benefit24.guru Open in urlscan Pro
2606:4700:3036::ac43:9e50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://benefit24.guru/
Effective URL:
https://benefit24.guru/
Submission: On February 17 via api (February 17th 2024, 5:27:11 am UTC) from US — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 10 HTTP transactions. The main IP is 2606:4700:3036::ac43:9e50, located in United States and belongs to CLOUDFLARENET, US. The main domain is benefit24.guru.
TLS certificate: Issued by GTS CA 1P5 on January 7th 2024. Valid for: 3 months.

This is the only time benefit24.guru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3032::6815:3915	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3036::ac43:9e50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.69.193.123 185.69.193.123	16138 (INTERIA) (INTERIA)
4	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
10	3

1 2606:4700:3032::6815:3915 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

benefit24.guru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3036::ac43:9e50 (United States)

ASN13335 (CLOUDFLARENET, US)

benefit24.guru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.69.193.123 (Poland)

ASN16138 (INTERIA, PL)
PTR: mike.krk.prod.rmf.pl

www.rmf.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	benefit24.guru 1 redirects benefit24.guru	366 KB
4	mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 8695	23 KB
1	rmf.fm www.rmf.fm — Cisco Umbrella Rank: 305154	42 KB
10	3

	Domain	Requested by
6	benefit24.guru	1 redirects benefit24.guru
4	top-fwz1.mail.ru	benefit24.guru top-fwz1.mail.ru
1	www.rmf.fm	benefit24.guru
10	3

This site contains no links.

Subject Issuer	Validity	Valid
benefit24.guru GTS CA 1P5	`2024-01-07` - `2024-04-06`	3 months	crt.sh
*.rmf.fm Sectigo ECC Domain Validation Secure Server CA	`2023-06-13` - `2024-07-09`	a year	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2023-10-06` - `2024-11-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://benefit24.guru/
Frame ID: 363A6A74922631C3DF7C40D571AEDA4D
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

mObywatel

Page URL History Show full URLs

http://benefit24.guru/ HTTP 301
https://benefit24.guru/ Page URL

Page Statistics

10
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

431 kB
Transfer

459 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://benefit24.guru/ HTTP 301
https://benefit24.guru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
benefit24.guru/
Redirect Chain

http://benefit24.guru/
https://benefit24.guru/

10 KB
4 KB

59ms
38ms

Document
text/html

2606:4700:3036::ac43:9e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://benefit24.guru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0feef30ebbc9a5065d553429917fba87997c4f767fedf671ad107dbff733f8af

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 856b9e908f5965df-FRA
content-encoding: br
content-type: text/html
date: Sat, 17 Feb 2024 05:27:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcQnNbW35hyXPHjAWpsG3jvQa10oppk1gdKJrdL6HpqILCUp2HBeiBrcPEt6KL9hl2%2B27m1BK5yWavp2DDs7f2EP1hMAOHzPp46UPM9B%2BQz3g5DMeX6Ggfw8PFqtTPUo%2B2ZXdDKjR8Kca3XQZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 856b9e904a005d7a-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 17 Feb 2024 05:27:07 GMT
Expires: Sat, 17 Feb 2024 06:27:07 GMT
Location: https://benefit24.guru/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URvg0obDzaTj2GAcPV8nEgTvOJ46lHKrWmNEeAxg2LlFoj7t3eB72rvk3iX9Fm9%2FlA5BuZibc2M%2FTXgEvrEXtRsWn8fta5qViIqH2%2BQzUzFsI%2B%2Bq2WsI2z4EpScE8S57Rwg%2Byw9HAqGlCZYHtA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
benefit24.guru/css/ 725 B
637 B 53ms
52ms Stylesheet
text/css 2606:4700:3036::ac43:9e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://benefit24.guru/css/style.css
Requested by: Host: benefit24.guru
URL: https://benefit24.guru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 317d334b59b56193b44c07c0891758a6dfcc2c00e401f56809eaee3bc4aaaea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit24.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 05:27:07 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 16 Feb 2024 07:39:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65cf111c-2d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUwdcDA3WA8WPH6IFsymU2HXeAUr%2BhBIRK%2FBIh0sAA976%2F3tJIl3tyHxlPQ6jwA6E2J1w%2BGye70QJxyreYabrO4OOmYO7dTO6jW1Ix6BYz7AdMVojS5EHnOlIy1TqD0cRuPOSe409mh2DC3wzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 856b9e90cf9e65df-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 Lato-Regular.woff2
benefit24.guru/portal-st/lib-assets/fonts/ 178 KB
179 KB 46ms
46ms Font
font/woff2 2606:4700:3036::ac43:9e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://benefit24.guru/portal-st/lib-assets/fonts/Lato-Regular.woff2
Requested by: Host: benefit24.guru
URL: https://benefit24.guru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f

