urlscan.io logo urlscan.io
SecurityTrails logo

freeshbonus.ru Open in urlscan Pro
45.130.41.9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://freeshbonus.ru/?inv=akbdakbajk
Effective URL: https://freeshbonus.ru/
Submission: On January 07 via manual from BR — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 20 domains to perform 87 HTTP transactions. The main IP is 45.130.41.9, located in St Petersburg, Russian Federation and belongs to BEGET-AS Beget LLC, RU. The main domain is freeshbonus.ru.
TLS certificate: Issued by R10 on November 16th 2024. Valid for: 3 months.
This is the only time freeshbonus.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 45.130.41.9 198610 (BEGET-AS ...)
1 2607:f8b0:400... 15169 (GOOGLE)
5 185.129.100.122 57724 (DDOS-GUAR...)
22 104.21.16.1 13335 (CLOUDFLAR...)
7 87.236.16.201 198610 (BEGET-AS ...)
4 95.142.44.229 210079 (EUROBYTE ...)
2 172.67.150.197 13335 (CLOUDFLAR...)
3 213.239.209.209 24940 (HETZNER-A...)
4 95.163.52.67 47764 (VK-AS LLC VK)
3 142.250.176.195 15169 (GOOGLE)
1 1 195.201.106.161 24940 (HETZNER-A...)
1 1 104.21.32.1 13335 (CLOUDFLAR...)
2 2 172.67.186.160 13335 (CLOUDFLAR...)
1 1 2001:4998:124... 26101 (YAHOO-BF1)
1 2001:4998:14:... 14777 (YAHOO)
1 2a04:4e42::485 54113 (FASTLY)
1 87.240.132.78 47541 (VKONTAKTE...)
1 217.20.155.208 47764 (VK-AS LLC VK)
1 94.100.180.55 47764 (VK-AS LLC VK)
4 9 2a02:6b8::1:119 13238 (YANDEX YA...)
4 2a00:1148:100... 47764 (VK-AS LLC VK)
1 2001:4998:58:... 26101 (YAHOO-BF1)
1 2a02:6b8:a::a 13238 (YANDEX YA...)
87 20
14    45.130.41.9 (St Petersburg, Russian Federation)

ASN198610 (BEGET-AS Beget LLC, RU)
freeshbonus.ru
1    2607:f8b0:4006:80a::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    185.129.100.122 (Russian Federation)

ASN57724 (DDOS-GUARD DDOS-GUARD LTD, RU)
PTR: ddos-guard.net
usocial.pro
22    104.21.16.1 (None, )

ASN13335 (CLOUDFLARENET, US)
linkslot.ru
7    87.236.16.201 (St Petersburg, Russian Federation)

ASN198610 (BEGET-AS Beget LLC, RU)
PTR: ssl.perun.beget.com
ads-lot.ru
4    95.142.44.229 (Russian Federation)

ASN210079 (EUROBYTE EuroByte LLC, RU)
PTR: free.eurobyte.ru
traficstoc.ru
2    172.67.150.197 (United States)

ASN13335 (CLOUDFLARENET, US)
adslinks.ru
3    213.239.209.209 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: 213-239-209-209.clients.your-server.de
ad.a-ads.com
4    95.163.52.67 (Russian Federation)

ASN47764 (VK-AS LLC VK, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
3    142.250.176.195 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f3.1e100.net
fonts.gstatic.com
1    195.201.106.161 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: hz3.infra
ssp.gohitstraffic.com
1    104.21.32.1 (None, )

ASN13335 (CLOUDFLARENET, US)
t.hawitu.click
2    172.67.186.160 (United States)

ASN13335 (CLOUDFLARENET, US)
t.yunaga.xyz
1    2001:4998:124:1507::f000 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
yahoo.com
1    2001:4998:14:800::1000 (United States)

ASN14777 (YAHOO, US)
www.yahoo.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    87.240.132.78 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS VKontakte Ltd, RU)
PTR: srv78-132-240-87.vk.com
vk.com
1    217.20.155.208 (Russian Federation)

ASN47764 (VK-AS LLC VK, RU)
PTR: ip208.155.odnoklassniki.ru
connect.ok.ru
1    94.100.180.55 (Russian Federation)

ASN47764 (VK-AS LLC VK, RU)
PTR: connect.mail.ru
connect.mail.ru
9    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
mc.yandex.ru
mc.webvisor.org
4    2a00:1148:1000:101:8:3:0:17 (Russian Federation)

ASN47764 (VK-AS LLC VK, RU)
privacy-cs.mail.ru
1    2001:4998:58:207::6000 (United States)

ASN26101 (YAHOO-BF1, US)
csp.yahoo.com
1    2a02:6b8:a::a (Moscow, Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
yandex.ru
Apex Domain
Subdomains		 Transfer
22 linkslot.ru
linkslot.ru
1 MB
14 freeshbonus.ru
freeshbonus.ru
451 KB
9 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 12299
connect.mail.ru — Cisco Umbrella Rank: 183962
privacy-cs.mail.ru — Cisco Umbrella Rank: 19161
65 KB
8 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4577
yandex.ru — Cisco Umbrella Rank: 1488
5 KB
7 ads-lot.ru
ads-lot.ru
439 KB
5 usocial.pro
usocial.pro — Cisco Umbrella Rank: 189323
39 KB
4 traficstoc.ru
traficstoc.ru
66 KB
3 yahoo.com
yahoo.com — Cisco Umbrella Rank: 131
www.yahoo.com — Cisco Umbrella Rank: 2537
csp.yahoo.com — Cisco Umbrella Rank: 12880
306 B
3 gstatic.com
fonts.gstatic.com
98 KB
3 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 28014
2 webvisor.org
mc.webvisor.org — Cisco Umbrella Rank: 27270
890 B
2 yunaga.xyz
t.yunaga.xyz
2 KB
2 adslinks.ru
adslinks.ru
53 KB
1 ok.ru
connect.ok.ru — Cisco Umbrella Rank: 67702
2 KB
1 vk.com
vk.com — Cisco Umbrella Rank: 7357
712 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
88 KB
1 hawitu.click
t.hawitu.click
469 B
1 gohitstraffic.com
ssp.gohitstraffic.com
597 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
0 takru.com Failed
z1530.takru.com Failed
87 20
Domain Requested by
22 linkslot.ru freeshbonus.ru
linkslot.ru
14 freeshbonus.ru 1 redirects freeshbonus.ru
7 mc.yandex.ru 3 redirects freeshbonus.ru
cdn.jsdelivr.net
7 ads-lot.ru freeshbonus.ru
ads-lot.ru
5 usocial.pro freeshbonus.ru
usocial.pro
4 privacy-cs.mail.ru top-fwz1.mail.ru
privacy-cs.mail.ru
4 top-fwz1.mail.ru freeshbonus.ru
top-fwz1.mail.ru
4 traficstoc.ru freeshbonus.ru
traficstoc.ru
3 fonts.gstatic.com fonts.googleapis.com
3 ad.a-ads.com freeshbonus.ru
2 mc.webvisor.org 1 redirects freeshbonus.ru
2 t.yunaga.xyz 2 redirects
2 adslinks.ru freeshbonus.ru
1 yandex.ru privacy-cs.mail.ru
1 csp.yahoo.com freeshbonus.ru
1 connect.mail.ru usocial.pro
1 connect.ok.ru usocial.pro
1 vk.com usocial.pro
1 cdn.jsdelivr.net usocial.pro
1 www.yahoo.com traficstoc.ru
1 yahoo.com 1 redirects
1 t.hawitu.click 1 redirects
1 ssp.gohitstraffic.com 1 redirects
1 fonts.googleapis.com freeshbonus.ru
0 z1530.takru.com Failed freeshbonus.ru
87 25
Subject Issuer Validity Valid
freeshbonus.ru
R10		 2024-11-16 -
2025-02-14		 3 months crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
usocial.pro
GoGetSSL RSA DV CA		 2024-03-05 -
2025-04-04		 a year crt.sh
linkslot.ru
WE1		 2024-12-08 -
2025-03-08		 3 months crt.sh
ads-lot.ru
R10		 2024-12-25 -
2025-03-25		 3 months crt.sh
traficstoc.ru
R11		 2024-12-05 -
2025-03-05		 3 months crt.sh
adslinks.ru
WE1		 2025-01-03 -
2025-04-03		 3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2025-01-05 -
2025-12-09		 a year crt.sh
*.mail.ru
GlobalSign ECC OV SSL CA 2018		 2024-10-21 -
2025-11-22		 a year crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-12-09 -
2025-01-29		 2 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
*.vk.com
GlobalSign ECC OV SSL CA 2018		 2024-10-04 -
2025-03-02		 5 months crt.sh
*.ok.ru
GlobalSign RSA OV SSL CA 2018		 2024-09-10 -
2025-10-12		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-10-20 -
2025-04-01		 5 months crt.sh
yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-12-10 -
2025-06-04		 6 months crt.sh
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018		 2024-12-04 -
2025-06-03		 6 months crt.sh

This page contains 8 frames:

Primary Page: https://freeshbonus.ru/
Frame ID: C6934FBF29039AF3A5ABFAF258030FC0
Requests: 79 HTTP requests in this frame

Frame: https://ad.a-ads.com/2298033?size=468x60
Frame ID: F12DAB4623C947C6C7C17D27178666D9
Requests: 1 HTTP requests in this frame

Frame: https://ads-lot.ru/pics/mining.php
Frame ID: 9B30511EE21DF7772DB39FEB5072C9EC
Requests: 1 HTTP requests in this frame

Frame: https://ads-lot.ru/pics/mining.php
Frame ID: 3208174DCD91B8EC4FB12789EA836C6C
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/2372699?size=728x90
Frame ID: 49F4DD633977E9976AB699753DC03A36
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/2298033?size=468x60
Frame ID: 83EF200EDBBC0EFCB73FB6504B199CB6
Requests: 1 HTTP requests in this frame

Frame: https://www.yahoo.com/
Frame ID: 3D580D5BC54A25DE269C607D47CC2056
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.ru/metrika/metrika_match.html
Frame ID: 258BC9109611EACDE4B505549E9A6761
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Payeer Bonus - бонусы на Payeer

Page URL History Show full URLs

  1. http://freeshbonus.ru/?inv=akbdakbajk HTTP 307
    https://freeshbonus.ru/?inv=akbdakbajk HTTP 302
    https://freeshbonus.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

