bonus.gb1t.ru Open in urlscan Pro
2a00:f940:2:2:1:4:0:106 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://neon.autos/0.06895509723413173
Effective URL:
https://bonus.gb1t.ru/traff.php
Submission: On May 11 via api (May 11th 2024, 9:21:58 pm UTC) from US — Scanned from DE

Summary HTTP 43 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 16 domains to perform 43 HTTP transactions. The main IP is 2a00:f940:2:2:1:4:0:106, located in Russian Federation and belongs to AS-REG, RU. The main domain is bonus.gb1t.ru.
TLS certificate: Issued by R3 on April 19th 2024. Valid for: 3 months.

This is the only time bonus.gb1t.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	81.177.141.232 81.177.141.232	8342 (RTCOMM-AS) (RTCOMM-AS)
1 1	213.183.48.30 213.183.48.30	56630 (MELBICOM-...) (MELBICOM-EU-AS Melbikomas UAB)
1 1	2a00:f940:2:2... 2a00:f940:2:2:1:1:0:46	197695 (AS-REG) (AS-REG)
3	188.166.2.160 188.166.2.160	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a00:f940:2:2... 2a00:f940:2:2:1:4:0:106	197695 (AS-REG) (AS-REG)
20	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
3	172.67.200.135 172.67.200.135	() ()
2	144.76.38.164 144.76.38.164	24940 (HETZNER-AS) (HETZNER-AS)
2	167.235.119.87 167.235.119.87	24940 (HETZNER-AS) (HETZNER-AS)
1	167.235.119.89 167.235.119.89	() ()
1	87.236.16.13 87.236.16.13	() ()
1	172.67.137.168 172.67.137.168	() ()
43	13

1 81.177.141.232 (Russian Federation) 1 redirects

ASN8342 (RTCOMM-AS, RU)

neon.autos	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.183.48.30 (Moscow, Russian Federation) 1 redirects

ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT)
PTR: vm612898.melbi.space

neon.today	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:f940:2:2:1:1:0:46 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)

seo-act.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.166.2.160 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: prod-url.rw

url.rw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:f940:2:2:1:4:0:106 (Russian Federation)

ASN197695 (AS-REG, RU)

bonus.gb1t.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

linkslot.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.200.135 (None, )

ASN- ()

webtrafic.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.38.164 (Hamm, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.38.76.144.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.235.119.87 (Bühl, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.87.119.235.167.clients.your-server.de

bnster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.235.119.89 (None, )

ASN- ()

cookie.co1linesu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.236.16.13 (None, )

ASN- ()

evolution-plus.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.137.168 (None, )

ASN- ()

trafiframe.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	linkslot.ru linkslot.ru — Cisco Umbrella Rank: 790137	84 KB
4	gb1t.ru bonus.gb1t.ru	206 KB
3	webtrafic.ru webtrafic.ru	15 KB
3	url.rw url.rw	11 KB
2	bnster.com bnster.com	30 KB
2	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 34036
1	trafiframe.ru trafiframe.ru
1	evolution-plus.ru evolution-plus.ru
1	co1linesu.ru cookie.co1linesu.ru	395 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 776	30 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533	239 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	100 KB
1	seo-act.ru 1 redirects seo-act.ru	167 B
1	neon.today 1 redirects neon.today — Cisco Umbrella Rank: 978361	194 B
1	neon.autos 1 redirects neon.autos	143 B
0	googleapis.com Failed fonts.googleapis.com Failed ajax.googleapis.com Failed
43	16

	Domain	Requested by
20	linkslot.ru	bonus.gb1t.ru linkslot.ru
4	bonus.gb1t.ru	url.rw bonus.gb1t.ru
3	webtrafic.ru	bonus.gb1t.ru
3	url.rw	url.rw
2	bnster.com	bonus.gb1t.ru bnster.com
2	ad.a-ads.com	bonus.gb1t.ru
1	trafiframe.ru	webtrafic.ru
1	evolution-plus.ru	webtrafic.ru
1	cookie.co1linesu.ru	bnster.com
1	code.jquery.com	bonus.gb1t.ru
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	url.rw
1	seo-act.ru	1 redirects
1	neon.today	1 redirects
1	neon.autos	1 redirects
0	ajax.googleapis.com Failed	bonus.gb1t.ru
0	fonts.googleapis.com Failed	bonus.gb1t.ru
43	17

This site contains links to these domains. Also see Links.

