nifty-bonus.ru Open in urlscan Pro
212.8.244.21 Public Scan

URL:
http://nifty-bonus.ru/
Submission: On February 06 via manual (February 6th 2019, 9:34:58 am UTC) from RU

Summary HTTP 77 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 14 domains to perform 77 HTTP transactions. The main IP is 212.8.244.21, located in Russian Federation and belongs to ITLDC-NL, UA. The main domain is nifty-bonus.ru.

This is the only time nifty-bonus.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	212.8.244.21 212.8.244.21	21100 (ITLDC-NL) (ITLDC-NL)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
16	2606:4700:20:... 2606:4700:20::6819:9a75	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
3	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
15	2606:4700:20:... 2606:4700:20::6819:9975	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 4	2606:4700:30:... 2606:4700:30::6812:21a5	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	5.9.10.165 5.9.10.165	24940 (HETZNER-AS) (HETZNER-AS)
3	138.201.244.154 138.201.244.154	24940 (HETZNER-AS) (HETZNER-AS)
2	176.9.125.108 176.9.125.108	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	23.94.144.154 23.94.144.154	36352 (AS-COLOCR...) (AS-COLOCROSSING - ColoCrossing)
1	5.9.100.69 5.9.100.69	24940 (HETZNER-AS) (HETZNER-AS)
1	95.163.105.93 95.163.105.93	12695 (DINET-AS) (DINET-AS)
3 11	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2 3	95.163.105.112 95.163.105.112	12695 (DINET-AS) (DINET-AS)
2 2	185.15.175.133 185.15.175.133	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
77	17

7 212.8.244.21 (Russian Federation)

ASN21100 (ITLDC-NL, UA)
PTR: zomro.com

nifty-bonus.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:20::6819:9a75 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

linkslot.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:20::6819:9975 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

linkslot.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:30::6812:21a5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

coinmedia.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s1.coinmedia.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.9.10.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.10.9.5.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.244.154 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: startsell.net

ad.adcountry.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 176.9.125.108 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.108.125.9.176.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.94.144.154 (Buffalo, United States)

ASN36352 (AS-COLOCROSSING - ColoCrossing, US)
PTR: 23-94-144-154-host.colocrossing.com

adalso.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.9.100.69 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: www.people-group.su

ads.people-group.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.105.93 (Russian Federation)

ASN12695 (DINET-AS, RU)
PTR: js.hotlog.ru

js.hotlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::1:119 (Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.163.105.112 (Russian Federation) 2 redirects

ASN12695 (DINET-AS, RU)
PTR: srv12.hotlog.ru

hit20.hotlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.133 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	linkslot.ru linkslot.ru	395 KB
11	yandex.ru 3 redirects mc.yandex.ru	46 KB
7	nifty-bonus.ru nifty-bonus.ru	300 KB
5	a-ads.com ad.a-ads.com
4	hotlog.ru 2 redirects js.hotlog.ru hit20.hotlog.ru	4 KB
4	coinmedia.co 1 redirects coinmedia.co s1.coinmedia.co	94 B
3	adcountry.net ad.adcountry.net	6 KB
3	google.com www.google.com	540 B
3	yastatic.net yastatic.net	45 KB
2	digitaltarget.ru 2 redirects dmg.digitaltarget.ru	1 KB
2	adalso.com adalso.com
1	people-group.net ads.people-group.net	3 KB
1	gstatic.com www.gstatic.com	90 KB
1	googleapis.com ajax.googleapis.com	32 KB
77	14

	Domain	Requested by
31	linkslot.ru	nifty-bonus.ru
11	mc.yandex.ru	3 redirects nifty-bonus.ru mc.yandex.ru
7	nifty-bonus.ru	nifty-bonus.ru ajax.googleapis.com
5	ad.a-ads.com	nifty-bonus.ru
3	hit20.hotlog.ru	2 redirects nifty-bonus.ru
3	ad.adcountry.net	nifty-bonus.ru ad.adcountry.net
3	coinmedia.co	1 redirects nifty-bonus.ru
3	www.google.com	nifty-bonus.ru www.gstatic.com
3	yastatic.net	nifty-bonus.ru yastatic.net
2	dmg.digitaltarget.ru	2 redirects
2	adalso.com	nifty-bonus.ru
1	js.hotlog.ru	nifty-bonus.ru
1	s1.coinmedia.co	nifty-bonus.ru
1	ads.people-group.net	nifty-bonus.ru
1	www.gstatic.com	www.google.com
1	ajax.googleapis.com	nifty-bonus.ru
77	16

This site contains links to these domains. Also see Links.

Domain
linkslot.ru
yandex.ru
vk.com
www.facebook.com
connect.ok.ru
connect.mail.ru
twitter.com
www.blogger.com
api.whatsapp.com
web.skype.com
minions-game.ru
apteko-farm.ru
univemine.ru
razleton.com
maxprof.info
mytaxopark.com
rfnext.ru
online-site.icu
winterfast.biz
ruinvest1000.ru
igrovieavtomatynadengi.ru
zeveleon.ru
www.people-group.su
click.hotlog.ru

Subject Issuer	Validity	Valid
ssl370115.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-12-05` - `2019-06-13`	6 months	crt.sh
static.yandex.net Yandex CA	`2018-10-03` - `2019-10-03`	a year	crt.sh
www.google.com Google Internet Authority G3	`2019-01-15` - `2019-04-09`	3 months	crt.sh
sni43211.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-10` - `2019-03-19`	6 months	crt.sh
ad.adcountry.net COMODO RSA Domain Validation Secure Server CA	`2017-04-24` - `2018-04-24`	a year	crt.sh
*.google.com Google Internet Authority G3	`2019-01-15` - `2019-04-09`	3 months	crt.sh
bs.yandex.ru Yandex CA	`2018-10-03` - `2019-10-03`	a year	crt.sh
*.hotlog.ru RapidSSL RSA CA 2018	`2018-07-25` - `2019-09-23`	a year	crt.sh

This page contains 16 frames:

Primary Page: http://nifty-bonus.ru/
Frame ID: A11F9583C1D8911678BF862F28C9F6D8
Requests: 71 HTTP requests in this frame

Frame: https://coinmedia.co/new_code_site56435.js
Frame ID: 2D2A595369FA4499C0DB6DE0E732B9E3
Requests: 1 HTTP requests in this frame

Frame: http://ad.a-ads.com/547989?size=160x600
Frame ID: DB76021594C2780D260C768501ED7E4C
Requests: 1 HTTP requests in this frame

Frame: https://coinmedia.co/new_code_site56434.js
Frame ID: 8D6E106021A2BE47F4721F05F0BB8901
Requests: 1 HTTP requests in this frame

Frame: http://ad.adcountry.net/adword/default/index?ww_user=365&ww_sub=187&ww_block=235&ww_width=468&ww_height=60&ww_blink_color=00ccff&ww_format=468x60&ww_background_color=ffffff&ww_text_color=000000&ww_link_color=3366ff&ww_font_size=12px&ww_border_color=cccccc&ww_category=fishing&ww_ismedia=&ww_keywords=&ref=
Frame ID: 9A4773FB9C6A2A07A6D94B1D09A3F96E
Requests: 1 HTTP requests in this frame

Frame: http://ad.a-ads.com/537440?size=468x60
Frame ID: BCF3CC3DE98E1AFBA5656BF90728A618
Requests: 1 HTTP requests in this frame

Frame: http://ad.a-ads.com/537473?size=468x60
Frame ID: B643DEBE7357897F046CB5DC611F58B4
Requests: 1 HTTP requests in this frame

Frame: http://ad.a-ads.com/537476?size=468x60
Frame ID: 6BC144FE6CD0E31DB6EC42D7B93A4208
Requests: 1 HTTP requests in this frame

Frame: http://adalso.com/ad/pbnr2.php?ref=10323
Frame ID: 1389F42A19637A4AC9516E77466177F5
Requests: 1 HTTP requests in this frame

Frame: http://ad.adcountry.net/adword/default/index?ww_user=365&ww_sub=187&ww_block=234&ww_width=468&ww_height=60&ww_blink_color=00ccff&ww_format=468x60&ww_background_color=ffffff&ww_text_color=000000&ww_link_color=3366ff&ww_font_size=12px&ww_border_color=2f7af1&ww_category=fishing&ww_ismedia=&ww_keywords=&ref=
Frame ID: 6078236A7AF36F313251348F1732387B
Requests: 1 HTTP requests in this frame

Frame: http://ad.a-ads.com/420854?size=468x60
Frame ID: B74AF30F097E03D8F183FD28A9BC036B
Requests: 1 HTTP requests in this frame

