urlscan.io logo urlscan.io
SecurityTrails logo

ww12.bonalluterser.com Open in urlscan Pro
13.248.148.254  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.manhwazmove.com/
Effective URL: http://ww12.bonalluterser.com/land?c=Ya2Z5eMs8dDwSurDBeNRVkw7YOA%3D
Submission: On February 18 via manual from TH — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 10 domains to perform 14 HTTP transactions. The main IP is 13.248.148.254, located in United States and belongs to AMAZON-02, US. The main domain is ww12.bonalluterser.com.
This is the only time ww12.bonalluterser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a07:7800::204 48254 (TWENTYI)
1 2 172.240.108.76 7979 (SERVERS-COM)
1 1 85.17.80.16 ()
1 1 172.234.25.151 63949 (AKAMAI-LI...)
3 13.248.148.254 16509 (AMAZON-02)
1 2600:3c02:1::... 63949 (AKAMAI-LI...)
1 2600:9000:225... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
14 8
1    2a07:7800::204 (United Kingdom)

ASN48254 (TWENTYI, GB)
www.manhwazmove.com
2    172.240.108.76 (United States)

ASN7979 (SERVERS-COM, US)
paintwandering.com
1    85.17.80.16 (Kortenhoef, Netherlands)

ASN- ()
cinsiant.com
1    172.234.25.151 (Chicago, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: stone02.parklogic.com
bonalluterser.com
3    13.248.148.254 (United States)

ASN16509 (AMAZON-02, US)
PTR: aba1c1ff9d2ec5376.awsglobalaccelerator.com
ww12.bonalluterser.com
1    2600:3c02:1::2d4f:f4d1 (Atlanta, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
parking3.parklogic.com
1    2600:9000:2250:b400:1d:4618:5c80:21 (United States)

ASN16509 (AMAZON-02, US)
d38psrni17bvxu.cloudfront.net
1    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.adsensecustomsearchads.com
Apex Domain
Subdomains		 Transfer
4 bonalluterser.com
bonalluterser.com
ww12.bonalluterser.com
9 KB
2 adsensecustomsearchads.com
www.adsensecustomsearchads.com — Cisco Umbrella Rank: 2783
55 KB
2 paintwandering.com
paintwandering.com
4 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 5091
598 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
52 KB
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
12 KB
1 parklogic.com
parking3.parklogic.com — Cisco Umbrella Rank: 325529
2 KB
1 cinsiant.com
cinsiant.com
537 B
1 manhwazmove.com
www.manhwazmove.com
323 B
0 proftrafficcounter.com Failed
proftrafficcounter.com Failed
14 10
Domain Requested by
3 ww12.bonalluterser.com ww12.bonalluterser.com
2 www.adsensecustomsearchads.com www.google.com
www.adsensecustomsearchads.com
2 paintwandering.com 1 redirects
1 partner.googleadservices.com www.google.com
1 www.google.com ww12.bonalluterser.com
1 d38psrni17bvxu.cloudfront.net ww12.bonalluterser.com
1 parking3.parklogic.com ww12.bonalluterser.com
parking3.parklogic.com
1 bonalluterser.com 1 redirects
1 cinsiant.com 1 redirects
1 www.manhwazmove.com 1 redirects
0 proftrafficcounter.com Failed paintwandering.com
14 11

This site contains no links.