87
Requests

89 %
HTTPS

35 %
IPv6

20
Domains

25
Subdomains

20
IPs

4
Countries

2573 kB
Transfer

3235 kB
Size

35
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://freeshbonus.ru/?inv=akbdakbajk HTTP 307
    https://freeshbonus.ru/?inv=akbdakbajk HTTP 302
    https://freeshbonus.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://ssp.gohitstraffic.com/link?z=133069 HTTP 302
  • https://t.hawitu.click/1/?zid=1209 HTTP 302
  • https://t.yunaga.xyz/1/?spot_id=2561&zone_id=2952_pr_ HTTP 302
  • https://t.yunaga.xyz/1/?spot_id=5011 HTTP 302
  • https://yahoo.com/ HTTP 301
  • https://www.yahoo.com/
Request Chain 63
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Ffreeshbonus.ru%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A2%3Adp%3A0%3Als%3A400163314174%3Ahid%3A420879165%3Az%3A-600%3Ai%3A20250107081346%3Aet%3A1736273626%3Ac%3A1%3Arn%3A395885613%3Arqn%3A1%3Au%3A1736273626428411494%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1926%3Awv%3A2%3Ads%3A0%2C0%2C267%2C19%2C1070%2C0%2C%2C914%2C1%2C%2C%2C%2C2277%3Aco%3A0%3Acpf%3A1%3Ans%3A1736273622978%3Ast%3A1736273626&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(65536)ti(1) HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Ffreeshbonus.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A2%3Adp%3A0%3Als%3A400163314174%3Ahid%3A420879165%3Az%3A-600%3Ai%3A20250107081346%3Aet%3A1736273626%3Ac%3A1%3Arn%3A395885613%3Arqn%3A1%3Au%3A1736273626428411494%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1926%3Awv%3A2%3Ads%3A0%2C0%2C267%2C19%2C1070%2C0%2C%2C914%2C1%2C%2C%2C%2C2277%3Aco%3A0%3Acpf%3A1%3Ans%3A1736273622978%3Ast%3A1736273626&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2865536%29ti%281%29&redirnss=1
Request Chain 65
  • https://mc.yandex.ru/watch/53858797?wmode=7&page-url=https%3A%2F%2Ffreeshbonus.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A1547771340036%3Ahid%3A420879165%3Az%3A-600%3Ai%3A20250107081346%3Aet%3A1736273626%3Ac%3A1%3Arn%3A533828096%3Arqn%3A1%3Au%3A1736273626428411494%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1926%3Awv%3A2%3Ads%3A0%2C0%2C267%2C19%2C1070%2C0%2C%2C914%2C1%2C%2C%2C%2C2277%3Aco%3A0%3Acpf%3A1%3Ans%3A1736273622978%3Arqnl%3A1%3Ast%3A1736273626%3At%3APayeer%20Bonus%20-%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20Payeer&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009088)ti(1) HTTP 302
  • https://mc.yandex.ru/watch/53858797/1?wmode=7&page-url=https%3A%2F%2Ffreeshbonus.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A1547771340036%3Ahid%3A420879165%3Az%3A-600%3Ai%3A20250107081346%3Aet%3A1736273626%3Ac%3A1%3Arn%3A533828096%3Arqn%3A1%3Au%3A1736273626428411494%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1926%3Awv%3A2%3Ads%3A0%2C0%2C267%2C19%2C1070%2C0%2C%2C914%2C1%2C%2C%2C%2C2277%3Aco%3A0%3Acpf%3A1%3Ans%3A1736273622978%3Arqnl%3A1%3Ast%3A1736273626%3At%3APayeer%20Bonus%20-%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20Payeer&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29&redirnss=1
Request Chain 70
  • https://mc.webvisor.org/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10611.qmRZ5eqaLUQ9LfZx_h0oA-8RocBoNSsKnp9_x6xudmf99oRYRwt9AnxtnfdE4P0N.J3p3cam07s-tLMBog9KcdwSHC5I%2C HTTP 302
  • https://mc.webvisor.org/sync_cookie_image_decide?token=10611.XkZ0v_BCaC2lxTsueIroZQF4FZbOHz9JsqvGauYehfTKL-XnXY25MXTAKkGLePpKqGdVDwhMslJhfNkcGTSiEJ2uRxzc20pSQf4Ir4KRTwQhOUeexkjXloujawWsTC7FxTnTxCdNUTe41kVbu2W2c0VP1upvcwCw16gq9B8tjF7oYnIm3mtxIvObZw9kwPQ8z8vMSB1IDPlQrGZI7su0JIJzlEOB5w9k7PWI2YGcUzw%2C.z-5J-6jG1xopbPfoIrd9khpZ0eQ%2C

87 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
freeshbonus.ru/
Redirect Chain
  • http://freeshbonus.ru/?inv=akbdakbajk
  • https://freeshbonus.ru/?inv=akbdakbajk
  • https://freeshbonus.ru/
16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://freeshbonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.130.41.9 St Petersburg, Russian Federation, ASN198610 (BEGET-AS Beget LLC, RU),
Reverse DNS
Software
nginx-reuseport/1.21.1 / PHP/5.6.40
Resource Hash
63c390c5e6ee1838e846af4bd880eefc2a4983550a5732e613ec02d7fb6b3605

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-length
4380
content-type
text/html; charset=utf-8
date
Tue, 07 Jan 2025 18:13:44 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx-reuseport/1.21.1
vary
Accept-Encoding
x-powered-by
PHP/5.6.40

Redirect headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-length
20
content-type
text/html; charset=utf-8
date
Tue, 07 Jan 2025 18:13:43 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
/
pragma
no-cache
server
nginx-reuseport/1.21.1
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
style.css
freeshbonus.ru/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freeshbonus.ru/css/style.css
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.130.41.9 St Petersburg, Russian Federation, ASN198610 (BEGET-AS Beget LLC, RU),
Reverse DNS
Software
nginx-reuseport/1.21.1 /
Resource Hash
ceb782093e496323fbb94d275ffc9a0a0a91bdcbcf0938eeb2267b72e3cbf4b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

cache-control
max-age=604800
content-encoding
gzip
etag
W/"67626c0e-11a1"
expires
Tue, 14 Jan 2025 18:13:44 GMT
date
Tue, 07 Jan 2025 18:13:44 GMT
content-type
text/css
last-modified
Wed, 18 Dec 2024 06:30:38 GMT
server
nginx-reuseport/1.21.1
vary
Accept-Encoding
reset.css
freeshbonus.ru/css/ 		1 KB
710 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freeshbonus.ru/css/reset.css
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.130.41.9 St Petersburg, Russian Federation, ASN198610 (BEGET-AS Beget LLC, RU),
Reverse DNS
Software
nginx-reuseport/1.21.1 /
Resource Hash
2b5e470414b8b5bb5c4e017e20233eb99ef6ae53a85afe29ddba7112741052c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

cache-control
max-age=604800
content-encoding
gzip
etag
W/"67626c0e-47a"
expires
Tue, 14 Jan 2025 18:13:44 GMT
date
Tue, 07 Jan 2025 18:13:44 GMT
content-type
text/css
last-modified
Wed, 18 Dec 2024 06:30:38 GMT
server
nginx-reuseport/1.21.1
vary
Accept-Encoding
css
fonts.googleapis.com/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab1dc4bdcd239cd0d211870064f9481caea7191febf67aa4301671d64ec6e8d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 07 Jan 2025 18:13:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 18:13:44 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 07 Jan 2025 18:02:20 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
font-awesome.min.css
freeshbonus.ru/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freeshbonus.ru/css/font-awesome.min.css
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.130.41.9 St Petersburg, Russian Federation, ASN198610 (BEGET-AS Beget LLC, RU),
Reverse DNS
Software
nginx-reuseport/1.21.1 /
Resource Hash
f96c8aa5eadbf98b155a0627034b14b6fdced2431dcd5e383eb957e42b7b9d9e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

cache-control
max-age=604800
content-encoding
gzip
etag
W/"67626c0e-4577"
expires
Tue, 14 Jan 2025 18:13:44 GMT
date
Tue, 07 Jan 2025 18:13:44 GMT
content-type
text/css
last-modified
Wed, 18 Dec 2024 06:30:38 GMT
server
nginx-reuseport/1.21.1
vary
Accept-Encoding
ot-menu.css
freeshbonus.ru/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freeshbonus.ru/css/ot-menu.css
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.130.41.9 St Petersburg, Russian Federation, ASN198610 (BEGET-AS Beget LLC, RU),
Reverse DNS
Software
nginx-reuseport/1.21.1 /
Resource Hash
a7ec4df0d2a8fc433f54661a40bbfc83e1b2ccc08ebb2c1dc4b175280646b0cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

cache-control
max-age=604800
content-encoding
gzip
etag
W/"67626c0e-f9d"
expires
Tue, 14 Jan 2025 18:13:44 GMT
date
Tue, 07 Jan 2025 18:13:44 GMT
content-type
text/css
last-modified
Wed, 18 Dec 2024 06:30:38 GMT
server
nginx-reuseport/1.21.1
vary
Accept-Encoding
main-stylesheet.css
freeshbonus.ru/css/ 		112 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freeshbonus.ru/css/main-stylesheet.css
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.130.41.9 St Petersburg, Russian Federation, ASN198610 (BEGET-AS Beget LLC, RU),
Reverse DNS
Software
nginx-reuseport/1.21.1 /
Resource Hash
0f9c08e52f08dd31f7f3c1355b1e7431860d2b249351bf3004b4e84cac2d0447

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

cache-control
max-age=604800
content-encoding
gzip
etag
W/"67626c0e-1be74"
expires
Tue, 14 Jan 2025 18:13:44 GMT
date
Tue, 07 Jan 2025 18:13:44 GMT
content-type
text/css
last-modified
Wed, 18 Dec 2024 06:30:38 GMT
server
nginx-reuseport/1.21.1
vary
Accept-Encoding
shortcodes.css
freeshbonus.ru/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freeshbonus.ru/css/shortcodes.css
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.130.41.9 St Petersburg, Russian Federation, ASN198610 (BEGET-AS Beget LLC, RU),
Reverse DNS
Software
nginx-reuseport/1.21.1 /
Resource Hash
91a0d35c160fb795d0c2649555317b63ed505194c91c20eecaffd4ec728dcbef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

cache-control
max-age=604800
content-encoding
gzip
etag
W/"67626c0e-2372"
expires
Tue, 14 Jan 2025 18:13:44 GMT
date
Tue, 07 Jan 2025 18:13:44 GMT
content-type
text/css
last-modified
Wed, 18 Dec 2024 06:30:38 GMT
server
nginx-reuseport/1.21.1
vary
Accept-Encoding
usocial.js
usocial.pro/usocial/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usocial.pro/usocial/usocial.js?v=6.1.4
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.100.122 , Russian Federation, ASN57724 (DDOS-GUARD DDOS-GUARD LTD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard / PHP/7.4.24
Resource Hash
b6cb38e7943cacaac857705ddf6e9534d8e60bf86006feea8a1737ddfa148ef9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

ddg-cache-status
MISS
content-security-policy
upgrade-insecure-requests;
content-encoding
br
age
0
date
Tue, 07 Jan 2025 18:13:44 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
ddos-guard
x-powered-by
PHP/7.4.24
bancode_new.php
linkslot.ru/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode_new.php?id=357484
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46b63365458a67d58d183b5ceb6e164b3129de73003f2a8e7c50fd5345e5c57f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eSOwcZXyQdHtxj8sZf0boVsHZTrtdc5OqZiIN50CIWJjvyk64TmPuog5Xm1IlxIR9YGsrkg4Fkg2AJ3exyg58aB0OxfX%2FKYbViud0Mgtm36oBSGVyL9JF7XGsL2uxA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe5ec694e5814f8-LAX
alt-svc
h3=":443"; ma=86400
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
text/html;charset=utf-8
vary
accept-encoding
server
cloudflare
bancode_new.php
linkslot.ru/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode_new.php?id=357486
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a790c7ca1834a1eb1994853c060eb425f2ec733cb1bdba3ca2243406555a42fd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3QYp2Exu7p4bWCkIbRtwHNL8stZ5LEtdL59vGBXuHcDJz611eNrBLfg1osyesbWqtPbzDGEHr1ehKrHVF8Gt9CGDfhASODrpkUpxKzdZNwQsITYONsTJXdJlaGD3TA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe5ec694e5714f8-LAX
alt-svc
h3=":443"; ma=86400
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
text/html;charset=utf-8
vary
accept-encoding
server
cloudflare
bancode_new.php
linkslot.ru/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode_new.php?id=365203
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d0161250b4c4f0e0dc9dd998fe0b9070b633f78119efcc3a9a791beafab59c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pJfsI7kYb36yVfNkdCCAOyUUgUPr%2F3q5AEC01wvOUoFKlpDb7TaltHzazZlDaen8RZIr5YRRbNhpONA4akiWKADg7vPZiELuh6AMlR9ILzoQYmq3YJcF8Ib3KGGxXA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe5ec694e5614f8-LAX
alt-svc
h3=":443"; ma=86400
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
text/html;charset=utf-8
vary
accept-encoding
server
cloudflare
vitrine.php
ads-lot.ru/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads-lot.ru/vitrine.php?id=3466&defer=0
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.201 St Petersburg, Russian Federation, ASN198610 (BEGET-AS Beget LLC, RU),
Reverse DNS
ssl.perun.beget.com
Software
nginx-reuseport/1.21.1 / PHP/5.6.40
Resource Hash
b30cc9dbb07bb3e59a775e3e7adae757ab6b5395ba9512dc196f44a0b943c830

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
pragma
no-cache
expires
Thu, 19 Nov 1981 08:52:00 GMT
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
text/html;charset=windows-1251
vary
Accept-Encoding
server
nginx-reuseport/1.21.1
x-powered-by
PHP/5.6.40
lincode_new.php
linkslot.ru/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/lincode_new.php?id=357496
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d222853a2831d7bdfdeda6ef4fdf5f582544eefcaf21b73d43ba617edb7cf88