Domain
linkslot.ru
dsiofhdoj.com
news-tds.xyz
neon.autos

Subject Issuer	Validity	Valid
url.rw R3	`2024-03-27` - `2024-06-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
bonus.gb1t.ru R3	`2024-04-19` - `2024-07-18`	3 months	crt.sh
linkslot.ru E1	`2024-04-16` - `2024-07-15`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
webtrafic.ru GTS CA 1P5	`2024-03-15` - `2024-06-13`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-27` - `2025-01-26`	a year	crt.sh
bnster.com R3	`2024-05-11` - `2024-08-09`	3 months	crt.sh
cookie.co1linesu.ru R3	`2024-05-11` - `2024-08-09`	3 months	crt.sh
evolution-plus.ru R3	`2024-05-11` - `2024-08-09`	3 months	crt.sh
trafiframe.ru GTS CA 1P5	`2024-03-28` - `2024-06-26`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://bonus.gb1t.ru/traff.php
Frame ID: 5D54EDCFCE7617AC656DB8DAA59EE89D
Requests: 39 HTTP requests in this frame

Frame: https://ad.a-ads.com/335460?size=200x200
Frame ID: 1909C672B223F33A79C459D013480705
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/335472?size=200x200
Frame ID: 5058CE80151C716B5BC0C1DCCF79FFEE
Requests: 1 HTTP requests in this frame

Frame: https://evolution-plus.ru/konkurs
Frame ID: 03001ED30B13B2A0AF9B79A3776CB9AF
Requests: 1 HTTP requests in this frame

Frame: https://trafiframe.ru/iframe.php
Frame ID: 8E959BFFA93ABCE61C0114A76FF6D888
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://neon.autos/0.06895509723413173 HTTP 307
https://neon.autos/0.06895509723413173 HTTP 301
https://neon.today/ptp/v/0.06895509723413173 HTTP 302
https://seo-act.ru/?key=1 HTTP 302
https://url.rw/jfgs1 Page URL
http://bonus.gb1t.ru/traff.php HTTP 307
https://bonus.gb1t.ru/traff.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

93 %
HTTPS

33 %
IPv6

16
Domains

17
Subdomains

13
IPs

4
Countries

477 kB
Transfer

1067 kB
Size

4
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://linkslot.ru/banner?id=119448

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=119443

Search URL Search Domain Scan URL

URL: http://linkslot.ru/link.php?id=119794
Title: Купить ссылку здесь за руб.

Search URL Search Domain Scan URL

URL: http://linkslot.ru/?ref=lzip
Title: Поставить к себе на сайт

Search URL Search Domain Scan URL

URL: http://dsiofhdoj.com/cs?wsa=642867a3e299d201357034
Title: Adsteroid

Search URL Search Domain Scan URL

URL: https://news-tds.xyz/?p=ZjBiYjcyNzE3ZGU3YTI0Njk5ZmYxZmFjMzY5ZTZlNDN8MzkxNDg2fEdlbkxpbmt8fDEwMDB8OTAzNjY4NTk=&v=2&poid=0&coid=0
Title: traffstock

Search URL Search Domain Scan URL

URL: https://neon.autos/24633
Title: Neon

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://neon.autos/0.06895509723413173 HTTP 307
https://neon.autos/0.06895509723413173 HTTP 301
https://neon.today/ptp/v/0.06895509723413173 HTTP 302
https://seo-act.ru/?key=1 HTTP 302
https://url.rw/jfgs1 Page URL
http://bonus.gb1t.ru/traff.php HTTP 307
https://bonus.gb1t.ru/traff.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://neon.autos/0.06895509723413173 HTTP 307
https://neon.autos/0.06895509723413173 HTTP 301
https://neon.today/ptp/v/0.06895509723413173 HTTP 302
https://seo-act.ru/?key=1 HTTP 302
https://url.rw/jfgs1

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

jfgs1 Show response
url.rw/
Redirect Chain

http://neon.autos/0.06895509723413173
https://neon.autos/0.06895509723413173
https://neon.today/ptp/v/0.06895509723413173
https://seo-act.ru/?key=1
https://url.rw/jfgs1

3 KB
2 KB

164ms
50ms

Document
text/html

188.166.2.160
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://url.rw/jfgs1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.166.2.160 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: prod-url.rw
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: df254f1c0d60ffd9b22209ba78fc848b24f6d76b641c29d7bae8c0689ece039d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 11 May 2024 21:21:51 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.52 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 11 May 2024 21:21:51 GMT
location: https://url.rw/jfgs1
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31536000;
x-powered-by: PHP/7.4.33

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 301 KB
100 KB 51ms
23ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JJFL3Y4WJS

Requested by

Host: url.rw
URL: https://url.rw/jfgs1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a30c3a43613c3bb67c235bfadf66cc311c59f96afc9e9ac6872182ab266063b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://url.rw/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 21:21:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102176
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 11 May 2024 21:21:51 GMT

GET
H/1.1 200
OK favicon.png
url.rw/images/ 521 B
805 B 26ms
26ms Image
image/png 188.166.2.160
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://url.rw/images/favicon.png
Requested by: Host: url.rw
URL: https://url.rw/jfgs1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.166.2.160 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: prod-url.rw
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 396da1c97d616b29b8875dd6e35559fff0f2d0655594fbc1dfb4b3afb9a1a365

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://url.rw/jfgs1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 11 May 2024 21:21:51 GMT
Last-Modified: Tue, 29 Aug 2023 10:00:10 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "209-6040ce0543e80"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 521