Subject Issuer Validity Valid
paintwandering.com
R3		 2024-01-05 -
2024-04-04		 3 months crt.sh
*.parklogic.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-20 -
2025-02-19		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://ww12.bonalluterser.com/land?c=Ya2Z5eMs8dDwSurDBeNRVkw7YOA%3D
Frame ID: 887C507DFA0607AE4F71C86FA85AD79E
Requests: 12 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket011&client=dp-teaminternet09_3ph&r=m&hl=en&ivt=0&rpbu=http%3A%2F%2Fww12.bonalluterser.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NWQxYzZjZGM4ZTZhfHx8MTcwODI0NjczMy44MzE2fGEwNTEzZDA1NDY0MjlmYmI0ZWJiOGMxZWYyMjI2OTJmNWE4ZGZkZWF8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxkYTFkZDJmZGRjZGQzZDhjZTMwMmRlNmJjMDRiNmY5NDU1N2JhYmM3fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MHx8&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2204919519437054&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301383%2C17301437%2C17301439%2C17301442%2C71847096&format=r3%7Cs&nocache=251708246734196&num=0&output=afd_ads&domain_name=ww12.bonalluterser.com&v=3&bsl=8&pac=2&u_his=5&u_tz=0&dt=1708246734197&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=754&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=607429171&rurl=http%3A%2F%2Fww12.bonalluterser.com%2Fland%3Fc%3DYa2Z5eMs8dDwSurDBeNRVkw7YOA%253D
Frame ID: 4EA0D2D28B25EF81A37A3958B3BE982A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.manhwazmove.com/ HTTP 301
    https://paintwandering.com/rq3m2p3i28?key=37ed3e25f64c36a60a6665b06b6e083f Page URL
  2. https://paintwandering.com/api/users?token=L3JxM20ycDNpMjg_a2V5PTM3ZWQzZTI1ZjY0YzM2YTYwYTY2NjViMDZiNmUw... HTTP 302
    https://cinsiant.com/click.php?key=ytrec1zvfwt6ui7er4c7&SUB_ID_SHORT=34da8a6103a689c38941aec1142f... HTTP 302
    https://bonalluterser.com/land?c=Ya2Z5eMs8dDwSurDBeNRVkw7YOA%3D HTTP 302
    http://ww12.bonalluterser.com/land?c=Ya2Z5eMs8dDwSurDBeNRVkw7YOA%3D Page URL

Page Statistics

14
Requests

36 %
HTTPS

60 %
IPv6

10
Domains

11
Subdomains

8
IPs

4
Countries

133 kB
Transfer

330 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.manhwazmove.com/ HTTP 301
    https://paintwandering.com/rq3m2p3i28?key=37ed3e25f64c36a60a6665b06b6e083f Page URL
  2. https://paintwandering.com/api/users?token=L3JxM20ycDNpMjg_a2V5PTM3ZWQzZTI1ZjY0YzM2YTYwYTY2NjViMDZiNmUwODNmJnBzdD0xNzA4MjQ2NzkwJnJtdGM9dCZzaHU9YjhkYzU2Y2Q3OGRjNGJlYThhOTU2NmI4NTU0YzUxMmVkNDZjZmY3ZGFlODkyOWY1MTVmMDJjYTFhMmI5OWE0ZGE1ODkxZWQ1MTY3NzU5NGZlMjdjMzA0ZGZkMDQ4ODVmMTYwMThhOTM0N2FlNmZhOWY0NTNiYTRmZjNlZjFhYzRhMGU5ZWI2ODVlMmM2ODI3ODgyY2FhNzI3OTVmMjVmYjk2YTMxMWRlMzAwMmMyN2U2YTRmMDFlYjJjMGYxNDdkZTg%3D&uuid=&pii=&in=false HTTP 302
    https://cinsiant.com/click.php?key=ytrec1zvfwt6ui7er4c7&SUB_ID_SHORT=34da8a6103a689c38941aec1142f23a6&PLACEMENT_ID=20589683&CAMPAIGN_ID=820175&PUBLISHER_ID=445872&ZONE_ID=1826501 HTTP 302
    https://bonalluterser.com/land?c=Ya2Z5eMs8dDwSurDBeNRVkw7YOA%3D HTTP 302
    http://ww12.bonalluterser.com/land?c=Ya2Z5eMs8dDwSurDBeNRVkw7YOA%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.manhwazmove.com/ HTTP 301
  • https://paintwandering.com/rq3m2p3i28?key=37ed3e25f64c36a60a6665b06b6e083f

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
rq3m2p3i28
paintwandering.com/
Redirect Chain
  • http://www.manhwazmove.com/
  • https://paintwandering.com/rq3m2p3i28?key=37ed3e25f64c36a60a6665b06b6e083f
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paintwandering.com/rq3m2p3i28?key=37ed3e25f64c36a60a6665b06b6e083f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
51192c425965b6c9a9fc34bef42ae47efc44f7312bec5201df9569086e73b2ea
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 18 Feb 2024 08:58:50 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server
nginx/1.21.6
Strict-Transport-Security
max-age=0; includeSubdomains
Transfer-Encoding
chunked
X-Request-ID
978456d96e683364a9f4462def29c273