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rmPbA6xlpnBmPdTWAfrs2O3xQRQ2VgmieC2egGutW%2BS4c4jS6UiEi9IdoiLG12ynKMHAKjrx18uuJyAj%2BO9oaAc6dDBPUTAkZr5pKT2StuJdHF1s9b590PBIWqoNjg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe5ec694e5914f8-LAX
alt-svc
h3=":443"; ma=86400
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
text/html;charset=utf-8
vary
accept-encoding
server
cloudflare
bancode_new.php
linkslot.ru/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode_new.php?id=357502
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c98eb0703f0d0a8403fbebd11f2eda42b3d3979dd0f8fa16354b4c46e65cd122

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zN8PSi5AW%2FOA06CqY0n3VPRsgeq5BjOIEA1xLxqvjRhTphrJ5UcwgHNit5CGg%2F%2BSXJre6tDorEEh7YOH7VroToADrVrQzGp%2B5qFB59CUh4lmQJMZb4NEgU4gI1lSpA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe5ec694e5514f8-LAX
alt-svc
h3=":443"; ma=86400
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
text/html;charset=utf-8
vary
accept-encoding
server
cloudflare
vitrine.php
ads-lot.ru/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads-lot.ru/vitrine.php?id=3467
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.201 St Petersburg, Russian Federation, ASN198610 (BEGET-AS Beget LLC, RU),
Reverse DNS
ssl.perun.beget.com
Software
nginx-reuseport/1.21.1 / PHP/5.6.40
Resource Hash
be140b7e74e030e99980cc1c20468094a05f936e99ab14fb1ecd7405378eab5e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
pragma
no-cache
expires
Thu, 19 Nov 1981 08:52:00 GMT
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
text/html;charset=windows-1251
vary
Accept-Encoding
server
nginx-reuseport/1.21.1
x-powered-by
PHP/5.6.40
3542.png
freeshbonus.ru/img/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freeshbonus.ru/img/3542.png
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.130.41.9 St Petersburg, Russian Federation, ASN198610 (BEGET-AS Beget LLC, RU),
Reverse DNS
Software
nginx-reuseport/1.21.1 /
Resource Hash
993bbdda280601c33ac5f6c657f06e09499320bdf5961bb0389c53dac04feb98

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

cache-control
max-age=2592000
etag
"67626c0e-47ae"
expires
Thu, 06 Feb 2025 18:13:44 GMT
accept-ranges
bytes
content-length
18350
date
Tue, 07 Jan 2025 18:13:44 GMT
content-type
image/png
last-modified
Wed, 18 Dec 2024 06:30:38 GMT
server
nginx-reuseport/1.21.1
bancode_new.php
linkslot.ru/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode_new.php?id=357487
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb94868599f8740f7d32038a4eac40335531e142ff44afe99ccf042e0d78fcf0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bg4hb5diADGiDoCbBA4rP8qbZcTXhNUHm9XwKGu8OnUqF8WMnO8TzDHaRXwa6KTwre76ZlXn7dZUC2%2FT8a%2Fg%2BCjo4i7XQff5zSMSCYC8esyv5YLYUditaHRmOyDotw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe5ec694e5414f8-LAX
alt-svc
h3=":443"; ma=86400
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
text/html;charset=utf-8
vary
accept-encoding
server
cloudflare
banner.php
traficstoc.ru/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://traficstoc.ru/banner.php?user=489
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.142.44.229 , Russian Federation, ASN210079 (EUROBYTE EuroByte LLC, RU),
Reverse DNS
free.eurobyte.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f5e69d7e9f7113098b905a05d18bfcb07bc808a5f9dd5b7ba3a07e05cc551b71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000;
Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Access-Control-Allow-Origin
*
Date
Tue, 07 Jan 2025 18:13:45 GMT
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Server
nginx/1.18.0 (Ubuntu)
bancode_new.php
linkslot.ru/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode_new.php?id=357488
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb4f895c771f8f687a9a2d3dde25b69fc7d379d4a4f378b3a4de117551cc420

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NZU%2Fw%2BSz6YP5xQZu62ISPVmkN2ox5%2FvWYgi9W%2FVfrGFX6j3eVLYEF0o2hBQv%2FW8tBIwPt1pgzHgYnJLBLfylW9c6I0691oFo1lAKjo1mEzkEM54A%2FHRZVzXwkxLfXw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe5ec6d7e7714f8-LAX
alt-svc
h3=":443"; ma=86400
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
text/html;charset=utf-8
vary
accept-encoding
server
cloudflare
theme-scripts.js
freeshbonus.ru/jscript/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://freeshbonus.ru/jscript/theme-scripts.js
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.130.41.9 St Petersburg, Russian Federation, ASN198610 (BEGET-AS Beget LLC, RU),
Reverse DNS
Software
nginx-reuseport/1.21.1 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

content-length
196
date
Tue, 07 Jan 2025 18:13:44 GMT
content-type
text/html; charset=iso-8859-1
server
nginx-reuseport/1.21.1
mpcode.php
adslinks.ru/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adslinks.ru/mpcode.php?l=14538
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
d434797504ba8e4b42ed9564e329da97c03ac3c6d260314ba9823de9c962d59a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iMOMJFdD9Dz0yf5rCLFXYsvizuUfrI0Vae2tEvsTAExfvO48RIQrWzO0WgX0yJ5ATWM8XJ0sL0MScQ0CbHwfKnCW3GZ3CuAlPlV8%2BzWCjSmR1iUn1ph4ZryttSfTNw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe5ec694fa5dbdd-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=71223&min_rtt=70819&rtt_var=11643&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4233&recv_bytes=4368&delivery_rate=287&cwnd=12000&unsent_bytes=0&cid=feca5349c3c34bc6&ts=686&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
priority
u=3,i=?0
2298033
ad.a-ads.com/ Frame F12D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/2298033?size=468x60
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://freeshbonus.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Tue, 07 Jan 2025 18:13:44 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://freeshbonus.ru/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
gqPP52.jpg
freeshbonus.ru/img/ 		290 KB
291 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freeshbonus.ru/img/gqPP52.jpg
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/css/main-stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.130.41.9 St Petersburg, Russian Federation, ASN198610 (BEGET-AS Beget LLC, RU),
Reverse DNS
Software
nginx-reuseport/1.21.1 /
Resource Hash
421e9b1393704f0e513979dcf909256ae00112fefb1a84086fb37751090268f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/css/main-stylesheet.css

Response headers

cache-control
max-age=2592000
etag
"67626c0e-48929"
expires
Thu, 06 Feb 2025 18:13:44 GMT
accept-ranges
bytes
content-length
297257
date
Tue, 07 Jan 2025 18:13:44 GMT
content-type
image/jpeg
last-modified
Wed, 18 Dec 2024 06:30:38 GMT
server
nginx-reuseport/1.21.1
Pompadur.otf
freeshbonus.ru/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://freeshbonus.ru/fonts/Pompadur.otf
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/css/main-stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.130.41.9 St Petersburg, Russian Federation, ASN198610 (BEGET-AS Beget LLC, RU),
Reverse DNS
Software
nginx-reuseport/1.21.1 /
Resource Hash
6bbfb9155ed87a2560e7c7d9f959288e91cafbbff9e70512f5ff63db1bdad8df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://freeshbonus.ru
Referer
https://freeshbonus.ru/css/main-stylesheet.css

Response headers

cache-control
max-age=2592000
etag
"67626c0e-3058"
expires
Thu, 06 Feb 2025 18:13:44 GMT
accept-ranges
bytes
content-length
12376
date
Tue, 07 Jan 2025 18:13:44 GMT
content-type
application/octet-stream
last-modified
Wed, 18 Dec 2024 06:30:38 GMT
server
nginx-reuseport/1.21.1
gate.php
linkslot.ru/ 		2 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=c9ddcacfe5cfcbe9cfe7db95dad88e98a0a79999ad84a39e9798869c979aa28ad6e9dbdbd4d3c992a0939a928fe1ab92ad88d3d1d1e0dd8aea9f9fd997a69187c9d3dbd1cfe9cccbe5cae6979c9b9a9998a0928fd4e2d5dfd49388cfd4d0cf92ceceddcce19187cbcbddd4d7d7969aad92a0989598919b85ddd3cdcaeccaa19d9a9f919e9b8da4d0d0e8c9e7d0dbd7d1dc959aa29799aa91a2989798939b959aa29799aa91a28b978b869c9c9da899a0ad97a49d989e99
Requested by
Host: linkslot.ru
URL: https://linkslot.ru/bancode_new.php?id=365203
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=219hWJuvOEfjVVg7ZYO2I9wLxHA2gHoEjiiUduw9FVo6d7kR8SiiVt%2F%2FoHULxMccRx59P0awhYNVu28IfzitLWTc%2FbdNlOFYdsTkYGJm1C6DTFsmexNtNT%2FEVULxnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe5ec6dfdf86a2b-LAX
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
text/html;charset=utf-8
x-powered-by
PHP/7.4.33
vary
accept-encoding
server
cloudflare
9aa81f4c26bd65a9dca2519d90a8b070.gif
linkslot.ru/uploads/ 		212 KB
213 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/uploads/9aa81f4c26bd65a9dca2519d90a8b070.gif
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f79d43d7d6bf15b53b40972dc4f9e3c3b629e0145efadf79daa83f2453557842

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"6776c9b0-351d9"
age
3783
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UtRcEUwZRw6MfZXprf8sE1vLCZ5G8UKadjLPcYegbR5GmFYPv7PgNq97AgvmtexbR8AzfxMPhGUN9%2Br%2FOzmozA%2Bez693vezx98RSm7pr6ojiZnPjprwC8gWQv7JvEg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe5ec6d8e7814f8-LAX
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
217561
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
image/gif
last-modified
Thu, 02 Jan 2025 17:15:28 GMT
server
cloudflare
vary
Accept-Encoding
buyb.png
linkslot.ru/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/img/buyb.png
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"66fe9dc3-a19"
age
6668
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=20fokf1YeT3EPFTFFLw7uH93UpqaxU6%2BpkbLWk8NzLcbhojgOyYRYEtDsSczGqgEd%2B3jlFnng81fJoTGSOVnhVfwX0p6%2BIukNpng2vw2G6kOKv8kbfPqBe4jIczkEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe5ec6d8e7914f8-LAX
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
2585
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
image/png
last-modified
Thu, 03 Oct 2024 13:36:03 GMT
server
cloudflare
vary
Accept-Encoding
mining.php
ads-lot.ru/pics/ Frame 9B30 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads-lot.ru/pics/mining.php
Requested by
Host: ads-lot.ru
URL: https://ads-lot.ru/vitrine.php?id=3466&defer=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.201 St Petersburg, Russian Federation, ASN198610 (BEGET-AS Beget LLC, RU),
Reverse DNS
ssl.perun.beget.com
Software
nginx-reuseport/1.21.1 / PHP/5.6.40
Resource Hash

Request headers

Referer
https://freeshbonus.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=windows-1251
date
Tue, 07 Jan 2025 18:13:45 GMT
server
nginx-reuseport/1.21.1
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
img_al.png
ads-lot.ru/images/ 		244 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads-lot.ru/images/img_al.png
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.201 St Petersburg, Russian Federation, ASN198610 (BEGET-AS Beget LLC, RU),
Reverse DNS
ssl.perun.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
604bb24675f5699e34f08b82bb092e0627e18120eff34453fb24dc09065447af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

cache-control
max-age=2592000
etag
"6734ab56-f4"
expires
Thu, 06 Feb 2025 18:13:45 GMT
accept-ranges
bytes
content-length
244
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
image/png
last-modified
Wed, 13 Nov 2024 13:36:22 GMT
server
nginx-reuseport/1.21.1
img_al2.png
ads-lot.ru/images/ 		351 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads-lot.ru/images/img_al2.png
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.201 St Petersburg, Russian Federation, ASN198610 (BEGET-AS Beget LLC, RU),
Reverse DNS
ssl.perun.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
4a33cc4ac137df2dd60dfe31ee9fa4db6b54ed39b320aede4d18b8bd1542e760