Request headers

Referer: https://benefit24.guru/
Origin: https://benefit24.guru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 05:27:07 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 16 Feb 2024 07:39:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65cf111c-2c9b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2K5A%2BT1DYCQhGLiIrvVK6U%2F7nhRtlxj0K%2FYhX9PK3J1EGRXoJS4VXz%2F63WQctD%2F%2Faqfjkh0C6MDv0OSrKSRACfBpYUOb2rGGAHvdKTKDG%2BRhtNzBcabbypdtspYHLL%2FFdevS1wTCCoNsKufcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 856b9e90cfa365df-FRA
alt-svc: h3=":443"; ma=86400
content-length: 182708

GET
H2 200 Lato-Bold.woff2
benefit24.guru/portal-st/lib-assets/fonts/ 181 KB
181 KB 40ms
39ms Font
font/woff2 2606:4700:3036::ac43:9e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://benefit24.guru/portal-st/lib-assets/fonts/Lato-Bold.woff2
Requested by: Host: benefit24.guru
URL: https://benefit24.guru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae88fc0d7a961832f809527d30bd3983a6866d42f66a56ade23f543681594db6

Request headers

Referer: https://benefit24.guru/
Origin: https://benefit24.guru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 05:27:07 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 16 Feb 2024 07:39:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65cf111c-2d250"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DnZs5%2BmI7LgDRdAIprjSjCksY%2BIehtSEwNIZdGh31fxZ3Y1IZBf%2FF8cZjQ%2BVGubMIv9HRQdQS9dgsT5NJnjR1l1zCs5%2Fqa6NkyyPw%2BN9QE%2FkopJOO1uPHRTJMwFJFF4zSg0hRGwyJtekVH%2F1tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 856b9e90cfa665df-FRA
alt-svc: h3=":443"; ma=86400
content-length: 184912

GET
H2 200 25092023-mobywatel1.JPG
www.rmf.fm/_files/Upload/Images/ 42 KB
42 KB 141ms
55ms Image
image/jpeg 185.69.193.123
INTERIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rmf.fm/_files/Upload/Images/25092023-mobywatel1.JPG
Requested by: Host: benefit24.guru
URL: https://benefit24.guru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.69.193.123 , Poland, ASN16138 (INTERIA, PL),
Reverse DNS: mike.krk.prod.rmf.pl
Software: /
Resource Hash: fa93b76e9036438175d5950e616aef0b1925aea0f52b41ff5835fdbd01c1cf5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit24.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 01:39:10 GMT
last-modified: Wed, 15 Nov 2023 11:58:54 GMT
accept-language: bytes
etag: "6554b27e-a917"
content-type: image/jpeg
cache-control: max-age=2592000
content-length: 43287
expires: Tue, 05 Mar 2024 01:39:10 GMT

GET
H2 404 script.js
benefit24.guru/%D0%9F%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%20%D0%A0%D0%BE%D1%8... 0
0 60ms
60ms Script
text/html 2606:4700:3036::ac43:9e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://benefit24.guru/%D0%9F%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%CC%86%D1%81%D0%BA%D0%BE%D0%B8%CC%86%20%D0%A4%D0%B5%D0%B4%D0%B5%D1%80%D0%B0%D1%86%D0%B8%D0%B8_files/script.js
Requested by: Host: benefit24.guru
URL: https://benefit24.guru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit24.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 05:27:07 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4aU4Tz%2FRGKwoj5pKvaBV%2F1xStcxpOPuFeh7DEZJ4NFDO8Sm%2FpV1iTu%2F6XIo7Um04ki7DX6l9JAWLMduZdc7bQfEqPvuZyEPypDe6tszSmY5U%2BiYTvKZg2C%2Bf74vvbw2bi1eIjQ48W6mg19sDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 856b9e90cfa765df-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 44 KB
19 KB 165ms
50ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: benefit24.guru
URL: https://benefit24.guru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

384d11b1b10a5836bf06f7b8f893cb49986aaa44d296510c250e72808af39874

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit24.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 05:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Thu, 08 Feb 2024 11:29:28 GMT
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag: W/"65c4bb18-b0f2"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Sat, 17 Feb 2024 06:27:07 GMT

GET
H2 200 dyn-goal-config.js Show response
top-fwz1.mail.ru/js/ 3 KB
2 KB 52ms
52ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/dyn-goal-config.js?ids=3329832