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Sun, 18 Feb 2024 08:58:47 GMT
location
https://paintwandering.com/rq3m2p3i28?key=37ed3e25f64c36a60a6665b06b6e083f
server
Apache
transfer-encoding
chunked
x-cdn-cache-status
HIT
x-cdn-node-is-at-origin
1
x-origin-cache-status
HIT
x-via
LHR1
stats
proftrafficcounter.com/ 		0
0
Primary Request land
ww12.bonalluterser.com/
Redirect Chain
  • https://paintwandering.com/api/users?token=L3JxM20ycDNpMjg_a2V5PTM3ZWQzZTI1ZjY0YzM2YTYwYTY2NjViMDZiNmUwODNmJnBzdD0xNzA4MjQ2NzkwJnJtdGM9dCZzaHU9YjhkYzU2Y2Q3OGRjNGJlYThhOTU2NmI4NTU0YzUxMmVkNDZjZmY3ZG...
  • https://cinsiant.com/click.php?key=ytrec1zvfwt6ui7er4c7&SUB_ID_SHORT=34da8a6103a689c38941aec1142f23a6&PLACEMENT_ID=20589683&CAMPAIGN_ID=820175&PUBLISHER_ID=445872&ZONE_ID=1826501
  • https://bonalluterser.com/land?c=Ya2Z5eMs8dDwSurDBeNRVkw7YOA%3D
  • http://ww12.bonalluterser.com/land?c=Ya2Z5eMs8dDwSurDBeNRVkw7YOA%3D
18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ww12.bonalluterser.com/land?c=Ya2Z5eMs8dDwSurDBeNRVkw7YOA%3D
Protocol
HTTP/1.1
Server
13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
nginx /
Resource Hash
d434a48f22ae72d79ba5e9e8de26dbf98b78f83ed21738c88a712eaaa1e94920

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-CH
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime
30
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 18 Feb 2024 08:58:53 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_lUZFpsgVg/E6VKbnCUjTaFxIKfVkfxYoLZ49B/Gt9zKl903pQbUb5aVTMnjxbCbu3urTI1S+8twqMSI5tr7DPg==
X-Buckets
bucket011
X-Domain
bonalluterser.com
X-Language
english
X-Subdomain
ww12
X-Template
tpl_CleanPeppermintBlack_twoclick

Redirect headers

cache-control
no-cache
content-length
0
location
http://ww12.bonalluterser.com/land?c=Ya2Z5eMs8dDwSurDBeNRVkw7YOA%3D
enhance.js
parking3.parklogic.com/page/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://parking3.parklogic.com/page/enhance.js?pcId=12&pId=1129&domain=bonalluterser.com
Requested by
Host: ww12.bonalluterser.com
URL: http://ww12.bonalluterser.com/land?c=Ya2Z5eMs8dDwSurDBeNRVkw7YOA%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:3c02:1::2d4f:f4d1 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash
c8dd070ab6de5d05faf0406070797a9a044492a6030a3e3d49126b26b0b15150