POST
H2 204 collect
region1.google-analytics.com/g/ 0
239 B 64ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JJFL3Y4WJS&gtm=45je4580v9137012356za200&_p=1715462511600&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=241405438.1715462512&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715462511&sct=1&seg=0&dl=https%3A%2F%2Furl.rw%2Fjfgs1&dt=Url.rw%20-%20Simplifying%20URLs%20for%20the%20Digital%20Age&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=975
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JJFL3Y4WJS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://url.rw/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 11 May 2024 21:21:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://url.rw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found favicon.ico
url.rw/ 6 KB
8 KB 48ms
47ms Other
text/html 188.166.2.160
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://url.rw/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.166.2.160 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: prod-url.rw
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 8cbc10ee9755ef972000f666711a5c4d0e025d3cedf53079ba3bfd8f2b19a968

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://url.rw/jfgs1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 11 May 2024 21:21:51 GMT
Cache-Control: no-cache, private
Server: Apache/2.4.52 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

Primary Request traff.php Show response
bonus.gb1t.ru/
Redirect Chain

http://bonus.gb1t.ru/traff.php
https://bonus.gb1t.ru/traff.php

7 KB
3 KB

1159ms
1031ms

Document
text/html

2a00:f940:2:2:1:4:0:106
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://bonus.gb1t.ru/traff.php
Requested by: Host: url.rw
URL: https://url.rw/jfgs1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:106 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx / PHP/5.6.36
Resource Hash: 4f599fccf7047ba41f675b6ba1fec24b8af4214b0c2dadf0898a072ffde4370a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 11 May 2024 21:21:54 GMT
server: nginx
x-powered-by: PHP/5.6.36

Redirect headers

Location: https://bonus.gb1t.ru/traff.php
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css.css
bonus.gb1t.ru/ 6 KB
2 KB 82ms
75ms Stylesheet
text/css 2a00:f940:2:2:1:4:0:106
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://bonus.gb1t.ru/css.css
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:106 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: ffdfb3d5d60fee4467f8d997f406fec864cd6e2a5bebb80f5efba35cef330706

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 21:21:55 GMT
content-encoding: gzip
last-modified: Sun, 05 Jun 2016 18:00:42 GMT
server: nginx
content-type: text/css

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 208ms
77ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=119448
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 017d075c0bf8033207cdf4b6564011b97b62e905ad7e246e51c858582cb5493d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 11 May 2024 21:21:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uhtYCF07X5ig7y%2B2KJhdwIH00CgwCoFZ5I%2Bw8mEnAPJnCh158RIzyfp3AplLsf87X17YJRgG9KfN9IVN6UtQa2cWVdYtl%2BuJyQf6Z2iq%2BdYQwYVG9fiCjT0Cu6NPYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 882538af69d49b3a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 182ms
180ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=119447
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a72bb689f023b1207ec6e237da47771fe90319f48eff041e750c66fc29ce3011

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 11 May 2024 21:21:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rgm6ltLG0IT736qb4O6rZVe4YfLJ9jFkFNj7npiCggrTI1wYVpAujLxo0S0H%2FFyT2CB%2B9Jl3g4FF10Lr%2BjhzTBh4ApOfB4B8z6R6f35zTp%2FLNX2e2aWn1HxHAQKd8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 882538af89ed9b3a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 76ms
74ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=119443
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35e2345840911a278fdf3c98e429716d241b148086fd67b2a2004dfb34138165

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 11 May 2024 21:21:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2tn0cWctt3DkrYiRAVBgeNsKwgYjMcO9aqEQdiaoDpWY7jB1AejjgqzlTviU9k%2B1t7l6Xea3DnLj%2FK1BmQUf5ThOMKd1V4w0QwXeZKbmUkVKCczeorUglnkkvCdi3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 882538af89ef9b3a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 153ms
151ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=124327
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c127996f2c2e75ef1766d2d59b77d567a8cce7bbcae48321bac008cdde42dd80