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

90d4798cfeacb30022d6f8efb927da957733d8302ed75b0691a9c4afc8d9f15d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit24.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 05:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Sat, 17 Feb 2024 05:37:07 GMT

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
1 KB 50ms
50ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?_=0.381794647874824;id=3329832;u=https%3A//benefit24.guru/;st=1708147627712;title=mObywatel;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=272053ed8000a58d;ver=60.4.0;tz=-60%2FEurope%2FBerlin;ct=447/451/451/;gl=u;ni=9.7//4g/0/0/;lvid=1708147627919%3A1708147627926%3A1%3Aa25513e570a71a6994a648862f270d3b;visible=true;js=13

Requested by

Host: benefit24.guru
URL: https://benefit24.guru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit24.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 05:27:07 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
1 KB 52ms
52ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?_=0.4746208925012061;id=3329832;u=https%3A//benefit24.guru/;st=1708147627712;title=mObywatel;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=272053ed8000a58d;ver=60.4.0;tz=-60%2FEurope%2FBerlin;nt=0/0/1708147627468/////110/111/111/111/132/117/132/170/171/172/244/244/244/512/512/512;ct=447/451/451/459;gl=u;ni=9.7//4g/0/0/;lvid=1708147627919%3A1708147627981%3A2%3Aa25513e570a71a6994a648862f270d3b;visible=true;js=13;e=RT/load;et=1708147627980

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://benefit24.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 05:27:08 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _tmr

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.benefit24.guru/	1970-01-21 02:28:38	Name: tmr_lvid Value: a25513e570a71a6994a648862f270d3b
.benefit24.guru/	1970-01-21 02:28:38	Name: tmr_lvidTS Value: 1708147627919
top-fwz1.mail.ru/	1970-01-21 03:16:10	Name: PVID Value: 0jTbYl1QxiIN00001L2gfCYN:::0-0-0-aea9c6b-0-aea9c6c:CAASEFBl-DNDBc5zSjgEjl2g3woaYHpPlwGriDjyYzWGcuecEm3LGcyFrXWsuDk33pL0dC66OzB2mcvo54vOjAGFYLvB2wnVV4vgLkMD-Fc5QvkLKwFZmKvzKPhXKJTGthPKbLe1n40bJZGHg9aeYsENurXGxQ
.mail.ru/	1970-01-21 03:16:10	Name: VID Value: 0jTbYl1QxiIN00001L2gfCYN:::0-0-0-aea9c6b-0-aea9c6c:CAASEFBl-DNDBc5zSjgEjl2g3woaYHpPlwGriDjyYzWGcuecEm3LGcyFrXWsuDk33pL0dC66OzB2mcvo54vOjAGFYLvB2wnVV4vgLkMD-Fc5QvkLKwFZmKvzKPhXKJTGthPKbLe1n40bJZGHg9aeYsENurXGxQ
benefit24.guru/	1970-01-20 18:30:34	Name: tmr_detect Value: 0%7C1708147630180

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://benefit24.guru/%D0%9F%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%CC%86%D1%81%D0%BA%D0%BE%D0%B8%CC%86%20%D0%A4%D0%B5%D0%B4%D0%B5%D1%80%D0%B0%D1%86%D0%B8%D0%B8_files/script.js Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://benefit24.guru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://benefit24.guru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://benefit24.guru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://benefit24.guru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://benefit24.guru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://benefit24.guru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://benefit24.guru/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

benefit24.guru
top-fwz1.mail.ru
www.rmf.fm
185.69.193.123
2606:4700:3032::6815:3915
2606:4700:3036::ac43:9e50
95.163.52.67
0feef30ebbc9a5065d553429917fba87997c4f767fedf671ad107dbff733f8af
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
317d334b59b56193b44c07c0891758a6dfcc2c00e401f56809eaee3bc4aaaea7
384d11b1b10a5836bf06f7b8f893cb49986aaa44d296510c250e72808af39874
90d4798cfeacb30022d6f8efb927da957733d8302ed75b0691a9c4afc8d9f15d
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
ae88fc0d7a961832f809527d30bd3983a6866d42f66a56ade23f543681594db6
fa93b76e9036438175d5950e616aef0b1925aea0f52b41ff5835fdbd01c1cf5d

benefit24.guru Open in urlscan Pro 2606:4700:3036::ac43:9e50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

100 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

431 kBTransfer

459 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

5 Cookies

8 Console Messages

Indicators

benefit24.guru Open in urlscan Pro
2606:4700:3036::ac43:9e50 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

431 kB
Transfer

459 kB
Size

5
Cookies

10 HTTP transactions
0 data transactions