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

cache-control
max-age=2592000
etag
"6734ab57-15f"
expires
Thu, 06 Feb 2025 18:13:45 GMT
accept-ranges
bytes
content-length
351
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
image/png
last-modified
Wed, 13 Nov 2024 13:36:23 GMT
server
nginx-reuseport/1.21.1
in.php
z1530.takru.com/ 		0
0
mining.php
ads-lot.ru/pics/ Frame 3208 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads-lot.ru/pics/mining.php
Requested by
Host: ads-lot.ru
URL: https://ads-lot.ru/vitrine.php?id=3467
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.201 St Petersburg, Russian Federation, ASN198610 (BEGET-AS Beget LLC, RU),
Reverse DNS
ssl.perun.beget.com
Software
nginx-reuseport/1.21.1 / PHP/5.6.40
Resource Hash

Request headers

Referer
https://freeshbonus.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=windows-1251
date
Tue, 07 Jan 2025 18:13:46 GMT
server
nginx-reuseport/1.21.1
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
banner_8521736231341.gif
ads-lot.ru/services/upl/uploads/ 		434 KB
435 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads-lot.ru/services/upl/uploads/banner_8521736231341.gif
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.201 St Petersburg, Russian Federation, ASN198610 (BEGET-AS Beget LLC, RU),
Reverse DNS
ssl.perun.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
b1fd035253e8bbbbcef42960620e41ad10dd103ce1bddd3d96a1c5e860ca32db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

cache-control
max-age=2592000
etag
"677cc9ad-6c7bc"
expires
Thu, 06 Feb 2025 18:13:45 GMT
accept-ranges
bytes
content-length
444348
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
image/gif
last-modified
Tue, 07 Jan 2025 06:29:01 GMT
server
nginx-reuseport/1.21.1
2372699
ad.a-ads.com/ Frame 49F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/2372699?size=728x90
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://freeshbonus.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Tue, 07 Jan 2025 18:13:45 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://freeshbonus.ru/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
2298033
ad.a-ads.com/ Frame 83EF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/2298033?size=468x60
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://freeshbonus.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Tue, 07 Jan 2025 18:13:45 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://freeshbonus.ru/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
code.js
top-fwz1.mail.ru/js/ 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
557f3d629cbf8c40716f4c9d7c0147dc3f904ab7bc90b75b43bdf46ff79aad51
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
content-encoding
gzip
etag
W/"66f68af3-b7eb"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
x-content-type-options
nosniff
accept-ch-lifetime
86400
expires
Tue, 07 Jan 2025 19:13:45 GMT
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
application/javascript
last-modified
Fri, 27 Sep 2024 10:37:39 GMT
access-control-allow-headers
*
cache-control
max-age=3600, private
timing-allow-origin
*
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
access-control-allow-origin
*
server
nginx
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f3.1e100.net
Software
sffe /
Resource Hash
8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://freeshbonus.ru
Referer
https://fonts.googleapis.com/

Response headers

age
369334
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 03 Jan 2026 11:38:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Jan 2025 11:38:11 GMT
last-modified
Thu, 14 Dec 2023 02:00:28 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
26736
x-xss-protection
0
server
sffe
fontawesome-webfont.woff
freeshbonus.ru/fonts/ 		96 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://freeshbonus.ru/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.130.41.9 St Petersburg, Russian Federation, ASN198610 (BEGET-AS Beget LLC, RU),
Reverse DNS
Software
nginx-reuseport/1.21.1 /
Resource Hash
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://freeshbonus.ru
Referer
https://freeshbonus.ru/css/font-awesome.min.css

Response headers

cache-control
max-age=2592000
etag
"67626c0e-17ee8"
expires
Thu, 06 Feb 2025 18:13:45 GMT
accept-ranges
bytes
content-length
98024
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
application/font-woff
last-modified
Wed, 18 Dec 2024 06:30:38 GMT
server
nginx-reuseport/1.21.1
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://freeshbonus.ru
Referer
https://fonts.googleapis.com/

Response headers

age
560060
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 01 Jan 2026 06:39:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 01 Jan 2025 06:39:25 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
gate.php
linkslot.ru/ 		2 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=c9ddcacfe5cfcbe9cfe7db95dad88e989fa99ba2b084a39e9798869c979aa28ad6e9dbdbd4d3c992a0939a928fe1ab92ad88d3d1d1e0dd8aea9f9fd997a69187c9d3dbd1cfe9cccbe5cae6979c9b9a9998a0928fd4e2d5dfd49388cfd4d0cf92ceceddcce19187cbcbddd4d7d7969aad92a0989598919b85ddd3cdcaeccaa19d9a9f919e9b8da3d69fe8c8e09fd5cdcea2999aa29799aa91a2989798939b959aa29799aa91a28b978b869c9c9da899a0ad97a49d999d94
Requested by
Host: linkslot.ru
URL: https://linkslot.ru/lincode_new.php?id=357496
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=38gJcySrdht4EpfkBg2rmx79GPAgn9EtCrYlL3B2k46udALEw0gF5VwIGHCNDqwOQLYkZTFUNzZ0Cmhx9Tf8%2BTCZo2fnH9hO8LXWOdY4wGkWyyj8q5ciVyPQztb0Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe5ec6e0df96a2b-LAX
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
text/html;charset=utf-8
x-powered-by
PHP/7.4.33
vary
accept-encoding
server
cloudflare
/
www.yahoo.com/ Frame 3D58
Redirect Chain
  • https://ssp.gohitstraffic.com/link?z=133069
  • https://t.hawitu.click/1/?zid=1209
  • https://t.yunaga.xyz/1/?spot_id=2561&zone_id=2952_pr_
  • https://t.yunaga.xyz/1/?spot_id=5011
  • https://yahoo.com/
  • https://www.yahoo.com/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.yahoo.com/
Requested by
Host: traficstoc.ru
URL: https://traficstoc.ru/banner.php?user=489
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.builtbygirls.com https://*.rivals.com https://*.engadget.com https://*.intheknow.com https://*.autoblog.com https://*.techcrunch.com https://*.yahoo.com https://*.aol.com https://*.huffingtonpost.com https://*.oath.com https://*.search.yahoo.com https://*.pnr.ouryahoo.com https://pnr.ouryahoo.com https://*.search.aol.com https://*.search.huffpost.com https://*.onesearch.com https://*.verizonmedia.com https://*.publishing.oath.com https://cdn.taboola.com https://ads.taboola.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=news&region=US&lang=en-US&device=desktop&yrid=6o9nr8tivmg0j&partner=;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://freeshbonus.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
2
cache-control
no-store, no-cache, max-age=0, private
content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://*.builtbygirls.com https://*.rivals.com https://*.engadget.com https://*.intheknow.com https://*.autoblog.com https://*.techcrunch.com https://*.yahoo.com https://*.aol.com https://*.huffingtonpost.com https://*.oath.com https://*.search.yahoo.com https://*.pnr.ouryahoo.com https://pnr.ouryahoo.com https://*.search.aol.com https://*.search.huffpost.com https://*.onesearch.com https://*.verizonmedia.com https://*.publishing.oath.com https://cdn.taboola.com https://ads.taboola.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=news&region=US&lang=en-US&device=desktop&yrid=6o9nr8tivmg0j&partner=;
content-type
text/html; charset=utf-8
date
Tue, 07 Jan 2025 18:13:48 GMT
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only
expires
-1
referrer-policy
no-referrer-when-downgrade
server
ATS
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-envoy-upstream-service-time
76
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store, no-cache
content-language
en
content-length
8
content-type
text/html
date
Tue, 07 Jan 2025 18:13:47 GMT
location
https://www.yahoo.com/
referrer-policy
no-referrer-when-downgrade
server
ATS
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
7c0a7aad3f2ac506ca140fe66422d918.png
traficstoc.ru/banners/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://traficstoc.ru/banners/7c0a7aad3f2ac506ca140fe66422d918.png
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.142.44.229 , Russian Federation, ASN210079 (EUROBYTE EuroByte LLC, RU),
Reverse DNS
free.eurobyte.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
966141de5868172e08ababd702925b996116b39fed17232b7813c0809047f948
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

Strict-Transport-Security
max-age=31536000;
Cache-Control
max-age=86400
ETag
"676b0b68-fa3c"
Connection
keep-alive
Expires
Wed, 08 Jan 2025 18:13:45 GMT
Accept-Ranges
bytes
Content-Length
64060
Date
Tue, 07 Jan 2025 18:13:45 GMT
Content-Type
image/png
Last-Modified
Tue, 24 Dec 2024 19:28:40 GMT
Server
nginx/1.18.0 (Ubuntu)
logo.png
traficstoc.ru/img/ 		345 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://traficstoc.ru/img/logo.png
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.142.44.229 , Russian Federation, ASN210079 (EUROBYTE EuroByte LLC, RU),
Reverse DNS
free.eurobyte.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6b9ba3d5eebdbdc7ff85ffef1b0b50e9ab3d2d2410a4cc55c07127c9cadebe5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

Strict-Transport-Security
max-age=31536000;
Cache-Control
max-age=86400
ETag
"67517b5b-159"
Connection
keep-alive
Expires
Wed, 08 Jan 2025 18:13:45 GMT
Accept-Ranges
bytes
Content-Length
345
Date
Tue, 07 Jan 2025 18:13:45 GMT
Content-Type
image/png
Last-Modified
Thu, 05 Dec 2024 10:07:23 GMT
Server
nginx/1.18.0 (Ubuntu)
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=cyrillic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f3.1e100.net
Software
sffe /
Resource Hash
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://freeshbonus.ru
Referer
https://fonts.googleapis.com/

Response headers

age
415072
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 02 Jan 2026 22:55:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 02 Jan 2025 22:55:53 GMT
last-modified
Thu, 14 Dec 2023 02:04:54 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
24984
x-xss-protection
0
server
sffe
usocial.share.js
usocial.pro/usocial/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usocial.pro/usocial/usocial.share.js?js=7.1.5
Requested by
Host: usocial.pro
URL: https://usocial.pro/usocial/usocial.js?v=6.1.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.100.122 , Russian Federation, ASN57724 (DDOS-GUARD DDOS-GUARD LTD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
334cda11e7aa1e23faad3fb7eb37ec5a54c98e54291f4faa30aa4bd97db88e15
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

access-control-expose-headers
Content-Length,Content-Range
content-encoding
br
etag
"60141d46-9c68"
age
13
access-control-allow-methods
GET, POST, OPTIONS
date
Tue, 07 Jan 2025 18:13:32 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 29 Jan 2021 14:35:50 GMT
vary
Accept-Encoding
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
ddg-cache-status
HIT
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=300, public
access-control-allow-origin
*
content-length
10816
server
ddos-guard
gate.php
linkslot.ru/ 		2 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=c9ddcacfe5cfcbe9cfe7db95dad88e989fa99ba1b184a39e9798869c979aa28ad6e9dbdbd4d3c992a0939a928fe1ab92ad88d3d1d1e0dd8aea9f9fd997a69187c9d3dbd1cfe9cccbe5cae6979c9b9a9998a0928fd4e2d5dfd49388cfd4d0cf92ceceddcce19187cbcbddd4d7d7969aad92a0989598919b85ddd3cdcaeccaa19d9a9f919e9b8da4999eacd1abd4d6a0d7d0d49aa29799aa91a2989798939b959aa29799aa91a28b978b869c9c9da899a0ad97a49d999f9a
Requested by
Host: linkslot.ru
URL: https://linkslot.ru/bancode_new.php?id=357487
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4oUOkm3XHJY5FwuwsbKsEz0vtw2KLGsaLXVBLWk0%2FHy6s8dZXADB%2F%2FVktkX0Dn0XOM5cZiwRL6%2FyCa7m5amI%2FECWFj8s8%2F1jP6i%2Bpwtm5gCxXeJldCyOIu89Ou7R7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe5ec6e3dfa6a2b-LAX
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
text/html;charset=utf-8
x-powered-by
PHP/7.4.33
vary
accept-encoding
server
cloudflare
a17211a4428af388126d9eb66376475a.gif
linkslot.ru/uploads/ 		414 KB
414 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/uploads/a17211a4428af388126d9eb66376475a.gif
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9b3a29c20663e8c520e9a2148a131612f648bd7e959e131792fecd1b3849842