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 11 May 2024 21:21:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TLuh%2BouM3Kb5yraFHAWFaxX3eUwBmuuqUZyBv4DS1F0yKRULejKt5ZWjomauKDR36YdzQbJLvNqVIK%2FtOyWcuRq65IaX0PE2%2FN1LDiQGCOPs45wynAUoMIG2%2BpdBhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 882538af89f09b3a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 158ms
156ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=119445
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07d7a25c85435e016e57dfc53a1d0e2c4c694275f5d53d18368d453c9217d1ff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 11 May 2024 21:21:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ooQboVIG7lMV5WxMq5UtfLUQXsFQmCF9L3ilewi%2B%2BR2A3d2keZhBDfkk4rwZ%2FBMmAcZJ3AMvKpa1gsWRdoHjhDSWUnjwPeHmYxwpR%2BlOwM1e5uRaqjlZAMEUFkS3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 882538af89f19b3a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 79ms
77ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=119446
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ded9ca6022b113f485a7c29edb660f7dc404bf0826821cee56b70521046a5fb0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 11 May 2024 21:21:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qk0WKvWJjW5ph%2BBSxnx4Esy9%2BG4%2B9%2B%2BkPIHzv2BlYyPRpi9fDebkFNLWcr3rKdW2V3N5lXg9pzRTF2wyXEcDFTyTCwENjl0eBJ%2B9AeGW%2Fq%2BVEb5G%2FvAb%2FDiTBEeHvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 882538af89f39b3a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 lincode.php Show response
linkslot.ru/ 7 KB
4 KB 78ms
78ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/lincode.php?id=119794
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6086dc12195c58f0c977b6c87aadea6a23e7fd5d80cbc4d896afa47cd3931ea6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 11 May 2024 21:21:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v9SmXkX4n%2BcRfg4lnCZFcmeA8Nu%2FjlLoh%2F%2FQtBBLHA%2FAVB769tCRT0Amr76NCCMmwIpwilnnRX9hQEe9etXPvu%2BEEhjzqVV%2B2hCtqNShb6a6oZMpd%2FAP1dCfFN3ZMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 882538afea479b3a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 71ms
70ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=124324
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31ce65bfa712041efc0a4cbf7deb6d63311f2c2c325a8101fd775271a4ba9dbc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 11 May 2024 21:21:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w5CSaVm2ElrstzqsFW2nfo9K3s5GzFtORdQOZbTcBGXmQujD0r0gSk0rYQCjeRlUwBxZYNNgYoecLnbqBt3mu%2Fvg86vqiWL7MXRKT7JNU8P2V%2FPdViJ14ceCtr5mCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 882538afea4f9b3a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 139ms
8ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 21:21:55 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 10011081
x-cache: HIT, HIT
content-length: 30125
x-served-by: cache-lga21971-LGA, cache-fra-eddf8230039-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1715462515.108707,VS0,VE0
etag: W/"28feccc0-15283"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 18, 200494

GET
H3 200 ads.php Show response
webtrafic.ru/ 4 KB
2 KB 88ms
65ms Script
text/html 172.67.200.135

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafic.ru/ads.php?uid=1150
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.135 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 58487d10074e6c3d991242e60b05fcb2c2869f0d01ccd179b47e1693496f6a31

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 11 May 2024 21:21:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FvsMBQcTJYEo5h0h1Ny5hPkrfpJzfroOzEjxWYBybeCzgeFp99nsj2zcJ%2BS%2FMEyhyLrmm5s%2FsJCCBIbxBH1fejvyVsBcYTzxWPkgSx8RjoEdGe%2FoYhlel52%2FwiGqHiU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 882538afadb7995d-FRA
alt-svc: h3=":443"; ma=86400

GET css
fonts.googleapis.com/ 0
0

GET jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 0
0

GET
H2 200 335460
ad.a-ads.com/ Frame 1909 0
0 56ms
30ms Document
text/html 144.76.38.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/335460?size=200x200

Requested by

Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.76.38.164 Hamm, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.164.38.76.144.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sat, 11 May 2024 21:21:55 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 335472
ad.a-ads.com/ Frame 5058 0
0 45ms
20ms Document
text/html 144.76.38.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/335472?size=200x200

Requested by

Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.76.38.164 Hamm, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.164.38.76.144.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sat, 11 May 2024 21:21:55 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 bc.js Show response
bnster.com/widget/ 96 KB
29 KB 53ms
12ms Script
application/javascript 167.235.119.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bnster.com/widget/bc.js

Requested by

Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.235.119.87 Bühl, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.87.119.235.167.clients.your-server.de

Software

Resource Hash

0270b73e423fd8122e008c24e073ba95db915ac8363c520fa63eff39a80c379f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 21:21:55 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800
last-modified: Tue, 09 Apr 2024 12:19:07 GMT
etag: W/"6615323b-17eb7"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
expires: Sun, 12 May 2024 21:21:55 GMT

GET cu.js
bonus.gb1t.ru/ 0
0

GET
H2 200 kristaly.png
bonus.gb1t.ru/img/ 135 KB
135 KB 127ms
126ms Image
image/png 2a00:f940:2:2:1:4:0:106
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonus.gb1t.ru/img/kristaly.png
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/css.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:106 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 241155c2a3436bfc0a542fc31fe2908ff2bdfc90e1ac7e26c6ba715b01030dcf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/css.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 21:21:55 GMT
last-modified: Sun, 05 Jun 2016 17:47:50 GMT
server: nginx
accept-ranges: bytes
content-length: 137733
content-type: image/png

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
477 B 103ms
92ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c96a3a69ba19d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b97a3cae4d9e0cab0d0d4db9798939b959aa29799aa91a2989798939b959aa2978caa8495999e99989f9b9ca7989eab99a2
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=119448
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 11 May 2024 21:21:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OLxE2oBPEnW5Eh7bgCjWeyBBZ9BokL67Qop%2B6li1Cr570AQETioz%2FGI%2FZoJMpvlt2ZFAwMJBFFa4bP40QqYqQEm1GF0Ag2k9GcpIrN0UMtBqEoNugVU3gYcrfLAAeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 882538b01c7f2c3f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 468x60.jpg
linkslot.ru/promo/dummy/ 12 KB
12 KB 25ms
25ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/promo/dummy/468x60.jpg
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 21:21:55 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Jun 2023 11:22:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: "647dc573-2e1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nWqQEqJGv4uBgBpip%2FKhrxy8B6Nj2PTVtnkUm2pgc30RfWu65AHm18R7X3nzv3c4zkF%2FhyVci9SwIXqutdfPdkimV8yWktBF4%2FUVP3sIhWuA8vJRpV%2FNu4%2BAKGGJrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 882538afea5e9b3a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11802

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
441 B 184ms
183ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c96a3a69b9c9d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b97e195d3aad5deadc6e7d99798939b959aa29799aa91a2989798939b959aa2978caa8495999e99989f9b9ca7989eab9aa4
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=119443
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 11 May 2024 21:21:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jO0MZRasXMfBZSvq0j8LEYpuR7MoLrHECP2y%2BgbUimfDtfb7lQk%2BzM4CWR%2FtqFPtdqZt376Q9asaPI0ehft76Qe6tFQpwCORmp9kBs8yA4d65a2U9N48XVaxzEYMOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 882538b01c842c3f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 200x300.jpg
linkslot.ru/promo/dummy/ 17 KB
18 KB 73ms
72ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/promo/dummy/200x300.jpg
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bb25991538ca880c81d25f85b9c9ac7430f2a3815afe6b2486047480316a82b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 21:21:55 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Jun 2023 11:22:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "647dc573-44a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YaQAvF87upkSOyQAqT%2FYR2YSQUsz9ltfVo7LTPsIoXjyEY8lQ2zAUmPW3ovb9vvo8jVqySrTaFMhsiXSwmLehuGHyej6bMLkIju8uo%2B4WMikBr8DwlkwpMc3rYNT7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 882538affa8a9b3a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17574

GET
H2 200 user Show response
cookie.co1linesu.ru/ 35 B
395 B 56ms
12ms XHR
text/html 167.235.119.89

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie.co1linesu.ru/user?domain=https%3A%2F%2Fbonus.gb1t.ru

Requested by

Host: bnster.com
URL: https://bnster.com/widget/bc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.235.119.89 -, , ASN (),

Reverse DNS

Software

Resource Hash

1920b3844eab6221902a5bbb9b0e32375452bd5596382fa4c8f53bf30103e079

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: cache
date: Sat, 11 May 2024 21:21:55 GMT
strict-transport-security: max-age=15724800
last-modified: Wed, 30 Jun 2010 21:36:48 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://bonus.gb1t.ru
cache-control: private, max-age=157680000
access-control-allow-credentials: true
content-length: 35
expires: Fri, 11 May 2029 00:21:55 MSK

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
442 B 163ms
162ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c96a3a69b9f9d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b989e9acfa4dda1df98eb989798939b959aa29799aa91a2989798939b959aa2978caa8495999e99989f9b9ca7989eac91ab
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=119446
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 11 May 2024 21:21:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ao%2FRuTkVOcQ9A%2FLHa5YNgcRbw4zPHsYCHUK4z89HXqb6Lx2TWY1T0siIQUiFoTRuzcfZ1is0uFnb7rUJ686frK54dplyMTF3CQc5fy%2B6yHtWAHEsNvTfRX2RkqExSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 882538b01c7a2c3f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 200x200.jpg
linkslot.ru/promo/dummy/ 15 KB
15 KB 64ms
63ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/promo/dummy/200x200.jpg
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77a6b3466cb376003db40b3adb3170556393ef2c131836c68acd18cabfc1ab4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 21:21:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "647dc573-3ad5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kgTBl%2BciZX2SZa7rc6vO3PQQ%2Fh03TBNg4DuQ%2BUggVGA%2F0bKC%2Fep48T0OpGmtm2gKTpj8WWqRGHT9cqsQtQTcj94VkakO7GeAMIJvE5UucjlEYu258coQqFgRbbAyuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 882538b01ac39b3a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15061
expires: Thu, 18 Apr 2024 09:03:10 GMT

GET
H2 200 konkurs
evolution-plus.ru/ Frame 0300 0
0 1384ms
1132ms Document
text/html 87.236.16.13

General

Check archive.org

Show headers Download Go to

Full URL: https://evolution-plus.ru/konkurs
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/ads.php?uid=1150
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.13 -, , ASN (),
Reverse DNS
Software: nginx-reuseport/1.21.1 / PHP/5.3.29
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-length: 8657
content-type: text/html; charset=windows-1251
date: Sat, 11 May 2024 21:21:56 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx-reuseport/1.21.1
vary: Accept-Encoding
x-powered-by: PHP/5.3.29

GET
H3 200 iframe.php
trafiframe.ru/ Frame 8E95 0
0 114ms
78ms Document
text/html 172.67.137.168