Frame: https://s1.coinmedia.co/new_code_site41152.js
Frame ID: DF92E609188D70884A28687D33FE8EF1
Requests: 1 HTTP requests in this frame

Frame: http://adalso.com/ad/pbup.php?ref=7723
Frame ID: 7C8F1AE03D4E393E743DC771EB7DF864
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/share2/frame.html?namespace=ya-share2.0.7449172213861581
Frame ID: 81F1CB45492E6BA45FF0057773BC6190
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdY8yQUAAAAAIR78pVFlrlcZkwKkn55V0QOMNr2&co=aHR0cDovL25pZnR5LWJvbnVzLnJ1Ojgw&hl=en&v=v1548975483598&size=normal&cb=x72pkvn4aq9v
Frame ID: E30CF275D150808681C631E9F20C952E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1548975483598&k=6LdY8yQUAAAAAIR78pVFlrlcZkwKkn55V0QOMNr2&cb=muf0ae9yjjim
Frame ID: 42D497E15CD2E3910AA14D85CC516962
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

RxJS (JavaScript Frameworks) Expand

Overall confidence: 20%
Detected patterns

env /^Rx$/i

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /mc\.yandex\.ru\/metrika\/watch\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

env /^Recaptcha$/i

Page Statistics

77
Requests

65 %
HTTPS

47 %
IPv6

14
Domains

16
Subdomains

17
IPs

4
Countries

916 kB
Transfer

1438 kB
Size

6
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://linkslot.ru/banner.php?id=171459

Search URL Search Domain Scan URL

URL: https://yandex.ru/collections/share/?url=http%3A%2F%2Fnifty-bonus.ru%2F&utm_source=share2
Title: Яндекс.Коллекции

Search URL Search Domain Scan URL

URL: https://vk.com/share.php?url=http%3A%2F%2Fnifty-bonus.ru%2F&utm_source=share2
Title: 0ВКонтакте

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?src=sp&u=http%3A%2F%2Fnifty-bonus.ru%2F&utm_source=share2
Title: 0Facebook

Search URL Search Domain Scan URL

URL: https://connect.ok.ru/offer?url=http%3A%2F%2Fnifty-bonus.ru%2F&utm_source=share2
Title: 0Одноклассники

Search URL Search Domain Scan URL

URL: https://connect.mail.ru/share?url=http%3A%2F%2Fnifty-bonus.ru%2F&utm_source=share2
Title: 0Мой Мир

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=http%3A%2F%2Fnifty-bonus.ru%2F&utm_source=share2
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog-this.g?u=http%3A%2F%2Fnifty-bonus.ru%2F&utm_source=share2
Title: Blogger

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=http%3A%2F%2Fnifty-bonus.ru%2F&utm_source=share2
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://web.skype.com/share?url=http%3A%2F%2Fnifty-bonus.ru%2F&utm_source=share2
Title: Skype

Search URL Search Domain Scan URL

URL: https://minions-game.ru/?i=6

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner.php?id=171460

Search URL Search Domain Scan URL

URL: http://apteko-farm.ru/?i=499

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner.php?id=171461

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner.php?id=171465

Search URL Search Domain Scan URL

URL: https://univemine.ru/

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner.php?id=171468

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner.php?id=171469

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner.php?id=171470

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner.php?id=171471

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner.php?id=171474

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner.php?id=171475

Search URL Search Domain Scan URL

URL: https://linkslot.ru/link.php?id=171480
Title: Купить ссылку здесь за 2 руб.

Search URL Search Domain Scan URL

URL: https://razleton.com/?ref=linkslot
Title: Бонус 10$ за регистрацию

Search URL Search Domain Scan URL

URL: https://maxprof.info/?ref=9
Title: +110% через 24 часа

Search URL Search Domain Scan URL

URL: https://mytaxopark.com/?ref=313
Title: Бонус 20 рублей! сразу

Search URL Search Domain Scan URL

URL: http://rfnext.ru/?l=268583&p=16216
Title: Получай 500$ ежедневно! Строго 18+

Search URL Search Domain Scan URL

URL: http://online-site.icu/
Title: Партнерский бонус 1000 рублей на счет!

Search URL Search Domain Scan URL

URL: https://winterfast.biz/?ref=2
Title: +++админ уравнителя+++

Search URL Search Domain Scan URL

URL: http://ruinvest1000.ru/
Title: Супер удвоитель!!! поднял уже 1000

Search URL Search Domain Scan URL

URL: http://igrovieavtomatynadengi.ru/
Title: Игровые автоматы на деньги

Search URL Search Domain Scan URL

URL: http://zeveleon.ru/
Title: Payeer +150% за 24 часа

Search URL Search Domain Scan URL

URL: https://linkslot.ru/?ref=Professor003
Title: Поставить к себе на сайт

Search URL Search Domain Scan URL

URL: https://www.people-group.su/?r=318765
Title: вложить деньги и заработать

Search URL Search Domain Scan URL

URL: http://click.hotlog.ru/?2551529

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://coinmedia.co/new_code_site41152.js HTTP 301
https://s1.coinmedia.co/new_code_site41152.js

Request Chain 65

https://mc.yandex.ru/watch/42929409?wmode=7&page-url=http%3A%2F%2Fnifty-bonus.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1549445667887%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190206093428%3Aet%3A1549445669%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A557337577%3Ahid%3A923089143%3Ads%3A65%2C16%2C25%2C18%2C0%2C0%2C0%2C612%2C15%2C%2C%2C%2C731%3Afp%3A287%3Awn%3A47920%3Ahl%3A2%3Agdpr%3A14%3Av%3A1407%3Ast%3A1549445669%3Au%3A1549445669876269093 HTTP 302
https://mc.yandex.ru/watch/42929409/1?wmode=7&page-url=http%3A%2F%2Fnifty-bonus.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1549445667887%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190206093428%3Aet%3A1549445669%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A557337577%3Ahid%3A923089143%3Ads%3A65%2C16%2C25%2C18%2C0%2C0%2C0%2C612%2C15%2C%2C%2C%2C731%3Afp%3A287%3Awn%3A47920%3Ahl%3A2%3Agdpr%3A14%3Av%3A1407%3Ast%3A1549445669%3Au%3A1549445669876269093

Request Chain 66

http://hit20.hotlog.ru/cgi-bin/hotlog/count?0.026897156280863088&s=2551529&im=416&r=&pg=http%3A//nifty-bonus.ru/&j=N&wh=1600x1200&px=24&cver=1&js=1.3 HTTP 302
http://hit20.hotlog.ru/cgi-bin/hotlog/count?0.026897156280863088&s=2551529&im=416&r=&pg=http%3A//nifty-bonus.ru/&j=N&wh=1600x1200&px=24&cver=1&js=1.3&hl_ignore=Y HTTP 302
https://dmg.digitaltarget.ru/1/19/i/i?a=19&e=3adf1fef0e9886f1a56468818b478&i=1961447540&r=https://hit20.hotlog.ru/cgi-bin/hotlog/count?s%3D2551529%26im%3D416%26hl_hitback%3DY HTTP 302
https://dmg.digitaltarget.ru/1/19/i/i?a=19&e=3adf1fef0e9886f1a56468818b478&i=1961447540&r=https://hit20.hotlog.ru/cgi-bin/hotlog/count?s%3D2551529%26im%3D416%26hl_hitback%3DY&q=scc HTTP 302
https://hit20.hotlog.ru/cgi-bin/hotlog/count?s=2551529&im=416&hl_hitback=Y

Request Chain 83

https://mc.yandex.ru/watch/42929409?page-url=http%3A%2F%2Fnifty-bonus.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1549445667887%3As%3A1600x1200x24%3Ask%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190206093443%3Aet%3A1549445684%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Anb%3A1%3Acl%3A217%3Arn%3A488021869%3Ahid%3A923089143%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C15153%2C15153%2C2%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1407%3Ast%3A1549445684%3Au%3A1549445669876269093%3App%3A2587583065 HTTP 302
https://mc.yandex.ru/watch/42929409/1?page-url=http%3A%2F%2Fnifty-bonus.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1549445667887%3As%3A1600x1200x24%3Ask%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190206093443%3Aet%3A1549445684%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Anb%3A1%3Acl%3A217%3Arn%3A488021869%3Ahid%3A923089143%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C15153%2C15153%2C2%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1407%3Ast%3A1549445684%3Au%3A1549445669876269093%3App%3A2587583065

Request Chain 84

https://mc.yandex.ru/watch/26812653?page-url=http%3A%2F%2Fnifty-bonus.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1549445667887%3As%3A1600x1200x24%3Ask%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1585x1200%3Ai%3A20190206093444%3Aet%3A1549445684%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A217%3Arn%3A570160148%3Ahid%3A923089143%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C15153%2C15153%2C2%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1407%3Ast%3A1549445684%3Au%3A1549445669876269093%3App%3A2587583065 HTTP 302
https://mc.yandex.ru/watch/26812653/1?page-url=http%3A%2F%2Fnifty-bonus.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1549445667887%3As%3A1600x1200x24%3Ask%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1585x1200%3Ai%3A20190206093444%3Aet%3A1549445684%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A217%3Arn%3A570160148%3Ahid%3A923089143%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C15153%2C15153%2C2%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1407%3Ast%3A1549445684%3Au%3A1549445669876269093%3App%3A2587583065

77 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
nifty-bonus.ru/ 14 KB
14 KB 107ms
25ms Document
text/html 212.8.244.21
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL: http://nifty-bonus.ru/
Protocol: HTTP/1.1
Server: 212.8.244.21 , Russian Federation, ASN21100 (ITLDC-NL, UA),
Reverse DNS: zomro.com
Software: nginx/1.12.2 / PHP/5.3.3
Resource Hash: f175b938e5ecb6984390f0d9a1f317b18e7b5379f214a55266a6fd8b69642cb0

Request headers

Host: nifty-bonus.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx/1.12.2
Date: Wed, 06 Feb 2019 09:34:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.3
Set-Cookie: PHPSESSID=88898kp3vv627q2bit3g8k3pm4; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache

GET
H/1.1 200
OK style.css
nifty-bonus.ru/css/ 7 KB
7 KB 26ms
18ms Stylesheet
text/css 212.8.244.21
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL: http://nifty-bonus.ru/css/style.css
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: HTTP/1.1
Server: 212.8.244.21 , Russian Federation, ASN21100 (ITLDC-NL, UA),
Reverse DNS: zomro.com
Software: nginx/1.12.2 /
Resource Hash: ba0af688fc63282938e44a5e642819dbded912d352e641c36c1db1a2e2bfbf7a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: nifty-bonus.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://nifty-bonus.ru/
Cookie: PHPSESSID=88898kp3vv627q2bit3g8k3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Feb 2019 09:34:28 GMT
Last-Modified: Mon, 12 Jun 2017 14:59:12 GMT
Server: nginx/1.12.2
ETag: "593eac40-1ca5"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7333

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.1/ 89 KB
32 KB 14ms
6ms Script
text/javascript 2a00:1450:4001:806::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js

Requested by

Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 14 Jan 2019 18:36:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 1954700
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 32124
X-XSS-Protection: 1; mode=block
Expires: Tue, 14 Jan 2020 18:36:08 GMT

GET
H2 200 bancode.php Show response
linkslot.ru/ 13 KB
4 KB 51ms
43ms Script
text/html 2606:4700:20::6819:9a75
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=171459
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9a75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3793367eb29e038e5a8227a169d5f7bd521a83d574b91146dc2cb8205fb66d9

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Wed, 06 Feb 2019 09:34:28 GMT
content-encoding: br
server: cloudflare
cf-ray: 4a4c9f013c3297e6-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html;charset=windows-1251

GET
H/1.1 200
OK es5-shims.min.js Show response
yastatic.net/es5-shims/0.0.2/ 3 KB
2 KB 56ms
15ms Script
application/x-javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/es5-shims/0.0.2/es5-shims.min.js

Requested by

Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

40f09dcdb226fb60428bfe107e02f6c50db1561694264b0144e0155f9f3e4140

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Feb 2019 09:34:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 25 Oct 2018 11:27:00 GMT
Server: nginx/1.12.2
ETag: W/"32e3b4f3a8f6048da9934fec1ca08cea"
X-Robots-Tag: noindex, noarchive, nofollow
X-Nginx-Request-Id: b2d87940c29b4321
Strict-Transport-Security: max-age=43200000; includeSubDomains;
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Timing-Allow-Origin: *
Keep-Alive: timeout=5
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK share.js Show response
yastatic.net/share2/ 137 KB
43 KB 94ms
29ms Script
application/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://yastatic.net/share2/share.js
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: d701c92aa688a0347637a4687a4932b42943ca240e28a63c5bbbc5e90db790d9

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Feb 2019 09:34:28 GMT
Content-Encoding: gzip
X-Nginx-Request-Id: 8ff557fbdc1ddaa8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 20 Dec 2018 12:48:50 GMT
Server: nginx/1.12.2
ETag: W/"8cfb21117c9846d7370ede467e98c63d"
X-Robots-Tag: noindex, noarchive, nofollow
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Timing-Allow-Origin: *
Keep-Alive: timeout=5
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bancode.php Show response
linkslot.ru/ 14 KB
5 KB 48ms
40ms Script
text/html 2606:4700:20::6819:9a75
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=171460
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9a75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fba2be85c7aa39d6a8c3590768fd251d4298ec5bb74d790316bf7b87ee5dc471

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Wed, 06 Feb 2019 09:34:28 GMT
content-encoding: br
server: cloudflare
cf-ray: 4a4c9f013c3397e6-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html;charset=windows-1251

GET
H2 200 bancode.php Show response
linkslot.ru/ 14 KB
4 KB 39ms
37ms Script
text/html 2606:4700:20::6819:9a75
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=171461
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9a75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 219f4f6919f44acab444c97a34f866d922cce43f6a6f0d89c4f2b3a204ac5b0e

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Wed, 06 Feb 2019 09:34:28 GMT
content-encoding: br
server: cloudflare
cf-ray: 4a4c9f019cba97e6-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html;charset=windows-1251

GET
H2 200 bancode.php Show response
linkslot.ru/ 13 KB
4 KB 38ms
37ms Script
text/html 2606:4700:20::6819:9a75
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=171465
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9a75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9589d56dbf6408f2c94ca1c48e6ce046d4e013b4950ca7d818836af5586f0611

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Wed, 06 Feb 2019 09:34:28 GMT
content-encoding: br
server: cloudflare
cf-ray: 4a4c9f019cbb97e6-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html;charset=windows-1251

GET
H2 200 bancode.php Show response
linkslot.ru/ 14 KB
4 KB 39ms
37ms Script
text/html 2606:4700:20::6819:9a75
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=171468
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9a75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ebd67b2566b90a69309edcb1d611d215da89cc796b5d7c9f7fde366e7df677a

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Wed, 06 Feb 2019 09:34:28 GMT
content-encoding: br
server: cloudflare
cf-ray: 4a4c9f019cbc97e6-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html;charset=windows-1251

GET
H2 200 bancode.php Show response
linkslot.ru/ 13 KB
4 KB 38ms
36ms Script
text/html 2606:4700:20::6819:9a75
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=171469
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9a75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4cbfd8e5eb4901e639177976eb5eb30675a676548439c4a40f831e521dafa1d

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Wed, 06 Feb 2019 09:34:28 GMT
content-encoding: br
server: cloudflare
cf-ray: 4a4c9f019cbd97e6-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html;charset=windows-1251

GET
H2 200 bancode.php Show response
linkslot.ru/ 13 KB
4 KB 56ms
55ms Script
text/html 2606:4700:20::6819:9a75
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=171470
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9a75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2103285c1f97a73375ef59754d59086f8405cbbfc5096f9b6d743c0dfc613c6e

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Wed, 06 Feb 2019 09:34:28 GMT
content-encoding: br
server: cloudflare
cf-ray: 4a4c9f019cbf97e6-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html;charset=windows-1251

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 762 B
540 B 26ms
18ms Script
text/javascript 2a00:1450:4001:81f::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

57fdc78b1fd61a73c479319f01933ba3849bc18e4bfc333fdee13fcbff9d4a32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Feb 2019 09:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 446
x-xss-protection: 1; mode=block
expires: Wed, 06 Feb 2019 09:34:28 GMT

GET
H2 200 bancode.php Show response
linkslot.ru/ 13 KB
4 KB 49ms
48ms Script
text/html 2606:4700:20::6819:9a75
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=171471
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9a75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fca3b294c81df7bc01ec06c6bdda0bf8e54dc68e347cb210944872907520fa1

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Wed, 06 Feb 2019 09:34:28 GMT
content-encoding: br
server: cloudflare
cf-ray: 4a4c9f019cc097e6-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html;charset=windows-1251

GET
H2 200 bancode.php Show response
linkslot.ru/ 13 KB
4 KB 35ms
33ms Script
text/html 2606:4700:20::6819:9a75
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=171474
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9a75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdb6449a04fdf738ea304dcc68d04e2d00acb08d418a59278d91d55ffe7f6451

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Wed, 06 Feb 2019 09:34:28 GMT
content-encoding: br
server: cloudflare
cf-ray: 4a4c9f01dd0b97e6-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html;charset=windows-1251

GET
H2 200 bancode.php Show response
linkslot.ru/ 13 KB
4 KB 37ms
36ms Script
text/html 2606:4700:20::6819:9a75
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=171475
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9a75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc3c54e1ae4572e74d5c7c85442bbf72bd7cd905d900267e27712d79b3f51b2d

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Wed, 06 Feb 2019 09:34:28 GMT
content-encoding: br
server: cloudflare
cf-ray: 4a4c9f01dd0d97e6-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html;charset=windows-1251

GET
H2 200 lincode.php Show response
linkslot.ru/ 14 KB
5 KB 35ms
34ms Script
text/html 2606:4700:20::6819:9a75
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/lincode.php?id=171480
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9a75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9badabfc4bad7894450c39708cc4173169a728d22de8f85c26300abbac0e3188

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Wed, 06 Feb 2019 09:34:28 GMT
content-encoding: br
server: cloudflare
cf-ray: 4a4c9f01dd0e97e6-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html;charset=windows-1251

GET
H/1.1 200
OK fon.jpg
nifty-bonus.ru/img/ 274 KB
275 KB 17ms
16ms Image
image/jpeg 212.8.244.21
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nifty-bonus.ru/img/fon.jpg
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js
Protocol: HTTP/1.1
Server: 212.8.244.21 , Russian Federation, ASN21100 (ITLDC-NL, UA),
Reverse DNS: zomro.com
Software: nginx/1.12.2 /
Resource Hash: 3973bf29330efa9c03373a998f2d4c2b2e2c42696cd355c03494278d846d1576

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: nifty-bonus.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://nifty-bonus.ru/css/style.css
Cookie: PHPSESSID=88898kp3vv627q2bit3g8k3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://nifty-bonus.ru/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Feb 2019 09:34:28 GMT
Last-Modified: Sat, 10 Jun 2017 21:36:00 GMT
Server: nginx/1.12.2
ETag: "593c6640-449a4"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 280996

GET
H/1.1 200
OK bac.png
nifty-bonus.ru/img/ 395 B
633 B 65ms
24ms Image
image/png 212.8.244.21
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nifty-bonus.ru/img/bac.png
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: HTTP/1.1
Server: 212.8.244.21 , Russian Federation, ASN21100 (ITLDC-NL, UA),
Reverse DNS: zomro.com
Software: nginx/1.12.2 /
Resource Hash: d704efe6080f929aac4aa4cc5b37d8b600c688a6bad8faee897f6faeaaab643a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: nifty-bonus.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://nifty-bonus.ru/css/style.css
Cookie: PHPSESSID=88898kp3vv627q2bit3g8k3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://nifty-bonus.ru/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Feb 2019 09:34:28 GMT
Last-Modified: Thu, 02 Mar 2017 14:58:16 GMT
Server: nginx/1.12.2
ETag: "58b83308-18b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 395

GET
H/1.1 404
Not Found surprise.png
nifty-bonus.ru/img/ 299 B
299 B 76ms
36ms Image
text/html 212.8.244.21
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nifty-bonus.ru/img/surprise.png
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: HTTP/1.1
Server: 212.8.244.21 , Russian Federation, ASN21100 (ITLDC-NL, UA),
Reverse DNS: zomro.com
Software: nginx/1.12.2 /
Resource Hash: 971270d1ef3076890f3d899e673a23050f4ba3e79d1781e7bf9a2064e53cc130

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: nifty-bonus.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://nifty-bonus.ru/css/style.css
Cookie: PHPSESSID=88898kp3vv627q2bit3g8k3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://nifty-bonus.ru/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Feb 2019 09:34:28 GMT
Server: nginx/1.12.2
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found banner_top.png
nifty-bonus.ru/img/ 301 B
301 B 67ms
27ms Image
text/html 212.8.244.21
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nifty-bonus.ru/img/banner_top.png
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: HTTP/1.1
Server: 212.8.244.21 , Russian Federation, ASN21100 (ITLDC-NL, UA),
Reverse DNS: zomro.com
Software: nginx/1.12.2 /
Resource Hash: c8e0c9a98fd7ca3a59fe9cbaaf2217b7c0e01c9492c0ffe10e08eab62eff0229

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: nifty-bonus.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://nifty-bonus.ru/css/style.css
Cookie: PHPSESSID=88898kp3vv627q2bit3g8k3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://nifty-bonus.ru/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Feb 2019 09:34:28 GMT
Server: nginx/1.12.2
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK moneta.png
nifty-bonus.ru/img/ 3 KB
3 KB 64ms
23ms Image
image/png 212.8.244.21
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nifty-bonus.ru/img/moneta.png
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: HTTP/1.1
Server: 212.8.244.21 , Russian Federation, ASN21100 (ITLDC-NL, UA),
Reverse DNS: zomro.com
Software: nginx/1.12.2 /
Resource Hash: 455d2064e6dc6296420524cc458893bebe3e874aec5ac2f9eb95bffbac0d931e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: nifty-bonus.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://nifty-bonus.ru/css/style.css
Cookie: PHPSESSID=88898kp3vv627q2bit3g8k3pm4
Connection: keep-alive
Cache-Control: no-cache
Referer: http://nifty-bonus.ru/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Feb 2019 09:34:28 GMT
Last-Modified: Mon, 05 Dec 2016 13:33:58 GMT
Server: nginx/1.12.2
ETag: "58456cc6-a27"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2599

GET
H2 200 gate.php Show response
linkslot.ru/ 2 B
180 B 48ms
48ms XHR
text/html 2606:4700:20::6819:9975
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=d1d4cbdeeb94cbe9cfe7db95dad88e96a1a39b9eb384a39e9798869c979aa28ad6e9dbdbd4d3c992a0939a928fd6dbc4dbd6dbd7d6d3a08adbd5dddfcd92d5c8cb83dad88aea879aaac0a39bc69d8c8bc6dae2d3cef1c6d4d3d0dc92a098a1a09a9f9a89ddd0dbd5cf9785d6dbd2ce9ac8d7cbd2d78c8bc8d2e4d6d6df90a89f9598919e98a3a895a1b181e5c9cdc9d5d4949fa59e97ad979599cd99dca2c6dcecd4d7ded4a2989798939b959aa29799aa91a2989798939b958da28a9aaf95ab9c9b9d99a19d9ba69a
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9975 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/
Origin: http://nifty-bonus.ru

Response headers

date: Wed, 06 Feb 2019 09:34:28 GMT
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 4a4c9f01eda3c29c-FRA
content-length: 2

GET
H2 200 468x60.jpg
linkslot.ru/promo/dummy/ 12 KB
12 KB 24ms
24ms Image
image/jpeg 2606:4700:20::6819:9a75
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/promo/dummy/468x60.jpg
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9a75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Feb 2019 09:34:28 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Jul 2015 17:32:18 GMT
server: cloudflare
etag: "55ae8222-2e1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4a4c9f01fd3797e6-FRA
content-length: 11802
expires: Sat, 03 Feb 2029 09:34:28 GMT

GET
H2 200 new_code_site56435.js
coinmedia.co/ Frame 2D2A 0
0 115ms
42ms Document
text/html 2606:4700:30::6812:21a5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://coinmedia.co/new_code_site56435.js
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6812:21a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: coinmedia.co
:scheme: https
:path: /new_code_site56435.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://nifty-bonus.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/

Response headers

status: 200
date: Wed, 06 Feb 2019 09:34:28 GMT
content-type: text/html;charset=UTF-8
set-cookie: __cfduid=d818cb967b873c71683f9fd7d885d9ffd1549445668; expires=Thu, 06-Feb-20 09:34:28 GMT; path=/; domain=.coinmedia.co; HttpOnly
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Thu, 19 Nov 1981 08:52:00 GMT
vary: Accept-Encoding
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4a4c9f031ef59ac4-FRA
content-encoding: br

GET
H/1.1 200
OK 547989
ad.a-ads.com/ Frame DB76 0
0 56ms
39ms Document
text/html 5.9.10.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/547989?size=160x600

Requested by

Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/

Protocol

HTTP/1.1

Server

5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.165.10.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://nifty-bonus.ru/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 06 Feb 2019 09:34:28 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
Content-Encoding: gzip

GET
H2 200 new_code_site56434.js
coinmedia.co/ Frame 8D6E 0
0 92ms
42ms Document
text/html 2606:4700:30::6812:21a5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://coinmedia.co/new_code_site56434.js
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6812:21a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: coinmedia.co
:scheme: https
:path: /new_code_site56434.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://nifty-bonus.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/

Response headers

status: 200
date: Wed, 06 Feb 2019 09:34:28 GMT
content-type: text/html;charset=UTF-8
set-cookie: __cfduid=d818cb967b873c71683f9fd7d885d9ffd1549445668; expires=Thu, 06-Feb-20 09:34:28 GMT; path=/; domain=.coinmedia.co; HttpOnly
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Thu, 19 Nov 1981 08:52:00 GMT
vary: Accept-Encoding
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4a4c9f031ef69ac4-FRA
content-encoding: br

GET
H/1.1 200
OK ad.js Show response
ad.adcountry.net/js/ 6 KB
6 KB 95ms
13ms Script
application/javascript 138.201.244.154
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adcountry.net/js/ad.js
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.244.154 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: startsell.net
Software: nginx/1.10.0 (Ubuntu) /
Resource Hash: 3731d33260ab2bb651f565cce6fdbcd7a7cb94cbd0190fba1c7065f02d7d89ea

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 06 Feb 2019 09:34:28 GMT
Last-Modified: Wed, 07 Mar 2018 16:26:18 GMT
Server: nginx/1.10.0 (Ubuntu)
ETag: "5aa012aa-168d"
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5773

GET
H2 200 gate.php Show response
linkslot.ru/ 2 B
56 B 63ms
60ms XHR
text/html 2606:4700:20::6819:9975
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=d1d4cbdeeb94cbe9cfe7db95dad88e96a1a39b9faa84a39e9798869c979aa28ad6e9dbdbd4d3c992a0939a928fd6dbc4dbd6dbd7d6d3a08adbd5dddfcd92d5c8cb83dad88aea879aaac0a39bc69d8c8bc6dae2d3cef1c6d4d3d0dc92a098a1a09a9f9a89ddd0dbd5cf9785d6dbd2ce9ac8d7cbd2d78c8bc8d2e4d6d6df90a89f9598919e98a3a895a1b181e5c9cdc9d5d4949fa59e97ad97959ccf9a99dec8e4eac9cfac91a2989798939b959aa29799aa91a2989798939b958da28a9aaf95ab9c9b9d99a19d9ca99d
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9975 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/
Origin: http://nifty-bonus.ru

Response headers

date: Wed, 06 Feb 2019 09:34:28 GMT
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 4a4c9f02e8a8c29c-FRA
content-length: 2

GET
H2 200 0IDNax91YVEx5tvbg3rqz4jVw.gif
linkslot.ru/uploads/ 58 KB
58 KB 18ms
16ms Image
image/gif 2606:4700:20::6819:9a75
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/uploads/0IDNax91YVEx5tvbg3rqz4jVw.gif
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9a75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce574825a37b5b0747777b0fecccdaa83f4adc1f43defffa3c15441cdf18fb74

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Feb 2019 09:34:28 GMT
cf-cache-status: HIT
last-modified: Wed, 23 Jan 2019 14:50:04 GMT
server: cloudflare
etag: "5c487f1c-e766"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4a4c9f02de5a97e6-FRA
content-length: 59238
expires: Sat, 03 Feb 2029 09:34:28 GMT

GET
H2 200 buyb.png
linkslot.ru/img/ 3 KB
3 KB 18ms
15ms Image
image/png 2606:4700:20::6819:9a75
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/img/buyb.png
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9a75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Feb 2019 09:34:28 GMT
cf-cache-status: HIT
last-modified: Fri, 29 May 2015 20:03:43 GMT
server: cloudflare
etag: "5568c61f-a19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4a4c9f02de5b97e6-FRA
content-length: 2585
expires: Sat, 03 Feb 2029 09:34:28 GMT

GET
H2 200 gate.php Show response
linkslot.ru/ 2 B
55 B 56ms
52ms XHR
text/html 2606:4700:20::6819:9975
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=d1d4cbdeeb94cbe9cfe7db95dad88e96a1a39b9fab84a39e9798869c979aa28ad6e9dbdbd4d3c992a0939a928fd6dbc4dbd6dbd7d6d3a08adbd5dddfcd92d5c8cb83dad88aea879aaac0a39bc69d8c8bc6dae2d3cef1c6d4d3d0dc92a098a1a09a9f9a89ddd0dbd5cf9785d6dbd2ce9ac8d7cbd2d78c8bc8d2e4d6d6df90a89f9598919e98a3a895a1b181e5c9cdc9d5d4949fa59e97ad97959dd5cfdad4d7dce79ddded91a2989798939b959aa29799aa91a2989798939b958da28a9aaf95ab9c9b9d99a19d9cab9b
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9975 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/
Origin: http://nifty-bonus.ru

Response headers

date: Wed, 06 Feb 2019 09:34:28 GMT
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 4a4c9f02e8aac29c-FRA
content-length: 2

GET
H2 200 7na64rkOQbUNptTfDVWHm62Dv.gif
linkslot.ru/uploads/ 11 KB
12 KB 28ms
25ms Image
image/gif 2606:4700:20::6819:9a75
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/uploads/7na64rkOQbUNptTfDVWHm62Dv.gif
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9a75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 965494a939bca3af9064d92ef2134120a28a780bc0bfa475f5e4f1005d0bb25f

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Feb 2019 09:34:28 GMT
cf-cache-status: HIT
last-modified: Wed, 23 Jan 2019 14:51:18 GMT
server: cloudflare
etag: "5c487f66-2d77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4a4c9f02ee6797e6-FRA
content-length: 11639
expires: Sat, 03 Feb 2029 09:34:28 GMT

GET
H2 200 gate.php Show response
linkslot.ru/ 2 B
56 B 58ms
57ms XHR
text/html 2606:4700:20::6819:9975
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=d1d4cbdeeb94cbe9cfe7db95dad88e96a1a39b9faf84a39e9798869c979aa28ad6e9dbdbd4d3c992a0939a928fd6dbc4dbd6dbd7d6d3a08adbd5dddfcd92d5c8cb83dad88aea879aaac0a39bc69d8c8bc6dae2d3cef1c6d4d3d0dc92a098a1a09a9f9a89ddd0dbd5cf9785d6dbd2ce9ac8d7cbd2d78c8bc8d2e4d6d6df90a89f9598919e98a3a895a1b181e5c9cdc9d5d4949fa59e97ad979599cad7dcd6d2dba7e1dbeac4a2989798939b959aa29799aa91a2989798939b958da28a9aaf95ab9c9b9d99a19d9da29d
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9975 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/
Origin: http://nifty-bonus.ru

Response headers

date: Wed, 06 Feb 2019 09:34:28 GMT
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 4a4c9f0308e1c29c-FRA
content-length: 2

GET
H2 200 gate.php Show response
linkslot.ru/ 2 B
56 B 80ms
79ms XHR
text/html 2606:4700:20::6819:9975
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=d1d4cbdeeb94cbe9cfe7db95dad88e96a1a39b9fb284a39e9798869c979aa28ad6e9dbdbd4d3c992a0939a928fd6dbc4dbd6dbd7d6d3a08adbd5dddfcd92d5c8cb83dad88aea879aaac0a39bc69d8c8bc6dae2d3cef1c6d4d3d0dc92a098a1a09a9f9a89ddd0dbd5cf9785d6dbd2ce9ac8d7cbd2d78c8bc8d2e4d6d6df90a89f9598919e98a3a895a1b181e5c9cdc9d5d4949fa59e97ad979599dbd1d9a1d99ed498a2ad95a2989798939b959aa29799aa91a2989798939b958da28a9aaf95ab9c9b9d99a19d9da598
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9975 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/
Origin: http://nifty-bonus.ru

Response headers

date: Wed, 06 Feb 2019 09:34:28 GMT
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 4a4c9f032951c29c-FRA
content-length: 2

GET
H2 200 AvSKJX5WtZNOLs6czg3frC6zw.gif
linkslot.ru/uploads/ 262 KB
262 KB 19ms
18ms Image
image/gif 2606:4700:20::6819:9a75
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/uploads/AvSKJX5WtZNOLs6czg3frC6zw.gif
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9a75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90731b60c2eebeba995cb4a21bf7875cf09d7c83debf312b02064d2c278bc3c7

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Feb 2019 09:34:28 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Jan 2019 02:55:08 GMT
server: cloudflare
etag: "5c3fee8c-417c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4a4c9f031e9897e6-FRA
content-length: 268226
expires: Sat, 03 Feb 2029 09:34:28 GMT

GET
H2 200 gate.php Show response
linkslot.ru/ 2 B
56 B 87ms
86ms XHR
text/html 2606:4700:20::6819:9975
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=d1d4cbdeeb94cbe9cfe7db95dad88e96a1a39b9fb384a39e9798869c979aa28ad6e9dbdbd4d3c992a0939a928fd6dbc4dbd6dbd7d6d3a08adbd5dddfcd92d5c8cb83dad88aea879aaac0a39bc69d8c8bc6dae2d3cef1c6d4d3d0dc92a098a1a09a9f9a89ddd0dbd5cf9785d6dbd2ce9ac8d7cbd2d78c8bc8d2e4d6d6df90a89f9598919e98a3a895a1b181e5c9cdc9d5d4949fa59e97ad9795d5cacccde1d3d5ebd49fb291a2989798939b959aa29799aa91a2989798939b889a95989eae9aa69c9c9e99a3989eaa
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9975 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/
Origin: http://nifty-bonus.ru

Response headers

date: Wed, 06 Feb 2019 09:34:28 GMT
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 4a4c9f03396ac29c-FRA
content-length: 2

GET
H2 200 gate.php Show response
linkslot.ru/ 2 B
56 B 79ms
78ms XHR
text/html 2606:4700:20::6819:9975
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=d1d4cbdeeb94cbe9cfe7db95dad88e96a1a39ba0aa84a39e9798869c979aa28ad6e9dbdbd4d3c992a0939a928fd6dbc4dbd6dbd7d6d3a08adbd5dddfcd92d5c8cb83dad88aea879aaac0a39bc69d8c8bc6dae2d3cef1c6d4d3d0dc92a098a1a09a9f9a89ddd0dbd5cf9785d6dbd2ce9ac8d7cbd2d78c8bc8d2e4d6d6df90a89f9598919e98a3a895a1b181e5c9cdc9d5d4949fa59e97ad97959ad6d2d09d9aa1ebdc9aae91a2989798939b959aa29799aa91a2989798939b958da28a9aaf95ab9c9b9d99a19d9da897
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9975 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/
Origin: http://nifty-bonus.ru

Response headers

date: Wed, 06 Feb 2019 09:34:28 GMT
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 4a4c9f03396cc29c-FRA
content-length: 2

GET
H/1.1 200
OK Cookie set index
ad.adcountry.net/adword/default/ Frame 9A47 0
0 119ms
47ms Document
text/html 138.201.244.154
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ad.adcountry.net/adword/default/index?ww_user=365&ww_sub=187&ww_block=235&ww_width=468&ww_height=60&ww_blink_color=00ccff&ww_format=468x60&ww_background_color=ffffff&ww_text_color=000000&ww_link_color=3366ff&ww_font_size=12px&ww_border_color=cccccc&ww_category=fishing&ww_ismedia=&ww_keywords=&ref=
Requested by: Host: ad.adcountry.net
URL: https://ad.adcountry.net/js/ad.js
Protocol: HTTP/1.1
Server: 138.201.244.154 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: startsell.net
Software: nginx/1.10.0 (Ubuntu) /
Resource Hash

Request headers

Host: ad.adcountry.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://nifty-bonus.ru/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/

Response headers

Server: nginx/1.10.0 (Ubuntu)
Date: Wed, 06 Feb 2019 09:34:28 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=tq0lrm6rh6ema17tp1dn4tqd54; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Content-Encoding: gzip

GET
H/1.1 200
OK 537440
ad.a-ads.com/ Frame BCF3 0
0 44ms
33ms Document
text/html 5.9.10.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/537440?size=468x60

Requested by

Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/

Protocol

HTTP/1.1

Server

5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.165.10.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://nifty-bonus.ru/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 06 Feb 2019 09:34:28 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
Content-Encoding: gzip

GET
H/1.1 200
OK 537473
ad.a-ads.com/ Frame B643 0
0 37ms
32ms Document
text/html 5.9.10.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/537473?size=468x60

Requested by

Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/

Protocol

HTTP/1.1

Server

5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.165.10.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://nifty-bonus.ru/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 06 Feb 2019 09:34:28 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
Content-Encoding: gzip

GET
H/1.1 200
OK 537476
ad.a-ads.com/ Frame 6BC1 0
0 59ms
25ms Document
text/html 176.9.125.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/537476?size=468x60

Requested by

Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/

Protocol

HTTP/1.1

Server

176.9.125.108 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.125.9.176.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://nifty-bonus.ru/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 06 Feb 2019 09:34:28 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
Content-Encoding: gzip

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/api2/v1548975483598/ 259 KB
90 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:814::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/v1548975483598/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bace2b95c8aa4f3aa7b80a8b2044b219369ec73536018508dd834484018f7c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 23:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 01 Feb 2019 01:15:00 GMT
server: sffe
age: 121068
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 91646
x-xss-protection: 1; mode=block
expires: Tue, 04 Feb 2020 23:56:40 GMT

GET
H2 200 gate.php Show response
linkslot.ru/ 2 B
56 B 32ms
32ms XHR
text/html 2606:4700:20::6819:9975
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=d1d4cbdeeb94cbe9cfe7db95dad88e96a1a39ba0ab84a39e9798869c979aa28ad6e9dbdbd4d3c992a0939a928fd6dbc4dbd6dbd7d6d3a08adbd5dddfcd92d5c8cb83dad88aea879aaac0a39bc69d8c8bc6dae2d3cef1c6d4d3d0dc92a098a1a09a9f9a89ddd0dbd5cf9785d6dbd2ce9ac8d7cbd2d78c8bc8d2e4d6d6df90a89f9598919e98a3a895a1b181e5c9cdc9d5d4949fa59e97ad97959ad6d2d09d9aa1ebdc9aae91a2989798939b959aa29799aa91a2989798939b958da38a9aaf95ab9c9b9d99a19d9ea99d
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9975 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/
Origin: http://nifty-bonus.ru

Response headers

date: Wed, 06 Feb 2019 09:34:28 GMT
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 4a4c9f041bd0c29c-FRA
content-length: 2

GET
H2 200 gate.php Show response
linkslot.ru/ 2 B
56 B 40ms
39ms XHR
text/html 2606:4700:20::6819:9975
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=d1d4cbdeeb94cbe9cfe7db95dad88e96a1a39ba0ae84a39e9798869c979aa28ad6e9dbdbd4d3c992a0939a928fd6dbc4dbd6dbd7d6d3a08adbd5dddfcd92d5c8cb83dad88aea879aaac0a39bc69d8c8bc6dae2d3cef1c6d4d3d0dc92a098a1a09a9f9a89ddd0dbd5cf9785d6dbd2ce9ac8d7cbd2d78c8bc8d2e4d6d6df90a89f9598919e98a3a895a1b181e5c9cdc9d5d4949fa59e97ad97959ad6d2d09d9aa1ebdc9aae91a2989798939b959aa29799aa91a2989798939b958da38a9aaf95ab9c9b9d99a19d9eaba0
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9975 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/
Origin: http://nifty-bonus.ru

Response headers

date: Wed, 06 Feb 2019 09:34:28 GMT
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 4a4c9f043c18c29c-FRA
content-length: 2

GET
H2 200 gate.php Show response
linkslot.ru/ 2 B
56 B 32ms
29ms XHR
text/html 2606:4700:20::6819:9975
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=d1d4cbdeeb94cbe9cfe7db95dad88e96a1a39ba0af84a39e9798869c979aa28ad6e9dbdbd4d3c992a0939a928fd6dbc4dbd6dbd7d6d3a08adbd5dddfcd92d5c8cb83dad88aea879aaac0a39bc69d8c8bc6dae2d3cef1c6d4d3d0dc92a098a1a09a9f9a89ddd0dbd5cf9785d6dbd2ce9ac8d7cbd2d78c8bc8d2e4d6d6df90a89f9598919e98a3a895a1b181e5c9cdc9d5d4949fa59e97ad97959ad6d2d09d9aa1ebdc9aae91a2989798939b959aa29799aa91a2989798939b958da38a9aaf95ab9c9b9d99a19d9fa399
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9975 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/
Origin: http://nifty-bonus.ru

Response headers

date: Wed, 06 Feb 2019 09:34:28 GMT
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 4a4c9f043c1ac29c-FRA
content-length: 2

GET
H/1.1 200
OK pbnr2.php
adalso.com/ad/ Frame 1389 0
0 305ms
170ms Document
text/html 23.94.144.154
ColoCrossing

General

Check archive.org

Show headers Download Go to

Full URL: http://adalso.com/ad/pbnr2.php?ref=10323
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: HTTP/1.1
Server: 23.94.144.154 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS: 23-94-144-154-host.colocrossing.com
Software: Apache /
Resource Hash

Request headers

Host: adalso.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://nifty-bonus.ru/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/

Response headers

Date: Wed, 06 Feb 2019 09:34:27 GMT
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK / Show response
ads.people-group.net/318765/1/2/ 12 KB
3 KB 117ms
15ms Script
application/x-javascript 5.9.100.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ads.people-group.net/318765/1/2/

Requested by

Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/

Protocol

HTTP/1.1

Server

5.9.100.69 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

www.people-group.su

Software

nginx/1.12.2 /

Resource Hash

f244eec919970f7423b5cef0592811f7ee7d2d882387b50137ce0f424d80df5f

Security Headers

Name	Value
X-Xss-Protection	0;

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Feb 2019 09:34:57 GMT
Content-Encoding: gzip
Server: nginx/1.12.2
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript;charset=UTF-8;
X-XSS-Protection: 0;

GET
H/1.1 200
OK index
ad.adcountry.net/adword/default/ Frame 6078 0
0 61ms
57ms Document
text/html 138.201.244.154
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ad.adcountry.net/adword/default/index?ww_user=365&ww_sub=187&ww_block=234&ww_width=468&ww_height=60&ww_blink_color=00ccff&ww_format=468x60&ww_background_color=ffffff&ww_text_color=000000&ww_link_color=3366ff&ww_font_size=12px&ww_border_color=2f7af1&ww_category=fishing&ww_ismedia=&ww_keywords=&ref=
Requested by: Host: ad.adcountry.net
URL: https://ad.adcountry.net/js/ad.js
Protocol: HTTP/1.1
Server: 138.201.244.154 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: startsell.net
Software: nginx/1.10.0 (Ubuntu) /
Resource Hash

Request headers

Host: ad.adcountry.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://nifty-bonus.ru/
Accept-Encoding: gzip, deflate
Cookie: PHPSESSID=tq0lrm6rh6ema17tp1dn4tqd54
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/

Response headers

Server: nginx/1.10.0 (Ubuntu)
Date: Wed, 06 Feb 2019 09:34:28 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Content-Encoding: gzip

GET
H/1.1 577 420854
ad.a-ads.com/ Frame B74A 0
0 66ms
20ms Document
text/plain 176.9.125.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ad.a-ads.com/420854?size=468x60
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: HTTP/1.1
Server: 176.9.125.108 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.108.125.9.176.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://nifty-bonus.ru/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 06 Feb 2019 09:34:28 GMT
Content-Length: 0
Connection: keep-alive

GET
H2

200

new_code_site41152.js
s1.coinmedia.co/ Frame DF92
Redirect Chain

https://coinmedia.co/new_code_site41152.js
https://s1.coinmedia.co/new_code_site41152.js

0
0

66ms
30ms

Document
text/html

2606:4700:30::6812:21a5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.coinmedia.co/new_code_site41152.js
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6812:21a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.5.9-1ubuntu4.17
Resource Hash

Request headers

:method: GET
:authority: s1.coinmedia.co
:scheme: https
:path: /new_code_site41152.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://nifty-bonus.ru/
accept-encoding: gzip, deflate, br
cookie: __cfduid=d818cb967b873c71683f9fd7d885d9ffd1549445668
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/

Response headers

status: 200
date: Wed, 06 Feb 2019 09:34:28 GMT
content-type: text/html;charset=UTF-8
x-powered-by: PHP/5.5.9-1ubuntu4.17
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 4a4c9f055a0a9ac4-FRA
content-encoding: br

Redirect headers

status: 301
date: Wed, 06 Feb 2019 09:34:28 GMT
content-type: text/html; charset=iso-8859-1
location: https://s1.coinmedia.co/new_code_site41152.js
cf-cache-status: HIT
expires: Wed, 06 Feb 2019 13:34:28 GMT
cache-control: public, max-age=14400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 4a4c9f04e97e9ac4-FRA

GET
H/1.1 200
OK pbup.php
adalso.com/ad/ Frame 7C8F 0
0 300ms
163ms Document
text/html 23.94.144.154
ColoCrossing

General

Check archive.org

Show headers Download Go to

Full URL: http://adalso.com/ad/pbup.php?ref=7723
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: HTTP/1.1
Server: 23.94.144.154 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS: 23-94-144-154-host.colocrossing.com
Software: Apache /
Resource Hash

Request headers

Host: adalso.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://nifty-bonus.ru/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/

Response headers

Date: Wed, 06 Feb 2019 09:34:28 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html

GET
H/1.1 200
OK 2551529.js Show response
js.hotlog.ru/dcounter/ 2 KB
2 KB 161ms
51ms Script
text/javascript 95.163.105.93
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://js.hotlog.ru/dcounter/2551529.js
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: HTTP/1.1
Server: 95.163.105.93 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS: js.hotlog.ru
Software: nginx/1.5.9 /
Resource Hash: 4e38fc3f7abd76cfea81b72c72b33241f8c8ea75d48e257d5ad9c51873604aeb

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Feb 2019 09:34:28 GMT
Cache-Control: max-age=43200, public
Expires: Wed, 06 Feb 2019 15:09:37 GMT
Server: nginx/1.5.9
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/javascript

GET
H2 200 gate.php Show response
linkslot.ru/ 2 B
56 B 47ms
23ms XHR
text/html 2606:4700:20::6819:9975
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=d1d4cbdeeb94cbe9cfe7db95dad88e96a1a39ba1aa84a39e9798869c979aa28ad6e9dbdbd4d3c992a0939a928fd6dbc4dbd6dbd7d6d3a08adbd5dddfcd92d5c8cb83dad88aea879aaac0a39bc69d8c8bc6dae2d3cef1c6d4d3d0dc92a098a1a09a9f9a89ddd0dbd5cf9785d6dbd2ce9ac8d7cbd2d78c8bc8d2e4d6d6df90a89f9598919e98a3a895a1b181e5c9cdc9d5d4949fa59e97ad97959ad6d2d09d9aa1ebdc9aae91a2989798939b959aa29799aa91a2989798939b958da38a9aaf95ab9c9b9d99a19d9fa89f
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9975 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/
Origin: http://nifty-bonus.ru

Response headers

date: Wed, 06 Feb 2019 09:34:28 GMT
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 4a4c9f04fdf2c29c-FRA
content-length: 2

GET
H/1.1 200
OK watch.js Show response
mc.yandex.ru/metrika/ 130 KB
38 KB 72ms
24ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

c8e4926838891efbf2efcf8364a5125d7030b58da8c5dc3e27bb23b90e4830d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Feb 2019 09:34:28 GMT
Content-Encoding: br
Last-Modified: Mon, 04 Feb 2019 08:13:10 GMT
Server: nginx/1.12.2
ETag: "5c57f416-983a"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 38970
Expires: Wed, 06 Feb 2019 10:34:28 GMT

GET
H/1.1 200
OK frame.html
yastatic.net/share2/ Frame 81F1 0
0 65ms
61ms Document
text/html 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://yastatic.net/share2/frame.html?namespace=ya-share2.0.7449172213861581
Requested by: Host: yastatic.net
URL: https://yastatic.net/share2/share.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash

Request headers

Host: yastatic.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://nifty-bonus.ru/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/

Response headers

Server: nginx/1.12.2
Date: Wed, 06 Feb 2019 09:34:28 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
ETag: W/"a33dfb238e9cbd15c0816ad716b2a95d"
Last-Modified: Thu, 20 Dec 2018 12:48:50 GMT
X-Robots-Tag: noindex, noarchive, nofollow
X-Nginx-Request-Id: 3df2075f51b6dac3
Content-Encoding: gzip
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000 public
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 136 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76eb8386fc5ab8d4d792552d2d586b6538f08e8522b370fb2c4d1c9396337d29

Request headers

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 966 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d6b8ecb2f70ad50610c2956c63e8b068d64b18b39ab2d3736fa5a81c8a2cac9

Request headers

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f64f60b60f581caadfa1cf9b012ca732c4f4a24c8475027e7b7a225f20ce4278

Request headers

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 623 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2462686d344ef1fd4018b47593f655e60e8f0e31c9c6d75e78d2197c3c1f08b7

Request headers

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 629 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fcf18a19588804a8cb78413404c8da8a6bdfe22629ceb0b5003fee082128977