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"677be9d2-676a2"
age
6569
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2JWEsx6T8%2Fa4z4jDIROjp%2BTYmDsiYHnlP70Pnk4xh7t2NyQIOALHYVMQyB274smSIg9Mgws4%2BHN4H1yF3asM2yOGo3rnzcQYsQ4QJ40sgAq%2Bttw5uYaCuyAuCHMr6A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe5ec6e3e7b14f8-LAX
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
423586
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
image/gif
last-modified
Mon, 06 Jan 2025 14:33:54 GMT
server
cloudflare
vary
Accept-Encoding
gate.php
linkslot.ru/ 		2 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=c9ddcacfe5cfcbe9cfe7db95dad88e989fa99ba1ae84a39e9798869c979aa28ad6e9dbdbd4d3c992a0939a928fe1ab92ad88d3d1d1e0dd8aea9f9fd997a69187c9d3dbd1cfe9cccbe5cae6979c9b9a9998a0928fd4e2d5dfd49388cfd4d0cf92ceceddcce19187cbcbddd4d7d7969aad92a0989598919b85ddd3cdcaeccaa19d9a9f919e9b8da5c9e0f1cbd7ced09fd8d2959aa29799aa91a2989798939b959aa29799aa91a28b978b869c9c9da899a0ad97a49d999f9c
Requested by
Host: linkslot.ru
URL: https://linkslot.ru/bancode_new.php?id=357484
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cLl4XlB7IZU9cB%2F7%2BeosHbKypwpoj50OEgXKQXqlCQAebfOzcs4hJIdqp3W2lgE8SFg%2FZZRHMsI5vV4reDV%2B43NywTbM6H6A5eQLPPOyt7RDwUO23eJXIjmxrTE7NA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe5ec6e3dfb6a2b-LAX
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
text/html;charset=utf-8
x-powered-by
PHP/7.4.33
vary
accept-encoding
server
cloudflare
c50a909bcf8d41de00738630ed600b41.gif
linkslot.ru/uploads/ 		325 KB
325 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/uploads/c50a909bcf8d41de00738630ed600b41.gif
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d62a4bf1dc477568fbac98a0d0768b41faa27f1beff4521fb4573ad721d089d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"67778146-51279"
age
2031
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=whrAiUszwkVS0sx53bwwtojpfa8Rhd9Rbguennk9xkRVV%2FUH3tJCU%2Fq3o%2FuPafD1NS2YJ3DrdJjWSnHyZCw0UwdQs9nvCJUzJW5PiWrDebJ6T3mzXDhP3cncfQdcMg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe5ec6e3e7c14f8-LAX
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
332409
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
image/gif
last-modified
Fri, 03 Jan 2025 06:18:46 GMT
server
cloudflare
vary
Accept-Encoding
gate.php
linkslot.ru/ 		2 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=c9ddcacfe5cfcbe9cfe7db95dad88e989fa99ba1b084a39e9798869c979aa28ad6e9dbdbd4d3c992a0939a928fe1ab92ad88d3d1d1e0dd8aea9f9fd997a69187c9d3dbd1cfe9cccbe5cae6979c9b9a9998a0928fd4e2d5dfd49388cfd4d0cf92ceceddcce19187cbcbddd4d7d7969aad92a0989598919b85ddd3cdcaeccaa19d9a9f919e9b8ddf99e3e2c5a4a0d4e1d2d2959aa29799aa91a2989798939b959aa29799aa9195988a8b94a298a0a49e9cb093a79a9f99
Requested by
Host: linkslot.ru
URL: https://linkslot.ru/bancode_new.php?id=357486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SrPiSdMuXgP5lVo%2FgJpnnKce3OeQdSv0tNeMOdF23%2FbNJq%2Fz8af6WRbxzcYfAYPMjkGdxDbxTy6%2BnBaVZ31uwZXzunackPnMZ1zFjiuksUeJBWDly%2FFJgx9ktdV2dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe5ec6e3dfc6a2b-LAX
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
text/html;charset=utf-8
x-powered-by
PHP/7.4.33
vary
accept-encoding
server
cloudflare
9cf01cb4fde4e9599d79d98dea62049b.gif
linkslot.ru/uploads/ 		240 KB
240 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/uploads/9cf01cb4fde4e9599d79d98dea62049b.gif
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
068daa03ed9e9a2b724eda3d4e2db15f9b76e18e9b2150c30743c513f3742576

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"6779843f-3beea"
age
3783
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ci%2FEIwfHxONjK%2FxovsXBhqIXAlNgCeyUEQTFTI2ho3SVYmISKzwU9L%2F%2BOtbxhRsLiKVo1YcvWxP4zrBnX6RJMHVk7ikLGXESCkJQ%2FyegtJUsSwadBkLIwgi%2BUH4ZcA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe5ec6e3e7e14f8-LAX
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
245482
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
image/gif
last-modified
Sat, 04 Jan 2025 18:55:59 GMT
server
cloudflare
vary
Accept-Encoding
gate.php
linkslot.ru/ 		2 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=c9ddcacfe5cfcbe9cfe7db95dad88e989fa99c99ac84a39e9798869c979aa28ad6e9dbdbd4d3c992a0939a928fe1ab92ad88d3d1d1e0dd8aea9f9fd997a69187c9d3dbd1cfe9cccbe5cae6979c9b9a9998a0928fd4e2d5dfd49388cfd4d0cf92ceceddcce19187cbcbddd4d7d7969aad92a0989598919b85ddd3cdcaeccaa19d9a9f919e9b8da3ced1aa96a5c9e1a09cd5999aa29799aa91a2989798939b959aa29799aa91a28b978b869c9c9da899a0ad97a49d99a096
Requested by
Host: linkslot.ru
URL: https://linkslot.ru/bancode_new.php?id=357502
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HFU1H8yxSQMLMaj4IqBM%2BvP63xoGIxqVhUBlNsNOvz8oWlNBoBp6JMXnWrFWVJexxLEZ9VkfxPB4pYVJ8K6VWgiKjSH8x0y%2BMeqh58jIDPVuwxTyNVaKGtatr7sWWg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe5ec6e3dfd6a2b-LAX
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
text/html;charset=utf-8
x-powered-by
PHP/7.4.33
vary
accept-encoding
server
cloudflare
5e17c9aebc085bb02c9042ff636c5a20.jpg
linkslot.ru/uploads/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/uploads/5e17c9aebc085bb02c9042ff636c5a20.jpg
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f914b35531e6dbe1445e0d632909b95258eec3653ea948377f6bf692447ad72

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"6762f612-5e76"
age
7121
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V27GmHfEopUVDa7Kdw5W2U7WiUdj22sSvshm17F9dxm9aSAj7eKY9pcZbKPLsif17DDyoyI94tf8g%2BfnbAE9y%2BtyBA1SdziLtUahQ6AIZ0rPZe7UtbYoZaNmeWGcQw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe5ec6e3e7f14f8-LAX
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
24182
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
image/jpeg
last-modified
Wed, 18 Dec 2024 16:19:30 GMT
server
cloudflare
vary
Accept-Encoding
sound1.mp3
adslinks.ru/sound/ 		36 KB
37 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://adslinks.ru/sound/sound1.mp3
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f66495c22da907eed8ff377a8c32b5b184272ddf5c24c558029c25166686c8a6

Request headers

Referer
https://freeshbonus.ru/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cf-cache-status
HIT
etag
"67039a22-9107"
age
2467
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cburyRs5EgCgpglo1JMBwFkwN2Sgir02Q7QlmCPJc0WFa3SsJ4ST1VkJclzkU7YkO0tw2qbvkKLZ66kI7mM3vXRhGHcKouAsx3agUPN4T6w%2Ff3viQIjOg5azhr1o9w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=71551&min_rtt=70785&rtt_var=1939&sent=27&recv=18&lost=0&retrans=0&sent_bytes=20849&recv_bytes=4950&delivery_rate=164791&cwnd=16800&unsent_bytes=0&cid=feca5349c3c34bc6&ts=929&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
audio/mpeg
last-modified
Mon, 07 Oct 2024 08:21:54 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 0-37126/37127
cf-ray
8fe5ec6e5e90dbdd-LAX
Content-Length
37127
server
cloudflare
gate.php
linkslot.ru/ 		2 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=c9ddcacfe5cfcbe9cfe7db95dad88e989fa99ba1b284a39e9798869c979aa28ad6e9dbdbd4d3c992a0939a928fe1ab92ad88d3d1d1e0dd8aea9f9fd997a69187c9d3dbd1cfe9cccbe5cae6979c9b9a9998a0928fd4e2d5dfd49388cfd4d0cf92ceceddcce19187cbcbddd4d7d7969aad92a0989598919b85ddd3cdcaeccaa19d9a9f919e9b8da4d9d9eec7dfa0d1d6d5dc959aa29799aa91a2989798939b959aa29799aa91a28b978b869c9c9da899a0ad97a49d9b9f98
Requested by
Host: linkslot.ru
URL: https://linkslot.ru/bancode_new.php?id=357488
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wzF%2FDZxkglnU2cS06ZrZuZk%2Ftqvq%2Fh46k0EGOf9TrGxYXbDaZ8i%2FWrbAnQmeJeacqaJO0XXBvqNeEXqtjeuvz3REnKJhBGfUy62geZ6mVpJOYAiKafMY1lQeP3wBpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe5ec6f7e086a2b-LAX
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
text/html;charset=utf-8
x-powered-by
PHP/7.4.33
vary
accept-encoding
server
cloudflare
844617c81ed96ed2df5c2611dfd02abe.gif
linkslot.ru/uploads/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/uploads/844617c81ed96ed2df5c2611dfd02abe.gif
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35fe8a20b9218d40916767647a6ece6ec087cc34592954921cce81e3751a3ac7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"677436b3-454e"
age
3783
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=heh57ib5NI5M3bjM6uegtgZ%2FsJkomWTUb3ZRaeSfIAJGCMILw3aVrs1fsGGVt5WpO0WwtKi2sfPTx%2B%2F5WrVRUGYUZ1BuZE7WKJOxCplQPNGHxmHqtDxwW7%2FAhSJhtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe5ec6f7e8a14f8-LAX
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
17742
date
Tue, 07 Jan 2025 18:13:45 GMT
content-type
image/gif
last-modified
Tue, 31 Dec 2024 18:23:47 GMT
server
cloudflare
vary
Accept-Encoding
uscl.nomobile.css
usocial.pro/usocial/css/ 		177 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://usocial.pro/usocial/css/uscl.nomobile.css?v=7.1.5
Requested by
Host: usocial.pro
URL: https://usocial.pro/usocial/usocial.share.js?js=7.1.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.100.122 , Russian Federation, ASN57724 (DDOS-GUARD DDOS-GUARD LTD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
890e694ea206b05b33e86a1f0c59b36aa3dca216351285598cd68454c6fb7ce8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

access-control-expose-headers
Content-Length,Content-Range
content-encoding
br
etag
"5e3977aa-2c212"
age
46
access-control-allow-methods
GET, POST, OPTIONS
date
Tue, 07 Jan 2025 18:12:59 GMT
content-type
text/css
last-modified
Tue, 04 Feb 2020 13:54:50 GMT
vary
Accept-Encoding
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
ddg-cache-status
HIT
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=300, public
access-control-allow-origin
*
content-length
17226
server
ddos-guard
uscl.woff2
usocial.pro/usocial/fonts/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://usocial.pro/usocial/fonts/uscl.woff2?n2tjsc
Requested by
Host: usocial.pro
URL: https://usocial.pro/usocial/css/uscl.nomobile.css?v=7.1.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.100.122 , Russian Federation, ASN57724 (DDOS-GUARD DDOS-GUARD LTD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
485e3c6dee567f7280fa8a0224612e00bfb502cc239e175deda45147339aba40
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://freeshbonus.ru
Referer
https://usocial.pro/usocial/css/uscl.nomobile.css?v=7.1.5

Response headers

access-control-expose-headers
Content-Length,Content-Range
content-encoding
gzip
etag
"6061dcb5-1aa0"
age
192
access-control-allow-methods
GET, POST, OPTIONS
date
Tue, 07 Jan 2025 18:10:34 GMT
content-type
font/woff2
vary
Accept-Encoding
last-modified
Mon, 29 Mar 2021 13:57:09 GMT
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
ddg-cache-status
HIT
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=300, public
accept-ranges
bytes
access-control-allow-origin
*
content-length
6839
server
ddos-guard
tag.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 		237 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Requested by
Host: usocial.pro
URL: https://usocial.pro/usocial/usocial.share.js?js=7.1.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1b0b36afbe725b222fceea90394667d8a3bcdf375faab8923db95cafad025ff0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"3b220-kROSxwoFlf0ZaTmfAAjKHMwV0sA"
age
11526
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Tue, 07 Jan 2025 18:13:46 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230100-FRA, cache-lax-kwhp1940061-LAX
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
89146
x-jsd-version
1.354.0
share.php
vk.com/ 		21 B
712 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/share.php?act=count&index=0&url=https://freeshbonus.ru/&callback=uSocialShare.uShare.CallbackRegistry.cb672744
Requested by
Host: usocial.pro
URL: https://usocial.pro/usocial/usocial.share.js?js=7.1.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS VKontakte Ltd, RU),
Reverse DNS
srv78-132-240-87.vk.com
Software
kittenx / KPHP/7.4.120595
Resource Hash
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

strict-transport-security
max-age=15768000
reporting-endpoints
default="https://vk.com/browser_reports?dest=default_reports"
x-frontend
front925304
cache-control
no-store
access-control-expose-headers
X-Frontend
content-encoding
gzip
x-trace-id
ctJ_prS7hdhgxbtjb3CZXJS-DoUrYQ
server-timing
tid;desc="ctJ_prS7hdhgxbtjb3CZXJS-DoUrYQ"
content-length
41
date
Tue, 07 Jan 2025 18:13:46 GMT
content-type
text/html; charset=windows-1251
x-powered-by
KPHP/7.4.120595
server
kittenx
dk
connect.ok.ru/ 		11 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.ok.ru/dk?st.cmd=extLike&tp=json&ref=https://freeshbonus.ru/
Requested by
Host: usocial.pro
URL: https://usocial.pro/usocial/usocial.share.js?js=7.1.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.20.155.208 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
ip208.155.odnoklassniki.ru
Software
apache /
Resource Hash
618de7d9f46f3f697d827a1b6d84974760d5deda62e4e592adaa3c646602a94c
Security Headers
Name Value
Content-Security-Policy default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru okcdn.ru http://*.okcdn.ru https://*.okcdn.ru mycdn.me http://*.mycdn.me https://*.mycdn.me http://st-ok.cdn-vk.ru https://st-ok.cdn-vk.ru wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://cdn.consentmanager.net https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru static.dzeninfra.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru okcdn.ru http://*.okcdn.ru https://*.okcdn.ru http://st-ok.cdn-vk.ru https://st-ok.cdn-vk.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://*.consentmanager.net https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru static.dzeninfra.ru; worker-src blob: 'self'; connect-src * wss: blob: data:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security max-age=63072000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

content-encoding
br
x-stateid
extLike
rendered-blocks
WidgetExtLike
x-content-type-options
nosniff
expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Tue, 07 Jan 2025 18:13:47 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
x-client-flags
ms:0;dcss:0;mpv2:1;dz:0;gwtrmhist:0
strict-transport-security
max-age=63072000;includeSubdomains;preload
content-security-policy
default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru okcdn.ru http://*.okcdn.ru https://*.okcdn.ru mycdn.me http://*.mycdn.me https://*.mycdn.me http://st-ok.cdn-vk.ru https://st-ok.cdn-vk.ru wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://cdn.consentmanager.net https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru static.dzeninfra.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru okcdn.ru http://*.okcdn.ru https://*.okcdn.ru http://st-ok.cdn-vk.ru https://st-ok.cdn-vk.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://*.consentmanager.net https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru static.dzeninfra.ru; worker-src blob: 'self'; connect-src * wss: blob: data:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
cache-control
no-cache, no-store
pragma
no-cache
access-control-allow-credentials
true
content-security-policy-report-only
default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
apache
share_count
connect.mail.ru/ 		68 B
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.mail.ru/share_count?url_list=https://freeshbonus.ru/&callback=0&func=mail&callback=uSocialShare.uShare.CallbackRegistry.cb142351
Requested by
Host: usocial.pro
URL: https://usocial.pro/usocial/usocial.share.js?js=7.1.5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.100.180.55 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
connect.mail.ru
Software
nginx /
Resource Hash
e4489db252abaf8b91ce8c0107ded1156c3b74524b16892269df6e222661d841
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

X-WebKit-CSP-Report-Only
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
Cache-Control
no-cache, no-store, must-revalidate, private
Connection
keep-alive
X-Content-Type-Options
nosniff
Content-Length
68
P3P
policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Date
Tue, 07 Jan 2025 18:13:46 GMT
X-XSS-Protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
Content-Type
text/javascript; charset=UTF-8
Server
nginx
X-Frame-Options
DENY
shares
usocial.pro/data/ 		43 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://usocial.pro/data/shares?providers=gPlus,fb,twi,lj&url=https://freeshbonus.ru/
Requested by
Host: usocial.pro
URL: https://usocial.pro/usocial/usocial.share.js?js=7.1.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.100.122 , Russian Federation, ASN57724 (DDOS-GUARD DDOS-GUARD LTD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard / PHP/7.4.24
Resource Hash
7029c09992798e0722a25acc01e12dfb2b640200ff86f0e9785fa6e39cc9a677
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
*
date
Tue, 07 Jan 2025 18:13:46 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
ddos-guard
x-powered-by
PHP/7.4.24
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Ffreeshbonus.ru%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Ffreeshbonus.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av...
440 B
794 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Ffreeshbonus.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A2%3Adp%3A0%3Als%3A400163314174%3Ahid%3A420879165%3Az%3A-600%3Ai%3A20250107081346%3Aet%3A1736273626%3Ac%3A1%3Arn%3A395885613%3Arqn%3A1%3Au%3A1736273626428411494%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1926%3Awv%3A2%3Ads%3A0%2C0%2C267%2C19%2C1070%2C0%2C%2C914%2C1%2C%2C%2C%2C2277%3Aco%3A0%3Acpf%3A1%3Ans%3A1736273622978%3Ast%3A1736273626&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2865536%29ti%281%29&redirnss=1
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
fdae0b3744aa241b9c5a80d851a41e76e961ae9b81fe580500121760adaa5f45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Tue, 07-Jan-2025 18:13:47 GMT
access-control-allow-origin
https://freeshbonus.ru
content-length
440
date
Tue, 07 Jan 2025 18:13:47 GMT
x-xss-protection
1; mode=block
last-modified
Tue, 07-Jan-2025 18:13:47 GMT
content-type
application/json; charset=utf-8

Redirect headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
/watch/3/1?wmode=7&page-url=https%3A%2F%2Ffreeshbonus.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A2%3Adp%3A0%3Als%3A400163314174%3Ahid%3A420879165%3Az%3A-600%3Ai%3A20250107081346%3Aet%3A1736273626%3Ac%3A1%3Arn%3A395885613%3Arqn%3A1%3Au%3A1736273626428411494%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1926%3Awv%3A2%3Ads%3A0%2C0%2C267%2C19%2C1070%2C0%2C%2C914%2C1%2C%2C%2C%2C2277%3Aco%3A0%3Acpf%3A1%3Ans%3A1736273622978%3Ast%3A1736273626&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2865536%29ti%281%29&redirnss=1
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials
true
expires
Tue, 07-Jan-2025 18:13:46 GMT
access-control-allow-origin
https://freeshbonus.ru
x-xss-protection
1; mode=block
date
Tue, 07 Jan 2025 18:13:46 GMT
last-modified
Tue, 07-Jan-2025 18:13:46 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
673 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
etag
"67655eba-2b"
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Tue, 07 Jan 2025 19:13:46 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Tue, 07 Jan 2025 18:13:46 GMT
content-type
image/gif
last-modified
Fri, 20 Dec 2024 12:10:34 GMT
1
mc.yandex.ru/watch/53858797/
Redirect Chain
  • https://mc.yandex.ru/watch/53858797?wmode=7&page-url=https%3A%2F%2Ffreeshbonus.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%...
  • https://mc.yandex.ru/watch/53858797/1?wmode=7&page-url=https%3A%2F%2Ffreeshbonus.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Al...
623 B
660 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/53858797/1?wmode=7&page-url=https%3A%2F%2Ffreeshbonus.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A1547771340036%3Ahid%3A420879165%3Az%3A-600%3Ai%3A20250107081346%3Aet%3A1736273626%3Ac%3A1%3Arn%3A533828096%3Arqn%3A1%3Au%3A1736273626428411494%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1926%3Awv%3A2%3Ads%3A0%2C0%2C267%2C19%2C1070%2C0%2C%2C914%2C1%2C%2C%2C%2C2277%3Aco%3A0%3Acpf%3A1%3Ans%3A1736273622978%3Arqnl%3A1%3Ast%3A1736273626%3At%3APayeer%20Bonus%20-%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20Payeer&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29&redirnss=1
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
5822b0e45fcaa5386fc415d016f9c3d50d723917cf39803e7e0a7a3723b8157a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Tue, 07-Jan-2025 18:13:47 GMT
access-control-allow-origin
https://freeshbonus.ru
content-length
623
date
Tue, 07 Jan 2025 18:13:47 GMT
x-xss-protection
1; mode=block
content-type
application/json; charset=utf-8
last-modified
Tue, 07-Jan-2025 18:13:47 GMT

Redirect headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
/watch/53858797/1?wmode=7&page-url=https%3A%2F%2Ffreeshbonus.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A1547771340036%3Ahid%3A420879165%3Az%3A-600%3Ai%3A20250107081346%3Aet%3A1736273626%3Ac%3A1%3Arn%3A533828096%3Arqn%3A1%3Au%3A1736273626428411494%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1926%3Awv%3A2%3Ads%3A0%2C0%2C267%2C19%2C1070%2C0%2C%2C914%2C1%2C%2C%2C%2C2277%3Aco%3A0%3Acpf%3A1%3Ans%3A1736273622978%3Arqnl%3A1%3Ast%3A1736273626%3At%3APayeer%20Bonus%20-%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20Payeer&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29&redirnss=1
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
expires
Tue, 07-Jan-2025 18:13:46 GMT
access-control-allow-origin
https://freeshbonus.ru
date
Tue, 07 Jan 2025 18:13:46 GMT
x-xss-protection
1; mode=block
last-modified
Tue, 07-Jan-2025 18:13:46 GMT
sync-loader.js
privacy-cs.mail.ru/static/ 		155 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privacy-cs.mail.ru/static/sync-loader.js
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:1148:1000:101:8:3:0:17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software
nginx /
Resource Hash
5e5ebd5298cb9dab18bda0c5076bb0c3422876cd52d442f2ff93564c071d786c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=600
Timing-Allow-Origin
*
Content-Encoding
gzip
Connection
keep-alive
Expires
Tue, 07 Jan 2025 18:23:46 GMT
Access-Control-Allow-Origin
*
Date
Tue, 07 Jan 2025 18:13:46 GMT
Content-Type
application/javascript;charset=UTF-8
Server
nginx
dyn-goal-config.js
top-fwz1.mail.ru/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/dyn-goal-config.js?ids=3077969
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
0e7e3045519beaff2095d4a64b8dfb1b581013eb5b8f4b3549983c69abe7139b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
content-encoding
gzip
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
x-content-type-options
nosniff
accept-ch-lifetime
86400
expires
Tue, 07 Jan 2025 18:23:46 GMT
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
date
Tue, 07 Jan 2025 18:13:46 GMT
content-type
application/javascript; charset=utf-8
access-control-allow-headers
*
cache-control
max-age=600, private
timing-allow-origin
*
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
access-control-allow-origin
*
server
nginx
counter
top-fwz1.mail.ru/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter?_=0.24484472910163402;id=3077969;u=https%3A//freeshbonus.ru/;title=Payeer%20Bonus%20-%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20Payeer;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=b1f1d0384a389286;ver=60.6.0;tz=600%2FPacific%2FHonolulu;st=1736273625255;ct=3322/3329/3329//2246;rt=2246/1026/0/0/0/2246/2246/2254/2254/2763/2508/2764/3268/3272;gl=u;ni=10//4g/250/0/;lvid=1736273626307%3A1736273626323%3A1%3A754d849ce1563360240353c1adfe5e7a;opts=jst-vk%2Ccnhp%3Dh2%2Ccs%3D19192-47083-19492;visible=true;js=13
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
x-content-type-options
nosniff
accept-ch-lifetime
86400
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
date
Tue, 07 Jan 2025 18:13:46 GMT
content-type
image/gif
access-control-allow-headers
*
cache-control
private, no-cache, no-store, max-age=0
timing-allow-origin
*
pragma
no-cache
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
access-control-allow-origin
*
content-length
43
server
nginx
metrika_match.html
mc.yandex.ru/metrika/ Frame 258B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/metrika_match.html
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://freeshbonus.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
2080
content-type
text/html
date
Tue, 07 Jan 2025 18:13:47 GMT
etag
"67655eba-820"
expires
Tue, 07 Jan 2025 19:13:47 GMT
last-modified
Fri, 20 Dec 2024 12:10:34 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain
  • https://mc.webvisor.org/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10611.qmRZ5eqaLUQ9LfZx_h0oA-8RocBoNSsKnp9_x6xudmf99oRYRwt9AnxtnfdE4P0N.J3p3cam07s-tLMBog9KcdwSHC5I%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=10611.XkZ0v_BCaC2lxTsueIroZQF4FZbOHz9JsqvGauYehfTKL-XnXY25MXTAKkGLePpKqGdVDwhMslJhfNkcGTSiEJ2uRxzc20pSQf4Ir4KRTwQhOUeexkjXloujawWsTC7FxTnTxCdN...
43 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/sync_cookie_image_decide?token=10611.XkZ0v_BCaC2lxTsueIroZQF4FZbOHz9JsqvGauYehfTKL-XnXY25MXTAKkGLePpKqGdVDwhMslJhfNkcGTSiEJ2uRxzc20pSQf4Ir4KRTwQhOUeexkjXloujawWsTC7FxTnTxCdNUTe41kVbu2W2c0VP1upvcwCw16gq9B8tjF7oYnIm3mtxIvObZw9kwPQ8z8vMSB1IDPlQrGZI7su0JIJzlEOB5w9k7PWI2YGcUzw%2C.z-5J-6jG1xopbPfoIrd9khpZ0eQ%2C
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
date
Tue, 07 Jan 2025 18:13:48 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
location
https://mc.webvisor.org/sync_cookie_image_decide?token=10611.XkZ0v_BCaC2lxTsueIroZQF4FZbOHz9JsqvGauYehfTKL-XnXY25MXTAKkGLePpKqGdVDwhMslJhfNkcGTSiEJ2uRxzc20pSQf4Ir4KRTwQhOUeexkjXloujawWsTC7FxTnTxCdNUTe41kVbu2W2c0VP1upvcwCw16gq9B8tjF7oYnIm3mtxIvObZw9kwPQ8z8vMSB1IDPlQrGZI7su0JIJzlEOB5w9k7PWI2YGcUzw%2C.z-5J-6jG1xopbPfoIrd9khpZ0eQ%2C
date
Tue, 07 Jan 2025 18:13:48 GMT
x-xss-protection
1; mode=block
/
privacy-cs.mail.ru/fp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://privacy-cs.mail.ru/fp/?id=3y2XDTyGzkxDhujhjxBHZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:1148:1000:101:8:3:0:17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://freeshbonus.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Method
POST
Access-Control-Allow-Origin
https://freeshbonus.ru
Access-Control-Max-Age
1728000
Cache-Control
max-age=7200
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
Date
Tue, 07 Jan 2025 18:13:48 GMT
Expires
Tue, 07 Jan 2025 20:13:48 GMT
Server
nginx
/
privacy-cs.mail.ru/fp/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://privacy-cs.mail.ru/fp/?id=3y2XDTyGzkxDhujhjxBHZ
Requested by
Host: privacy-cs.mail.ru
URL: https://privacy-cs.mail.ru/static/sync-loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:1148:1000:101:8:3:0:17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://freeshbonus.ru/

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=7200
Timing-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
Tue, 07 Jan 2025 20:13:48 GMT
Access-Control-Allow-Origin
https://freeshbonus.ru
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Date
Tue, 07 Jan 2025 18:13:48 GMT
Content-Type
application/octet-stream
Server
nginx
csp
csp.yahoo.com/beacon/ 		0
91 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.yahoo.com/beacon/csp?src=ats&site=news&region=US&lang=en-US&device=desktop&yrid=6o9nr8tivmg0j&partner=
Requested by
Host: freeshbonus.ru
URL: https://freeshbonus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:58:207::6000 , United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/csp-report
Referer
https://freeshbonus.ru/

Response headers

strict-transport-security
max-age=31536000
expires
-1
cache-control
no-store, no-cache, private, max-age=0
date
Tue, 07 Jan 2025 18:13:48 GMT
server
ATS
tracker
top-fwz1.mail.ru/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/tracker?_=0.5551557440504631;id=3077969;u=https%3A//freeshbonus.ru/;title=Payeer%20Bonus%20-%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%BD%D0%B0%20Payeer;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=b1f1d0384a389286;ver=60.6.0;tz=600%2FPacific%2FHonolulu;st=1736273625255;nt=0/0/1736273622978/////1070/1070/1070/1070/1070//1076/1344/1363/1364/2277/2278/2278/5776/5776/5776;ct=3322/3329/3329/3346/2246;rt=2246/1026/0/0/0/2246/2246/2254/2254/2763/2508/2764/3268/3272;gl=u;ni=10//4g/250/0/;detect=0;lvid=1736273626307%3A1736273628756%3A2%3A754d849ce1563360240353c1adfe5e7a;opts=jst-ym-vk%2Ccnhp%3Dh2%2Ccs%3D19192-47083-19492;fpid=3y2XDTyGzkxDhujhjxBHZ;visible=true;js=13;e=RT/load;et=1736273628754
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
x-content-type-options
nosniff
accept-ch-lifetime
86400
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
date
Tue, 07 Jan 2025 18:13:48 GMT
content-type
image/gif
access-control-allow-headers
*
cache-control
private, no-cache, no-store, max-age=0
timing-allow-origin
*
pragma
no-cache
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
access-control-allow-origin
*
content-length
43
server
nginx
favicon.ico
freeshbonus.ru/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://freeshbonus.ru/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.130.41.9 St Petersburg, Russian Federation, ASN198610 (BEGET-AS Beget LLC, RU),
Reverse DNS
Software
nginx-reuseport/1.21.1 /
Resource Hash
1485adaa0d00aeb48a5f50970e97ea625c458e835a0364bd8f1025344842dbe3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

cache-control
max-age=2592000
etag
"67626c0e-626"
expires
Thu, 06 Feb 2025 18:13:48 GMT
accept-ranges
bytes
content-length
1574
date
Tue, 07 Jan 2025 18:13:48 GMT
content-type
image/x-icon
last-modified
Wed, 18 Dec 2024 06:30:38 GMT
server
nginx-reuseport/1.21.1
context.js
yandex.ru/ads/system/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: privacy-cs.mail.ru
URL: https://privacy-cs.mail.ru/static/sync-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

x-robots-tag
noindex, noarchive, nofollow
x-yandex-req-id
1736273629552114-4904835425985630467-balancer-l7leveler-kubr-yp-klg-205-BAL
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
timing-allow-origin
*
content-encoding
br
cache-control
private, max-age=3600
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
etag
"d3781b7f0313be6cac5b084e257e4c1f-1183758"
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options
nosniff
expires
Tue, 07 Jan 2025 19:13:49 GMT
access-control-allow-origin
*
content-type
text/javascript; charset=utf-8
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		0
0
banner.php
traficstoc.ru/ 		3 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://traficstoc.ru/banner.php?user=489&ident=135&h=37054ee2151019bedaf4fa0afd01c37c
Requested by
Host: traficstoc.ru
URL: https://traficstoc.ru/banner.php?user=489
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.142.44.229 , Russian Federation, ASN210079 (EUROBYTE EuroByte LLC, RU),
Reverse DNS
free.eurobyte.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f9171164593756e56fb197327b529a4955590566560dbe62d586bff41be9d297
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000;
Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Access-Control-Allow-Origin
*
Date
Tue, 07 Jan 2025 18:13:50 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		2 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d2=c9ddcacfe5cfcbe9cfe7db95dad88e989fa99ba1b284a28b978b938e96a1a59d9bb194a89a9c9c9aa0
Requested by
Host: linkslot.ru
URL: https://linkslot.ru/bancode_new.php?id=357488
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://freeshbonus.ru/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kbp966xxCeWC8IHB81%2BPzs%2FMhIiLy5vJdjjYuWCUzEN9izYPw9PaBUiG%2F9rtHdgusG3wH%2BS4P3J%2BjRy%2FkP1vsiVVWHMp4nPZKeQ%2FWvFArPRDb%2FZ%2FnYVX8N8UPR0%2B3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8fe5ec8ebef36a2b-LAX
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 07 Jan 2025 18:13:50 GMT
content-type
text/html;charset=utf-8
x-powered-by
PHP/7.4.33
vary
accept-encoding
server
cloudflare
/
privacy-cs.mail.ru/fp/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://privacy-cs.mail.ru/fp/?id=3y2XDTyGzkxDhujhjxBHZ
Requested by
Host: privacy-cs.mail.ru
URL: https://privacy-cs.mail.ru/static/sync-loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:1148:1000:101:8:3:0:17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://freeshbonus.ru/

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=7200
Timing-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
Tue, 07 Jan 2025 20:13:51 GMT
Access-Control-Allow-Origin
https://freeshbonus.ru
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Date
Tue, 07 Jan 2025 18:13:51 GMT
Content-Type
application/octet-stream
Server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
z1530.takru.com
URL
http://z1530.takru.com/in.php?id=1538343
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=c9ddcacfe5cfcbe9cfe7db95dad88e98a0a79999ad84a28b978b938e96a1a59d9bb194a89a9c9c9aa0
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=c9ddcacfe5cfcbe9cfe7db95dad88e989fa99ba2b084a28b978b938e96a1a59d9bb194a89a9c9c9aa0
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=c9ddcacfe5cfcbe9cfe7db95dad88e989fa99ba1b184a28b978b938e96a1a59d9bb194a89a9c9c9aa0
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=c9ddcacfe5cfcbe9cfe7db95dad88e989fa99ba1ae84a28b978b938e96a1a59d9bb194a89a9c9c9aa0
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=c9ddcacfe5cfcbe9cfe7db95dad88e989fa99ba1b084a28b978b938e96a1a59d9bb194a89a9c9c9aa0
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=c9ddcacfe5cfcbe9cfe7db95dad88e989fa99c99ac84a28b978b938e96a1a59d9bb194a89a9c9c9aa0

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| usclHost object| checkDevice object| scrollToTop object| sendEventRequest object| uSocial string| _uSocialTool object| usclUtility object| ls_code function| lsOrder function| lsStHex function| LiNKsloT string| welcome string| lsGT string| lsPR function| lsRT object| lsHT object| lsDS object| lsDv string| lsLN string| lsID string| lsPD string| x string| lsRX number| lsT0 string| hash string| lsNA function| lsSF function| lsMF function| al_show_vit_3466 object| MyDiv3466 function| showinf3466 function| hideinf3466 function| DoRed function| LightLogo function| UnLightLogo object| arru3467 number| iup3467 function| rotban3467 function| rotate3467 function| showinf3467 function| hideinf3467 object| _tmr object| l_price function| listBlink function| Blinky object| traficstoc_block number| traficstoc_timer_r function| traficstoc_req object| traficstoc_http object| traficstoc_url object| traficstoc_banner number| traficstoc_timer_u function| traficstoc_update function| tTtspzBbnIxZa function| tTtspzBbnIxZb function| tTtspzBbnIxZ function| vpGbPiEoTpkIVdOa function| vpGbPiEoTpkIVdOb function| vpGbPiEoTpkIVdO object| adslinks_push_14538 string| uSocialShareInit object| TapEvents object| usclPolifyll object| uSocialShare function| mail function| lin function| printerest boolean| _uSocial_tap_events_ object| VK boolean| usclBookmarks string| usclPopupInit function| ym object| Ya object| yaCounter53858797 number| rb_sync_refresh_time object| rb_sync