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ww12.bonalluterser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 08:58:54 GMT
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
connection
close
x-powered-by
PHP/5.5.38
transfer-encoding
chunked
content-type
text/javascript;charset=UTF-8
track.php
ww12.bonalluterser.com/ 		0
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww12.bonalluterser.com/track.php?domain=bonalluterser.com&toggle=browserjs&uid=MTcwODI0NjczMy44MjI5OjFiMGEwZWI0MjJjZjQ0MDNhMGY1MjY4MTFiMDJhMmI1NWI0M2NlOWQ2NjM3ZjVlMTIzNGYyNWFlY2Y4MmIwOWQ6NjVkMWM2Y2RjOGU5OA%3D%3D
Requested by
Host: ww12.bonalluterser.com
URL: http://ww12.bonalluterser.com/land?c=Ya2Z5eMs8dDwSurDBeNRVkw7YOA%3D
Protocol
HTTP/1.1
Server
13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ww12.bonalluterser.com/land?c=Ya2Z5eMs8dDwSurDBeNRVkw7YOA%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Sun, 18 Feb 2024 08:58:53 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
browserjs
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
Connection
keep-alive
arrows.png
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
Requested by
Host: ww12.bonalluterser.com
URL: http://ww12.bonalluterser.com/land?c=Ya2Z5eMs8dDwSurDBeNRVkw7YOA%3D
Protocol
HTTP/1.1
Server
2600:9000:2250:b400:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ww12.bonalluterser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Sat, 17 Feb 2024 17:26:37 GMT
Via
1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
Last-Modified
Thu, 23 Jun 2022 10:44:43 GMT
Server
nginx
X-Amz-Cf-Pop
FRA60-P2
Age
55937
ETag
"62b4441b-2c6f"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11375
X-Amz-Cf-Id
gSwVxj5eI6Ivx1X_OLp-MVzrGWk5jTJ1o3z91mALAGL5Omr1ixm5PA==
ls.php
ww12.bonalluterser.com/ 		16 B
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww12.bonalluterser.com/ls.php?t=65d1c6cd&token=da1dd2fddcdd3d8ce302de6bc04b6f94557babc7
Requested by
Host: ww12.bonalluterser.com
URL: http://ww12.bonalluterser.com/land?c=Ya2Z5eMs8dDwSurDBeNRVkw7YOA%3D
Protocol
HTTP/1.1
Server
13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
nginx /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ww12.bonalluterser.com/land?c=Ya2Z5eMs8dDwSurDBeNRVkw7YOA%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Sun, 18 Feb 2024 08:58:54 GMT
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding
chunked
Accept-CH-Lifetime
30
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Methods
POST, OPTIONS
Charset
utf-8
Access-Control-Max-Age
86400
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Pd3der5XPiGrsAhzdWR1c0GmtWP3KJAVzx8afd2nmtD9U8V0vjLWtWm53pL4SCBKmsG7hJ7YKZSwSrk6J7tBzQ==
Connection
keep-alive
X-Log-Success
65d1c6cea4f0f61fa709a72d
caf.js
www.google.com/adsense/domains/ 		141 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.google.com/adsense/domains/caf.js?abp=1
Requested by
Host: ww12.bonalluterser.com
URL: http://ww12.bonalluterser.com/land?c=Ya2Z5eMs8dDwSurDBeNRVkw7YOA%3D
Protocol
HTTP/1.1
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a40eb390a823b632c1e75a894562f7e160d1445e676a7fe259627ffd8e6faab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ww12.bonalluterser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Sun, 18 Feb 2024 08:58:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="ads-afs-ui"
ETag
"14970858044605457239"
Vary
Accept-Encoding
Report-To
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Accept-Ranges
bytes
Link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
Expires
Sun, 18 Feb 2024 08:58:54 GMT
cookie.js
partner.googleadservices.com/gampad/ 		388 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ww12.bonalluterser.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie
Requested by
Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js?abp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d30a80ef419bdcb791bcf90eb8646da4bc320ff88adb9c78b320e2abfbd510e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ww12.bonalluterser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 08:58:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
245
x-xss-protection
0
ads
www.adsensecustomsearchads.com/afs/ Frame 4EA0 		14 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket011&client=dp-teaminternet09_3ph&r=m&hl=en&ivt=0&rpbu=http%3A%2F%2Fww12.bonalluterser.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NWQxYzZjZGM4ZTZhfHx8MTcwODI0NjczMy44MzE2fGEwNTEzZDA1NDY0MjlmYmI0ZWJiOGMxZWYyMjI2OTJmNWE4ZGZkZWF8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxkYTFkZDJmZGRjZGQzZDhjZTMwMmRlNmJjMDRiNmY5NDU1N2JhYmM3fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MHx8&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2204919519437054&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301383%2C17301437%2C17301439%2C17301442%2C71847096&format=r3%7Cs&nocache=251708246734196&num=0&output=afd_ads&domain_name=ww12.bonalluterser.com&v=3&bsl=8&pac=2&u_his=5&u_tz=0&dt=1708246734197&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=754&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=607429171&rurl=http%3A%2F%2Fww12.bonalluterser.com%2Fland%3Fc%3DYa2Z5eMs8dDwSurDBeNRVkw7YOA%253D
Requested by
Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js?abp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e4cdfcb78393a0d22dcf83b8b4e0660d3cee0d710180d73e63be81ac6f8ca697
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-sgHBs-zq0OcRz0fvvNDCtw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Referer
http://ww12.bonalluterser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
2878
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-sgHBs-zq0OcRz0fvvNDCtw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Sun, 18 Feb 2024 08:58:54 GMT
expires
Sun, 18 Feb 2024 08:58:54 GMT
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
scribe.php
parking3.parklogic.com/page/ 		0
0
hero_nc.svg
parking3.parklogic.com/page/images/pe262/ 		0
0
caf.js
www.adsensecustomsearchads.com/adsense/domains/ Frame 4EA0 		141 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.adsensecustomsearchads.com/adsense/domains/caf.js?pac=2
Requested by
Host: www.adsensecustomsearchads.com
URL: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=1167268112&pcsa=false&channel=000001%2Cbucket011&client=dp-teaminternet09_3ph&r=m&hl=en&ivt=0&rpbu=http%3A%2F%2Fww12.bonalluterser.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NWQxYzZjZGM4ZTZhfHx8MTcwODI0NjczMy44MzE2fGEwNTEzZDA1NDY0MjlmYmI0ZWJiOGMxZWYyMjI2OTJmNWE4ZGZkZWF8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxkYTFkZDJmZGRjZGQzZDhjZTMwMmRlNmJjMDRiNmY5NDU1N2JhYmM3fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MHx8&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2204919519437054&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301383%2C17301437%2C17301439%2C17301442%2C71847096&format=r3%7Cs&nocache=251708246734196&num=0&output=afd_ads&domain_name=ww12.bonalluterser.com&v=3&bsl=8&pac=2&u_his=5&u_tz=0&dt=1708246734197&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=754&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=607429171&rurl=http%3A%2F%2Fww12.bonalluterser.com%2Fland%3Fc%3DYa2Z5eMs8dDwSurDBeNRVkw7YOA%253D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
372572136c2e72d8ebdc7bf03b60873a5a46b856b6db5ed83cf74ab96e38cf92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.adsensecustomsearchads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 08:58:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"4183447994535088320"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
expires
Sun, 18 Feb 2024 08:58:54 GMT
track.php
ww12.bonalluterser.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
proftrafficcounter.com
URL
https://proftrafficcounter.com/stats
Domain
parking3.parklogic.com
URL
https://parking3.parklogic.com/page/scribe.php?pcId=12&domain=bonalluterser.com&pId=1129&usid=null&utid=null&query=null&domainJs=ww12.bonalluterser.com&path=/land&ss=true&lp=1
Domain
parking3.parklogic.com
URL
https://parking3.parklogic.com/page/images/pe262/hero_nc.svg
Domain
ww12.bonalluterser.com
URL
http://ww12.bonalluterser.com/track.php?domain=bonalluterser.com&caf=1&toggle=answercheck&answer=yes&uid=MTcwODI0NjczMy44MjI5OjFiMGEwZWI0MjJjZjQ0MDNhMGY1MjY4MTFiMDJhMmI1NWI0M2NlOWQ2NjM3ZjVlMTIzNGYyNWFlY2Y4MmIwOWQ6NjVkMWM2Y2RjOGU5OA%3D%3D