General

Check archive.org

Show headers Download Go to

Full URL: https://trafiframe.ru/iframe.php
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/ads.php?uid=1150
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.137.168 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 882538b05f26362a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 11 May 2024 21:21:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kPOgVV32%2F2m%2FPlfp%2Fy3HDFP0WdfuqFdeJOmgyrTvpVXm7SuwIbBFTsruhXvEOvrmgvw8j8yjOdwXPp1I%2FTO%2Fu1Ji8wMcl%2FavBhUtFiFu%2BmabeOAyOUq8o7%2BI6InhQFqF"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-page-speed: 1.13.35.2-0

GET
H3 200 d59f5affcbe5d2b83bdf977875759391.gif
webtrafic.ru/banners/ 12 KB
12 KB 19ms
18ms Image
image/gif 172.67.200.135

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtrafic.ru/banners/d59f5affcbe5d2b83bdf977875759391.gif
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.135 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f844cc3d21b241cece6f2398838e3a4f7117fb19ef5aee4f082ec262341f451

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 21:21:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 89
etag: "66215e8f-2e0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qca1cqKPkn9lxp5Sxlw%2FnNyEBbN%2Bsdsjuuk1OTRnSoOLE9vgDGst7edHTHafd70Ze0Rs9TCFjnDNlir2I1BUFNwGzYveY9zLttnBV4OFn%2BNV9vq6GJR6qxYt0C7df90%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 882538b01e52995d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11786
expires: Sat, 11 May 2024 21:25:02 GMT

GET
H3 200 logo.png
webtrafic.ru/img/ 885 B
1 KB 22ms
22ms Image
image/png 172.67.200.135

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtrafic.ru/img/logo.png
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.135 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bf5a139827bcf9070b9ff40d1f9780ab42087551c35fc85a94394999911c219

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 21:21:55 GMT
cf-cache-status: HIT
x-original-content-length: 1200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4323667
alt-svc: h3=":443"; ma=86400
content-length: 885
server: cloudflare
etag: W/"PSA-aj-T5WUueMRUX"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SYJmiI4Zy9uv%2BcKg7eOrWPbH7YWe%2FhJyao1U%2FXtPM6Z0i5cYRCkf2yxvfPeiJPRIkHzDi3E%2FTkGRcJrfYFfUfSOpMVP52CBPK1lO%2BHesw3yM7CmCwNrOF%2Fl9JP8u1Bc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=314985792
accept-ranges: bytes
cf-ray: 882538b02e57995d-FRA
expires: Thu, 16 Mar 2034 12:24:01 GMT

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
443 B 151ms
150ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c979ea5999d9d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b94cedecca99cdde3d1a6d9d698939b959aa29799aa91a2989798939b959aa2978caa8495999e99989f9b9ca7989eac96a6
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=124324
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 11 May 2024 21:21:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3XoQqP%2BjeGhKyIStARIAjq9JAU%2F4dm9mxKuacwVGezru3HP9dqm1hQL3weXLxUSQCAXmDKA3eP93udVyYhd%2B1lbQsdhClPhmE6qXhhhw43QYMnUNRlO1SnIwFqXv7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 882538b05cfe2c3f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 100x100.jpg
linkslot.ru/promo/dummy/ 8 KB
8 KB 80ms
80ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/promo/dummy/100x100.jpg
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a32c37a54506db47e10f2b3fc9bf37b9ddb971590e151747fd6abf062df5193

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 21:21:55 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Jun 2023 11:22:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "647dc573-1f66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LRKvQn%2FvhJxDkGIQe3%2BMdoyZbsi2aqPqMDgpNGPLV%2B7HxZtnMwTV7Y5fPNcd%2BEKwAUtoMDBLS%2FaihWmVfiHELo75x79FtdNeoJ16gwY30vU1w%2BxAyhOJjkbnTZI9VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 882538b05b139b3a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 8038

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
447 B 182ms
182ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c96a3a9a09d9d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b96e097cde0d79db1c8eb9c9798939b959aa29799aa91a2989798939b959aa2978caa8495999e99989f9b9ca7989eac96ab
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/lincode.php?id=119794
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 11 May 2024 21:21:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AsjXoLKCfyhRpo%2FLXaknvpiri8zVgUw%2FasmPSIgSxYzKvig8%2F2DdQhf4%2FBwWwtG%2F9M48%2FV7h8JzhE8AWx0D0bnNrLfmdteZ3J4NWLqUa93LUoQhiDyJOw%2BXpwehnEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 882538b09d512c3f-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 / Show response
bnster.com/bg/ 84 B
548 B 41ms
17ms XHR
text/html 167.235.119.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bnster.com/bg/?vid=v2_4004450503b178657e84f1953a1ffd60&streams%5B%5D=713409070&user_data%5Bis_mobile%5D=0&user_data%5Bis_touch_device%5D=0&user_data%5Bwindow%5D%5Bwidth%5D=1600&user_data%5Bwindow%5D%5Bheight%5D=1200&user_data%5Buser_agent%5D=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F124.0.0.0%20Safari%2F537.36&user_data%5Bplatform%5D=Win32&user_data%5Blanguage%5D=de-DE&user_data%5Bdomain%5D=https%3A%2F%2Fbonus.gb1t.ru&user_data%5Bhref%5D=https%3A%2F%2Fbonus.gb1t.ru%2Ftraff.php&user_data%5Bhas_adblock%5D=0&user_data%5Bblock_size%5D%5B713409070%5D%5Bwidth%5D=1060&user_data%5Bblock_size%5D%5B713409070%5D%5Bheight%5D=118

Requested by

Host: bnster.com
URL: https://bnster.com/widget/bc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.235.119.87 Bühl, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.87.119.235.167.clients.your-server.de

Software

Resource Hash

926e0513de3fa264a83cd239774bdec7a70bd61d6de75dec41d99e6f456495c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 11 May 2024 21:21:55 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
444 B 65ms
65ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c979ea599a09d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b94a2d5cbdedbe3ef99decdd298939b959aa29799aa91a2989798939b959aa2978caa8495999e99989f9b9ca7989eac98a9
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=124327
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 11 May 2024 21:21:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ftv5hGpNR8RrPdyF60LUuHdlFIon5BkLj5DbHJ%2FOxba582PSTpKjcG3%2FbaHo5qPYvjXZUL3sfBXbLUMNW%2Bl3%2BhyQCufXopmBn0UKvZuMgkkdVzt4tNkMEyoGp9OoyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 882538b08d3e2c3f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
441 B 160ms
160ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c96a3a69b9e9d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b97ccd8dee8d1d6abd2eb989798939b959aa29799aa91a2989798939b959aa2978caa8495999e99989f9b9ca7989eac99a3
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=119445
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 11 May 2024 21:21:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xE0QqGe9XUiyQjnYTGcIvnZW4%2F3WkGx59oY6i5%2BC0XRGOuMltaPhEdatoWG2rBwUI%2B2K0fyuohpbsSnSnck0mV42rLXsNPx2HWMHGTm0S2ECyFG5WM0daWI7XGg2OA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 882538b08d462c3f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
443 B 166ms
166ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c96a3a69ba09d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b97ccd4d1ddd6dae6c4d5dd9798939b959aa29799aa91a2989798939b959aa2978caa8495999e99989f9b9ca7989eac9aaa
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=119447
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 11 May 2024 21:21:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TSri4y6aArP55A4IUTv9Vr50GO%2BP8a9xaGJVVkEMXKWNmRfTfbQr0SjZm%2FDZofcS4bTuFlfszkCL2fI33bgh6EFggagFktoRRau0%2FEU5bMUW2U%2Fte3XvNBhz315Hgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 882538b0ad922c3f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 404 favicon.ico
bonus.gb1t.ru/ 307 KB
67 KB 157ms
157ms Other
text/html 2a00:f940:2:2:1:4:0:106
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://bonus.gb1t.ru/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:106 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: caa963bd5cd38d0c8ea391986da6067b12e5a2f9ad2f09ec281bfe7ae3103134

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 21:21:57 GMT
content-encoding: gzip
last-modified: Sat, 09 Sep 2023 08:02:27 GMT
server: nginx
content-type: text/html; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto:400,100,300

Domain: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Domain: bonus.gb1t.ru
URL: http://bonus.gb1t.ru/cu.js

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.url.rw/	1970-01-21 06:07:02	Name: _ga Value: GA1.1.241405438.1715462512
url.rw/	1970-01-20 20:31:09	Name: XSRF-TOKEN Value: eyJpdiI6InArYmk1b0JENzU0S2haM0lmbGdMdVE9PSIsInZhbHVlIjoiS2VqZ00yL2tnejFxUlpXMXBMZ3pyNUtLYnV5cFhXMUxKTTkwMXorL1U4WkJvdUlwOVlaaXl0YUdYZnRCdW8rZVZRb09VdXZJNSswOWdPTW5kenJQOUI3ZVlhRmNiK1dsZzFYWCtDdndncHN1MTl4eEttRUpmNzYzbXM0WFU2RnoiLCJtYWMiOiJjZTAxNjYyMzk1Mjc3NTU1ZGMyZGU5ZWZiOWUwZDdiNWVmMjliMmQ0OWIyMGNkOGJjNWRhZGEyNGU3NDc3YjlkIiwidGFnIjoiIn0%3D
url.rw/	1970-01-20 20:31:09	Name: urlrw_session Value: eyJpdiI6IitLTWN0a3JtZGdhMmIxaUdFdURmSVE9PSIsInZhbHVlIjoiOEliNERWL2lHcjZ1VkFCcytmckNSYW1TNThWeDZjRWhXcGVoZjVPMjZ5bUhUR09FMXplNFVwYmlKbVVGWmxHMU9NL2U3Qmp5L2wrMTBUQUNOZmw3dnFTSFFjYnFqOTdvbkwwOVUyUSs5c3FlS3VDSGJZdmJiUzZMODA0UlhLZUsiLCJtYWMiOiI2NDRiNTNmNTRmNWZjOTc3Y2JiZjEwMjQxMzJlZjc4ZDRlOTAyNGM4NTQ4ODg1YjE3NDY4YmE2YTJmMjhmNDc1IiwidGFnIjoiIn0%3D
.url.rw/	1970-01-21 06:07:02	Name: _ga_JJFL3Y4WJS Value: GS1.1.1715462511.1.0.1715462514.0.0.0

102 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://url.rw/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://bonus.gb1t.ru/traff.php(Line 6) Message: Mixed Content: The page at 'https://bonus.gb1t.ru/traff.php' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Roboto:400,100,300'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://bonus.gb1t.ru/traff.php Message: Mixed Content: The page at 'https://bonus.gb1t.ru/traff.php' was loaded over HTTPS, but requested an insecure script 'http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://bonus.gb1t.ru/traff.php Message: Mixed Content: The page at 'https://bonus.gb1t.ru/traff.php' was loaded over HTTPS, but requested an insecure script 'http://bonus.gb1t.ru/cu.js'. This request has been blocked; the content must be served over HTTPS.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://bonus.gb1t.ru/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
ajax.googleapis.com
bnster.com
bonus.gb1t.ru
code.jquery.com
cookie.co1linesu.ru
evolution-plus.ru
fonts.googleapis.com
linkslot.ru
neon.autos
neon.today
region1.google-analytics.com
seo-act.ru
trafiframe.ru
url.rw
webtrafic.ru
www.googletagmanager.com
ajax.googleapis.com
bonus.gb1t.ru
fonts.googleapis.com
144.76.38.164
167.235.119.87
167.235.119.89
172.67.137.168
172.67.200.135
188.114.96.3
188.166.2.160
2001:4860:4802:32::36
213.183.48.30
2a00:1450:4001:810::2008
2a00:f940:2:2:1:1:0:46
2a00:f940:2:2:1:4:0:106
2a04:4e42::649
81.177.141.232
87.236.16.13
017d075c0bf8033207cdf4b6564011b97b62e905ad7e246e51c858582cb5493d
0270b73e423fd8122e008c24e073ba95db915ac8363c520fa63eff39a80c379f
07d7a25c85435e016e57dfc53a1d0e2c4c694275f5d53d18368d453c9217d1ff
1920b3844eab6221902a5bbb9b0e32375452bd5596382fa4c8f53bf30103e079
1bb25991538ca880c81d25f85b9c9ac7430f2a3815afe6b2486047480316a82b
241155c2a3436bfc0a542fc31fe2908ff2bdfc90e1ac7e26c6ba715b01030dcf
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
31ce65bfa712041efc0a4cbf7deb6d63311f2c2c325a8101fd775271a4ba9dbc
35e2345840911a278fdf3c98e429716d241b148086fd67b2a2004dfb34138165
396da1c97d616b29b8875dd6e35559fff0f2d0655594fbc1dfb4b3afb9a1a365
4f599fccf7047ba41f675b6ba1fec24b8af4214b0c2dadf0898a072ffde4370a
4f844cc3d21b241cece6f2398838e3a4f7117fb19ef5aee4f082ec262341f451
58487d10074e6c3d991242e60b05fcb2c2869f0d01ccd179b47e1693496f6a31
6086dc12195c58f0c977b6c87aadea6a23e7fd5d80cbc4d896afa47cd3931ea6
6a32c37a54506db47e10f2b3fc9bf37b9ddb971590e151747fd6abf062df5193
7bf5a139827bcf9070b9ff40d1f9780ab42087551c35fc85a94394999911c219
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8cbc10ee9755ef972000f666711a5c4d0e025d3cedf53079ba3bfd8f2b19a968
926e0513de3fa264a83cd239774bdec7a70bd61d6de75dec41d99e6f456495c3
a30c3a43613c3bb67c235bfadf66cc311c59f96afc9e9ac6872182ab266063b7
a72bb689f023b1207ec6e237da47771fe90319f48eff041e750c66fc29ce3011
c127996f2c2e75ef1766d2d59b77d567a8cce7bbcae48321bac008cdde42dd80
caa963bd5cd38d0c8ea391986da6067b12e5a2f9ad2f09ec281bfe7ae3103134
d77a6b3466cb376003db40b3adb3170556393ef2c131836c68acd18cabfc1ab4
ded9ca6022b113f485a7c29edb660f7dc404bf0826821cee56b70521046a5fb0
df254f1c0d60ffd9b22209ba78fc848b24f6d76b641c29d7bae8c0689ece039d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857
ffdfb3d5d60fee4467f8d997f406fec864cd6e2a5bebb80f5efba35cef330706

bonus.gb1t.ru Open in urlscan Pro 2a00:f940:2:2:1:4:0:106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

93 %HTTPS

33 %IPv6

16 Domains

17 Subdomains

13 IPs

4 Countries

477 kBTransfer

1067 kBSize

4 Cookies

7 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bonus.gb1t.ru Open in urlscan Pro
2a00:f940:2:2:1:4:0:106 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

93 %
HTTPS

33 %
IPv6

16
Domains

17
Subdomains

13
IPs

4
Countries

477 kB
Transfer

1067 kB
Size

4
Cookies

43 HTTP transactions
0 data transactions