDs9ZzBNcCTyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 8819397a7b7028aa-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2585

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
444 B 102ms
86ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad397ea95dbef84a59a979e949d889ba897999d92a498978bd0dadfd3ded3caa996a0988790dad4d3cee1dedc9acfe6889898919ba08ae9d0d7b095ad88df9e979485cbe2d7d5dfd8d7cad2d1d79a9a9da9959cb0819ad3cfdcd0d7918aded0d4df81d9cdcad3d29485cddad9d8e7c6a199999c919b939aa09789edc2d8c9d9d192a098a1a09a9f9d93a2d9d89dc8e4dccfa2cfdcaa91a2989798939b959aa29799aa91a2989798869b888da39e9aaf94a59e9e999b9f9c9f
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=320612
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 10 May 2024 10:25:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3RR6V2%2Fov7qq%2FoVZXA7QV5wCOqGIf0zw9bE%2FG9P2eap0r3K%2F5zbCOm1Np1HfMLgIeKTor0GFD88ePmVPYuXKClJTF%2FycoZtEpD3Trc7QJmGh7u2Jno4iuigHIRTM7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 8819397aabb3b8f4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 50f8bbc21491c3dac30be9b6f5a46320.jpeg
linkslot.ru/uploads/ 19 KB
19 KB 119ms
118ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/uploads/50f8bbc21491c3dac30be9b6f5a46320.jpeg
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d4127b3eb4ca0781d119cf11b983be53384175fe2fd82537e1ac21b7f59fe27

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:18 GMT
cf-cache-status: HIT
last-modified: Fri, 10 May 2024 08:01:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "663dd463-4abc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IbG0hO8t1Mp6iXEuoskKcNQa8f18FxN4SeN6D007VLaWL4%2BIR9cGAZDEBWYzJHNT3f0oBXU5U%2Bdein7R%2F9fzynzM0TLOYccN%2B7UEJwQd6bzokQ9U7EcwKJTpxgsjWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 8819397a8b7728aa-AMS
alt-svc: h3=":443"; ma=86400
content-length: 19132

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
476 B 83ms
75ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad397ea95dbef84a59d9a999c9d889ba897999d92a498978bd0dadfd3ded3caa996a0988790dad4d3cee1dedc9acfe6889898919ba08ae9d0d7b095ad88df9e979485cbe2d7d5dfd8d7cad2d1d79a9a9da9959cb0819ad3cfdcd0d7918aded0d4df81d9cdcad3d29485cddad9d8e7c6a199999c919b939aa09789edc2d8c9d9d192a098a1a09a9f9d95dea1da9ac9dcdfa2d9c899aa91a2989798939b959aa29799aa91a2989798938e958d9598a0ab96a59b9d9f94a399a2a6
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode_new.php?id=353192
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 10 May 2024 10:25:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yq62Bb3Xfal9PNcNzolpIzqblORBLBKBBBSXS3qYnMQ1B6fpXHXEv4lnI2KMDzjsUcWILRamCiiLFstfsb1HI66eUDp8jYj%2B6tdCSC7OD787NxixS0D7NdV4NvY6vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 8819397aabb0b8f4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 200x300.jpg
linkslot.ru/promo/dummy/ 17 KB
18 KB 26ms
26ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/promo/dummy/200x300.jpg
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bb25991538ca880c81d25f85b9c9ac7430f2a3815afe6b2486047480316a82b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:18 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Jun 2023 11:22:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
etag: "647dc573-44a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4FMBcNlzJHRD9RFZQmZZ0AvOlyd67ju%2BjocaLIQt%2Fp%2FPa3yCVsbfU%2F4mEf9mTH%2Fhx6cWp2f%2FXbiKfpn4FNRHlh79mWavcwrLaHBtHEAIYZFtqyp%2FRmBAbxjsDs2kiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 8819397a9b8128aa-AMS
alt-svc: h3=":443"; ma=86400
content-length: 17574

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
438 B 88ms
87ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad397ea95dbef84a49ea09d959c889ba897999d92a498978bd0dadfd3ded3caa996a0988790dad4d3cee1dedc9acfe6889898919ba08ae9d0d7b095ad88df9e979485cbe2d7d5dfd8d7cad2d1d79a9a9da9959cb0819ad3cfdcd0d7918aded0d4df81d9cdcad3d29485cddad9d8e7c6a199999c919b939aa09789edc2d8c9d9d192a098a1a09a9f9dcddb9cd3cac5d3d2cddfd699aa91a2989798939b959aa29799aa91a2989798869b888da39e9aaf94a59e9e999b9f9e9d
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode_new.php?id=269521
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 10 May 2024 10:25:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Ruef14mpl1lhIV07xnnRbONmQnYN2B22t5jMffSOWh7KPYYdUBwYf4Wh%2FVt348sMqv0NVkvFIQppJ97DsseSoogcSS6eGxdck%2BTYef0pxgmEqIU9gbNpsWeX4qcDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 8819397aabb8b8f4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 468x60.jpg
linkslot.ru/promo/dummy/ 12 KB
12 KB 104ms
104ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/promo/dummy/468x60.jpg
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:18 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Jun 2023 11:22:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
etag: "647dc573-2e1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GiX9I4xPosNeTYQq6vUZ9EiEHSzKU9L6gcRimfWIKbTQm7U9sZo%2Bb%2FxNC%2BSg0UYdgSzVh%2FoI%2FpLtdpMsutNRlVykIvOaaepct0WuMbCoObDoODvJVNa11bHOGNe6Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 8819397aab8928aa-AMS
alt-svc: h3=":443"; ma=86400
content-length: 11802

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=BgM/d=0/rs=AN8SPfowrRiAotkQD9r4k3ANeQYGsCLZ7g/ 22 KB
5 KB 537ms
81ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=BgM/d=0/rs=AN8SPfowrRiAotkQD9r4k3ANeQYGsCLZ7g/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.nl.I3D89heDE8o.O/am=BgM/d=1/rs=AN8SPfo1jo7vvWrYpbSD5SgE90qjethFkQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 03:37:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Thu, 04 Apr 2024 07:26:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 May 2025 03:37:59 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.nl.I3D89heDE8o.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfrUWKl1MwJ3dGKSs5q-_SNmi3ntxg/ 206 KB
71 KB 549ms
93ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.nl.I3D89heDE8o.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfrUWKl1MwJ3dGKSs5q-_SNmi3ntxg/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.nl.I3D89heDE8o.O/am=BgM/d=1/rs=AN8SPfo1jo7vvWrYpbSD5SgE90qjethFkQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a4153a0531933048ae28d84e5426a3d725e89b6d41e6206c03cc5965280d8a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 19:43:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72582
x-xss-protection: 0
last-modified: Wed, 08 May 2024 17:11:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 09 May 2025 19:43:08 GMT

GET
H3 200 videom.php
multiwall-ads.shop/ Frame 1DF4 0
0 649ms
411ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://multiwall-ads.shop/videom.php?mwvideo=745&size=180
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://bon-x.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8819397d6ad265f4-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 10 May 2024 10:25:19 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hwfy72IH0uPWsfDhmBtw6sFTkTRndA22Si0W%2FT6Ad%2Fuxm9PSHprtcjX0Y%2FMeSz3VWbOO39qSEgMcMvRYL8M9qTnroIrJyDwJ1Q%2BrTeoigm2IaD54OGoEEThv08ERS6jVw5nqDFI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 visit_js.js Show response
socpublic.com/themes/assets/global/scripts/ 4 KB
2 KB 598ms
182ms Script
text/html 172.67.223.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://socpublic.com/themes/assets/global/scripts/visit_js.js
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.223.248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a2933f61346292ceba9366bac962d6d1e3b7bfb6306f746a3035225a8ee587c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:18 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cross-origin-opener-policy: same-origin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iGidLZzsvw0n0gfhTQvxtxoLH33mVRN9lwindbUfE5K%2FDcaFM9DcpF5jvh2vWNhmcf6s8ed0L8Ssbf8nSyQUaxzSx57ysIHgdomUR3udOirtuH%2Bv9qBFAKdkzTqZLcmj"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8819397d6ab60b54-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
445 B 82ms
81ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad397ea95dbef84a49f98a0959c889ba897999d92a498978bd0dadfd3ded3caa996a0988790dad4d3cee1dedc9acfe6889898919ba08ae9d0d7b095ad88df9e979485cbe2d7d5dfd8d7cad2d1d79a9a9da9959cb0819ad3cfdcd0d7918aded0d4df81d9cdcad3d29485cddad9d8e7c6a199999c919b939aa09789edc2d8c9d9d192a098a1a09a9f9d94e6d8dae1d5ccd5cea5c899aa91a2989798939b959aa29799aa91a2989798938e958d9598a0ab96a59b9d9f94a39a9fa4
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=271821
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 10 May 2024 10:25:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gZbPUvfZ6WOXmmjN0Ljdj7coQQn%2FuuUvrKEaDJmx%2BliLZgp9KcPfH%2BV6Z9Y6t%2Bz1lxCxnPPwpeaoVYBvdBsHj6JW1DaO1%2B7tTBNsiZGaqguKm3l8L6UoMBR6QdiIFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 8819397b0c33b8f4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 a2b3feed02dc0e9deb8bce4d5b510875.gif
linkslot.ru/uploads/ 204 KB
205 KB 48ms
48ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/uploads/a2b3feed02dc0e9deb8bce4d5b510875.gif
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee13955c0886a18bb51a3709d0cf6af7f5907c4d327b89b36a6667364ff1fade

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:18 GMT
cf-cache-status: HIT
last-modified: Wed, 08 May 2024 08:49:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "663b3ca7-3319c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nt9U5yLM4Qab%2BBNVwNPhkDcSuS5HKSsdXorQxlwjtbfglczhzOp2IBsOeCZunmB%2Fm%2Fw7Ea%2BbZvqJ3HJ8YXgKjTMJ%2BFonCmtrtYUfUVReDH6jl1EMqLrm6culSLkmWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 8819397b0bc628aa-AMS
alt-svc: h3=":443"; ma=86400
content-length: 209308

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
438 B 77ms
76ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad397ea95dbef84a49f98a0959b889ba897999d92a498978bd0dadfd3ded3caa996a0988790dad4d3cee1dedc9acfe6889898919ba08ae9d0d7b095ad88df9e979485cbe2d7d5dfd8d7cad2d1d79a9a9da9959cb0819ad3cfdcd0d7918aded0d4df81d9cdcad3d29485cddad9d8e7c6a199999c919b939aa09789edc2d8c9d9d192a098a1a09a9f9d96d3d0dfe196d8dedceada99aa91a2989798939b959aa29799aa91a2989798938e958d9598a0ab96a59b9d9f94a39aa0a7
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=271820
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 10 May 2024 10:25:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WG5OHian6PWCqtTtrxeWJzld3iLiZTNwMyxpQHCsy0HeyDjQlp2L8Vm5KukhAfbyWTh9c9gfKoMjxrXouAtWoU0G%2Bxjlg3FMt88DtEfuEe99FgsuLFfUycCqv9JJGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 8819397b1c42b8f4-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
multibux.org/ 11 KB
6 KB 100ms
47ms Script
text/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://multibux.org/bancode.php?load=8576&loader=JS&u=0&v=0&cs=0&i=0&l=0&h=024a9a4ef1995c4b572954d574ed8f13
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bc4c927fb0fb810a7850c6ecd5f2a9405c8f30becf0d6767f20cd939a6737b5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 10 May 2024 10:25:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JnhYZxKNbHEZLcYwrkzjcMew7WTKJfvEXEFUgDEs%2FVws7ZX1keoi5AznIzOvC%2BQExYI3YO1Umswv%2Fm3EAB0%2FYszI3U8CA3xlHKHanZ48GMJsjitNwX03QILj%2BiUKrBM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8819397d4a5e66c3-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 gate.php Show response
multibux.org/ 2 B
499 B 310ms
175ms XHR
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://multibux.org/gate.php?d1=c5d9d997de8fdee88e6b9b9b9796948992a99496869b9d9a9684d9e2e59cd2d0c2a2999491938cddccd8cfd9ddd48ce1df5397948fa39f86d8dcd29c97a58be29c959593cca3d6d0c6eac9c8ccdcd895989da29899978c9bd69bdad1cd9f84d2cadec986cacfced5d58a8cd6d3a5d5d1c6a2959895a1949493989b8ad9c2d2d4dd9c959994aa9299979695ceda9ba0e3e094d6dadd9e969491a3949691a39496939a9b9a96919ca39b6389948496959d92a8979999a19ca29f98a1969c
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8MRyX9wWlFPl%2Bs8pqglwX5YYh4elpmxV1ZmgvsZ%2FocohoaE4zGdktmEmUzHfy0gyajGgPNHIDsQ7FMgNk0at3wcPH%2Bd0Cn9SD3%2F%2Bt0LkHonWyvXpQ4oD01XOim0bKdY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cf-ray: 8819397e99ff6577-AMS
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400

GET
H3 200 250x250.jpg
multibux.org/images/i/banners/ 10 KB
11 KB 190ms
67ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://multibux.org/images/i/banners/250x250.jpg
Requested by: Host: bon-x.ru
URL: https://bon-x.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56c74bc892c9b428a75eebeb19256de4e3e686798309a9f1c0f2c0cc3a5480c2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:19 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 17 Mar 2022 08:41:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6232f42c-2987"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iqnD0fxY24uazNetN5dnn1wXPiDTpODIsQzQLeVUmctLwv%2F2G3Ok40HdEFHgDjXz90UK%2BA47JjHqDEHiEoXRxWabHgLRDRBA56Ay2OLfhXUzTWxekgcK5VFUVqMGKP8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8819397e8b7e66c3-AMS
alt-svc: h3=":443"; ma=86400
content-length: 10631
expires: Fri, 10 May 2024 11:25:19 GMT

GET
H/1.1 200
OK /
ads.people-group.net/ Frame 88A9 0
0 203ms
76ms Document
text/html 95.217.100.37
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.people-group.net/?hwn=MzMyODE5JzEzJzMn&xm=1&swf=0&hrf=https%3A%2F%2Fbon-x.ru%2F&stg=1715336718.53186e7085&s=MTYwMCUzQTAlM0ExMjAw&h=05%2F10%2F2024%2012%3A25%3A19%27%5E%271%27%5E%27&k=BON-X%20%7C%20%D0%91%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20Bon-x.ru%20-%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20payeer%2C%20wmz%2C%20Y&0.7861891338395015

Requested by

Host: ads.people-group.net
URL: https://ads.people-group.net/332819/13/3/1/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

www.people-group.su

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0;

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://bon-x.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8;
Date: Fri, 10 May 2024 10:25:19 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-XSS-Protection: 0;

GET
H/1.1 200
OK /
ads.people-group.net/ Frame 8478 0
0 194ms
74ms Document
text/html 95.217.100.37
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.people-group.net/?hwn=MzMyODE5JzEzJzIn&xm=1&swf=0&hrf=https%3A%2F%2Fbon-x.ru%2F&stg=1715336718.53186e7085&s=MTYwMCUzQTAlM0ExMjAw&h=05%2F10%2F2024%2012%3A25%3A19%27%5E%271%27%5E%27&k=BON-X%20%7C%20%D0%91%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20Bon-x.ru%20-%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20payeer%2C%20wmz%2C%20Y&0.8164184180638572

Requested by

Host: ads.people-group.net
URL: https://ads.people-group.net/332819/13/2/1/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.217.100.37 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

www.people-group.su

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0;

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://bon-x.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8;
Date: Fri, 10 May 2024 10:25:19 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-XSS-Protection: 0;

GET
DATA 200
OK truncated Show response
/ Frame 9868 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
4 KB 233ms
44ms Image
image/svg+xml 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Requested by

Host: bon-x.ru
URL: https://bon-x.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 22:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 May 2025 22:18:10 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 34ms
33ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=BgM/d=0/rs=AN8SPfowrRiAotkQD9r4k3ANeQYGsCLZ7g/m=el_main_css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=BgM/d=0/rs=AN8SPfowrRiAotkQD9r4k3ANeQYGsCLZ7g/m=el_main_css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 07:43:01 GMT
x-content-type-options: nosniff
age: 9738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 10 May 2025 07:43:01 GMT

GET
H2 200 ad468x60.php Show response
bon-x.ru/ad/ 4 B
130 B 61ms
59ms XHR
text/html 185.253.218.120
NETH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bon-x.ru/ad/ad468x60.php?ad=linkslot.ru&_=1715336718519
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.253.218.120 , Netherlands, ASN202302 (NETH-AS, UA),
Reverse DNS: s37.s-host.com.ua
Software: Apache / PHP/7.0.33
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: */*
Referer: https://bon-x.ru/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:19 GMT
content-encoding: gzip
server: Apache
x-powered-by: PHP/7.0.33
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=600
content-length: 24
expires: Fri, 10 May 2024 10:35:19 GMT