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Domain/Path Name / Value
paintwandering.com/api Name: iprccda664496ed837ecb88a0a244f72eb73
Value: 4995813
paintwandering.com/api Name: pdhtkv
Value: true
paintwandering.com/api Name: uncs
Value: 1
paintwandering.com/api Name: pdhtkv28
Value: true
paintwandering.com/api Name: uncs28
Value: 1
paintwandering.com/ Name: u_pl
Value: 20589683
paintwandering.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDU4OTY4MywiayI6IjM3ZWQzZTI1ZjY0YzM2YTYwYTY2NjViMDZiNmUwODNmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODI2NTAxLCJwaWQiOjQ0NTg3MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozOCwiYWlkIjoyOCwicHQiOjQsInBrIjoicnEzbTJwM2kyOCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyMTk1MDkwOTAsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzA3NTUsImJuIjoiQ2hyb21lIiwiYnYiOiIxMjEiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjo3NywiYyI6IkdCIiwibiI6IlVuaXRlZCBLaW5nZG9tIn0sImEiOmZhbHNlLCJjciI6eyJuIjoiQnJpdGlzaCBUZWxlY29tbXVuaWNhdGlvbnMgUExDIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIiwiYXIiOltdfX0.m-hv5VJcZyi317va7HSuPbxC_5kagJ2VbLF_Rgd20PI
paintwandering.com/ Name: cjs
Value: t
cinsiant.com/ Name: uclick
Value: h97sa5wh9z
cinsiant.com/ Name: uclickhash
Value: h97sa5wh9z-h97sa5wh9z-2ttwvr-wf8pbl-ydxibl-gxfntw-gxfn4k-3371b7
.bonalluterser.com/ Name: __gsas
Value: ID=cb92e0e81a5d6328:T=1708246734:RT=1708246734:S=ALNI_MafPJRR3tnnYDbKyZKRpooLGcM50Q

1 Console Messages

Source Level URL
Text
other warning URL: http://www.google.com/adsense/domains/caf.js?abp=1(Line 200)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubdomains