bonus.gb1t.ru Open in urlscan Pro
2a00:f940:2:2:1:4:0:106 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://neon.autos/0.5536608338576285
Effective URL:
https://bonus.gb1t.ru/traff.php
Submission: On May 04 via api (May 4th 2024, 10:52:21 pm UTC) from US — Scanned from DE

Summary HTTP 37 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 11 domains to perform 37 HTTP transactions. The main IP is 2a00:f940:2:2:1:4:0:106, located in Russian Federation and belongs to AS-REG, RU. The main domain is bonus.gb1t.ru.
TLS certificate: Issued by R3 on April 19th 2024. Valid for: 3 months.

This is the only time bonus.gb1t.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	81.177.141.232 81.177.141.232	8342 (RTCOMM-AS) (RTCOMM-AS)
1 1	213.183.48.30 213.183.48.30	56630 (MELBICOM-...) (MELBICOM-EU-AS Melbikomas UAB)
1 1	2a00:f940:2:2... 2a00:f940:2:2:1:1:0:46	197695 (AS-REG) (AS-REG)
4	2a00:f940:2:2... 2a00:f940:2:2:1:4:0:106	197695 (AS-REG) (AS-REG)
21	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
3	172.67.200.135 172.67.200.135	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	136.243.11.250 136.243.11.250	24940 (HETZNER-AS) (HETZNER-AS)
3	167.235.119.89 167.235.119.89	24940 (HETZNER-AS) (HETZNER-AS)
37	7

1 81.177.141.232 (Russian Federation) 1 redirects

ASN8342 (RTCOMM-AS, RU)

neon.autos	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.183.48.30 (Moscow, Russian Federation) 1 redirects

ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT)
PTR: vm612898.melbi.space

neon.today	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:f940:2:2:1:1:0:46 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)

seo-act.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:f940:2:2:1:4:0:106 (Russian Federation)

ASN197695 (AS-REG, RU)

bonus.gb1t.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

linkslot.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.200.135 (United States)

ASN13335 (CLOUDFLARENET, US)

webtrafic.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.11.250 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.11.243.136.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.235.119.89 (Bühl, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.89.119.235.167.clients.your-server.de

bnster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cookie.co1linesu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	linkslot.ru linkslot.ru — Cisco Umbrella Rank: 790137	84 KB
4	gb1t.ru bonus.gb1t.ru	206 KB
3	webtrafic.ru webtrafic.ru — Cisco Umbrella Rank: 877663	34 KB
2	bnster.com bnster.com	30 KB
2	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 34036
1	co1linesu.ru cookie.co1linesu.ru	395 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 776	30 KB
1	seo-act.ru 1 redirects seo-act.ru	174 B
1	neon.today 1 redirects neon.today — Cisco Umbrella Rank: 978361	194 B
1	neon.autos 1 redirects neon.autos	143 B
0	googleapis.com Failed ajax.googleapis.com Failed fonts.googleapis.com Failed
37	11

	Domain	Requested by
21	linkslot.ru	bonus.gb1t.ru linkslot.ru
4	bonus.gb1t.ru	bonus.gb1t.ru
3	webtrafic.ru	bonus.gb1t.ru webtrafic.ru
2	bnster.com	bonus.gb1t.ru bnster.com
2	ad.a-ads.com	bonus.gb1t.ru
1	cookie.co1linesu.ru	bnster.com
1	code.jquery.com	bonus.gb1t.ru
1	seo-act.ru	1 redirects
1	neon.today	1 redirects
1	neon.autos	1 redirects
0	fonts.googleapis.com Failed	bonus.gb1t.ru
0	ajax.googleapis.com Failed	bonus.gb1t.ru
37	12

This site contains links to these domains. Also see Links.

Domain
linkslot.ru
dsiofhdoj.com
news-tds.xyz
neon.autos
webtrafic.ru

Subject Issuer	Validity	Valid
bonus.gb1t.ru R3	`2024-04-19` - `2024-07-18`	3 months	crt.sh
linkslot.ru E1	`2024-04-16` - `2024-07-15`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
webtrafic.ru GTS CA 1P5	`2024-03-15` - `2024-06-13`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-27` - `2025-01-26`	a year	crt.sh
bnster.com R3	`2024-03-12` - `2024-06-10`	3 months	crt.sh
cookie.co1linesu.ru R3	`2024-03-12` - `2024-06-10`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://bonus.gb1t.ru/traff.php
Frame ID: 532E59FEED3E52DA380D585612F05DA0
Requests: 34 HTTP requests in this frame

Frame: https://ad.a-ads.com/335460?size=200x200
Frame ID: 2E1BA3953045D69D91F3CFB29472088F
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/335472?size=200x200
Frame ID: 5F37E34EE0095E1C3ED25F1F9AE0C093
Requests: 1 HTTP requests in this frame

Frame: https://webtrafic.ru/
Frame ID: 667886A740E4F3F685D28E32D17ED983
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://neon.autos/0.5536608338576285 HTTP 307
https://neon.autos/0.5536608338576285 HTTP 301
https://neon.today/ptp/v/0.5536608338576285 HTTP 302
https://seo-act.ru/?key=1 HTTP 302
http://bonus.gb1t.ru/traff.php HTTP 307
https://bonus.gb1t.ru/traff.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

92 %
HTTPS

33 %
IPv6

11
Domains

12
Subdomains

7
IPs

4
Countries

385 kB
Transfer

781 kB
Size

19
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://linkslot.ru/banner?id=119448

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=119447

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=119443

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=124327

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=119445

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=119446

Search URL Search Domain Scan URL

URL: http://linkslot.ru/link.php?id=119794
Title: Купить ссылку здесь за 5 руб.

Search URL Search Domain Scan URL

URL: http://linkslot.ru/?ref=lzip
Title: Поставить к себе на сайт

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=124324

Search URL Search Domain Scan URL

URL: http://dsiofhdoj.com/cs?wsa=642867a3e299d201357034
Title: Adsteroid

Search URL Search Domain Scan URL

URL: https://news-tds.xyz/?p=ZjBiYjcyNzE3ZGU3YTI0Njk5ZmYxZmFjMzY5ZTZlNDN8MzkxNDg2fEdlbkxpbmt8fDEwMDB8OTAzNjY4NTk=&v=2&poid=0&coid=0
Title: traffstock

Search URL Search Domain Scan URL

URL: https://neon.autos/24633
Title: Neon

Search URL Search Domain Scan URL

URL: https://webtrafic.ru/reklama?uid=1150
Title: Реклама 3.00 RUB за 1000 уникальных просмотров.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://neon.autos/0.5536608338576285 HTTP 307
https://neon.autos/0.5536608338576285 HTTP 301
https://neon.today/ptp/v/0.5536608338576285 HTTP 302
https://seo-act.ru/?key=1 HTTP 302
http://bonus.gb1t.ru/traff.php HTTP 307
https://bonus.gb1t.ru/traff.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request traff.php Show response
bonus.gb1t.ru/
Redirect Chain

http://neon.autos/0.5536608338576285
https://neon.autos/0.5536608338576285
https://neon.today/ptp/v/0.5536608338576285
https://seo-act.ru/?key=1
http://bonus.gb1t.ru/traff.php
https://bonus.gb1t.ru/traff.php

7 KB
3 KB

632ms
280ms

Document
text/html

2a00:f940:2:2:1:4:0:106
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://bonus.gb1t.ru/traff.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:106 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx / PHP/5.6.36
Resource Hash: d5784c1baf3f00296c072c245efaf170e27abf406dff0c9d9e3ac68ad485e4a2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 22:52:16 GMT
server: nginx
x-powered-by: PHP/5.6.36

Redirect headers

Location: https://bonus.gb1t.ru/traff.php
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css.css
bonus.gb1t.ru/ 6 KB
2 KB 108ms
107ms Stylesheet
text/css 2a00:f940:2:2:1:4:0:106
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://bonus.gb1t.ru/css.css
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:106 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: ffdfb3d5d60fee4467f8d997f406fec864cd6e2a5bebb80f5efba35cef330706

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 22:52:16 GMT
content-encoding: gzip
last-modified: Sun, 05 Jun 2016 18:00:42 GMT
server: nginx
content-type: text/css

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 147ms
92ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=119448
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 017d075c0bf8033207cdf4b6564011b97b62e905ad7e246e51c858582cb5493d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 04 May 2024 22:52:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ivHknLe5f%2FCXMPL75rWQJ82pyuXrnNrtp%2BH%2Fj%2BZp2YkTZ0ybOZJGzA0NSjzTVovQV9%2B9ZkE%2BzCrLtgJaNyLszzHuC%2FrdUUH7XVXcct0vUOqiTOuKFOcFXVrwunYAvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 87ec0f6b4c454db7-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 129ms
127ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=119447
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a72bb689f023b1207ec6e237da47771fe90319f48eff041e750c66fc29ce3011

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 04 May 2024 22:52:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B3BFqW8yaJHRfwS50XMYJ1m47z3XvgUKSvhhwEMFmAC9S1VjwB%2BE5Im0NjtW5uWRgU3VtNQO%2F31%2FCQsUWVjSwMZPbnZu%2FEJsL7FE8L%2B4gW2Txj%2F9JcG2SGp99RSh4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 87ec0f6bac9f4db7-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 129ms
128ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=119443
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35e2345840911a278fdf3c98e429716d241b148086fd67b2a2004dfb34138165

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 04 May 2024 22:52:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D13jgi0rcvOImaHtNJdeA9uYcFEy7ezl9MQ%2BqhzNZNxgqSKAlWF9Q3K4IsqgGWiuQL9TS0bm2tnCRwuZkXjQmd4w8%2F4lGP8sgz%2BI5LN4%2FxPOo6J%2F1NxxKC57qubcxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 87ec0f6baca04db7-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 130ms
128ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=124327
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c127996f2c2e75ef1766d2d59b77d567a8cce7bbcae48321bac008cdde42dd80

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 04 May 2024 22:52:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qX7fRzwoWOXPMTEmtXZGIsVjqXLUwn42cgcZ1N7fvw35UTJmEVgJkmelVT0azKJevda5hOWpKMf%2BKvsvn2zuMsfzTQhuDQKwWyznBRbzxVSTHGl5p6DkE%2F7%2BIZ8Nzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 87ec0f6baca14db7-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 130ms
129ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=119445
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07d7a25c85435e016e57dfc53a1d0e2c4c694275f5d53d18368d453c9217d1ff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 04 May 2024 22:52:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=djGAU1Ny7Em71XZ5K%2Fx3zXGr4T6dHBE71cVJumP6KWi%2B0UZDl5ZTUDpiu7KqK807N%2F8GmnKVZKOucJ1Nn%2F6dqcS%2FCW%2BHIYtx%2Fjog%2B9UoJzYCobj4gmfNRSM8xkD5Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 87ec0f6baca34db7-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 131ms
129ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=119446
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ded9ca6022b113f485a7c29edb660f7dc404bf0826821cee56b70521046a5fb0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 04 May 2024 22:52:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UeR5r%2BclFm6yEGUKwVE%2FuTChW5w5EtUkQsQ40YUXE59ohCIfFOdh0jAmrnsPaU6gMH0vKyySW9SbiARf%2F672Jll9gZB7ZgCJWwrbq6t4DJS5S6dD%2FYM1T2h%2BBOBTQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 87ec0f6baca54db7-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 lincode.php Show response
linkslot.ru/ 7 KB
4 KB 181ms
180ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/lincode.php?id=119794
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6086dc12195c58f0c977b6c87aadea6a23e7fd5d80cbc4d896afa47cd3931ea6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 04 May 2024 22:52:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S1%2By%2B8iVFkauj29nve3HmrU3fhkSqFDhZGnACAC4YUAmA%2Bexrlyh7xwV2QZgimG6OkBQ0PwOpdQyg1HcsMftPIM0vsw6KaVEqfEDeJU%2FBEpYuYBfgK0uRIqHhRMVKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 87ec0f6bdcd34db7-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 188ms
187ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=124324
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31ce65bfa712041efc0a4cbf7deb6d63311f2c2c325a8101fd775271a4ba9dbc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 04 May 2024 22:52:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fUAo2fvzq5pvDSN9xScatzCWNMfXFNt3GowLrLcH9wuDmrFK%2Be4s4uXaEvs2%2BFPZjiNZhx7G8pM6V9Gy8Ek4oh6vIPEKIPNFhmw9Gn9Np1kf3zEndJFe3Db3%2BbqAiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 87ec0f6bdcd54db7-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 134ms
39ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 22:52:16 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 9411701
x-cache: HIT, HIT
content-length: 30125
x-served-by: cache-lga21971-LGA, cache-cph2320046-CPH
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1714863137.566993,VS0,VE0
etag: W/"28feccc0-15283"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 37105, 49448

GET
H3 200 ads.php Show response
webtrafic.ru/ 1 KB
1 KB 233ms
142ms Script
text/html 172.67.200.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafic.ru/ads.php?uid=1150
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481c57d9defe3f8862beb26c5728f58c89f3419f7c9a0c859cb93b8c85dccd5e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 04 May 2024 22:52:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b9tFDIKi0%2B7UAgxZLmq0ECF%2BCQGzRFrJyrd6carBCb8E7%2BIRNreaF3LqE23KnZUP7za8MSKjLOdzcjwKm01moDHknRl2pN2%2BI4GtlEdCjf%2FaNQ9DPvtrrY8RYZQOyB4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87ec0f6c3d0735e1-FRA
alt-svc: h3=":443"; ma=86400

GET jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 0
0

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 335460
ad.a-ads.com/ Frame 2E1B 0
0 225ms
86ms Document
text/html 136.243.11.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/335460?size=200x200

Requested by

Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.11.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.250.11.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sat, 04 May 2024 22:52:16 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 335472
ad.a-ads.com/ Frame 5F37 0
0 217ms
81ms Document
text/html 136.243.11.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/335472?size=200x200

Requested by

Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.11.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.250.11.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sat, 04 May 2024 22:52:16 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 kristaly.png
bonus.gb1t.ru/img/ 135 KB
135 KB 197ms
196ms Image
image/png 2a00:f940:2:2:1:4:0:106
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonus.gb1t.ru/img/kristaly.png
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/css.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:106 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 241155c2a3436bfc0a542fc31fe2908ff2bdfc90e1ac7e26c6ba715b01030dcf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/css.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 22:52:16 GMT
last-modified: Sun, 05 Jun 2016 17:47:50 GMT
server: nginx
accept-ranges: bytes
content-length: 137733
content-type: image/png

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
477 B 151ms
107ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c96a3a69ba19d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b97d996a2d799a0ec92e8cb9798939b959aa29799aa91a2989798939b959aa2978caa8495999e9997a39b9da39a9fb091a7
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=119448
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 04 May 2024 22:52:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aw07mLqLHjB3QVO%2FeQ%2FCBu1QeZUZWyyTDGH7kn5QsdGjPcj7I6nORAba24f6kpviW2TEds6cKRsZ7kBcnUavtlOlRdwVQ2tCPaNHEoQwWF4E8Sg4kw0ZvZhUFsRZJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87ec0f6c29c49189-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 468x60.jpg
linkslot.ru/promo/dummy/ 12 KB
12 KB 51ms
51ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/promo/dummy/468x60.jpg
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 22:52:16 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Jun 2023 11:22:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "647dc573-2e1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uTnk3lB7ZmwQ810N2J5iUn2EZGD1KD580GUZOXByGculB349hI2JzZbk2viJ5xQE48O3TlCNgEGbx%2BstajAcUq08pfULdtqewrY0xfV8GV4BpsfG9JMHaEJEGv9JIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 87ec0f6becdb4db7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11802

GET
H2 200 bc.js Show response
bnster.com/widget/ 96 KB
29 KB 166ms
46ms Script
application/javascript 167.235.119.89
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bnster.com/widget/bc.js

Requested by

Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.235.119.89 Bühl, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.89.119.235.167.clients.your-server.de

Software

Resource Hash

0270b73e423fd8122e008c24e073ba95db915ac8363c520fa63eff39a80c379f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 22:52:16 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800
last-modified: Tue, 09 Apr 2024 12:19:07 GMT
etag: W/"6615323b-17eb7"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
expires: Sun, 05 May 2024 22:52:16 GMT

GET cu.js
bonus.gb1t.ru/ 0
0

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
443 B 110ms
107ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c96a3a69ba09d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b95a1ccd3e79adee4dad5dbce98939b959aa29799aa91a2989798939b959aa2978caa8495999e9997a39b9da39a9fb191a3
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=119447
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 04 May 2024 22:52:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FIOLhFXboWB5smE9wqpzBkWbg8PUIKPyzNzohmVXmgOznUgbLPoSm4etq4aDGFukYFYscXQ7bmGPW%2FaMLdM43eg79LiL1OK4zZiPzk6GCSl5eZPf%2FVGyySsSHMhgMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87ec0f6c8a279189-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
446 B 106ms
105ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c96a3a69b9c9d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b959ecde0e9cfd4dbcca2df9798939b959aa29799aa91a2989798939b959aa2978caa8495999e9997a39b9da39a9fb191a6
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=119443
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 04 May 2024 22:52:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KHNbLbq7TEXspFgFt2WkaSM3fQ54TyUf%2BJw74bP%2FdnAIu3ly%2BUjPpYBhkv0aZhWgGPS8SJVPT9d4pvgabL%2FU39WK2E6c4DO%2Bnqj14bxuE0ZAo58kjX29AG2%2BzzemPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87ec0f6c8a299189-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 200x300.jpg
linkslot.ru/promo/dummy/ 17 KB
18 KB 118ms
117ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/promo/dummy/200x300.jpg
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bb25991538ca880c81d25f85b9c9ac7430f2a3815afe6b2486047480316a82b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 22:52:16 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Jun 2023 11:22:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "647dc573-44a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=InodZqrMRxOk8usmxnvKLcVFAqXx8W56i2%2BGLQk6nLDvTvHoYravJdQ3IyJrh0MhOo8m9CaSAVcm0ET%2FlRuauFZjKQWy60ZFaj0H5rUv1NRU6NSMwZSTTBIyah%2BxfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 87ec0f6c8d5b4db7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17574

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
443 B 188ms
187ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c979ea599a09d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b95d99accd5cdcfe3d5e5cb9798939b959aa29799aa91a2989798939b959aa2978caa8495999e9997a39b9da39a9fb191aa
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=124327
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 04 May 2024 22:52:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u4ZqiBkS75hRFpzvdIUwWJmRvL6t%2BVFWziX0ZlOsl4M7%2Bqvg3nBj6IUseBEL%2BGpXT7xJawZugFxdTq1cHSrKc59r4shsOO2hmmHczUgC5vIByF3fYJnW3I2TqWgLCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87ec0f6c8a2e9189-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 100x100.jpg
linkslot.ru/promo/dummy/ 8 KB
8 KB 128ms
127ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/promo/dummy/100x100.jpg
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a32c37a54506db47e10f2b3fc9bf37b9ddb971590e151747fd6abf062df5193

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 22:52:16 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 05 Jun 2023 11:22:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "647dc573-1f66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eYyJH8qx9MmTVlEfwhGsW8HfeudKmloNMoqNscg%2FCLBcI2%2F0AUgJQpYIyyOt6MOlNLTTCc9D5DJpaCJcfBzHlm8OHhpeE2lA0Libahr4jI%2F%2BNwm0xDhyJBcwLiNtyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 87ec0f6c8d5f4db7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 8038

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
449 B 186ms
186ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c96a3a69b9e9d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b96d3dadbecdad7afd0d79c9798939b959aa29799aa91a2989798939b959aa2978caa8495999e9997a39b9da39a9fb192a4
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=119445
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 04 May 2024 22:52:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AW2qJLsROEr%2F2K3UA74IVcsrykciFY72i%2BZmpjZY6xDsnXzEq9VDyBaZMrS6ej%2FH6aI2Dg9ieUxXiX%2BzvIaqNb2wrYh%2FvJ1N%2BHxOh0v7IJj%2BFyoG%2BUsOISI3Go0glA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87ec0f6c9a329189-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
439 B 179ms
178ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c96a3a69b9f9d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8bcfd395dde1d89cf2d1a7d79798939b959aa29799aa91a2989798939b959aa28a999d84a39f989c9ba1989ba59da0ab96
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=119446
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 04 May 2024 22:52:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cSWKHVIMX6QfH8RQEay7hW%2FQOx3UTv1hNrJ0f8ZUr00bP5JFQdcelmXaF9guJpIv0DtFL2zQKpxd8dsgbOZ4rKoaBb1xZ9Ysgj7YYwMiJ4h4wxvmGQUzmJ9f8GnQGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87ec0f6c9a339189-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 200x200.jpg
linkslot.ru/promo/dummy/ 15 KB
15 KB 49ms
49ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/promo/dummy/200x200.jpg
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77a6b3466cb376003db40b3adb3170556393ef2c131836c68acd18cabfc1ab4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 22:52:16 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Jun 2023 11:22:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "647dc573-3ad5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l6GVKDgYgYVPpRva%2Fwr12pL%2B16q9J1lowVau1WYe4f3lCZUTI5sLtcZ%2F8NAkt47VXszODaaeIujr471KXVhIISaaa6ThAMaSK4CEUiw2ULSAFyGzq0eV367VEVrWwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 87ec0f6c9d6e4db7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15061

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
439 B 97ms
96ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c96a3a9a09d9d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b94e5dc9decc8d5e1d8e3d4ca98939b959aa29799aa91a2989798939b959aa2978caa8495999e9997a39b9da39a9fb199a8
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/lincode.php?id=119794
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 04 May 2024 22:52:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=diDQqReSqfTnlr7sx6TN%2Fn0EdnpZHY3elYN6kLBI7Ym6dJxw%2B6S4R7DSCbqI1AoA6IwMw0RcbrGd9bc41t6jPiaFgnAxp1qYHnEr13bBa2g03DE9qFKwtwcOoAbqXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87ec0f6d0aa99189-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
441 B 95ms
95ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c979ea5999d9d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b97e5999adeddd3e8d6d8a09798939b959aa29799aa91a2989798939b959aa2978caa8495999e9997a39b9da39a9fb19aa6
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=124324
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Sat, 04 May 2024 22:52:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jy6dU16LunzKKDqoL09fsq2tZUIg71fvoJsyjDITRJG8o6sy9jmZ716h6bBDVTHiXD9%2BZys29TGxztJv%2FIb%2FwVZGDjX1O3ILtm5s7vcYiwI4gssybSpm0PKIcJDmlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87ec0f6d1ab49189-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 100x100.jpg
linkslot.ru/promo/dummy/ 8 KB
0 47ms
47ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/promo/dummy/100x100.jpg
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a32c37a54506db47e10f2b3fc9bf37b9ddb971590e151747fd6abf062df5193

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 22:52:16 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 05 Jun 2023 11:22:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "647dc573-1f66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eYyJH8qx9MmTVlEfwhGsW8HfeudKmloNMoqNscg%2FCLBcI2%2F0AUgJQpYIyyOt6MOlNLTTCc9D5DJpaCJcfBzHlm8OHhpeE2lA0Libahr4jI%2F%2BNwm0xDhyJBcwLiNtyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 87ec0f6c8d5f4db7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 8038

GET
H3 200 /
webtrafic.ru/ Frame 6678 0
0 157ms
106ms Document
text/html 172.67.200.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafic.ru/
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/ads.php?uid=1150
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 87ec0f6d9f653a6c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 22:52:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bApXKKaVQePueTWYaf%2B8ZUa2%2F8KtTQzyMdJ1Mhpgl3TTneCFKSrJCqH22g%2Fs7cG5kqPueJuKfgQ1lCGL0o1gtMcu6SeIkf%2BzmtMjeGA5m0SQuIsf1%2B44wIa3jFtrQuY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-page-speed: 1.13.35.2-0

GET
H3 200 banner_empty.gif
webtrafic.ru/img/ 33 KB
33 KB 63ms
49ms Image
image/gif 172.67.200.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtrafic.ru/img/banner_empty.gif
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32cc157d7035835c6c380bd706d0e33294afd6aa61c320c400488b34c66d9e79

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 22:52:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3892885
etag: "640f1fd0-830e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dM9ufwFvJrREUF1sfocLfsI9ntgbx14iSEFaFPmOMhx3y4t9XKAOxsZ0zBx5w6pwwZixRXSKz6XwlcIzVl7eUnnojcvhpjAJMRgEG49QL%2FEsdCuAMRZYvOjTTBXPweY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 87ec0f6d4df535e1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 33550
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 user Show response
cookie.co1linesu.ru/ 35 B
395 B 196ms
50ms XHR
text/html 167.235.119.89
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie.co1linesu.ru/user?domain=https%3A%2F%2Fbonus.gb1t.ru

Requested by

Host: bnster.com
URL: https://bnster.com/widget/bc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.235.119.89 Bühl, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.89.119.235.167.clients.your-server.de

Software

Resource Hash

8a4132ee679a5ebe33de0591793a3bc2bb4d394ee76f5a716d2fda13a1315b5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: cache
date: Sat, 04 May 2024 22:52:17 GMT
strict-transport-security: max-age=15724800
last-modified: Wed, 30 Jun 2010 21:36:48 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://bonus.gb1t.ru
cache-control: private, max-age=157680000
access-control-allow-credentials: true
content-length: 35
expires: Fri, 04 May 2029 01:52:17 MSK

POST
H2 200 / Show response
bnster.com/bg/ 84 B
549 B 136ms
48ms XHR
text/html 167.235.119.89
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bnster.com/bg/?vid=v2_0639195fa8d391505a4a757df1ed445f&streams%5B%5D=713409070&user_data%5Bis_mobile%5D=0&user_data%5Bis_touch_device%5D=0&user_data%5Bwindow%5D%5Bwidth%5D=1600&user_data%5Bwindow%5D%5Bheight%5D=1200&user_data%5Buser_agent%5D=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F124.0.0.0%20Safari%2F537.36&user_data%5Bplatform%5D=Win32&user_data%5Blanguage%5D=de-DE&user_data%5Bdomain%5D=https%3A%2F%2Fbonus.gb1t.ru&user_data%5Bhref%5D=https%3A%2F%2Fbonus.gb1t.ru%2Ftraff.php&user_data%5Bhas_adblock%5D=0&user_data%5Bblock_size%5D%5B713409070%5D%5Bwidth%5D=1060&user_data%5Bblock_size%5D%5B713409070%5D%5Bheight%5D=118

Requested by

Host: bnster.com
URL: https://bnster.com/widget/bc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.235.119.89 Bühl, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.89.119.235.167.clients.your-server.de

Software

Resource Hash

554b3f5c1eae958c09fc99a1c101e66480057a3616262f288d861ae1f2e9d423

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 04 May 2024 22:52:17 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 404 favicon.ico
bonus.gb1t.ru/ 307 KB
67 KB 236ms
236ms Other
text/html 2a00:f940:2:2:1:4:0:106
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://bonus.gb1t.ru/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:106 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: caa963bd5cd38d0c8ea391986da6067b12e5a2f9ad2f09ec281bfe7ae3103134

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 22:52:18 GMT
content-encoding: gzip
last-modified: Sat, 09 Sep 2023 08:02:27 GMT
server: nginx
content-type: text/html; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto:400,100,300

Domain: bonus.gb1t.ru
URL: http://bonus.gb1t.ru/cu.js

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bonus.gb1t.ru/	1970-01-20 20:21:06	Name: nova Value: 4z40lvjnuf8000000000000000000000
informer.yandex.ru/	1970-01-21 05:06:39	Name: bh Value: EkEiQ2hyb21pdW0iO3Y9IjEyNCIsICJHb29nbGUgQ2hyb21lIjt2PSIxMjQiLCAiTm90LUEuQnJhbmQiO3Y9Ijk5IioCPzA6ByJMaW51eCI=
.yandex.ru/	1970-01-21 05:57:03	Name: i Value: SlMX2cuv+T6VFR8qUE7rBxVtteL0jvdp3/DJoc5FRyuWYpqLF5IaJ/k/qFx0tfQSUDfw3bwufBDugyMGsFFV2mr2ZnY=
.yandex.ru/	1970-01-21 05:57:03	Name: yandexuid Value: 7262626981714863137
.yandex.ru/	1970-01-21 05:06:39	Name: yashr Value: 1755873791714863137
mc.yandex.ru/	1970-01-21 05:06:39	Name: bh Value: EkEiQ2hyb21pdW0iO3Y9IjEyNCIsICJHb29nbGUgQ2hyb21lIjt2PSIxMjQiLCAiTm90LUEuQnJhbmQiO3Y9Ijk5IioCPzA6ByJMaW51eCI=
.webtrafic.ru/	1970-01-21 05:06:39	Name: _ym_uid Value: 1714863138133290470
.webtrafic.ru/	1970-01-21 05:06:39	Name: _ym_d Value: 1714863138
.yandex.com/	1970-01-21 05:06:39	Name: yashr Value: 8130945761714863137
mc.yandex.com/	1970-01-21 05:06:39	Name: bh Value: EkEiQ2hyb21pdW0iO3Y9IjEyNCIsICJHb29nbGUgQ2hyb21lIjt2PSIxMjQiLCAiTm90LUEuQnJhbmQiO3Y9Ijk5IioCPzA6ByJMaW51eCI=
.webtrafic.ru/	1970-01-20 20:22:15	Name: _ym_isad Value: 2
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 461990511714863137
.yandex.com/	1970-01-21 05:57:03	Name: i Value: PwN+3XJBntu7PE5qgWzHiiWbbfNbiTzomyAbk3znuSoAkIEYUdSrbaJ5thERAzWyspegc5i8RPPhzcTDmOLfX3cRnr8=
.yandex.com/	1970-01-21 05:57:03	Name: yandexuid Value: 1310072101714863137
.yandex.com/	1970-01-21 05:06:39	Name: yuidss Value: 1310072101714863137
.yandex.com/	1970-01-21 05:06:39	Name: ymex Value: 1746399137.yrts.1714863137#1746399137.yrtsi.1714863137
.yandex.com/	1970-01-21 05:06:39	Name: bh Value: Ej8iQ2hyb21pdW0iO3Y9IjEyNCIsIkdvb2dsZSBDaHJvbWUiO3Y9IjEyNCIsIk5vdC1BLkJyYW5kIjt2PSI5OSIaBSJ4ODYiIhAiMTI0LjAuNjM2Ny4xMTgiKgI/MDoHIkxpbnV4IkIHIjUuNC4wIkoEIjY0IlJcIkNocm9taXVtIjt2PSIxMjQuMC42MzY3LjExOCIsIkdvb2dsZSBDaHJvbWUiO3Y9IjEyNC4wLjYzNjcuMTE4IiwiTm90LUEuQnJhbmQiO3Y9Ijk5LjAuMC4wIiI=
.webtrafic.ru/	1970-01-20 20:21:04	Name: _ym_visorc Value: b
payeer.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3pub2rcm7pghlreai0to9fahmpnqh8utnboc234hr2csrraust4167ngnte7mom58avm35mql7pjmnejf0mh3hnl15gppa3i2kk0gc2

47 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://bonus.gb1t.ru/traff.php Message: Mixed Content: The page at 'https://bonus.gb1t.ru/traff.php' was loaded over HTTPS, but requested an insecure script 'http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://bonus.gb1t.ru/traff.php Message: Mixed Content: The page at 'https://bonus.gb1t.ru/traff.php' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Roboto:400,100,300'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://bonus.gb1t.ru/traff.php Message: Mixed Content: The page at 'https://bonus.gb1t.ru/traff.php' was loaded over HTTPS, but requested an insecure script 'http://bonus.gb1t.ru/cu.js'. This request has been blocked; the content must be served over HTTPS.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://bonus.gb1t.ru/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
ajax.googleapis.com
bnster.com
bonus.gb1t.ru
code.jquery.com
cookie.co1linesu.ru
fonts.googleapis.com
linkslot.ru
neon.autos
neon.today
seo-act.ru
webtrafic.ru
ajax.googleapis.com
bonus.gb1t.ru
fonts.googleapis.com
136.243.11.250
167.235.119.89
172.67.200.135
188.114.96.3
213.183.48.30
2a00:f940:2:2:1:1:0:46
2a00:f940:2:2:1:4:0:106
2a04:4e42:400::649
81.177.141.232
017d075c0bf8033207cdf4b6564011b97b62e905ad7e246e51c858582cb5493d
0270b73e423fd8122e008c24e073ba95db915ac8363c520fa63eff39a80c379f
07d7a25c85435e016e57dfc53a1d0e2c4c694275f5d53d18368d453c9217d1ff
1bb25991538ca880c81d25f85b9c9ac7430f2a3815afe6b2486047480316a82b
241155c2a3436bfc0a542fc31fe2908ff2bdfc90e1ac7e26c6ba715b01030dcf
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
31ce65bfa712041efc0a4cbf7deb6d63311f2c2c325a8101fd775271a4ba9dbc
32cc157d7035835c6c380bd706d0e33294afd6aa61c320c400488b34c66d9e79
35e2345840911a278fdf3c98e429716d241b148086fd67b2a2004dfb34138165
481c57d9defe3f8862beb26c5728f58c89f3419f7c9a0c859cb93b8c85dccd5e
554b3f5c1eae958c09fc99a1c101e66480057a3616262f288d861ae1f2e9d423
6086dc12195c58f0c977b6c87aadea6a23e7fd5d80cbc4d896afa47cd3931ea6
6a32c37a54506db47e10f2b3fc9bf37b9ddb971590e151747fd6abf062df5193
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8a4132ee679a5ebe33de0591793a3bc2bb4d394ee76f5a716d2fda13a1315b5e
a72bb689f023b1207ec6e237da47771fe90319f48eff041e750c66fc29ce3011
c127996f2c2e75ef1766d2d59b77d567a8cce7bbcae48321bac008cdde42dd80
caa963bd5cd38d0c8ea391986da6067b12e5a2f9ad2f09ec281bfe7ae3103134
d5784c1baf3f00296c072c245efaf170e27abf406dff0c9d9e3ac68ad485e4a2
d77a6b3466cb376003db40b3adb3170556393ef2c131836c68acd18cabfc1ab4
ded9ca6022b113f485a7c29edb660f7dc404bf0826821cee56b70521046a5fb0
ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857
ffdfb3d5d60fee4467f8d997f406fec864cd6e2a5bebb80f5efba35cef330706

bonus.gb1t.ru Open in urlscan Pro 2a00:f940:2:2:1:4:0:106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

92 %HTTPS

33 %IPv6

11 Domains

12 Subdomains

7 IPs

4 Countries

385 kBTransfer

781 kBSize

19 Cookies

13 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bonus.gb1t.ru Open in urlscan Pro
2a00:f940:2:2:1:4:0:106 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

92 %
HTTPS

33 %
IPv6

11
Domains

12
Subdomains

7
IPs

4
Countries

385 kB
Transfer

781 kB
Size

19
Cookies

37 HTTP transactions
0 data transactions