GET
H2 200 favicon.ico
bon-x.ru/ 257 KB
257 KB 105ms
104ms Other
image/x-icon 185.253.218.120
NETH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bon-x.ru/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.253.218.120 , Netherlands, ASN202302 (NETH-AS, UA),
Reverse DNS: s37.s-host.com.ua
Software: Apache /
Resource Hash: 9f123ea180240f3998d1743ea2d4aba5fb846463dec56f2906f2d4c9ad3275ef

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 10:25:20 GMT
last-modified: Sun, 11 Jun 2023 13:44:31 GMT
server: Apache
content-type: image/x-icon
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 263006
expires: Sun, 09 Jun 2024 10:25:20 GMT

GET gate.php
linkslot.ru/ 0
0

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
443 B 93ms
93ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d2=c5dad397ea95dbef84a49f98a0959b889a95978caa84a39f989d969e9ba1a39f9eb096
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=271820
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bon-x.ru/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 10 May 2024 10:25:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ynqW%2B787G1ZCiary4IaWeBOVR2coEUf2bHgsSr3YVbTZf5ZCFQpqS06HoNu%2BxqF62SnemLvABwuR53loz6RoWzfBhYi%2BHPpNCjm99Kh4pnoIlOm%2BU9xZVlRKlMyryA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 8819399a5ac3b8f4-AMS
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: linkslot.ru
URL: https://linkslot.ru/gate.php?d2=c5dad397ea95dbef84a59a979e949f889a95978caa84a39f989d969e9ba1a39f9eb096

Domain: linkslot.ru
URL: https://linkslot.ru/gate.php?d2=c5dad397ea95dbef84a59a979e949d889a95978caa84a39f989d969e9ba1a39f9eb096

Domain: linkslot.ru
URL: https://linkslot.ru/gate.php?d2=c5dad397ea95dbef84a59d9a999c9d889a95978caa84a39f989d969e9ba1a39f9eb096

Domain: linkslot.ru
URL: https://linkslot.ru/gate.php?d2=c5dad397ea95dbef84a49ea09d959c889a95978caa84a39f989d969e9ba1a39f9eb096

Domain: linkslot.ru
URL: https://linkslot.ru/gate.php?d2=c5dad397ea95dbef84a49f98a0959c889a95978caa84a39f989d969e9ba1a39f9eb096

Verdicts & Comments Add Verdict or Comment

246 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bon-x.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0qtssdv994p4hd7oid8nj2b3h0
bon-x.ru/	1970-01-21 05:14:32	Name: unick Value: 3879393
bon-x.ru/	1969-12-31 23:59:59	Name: googtrans Value: null
.bon-x.ru/	1969-12-31 23:59:59	Name: googtrans Value: null