35 Cookies

Domain/Path Name / Value
freeshbonus.ru/ Name: PHPSESSID
Value: 4a136c56f365b51b2cedd72bba9222c7
freeshbonus.ru/ Name: inv
Value: akbdakbajk
freeshbonus.ru/ Name: pushMBtime
Value: 1736273685
freeshbonus.ru/ Name: nova
Value: 2rptfm8jnrq000000000000000000000
.gohitstraffic.com/ Name: aso_ui
Value: 5rf9_sr9xax
.gohitstraffic.com/ Name: aso_ur
Value: tw3_sr9xax
.freeshbonus.ru/ Name: _ym_uid
Value: 1736273626428411494
.freeshbonus.ru/ Name: _ym_d
Value: 1736273626
.freeshbonus.ru/ Name: tmr_lvid
Value: 754d849ce1563360240353c1adfe5e7a
.freeshbonus.ru/ Name: tmr_lvidTS
Value: 1736273626307
.vk.com/ Name: remixlang
Value: 3
.vk.com/ Name: remixstlid
Value: 9084376220785256959_lxZUZWwPjnxZiTGRzZ9h3jkTZXPZqJAFYS4ZJxpAs3o
.yunaga.xyz/ Name: _trd_
Value: 9aaea3bede4e03
.yandex.ru/ Name: ymex
Value: 1767809626.yrts.1736273626#1767809626.yrtsi.1736273626
.yandex.ru/ Name: receive-cookie-deprecation
Value: 1
mc.yandex.ru/ Name: yabs-sid
Value: 216527931736273626
.yandex.ru/ Name: yuidss
Value: 4493592801736273626
.yunaga.xyz/ Name: _uqt3157949621
Value: 2
.yunaga.xyz/ Name: _uqp3178561817
Value: 2
.freeshbonus.ru/ Name: _ym_isad
Value: 2
.yandex.ru/ Name: bh
Value: KgI/MGDb3fW7Bg==
.yandex.ru/ Name: i
Value: AWfSJYDshTIjGz9wGAg6itD7koR2RqGTjLiqaUT27gE78f145DL2pYpUg4XEYCXWFYgcw9vo5O8Zz6zfnza9iVo0kqU=
.yandex.ru/ Name: yandexuid
Value: 1911003301736273627
.yandex.ru/ Name: yashr
Value: 7491236341736273627
freeshbonus.ru/ Name: domain_sid
Value: 3y2XDTyGzkxDhujhjxBHZ%3A1736273627791
.yahoo.com/ Name: A3
Value: d=AQABBNtufWcCECq4TNvREBF3nKwKcpm7I4kFEgEBAQHAfmeHZ9xV0iMA_eMAAA&S=AQAAAuokfFNEPUIHioAKW5rqXqk
.mc.webvisor.org/ Name: sync_cookie_csrf
Value: 208586559fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3378613059fake
freeshbonus.ru/ Name: tmr_detect
Value: 0%7C1736273628689
.webvisor.org/ Name: yandexuid
Value: 1911003301736273627
.webvisor.org/ Name: yuidss
Value: 1911003301736273627
.webvisor.org/ Name: i
Value: AWfSJYDshTIjGz9wGAg6itD7koR2RqGTjLiqaUT27gE78f145DL2pYpUg4XEYCXWFYgcw9vo5O8Zz6zfnza9iVo0kqU=
.mc.webvisor.org/ Name: sync_cookie_ok
Value: synced
top-fwz1.mail.ru/ Name: PVID
Value: 00I6rJ2WKBIT00002V0_DKoT:::0-0-0-c97c79a-0-c97c79c:CAASEHgPHtosubTpA9RlP_Ap5zEaYCdrGqMdSJpmDDNcZrovO7X89o5V403G2oiBKqmghOJOnM8XD8alrL20XDRCv4lVMiQ6yYN2247jDR_foczqNsf2MuGn4RvBxqx6lW09mQYBE_l77NnyJ3aOX1zgvQ1xXw
.mail.ru/ Name: VID
Value: 00I6rJ2WKBIT00002V0_DKoT:::0-0-0-c97c79a-0-c97c79c:CAASEHgPHtosubTpA9RlP_Ap5zEaYCdrGqMdSJpmDDNcZrovO7X89o5V403G2oiBKqmghOJOnM8XD8alrL20XDRCv4lVMiQ6yYN2247jDR_foczqNsf2MuGn4RvBxqx6lW09mQYBE_l77NnyJ3aOX1zgvQ1xXw

8 Console Messages

Source Level URL
Text
network error URL: https://freeshbonus.ru/jscript/theme-scripts.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://freeshbonus.ru/
Message:
Mixed Content: The page at 'https://freeshbonus.ru/' was loaded over HTTPS, but requested an insecure script 'http://z1530.takru.com/in.php?id=1538343'. This request has been blocked; the content must be served over HTTPS.
javascript info URL: https://privacy-cs.mail.ru/static/sync-loader.js(Line 4)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://privacy-cs.mail.ru/static/sync-loader.js(Line 4)
Message:
Failed to create WebGPU Context Provider
other warning URL: https://privacy-cs.mail.ru/static/sync-loader.js(Line 4)
Message:
Failed to parse video contentType: video/ogg; codecs=theora
rendering warning URL: https://freeshbonus.ru/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0305D034C100000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://freeshbonus.ru/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0605D034C100000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
security error
Message:
Refused to frame 'https://www.yahoo.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' https://*.builtbygirls.com https://*.rivals.com https://*.engadget.com https://*.intheknow.com https://*.autoblog.com https://*.techcrunch.com https://*.yahoo.com https://*.aol.com https://*.huffingtonpost.com https://*.oath.com https://*.search.yahoo.com https://*.pnr.ouryahoo.com https://pnr.ouryahoo.com https://*.search.aol.com https://*.search.huffpost.com https://*.onesearch.com https://*.verizonmedia.com https://*.publishing.oath.com https://cdn.taboola.com https://ads.taboola.com".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
ads-lot.ru
adslinks.ru
cdn.jsdelivr.net
connect.mail.ru
connect.ok.ru
csp.yahoo.com
fonts.googleapis.com
fonts.gstatic.com
freeshbonus.ru
linkslot.ru
mc.webvisor.org
mc.yandex.ru
privacy-cs.mail.ru
ssp.gohitstraffic.com
t.hawitu.click
t.yunaga.xyz
top-fwz1.mail.ru
traficstoc.ru
usocial.pro
vk.com
www.yahoo.com
yahoo.com
yandex.ru
z1530.takru.com
linkslot.ru
z1530.takru.com
104.21.16.1
104.21.32.1
142.250.176.195
172.67.150.197
172.67.186.160
185.129.100.122
195.201.106.161
2001:4998:124:1507::f000
2001:4998:14:800::1000
2001:4998:58:207::6000
213.239.209.209
217.20.155.208
2607:f8b0:4006:80a::200a
2a00:1148:1000:101:8:3:0:17
2a02:6b8::1:119
2a02:6b8:a::a
2a04:4e42::485
45.130.41.9
87.236.16.201
87.240.132.78
94.100.180.55
95.142.44.229
95.163.52.67
068daa03ed9e9a2b724eda3d4e2db15f9b76e18e9b2150c30743c513f3742576
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
0e7e3045519beaff2095d4a64b8dfb1b581013eb5b8f4b3549983c69abe7139b
0f9c08e52f08dd31f7f3c1355b1e7431860d2b249351bf3004b4e84cac2d0447
1485adaa0d00aeb48a5f50970e97ea625c458e835a0364bd8f1025344842dbe3
1b0b36afbe725b222fceea90394667d8a3bcdf375faab8923db95cafad025ff0
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b5e470414b8b5bb5c4e017e20233eb99ef6ae53a85afe29ddba7112741052c7
334cda11e7aa1e23faad3fb7eb37ec5a54c98e54291f4faa30aa4bd97db88e15
35fe8a20b9218d40916767647a6ece6ec087cc34592954921cce81e3751a3ac7
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
421e9b1393704f0e513979dcf909256ae00112fefb1a84086fb37751090268f9
46b63365458a67d58d183b5ceb6e164b3129de73003f2a8e7c50fd5345e5c57f
485e3c6dee567f7280fa8a0224612e00bfb502cc239e175deda45147339aba40
4a33cc4ac137df2dd60dfe31ee9fa4db6b54ed39b320aede4d18b8bd1542e760
4d0161250b4c4f0e0dc9dd998fe0b9070b633f78119efcc3a9a791beafab59c1
4f914b35531e6dbe1445e0d632909b95258eec3653ea948377f6bf692447ad72
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557f3d629cbf8c40716f4c9d7c0147dc3f904ab7bc90b75b43bdf46ff79aad51
5822b0e45fcaa5386fc415d016f9c3d50d723917cf39803e7e0a7a3723b8157a
5e5ebd5298cb9dab18bda0c5076bb0c3422876cd52d442f2ff93564c071d786c
5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29
604bb24675f5699e34f08b82bb092e0627e18120eff34453fb24dc09065447af
618de7d9f46f3f697d827a1b6d84974760d5deda62e4e592adaa3c646602a94c
63c390c5e6ee1838e846af4bd880eefc2a4983550a5732e613ec02d7fb6b3605
6b9ba3d5eebdbdc7ff85ffef1b0b50e9ab3d2d2410a4cc55c07127c9cadebe5c
6bbfb9155ed87a2560e7c7d9f959288e91cafbbff9e70512f5ff63db1bdad8df
6d222853a2831d7bdfdeda6ef4fdf5f582544eefcaf21b73d43ba617edb7cf88
7029c09992798e0722a25acc01e12dfb2b640200ff86f0e9785fa6e39cc9a677
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
890e694ea206b05b33e86a1f0c59b36aa3dca216351285598cd68454c6fb7ce8
8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f
91a0d35c160fb795d0c2649555317b63ed505194c91c20eecaffd4ec728dcbef
966141de5868172e08ababd702925b996116b39fed17232b7813c0809047f948
993bbdda280601c33ac5f6c657f06e09499320bdf5961bb0389c53dac04feb98
9eb4f895c771f8f687a9a2d3dde25b69fc7d379d4a4f378b3a4de117551cc420
a790c7ca1834a1eb1994853c060eb425f2ec733cb1bdba3ca2243406555a42fd
a7ec4df0d2a8fc433f54661a40bbfc83e1b2ccc08ebb2c1dc4b175280646b0cd
a9b3a29c20663e8c520e9a2148a131612f648bd7e959e131792fecd1b3849842
ab1dc4bdcd239cd0d211870064f9481caea7191febf67aa4301671d64ec6e8d4
b1fd035253e8bbbbcef42960620e41ad10dd103ce1bddd3d96a1c5e860ca32db
b30cc9dbb07bb3e59a775e3e7adae757ab6b5395ba9512dc196f44a0b943c830
b6cb38e7943cacaac857705ddf6e9534d8e60bf86006feea8a1737ddfa148ef9
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
be140b7e74e030e99980cc1c20468094a05f936e99ab14fb1ecd7405378eab5e
c98eb0703f0d0a8403fbebd11f2eda42b3d3979dd0f8fa16354b4c46e65cd122
ceb782093e496323fbb94d275ffc9a0a0a91bdcbcf0938eeb2267b72e3cbf4b3
d434797504ba8e4b42ed9564e329da97c03ac3c6d260314ba9823de9c962d59a
d62a4bf1dc477568fbac98a0d0768b41faa27f1beff4521fb4573ad721d089d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4489db252abaf8b91ce8c0107ded1156c3b74524b16892269df6e222661d841
f5e69d7e9f7113098b905a05d18bfcb07bc808a5f9dd5b7ba3a07e05cc551b71
f66495c22da907eed8ff377a8c32b5b184272ddf5c24c558029c25166686c8a6
f79d43d7d6bf15b53b40972dc4f9e3c3b629e0145efadf79daa83f2453557842
f9171164593756e56fb197327b529a4955590566560dbe62d586bff41be9d297
f96c8aa5eadbf98b155a0627034b14b6fdced2431dcd5e383eb957e42b7b9d9e
fb94868599f8740f7d32038a4eac40335531e142ff44afe99ccf042e0d78fcf0
fdae0b3744aa241b9c5a80d851a41e76e961ae9b81fe580500121760adaa5f45