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://bon-x.ru/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://skippyads.com&size=128 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
ads.people-group.net
ajax.googleapis.com
bon-x.ru
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.gstatic.com
linkslot.ru
multibux.org
multiwall-ads.shop
socpublic.com
t0.gstatic.com
t1.gstatic.com
t2.gstatic.com
t3.gstatic.com
translate.google.com
translate.googleapis.com
unpkg.com
www.google.com
www.gstatic.com
linkslot.ru
104.17.24.14
142.250.186.164
172.67.223.248
185.253.218.120
188.114.96.3
188.114.97.3
213.239.209.209
2606:4700::6811:f8cb
2606:4700::6812:bb1f
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2003
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2004
2a00:1450:4001:828::2004
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2003
95.217.100.37
0f4aa26fa44c257812bac55854e9307efbf186df8f3dc7132a96422fe5fb7f7a
1bb25991538ca880c81d25f85b9c9ac7430f2a3815afe6b2486047480316a82b
235c23b425b17b508bcee803e9fff98e6498a5a0a9563fd19c2cce793cddf8c1
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a561c1dbde1f8434d6500682755b97b7681e9f672a3ab34cc50193979b6b7b5
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
3a4153a0531933048ae28d84e5426a3d725e89b6d41e6206c03cc5965280d8a4
44454314e4b48bc5000979128d8719200aadf7c7a61a01834183689d057b0da0
4a48373d6201bae90b68c44604dcb3f72c3bc5e1de8bb45613e2a06b50212273
4c774a27f77c33a93aac9a6a60549a617c819835d9f049aade38375ea849a89b
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e604acd208d8bc6ce960982c0e9d1100f8083488951447c0af87c7dcc1b2296
56c74bc892c9b428a75eebeb19256de4e3e686798309a9f1c0f2c0cc3a5480c2
575202f79d0d25543e09ff7e1b43932b080211c961108de9c0d8acfc15123a47
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
5c2cb5c4f05c46d519888671293320028a5f3c7055abade6b2f1a6919317c898
5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29
5fbdef4b06a2f251d6b53984888d52b3d0029c6d5ee2cf64939afd46fd2baea9
6206db77eab3a16873610d56edf70e3dae6fe09504a52e35ff89a7acb1ba7bb4
6738502696282378abb6e2097b011ed14c7cbca2b65dfab475ee5c1e5a003398
7139632d7a7a0944edc3fed5fd4490b6cd7efea2573726e98ac0b9658751b411
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
77b6b3d2be58f6bc54391f9b3ccc58993f0ff3eb5725a276b4df736752c66c4b
7bc4c927fb0fb810a7850c6ecd5f2a9405c8f30becf0d6767f20cd939a6737b5
7d5be465d511184b0e370affd7c66271964b6aa06827cdc36963682438de084b
842989b890b0357fee8ffe20165676b164deae5aa7d2d5e4fb8d9dfd622817a4
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8a2933f61346292ceba9366bac962d6d1e3b7bfb6306f746a3035225a8ee587c
8d4127b3eb4ca0781d119cf11b983be53384175fe2fd82537e1ac21b7f59fe27
8d66dc0e4bc315ce4d368014fec94acf31c4259cafbfe517b03e08820508641b
8d6bdb2d244234ab981b37a95a78d13f648e40014f73fdf57dae5564e390ff00
8fe5a7fc66d7f46a95cc628ba5401bf8a6ee73eadda870b506999bbfd1c884a3
97f8af3ead80e2db6e98bb68d69257d1ef57af392029f0574b2b1dd422bc4959
9f123ea180240f3998d1743ea2d4aba5fb846463dec56f2906f2d4c9ad3275ef
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
aba048bd5800e8698047b2e1cc001f14d2104fa31c74928d2834865dd1f9a7a6
aebb9a1e213ac085e39ecb62381b15c529f431cc5b0f7782e8deff69228f436d
b09f7014f4d2686ba5fb22b6067c285b7d1ea9039f8ebc41445e3baaf6be066a
bb58e1784321d9201089afb299ee54bc723bf32145f50816f1a1f96060fc3150
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
dafa80d915e6d3420a45c6461f55fb833929faa263b18630610f8952a1b43596
e6550f9f99cd9a877daf7e3dafb2f2ccca9d6902163c61ea3a564e7011d9a0b0
e73aff8195627ec9d56a05ceddd2ada89338c6d6a83558ef98ec96a17ac5b387
ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857
ee13955c0886a18bb51a3709d0cf6af7f5907c4d327b89b36a6667364ff1fade
ef403dabf06caadee50c090b24a53bf07b6e481b78b95cd21680e17e4b03a648
f58f360be8685b65d36509fedbebd7e77aa1b1c5966034c9e2d06c9ebfe2a0d6
f7e85387ce4ba26ad59ae7730d686b99c4b453334895b700c8457523bbe83ca3
fc417dee3505e55374bde6aae1259f4b33eeea10f492772a97ceda52ff1810f7
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

bon-x.ru Open in urlscan Pro 185.253.218.120 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

79 %HTTPS

58 %IPv6

13 Domains

20 Subdomains

20 IPs

5 Countries

1313 kBTransfer

1950 kBSize

4 Cookies

14 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

bon-x.ru Open in urlscan Pro
185.253.218.120 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

79 %
HTTPS

58 %
IPv6

13
Domains

20
Subdomains

20
IPs

5
Countries

1313 kB
Transfer

1950 kB
Size

4
Cookies

68 HTTP transactions
1 data transactions