Request headers

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 541 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0cc98d8e92a98749ce2cc2ecfd5cba57cdffa8e04048f66785646ddd3a2d6f75

Request headers

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 479 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ff50479114c5f8894ea6bc542b97af4823dade56553dfb8be868e2e510097e0

Request headers

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24e783c578e733e71830561d8e8e41c7ef7a3aea2a50f22074a7c006b7739a35

Request headers

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 379fe9eb56cf944ed0d091ded994a7b6df3de0ea55e744f7d110af39d1f0e5f3

Request headers

Response headers

Content-Type: image/svg+xml

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame E30C 0
0 34ms
32ms Document
text/html 2a00:1450:4001:81f::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdY8yQUAAAAAIR78pVFlrlcZkwKkn55V0QOMNr2&co=aHR0cDovL25pZnR5LWJvbnVzLnJ1Ojgw&hl=en&v=v1548975483598&size=normal&cb=x72pkvn4aq9v

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1548975483598/recaptcha__en.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NSlFn893/6dHdB+tHmwOLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LdY8yQUAAAAAIR78pVFlrlcZkwKkn55V0QOMNr2&co=aHR0cDovL25pZnR5LWJvbnVzLnJ1Ojgw&hl=en&v=v1548975483598&size=normal&cb=x72pkvn4aq9v
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://nifty-bonus.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 06 Feb 2019 09:34:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-NSlFn893/6dHdB+tHmwOLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 11300
server: GSE
alt-svc: quic=":443"; ma=2592000; v="44,43,39"

GET
H/1.1

302
Found

1 Show response
mc.yandex.ru/watch/42929409/
Redirect Chain

https://mc.yandex.ru/watch/42929409?wmode=7&page-url=http%3A%2F%2Fnifty-bonus.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1549445667887%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1...
https://mc.yandex.ru/watch/42929409/1?wmode=7&page-url=http%3A%2F%2Fnifty-bonus.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1549445667887%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3...

0
-1 B

13ms
12ms

XHR

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/42929409/1?wmode=7&page-url=http%3A%2F%2Fnifty-bonus.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1549445667887%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190206093428%3Aet%3A1549445669%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A557337577%3Ahid%3A923089143%3Ads%3A65%2C16%2C25%2C18%2C0%2C0%2C0%2C612%2C15%2C%2C%2C%2C731%3Afp%3A287%3Awn%3A47920%3Ahl%3A2%3Agdpr%3A14%3Av%3A1407%3Ast%3A1549445669%3Au%3A1549445669876269093

Requested by

Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Feb 2019 09:34:28 GMT
Last-Modified: Wed, 06-Feb-2019 09:34:28 GMT
Server: nginx/1.12.2
Location: /watch/42929409/1?wmode=7&page-url=http%3A%2F%2Fnifty-bonus.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1549445667887%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190206093428%3Aet%3A1549445669%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A557337577%3Ahid%3A923089143%3Ads%3A65%2C16%2C25%2C18%2C0%2C0%2C0%2C612%2C15%2C%2C%2C%2C731%3Afp%3A287%3Awn%3A47920%3Ahl%3A2%3Agdpr%3A14%3Av%3A1407%3Ast%3A1549445669%3Au%3A1549445669876269093
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: http://nifty-bonus.ru
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Wed, 06-Feb-2019 09:34:28 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 06 Feb 2019 09:34:28 GMT
Last-Modified: Wed, 06-Feb-2019 09:34:28 GMT
Server: nginx/1.12.2
Access-Control-Allow-Origin: http://nifty-bonus.ru
Strict-Transport-Security: max-age=31536000
Location: /watch/42929409/1?wmode=7&page-url=http%3A%2F%2Fnifty-bonus.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1549445667887%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190206093428%3Aet%3A1549445669%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A557337577%3Ahid%3A923089143%3Ads%3A65%2C16%2C25%2C18%2C0%2C0%2C0%2C612%2C15%2C%2C%2C%2C731%3Afp%3A287%3Awn%3A47920%3Ahl%3A2%3Agdpr%3A14%3Av%3A1407%3Ast%3A1549445669%3Au%3A1549445669876269093
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Wed, 06-Feb-2019 09:34:28 GMT

GET
H/1.1

200
OK

count
hit20.hotlog.ru/cgi-bin/hotlog/
Redirect Chain

http://hit20.hotlog.ru/cgi-bin/hotlog/count?0.026897156280863088&s=2551529&im=416&r=&pg=http%3A//nifty-bonus.ru/&j=N&wh=1600x1200&px=24&cver=1&js=1.3
http://hit20.hotlog.ru/cgi-bin/hotlog/count?0.026897156280863088&s=2551529&im=416&r=&pg=http%3A//nifty-bonus.ru/&j=N&wh=1600x1200&px=24&cver=1&js=1.3&hl_ignore=Y
https://dmg.digitaltarget.ru/1/19/i/i?a=19&e=3adf1fef0e9886f1a56468818b478&i=1961447540&r=https://hit20.hotlog.ru/cgi-bin/hotlog/count?s%3D2551529%26im%3D416%26hl_hitback%3DY
https://dmg.digitaltarget.ru/1/19/i/i?a=19&e=3adf1fef0e9886f1a56468818b478&i=1961447540&r=https://hit20.hotlog.ru/cgi-bin/hotlog/count?s%3D2551529%26im%3D416%26hl_hitback%3DY&q=scc
https://hit20.hotlog.ru/cgi-bin/hotlog/count?s=2551529&im=416&hl_hitback=Y

683 B
831 B

331ms
53ms

Image
image/gif

95.163.105.112
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hit20.hotlog.ru/cgi-bin/hotlog/count?s=2551529&im=416&hl_hitback=Y
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: HTTP/1.1
Security: TLS 1.0, RSA, AES_256_CBC
Server: 95.163.105.112 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS: srv12.hotlog.ru
Software: nginx/0.8.55 /
Resource Hash: ad9992b60f37e02679e797397a313f66005867795da80a49bfbef14cf5c0ee8d

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Feb 2019 09:34:30 GMT
Server: nginx/0.8.55
Connection: keep-alive
Content-Length: 683
Content-Type: image/gif

Redirect headers

Location: https://hit20.hotlog.ru/cgi-bin/hotlog/count?s=2551529&im=416&hl_hitback=Y
Date: Wed, 06 Feb 2019 09:34:30 GMT
Server: nginx/1.6.2
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

GET
H/1.1 200
OK 1 Show response
mc.yandex.ru/watch/42929409/ 152 B
701 B 13ms
12ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

8ef587ad48948b55d4541ec56e549854fffd9a50299e9e3331f2206e2130a336

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://nifty-bonus.ru/
Origin: http://nifty-bonus.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 06 Feb 2019 09:34:29 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 06-Feb-2019 09:34:29 GMT
Server: nginx/1.12.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://nifty-bonus.ru
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 152
X-XSS-Protection: 1; mode=block
Expires: Wed, 06-Feb-2019 09:34:29 GMT

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
445 B 22ms
19ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Feb 2019 09:34:29 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Oct 2015 13:09:09 GMT
Server: nginx/1.12.2
ETag: "561bb0f5-3d"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 61
Expires: Wed, 06 Feb 2019 10:34:29 GMT

POST
H/1.1 200
OK 26812653 Show response
mc.yandex.ru/watch/ 133 B
682 B 23ms
12ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/26812653?wmode=7&page-url=http%3A%2F%2Fnifty-bonus.ru%2F&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%221.6.1%22%2C%22shareVersion%22%3A2%7D&browser-info=ti%3A10%3Ans%3A1549445667887%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1585x1200%3Ai%3A20190206093428%3Aet%3A1549445669%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A935488563%3Ahid%3A923089143%3Ads%3A65%2C16%2C25%2C18%2C0%2C0%2C0%2C612%2C15%2C%2C%2C%2C731%3Afp%3A287%3Agdpr%3A14%3Av%3A1407%3Ast%3A1549445669%3Au%3A1549445669876269093

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

68ae9a33184c7f6633f458526d972545f97da3da137eed51f34c5b4db5555f1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://nifty-bonus.ru/
Origin: http://nifty-bonus.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 06 Feb 2019 09:34:29 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 06-Feb-2019 09:34:29 GMT
Server: nginx/1.12.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://nifty-bonus.ru
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 133
X-XSS-Protection: 1; mode=block
Expires: Wed, 06-Feb-2019 09:34:29 GMT

POST
H/1.1 200
OK 1
mc.yandex.ru/watch/26812653/ 43 B
536 B 35ms
13ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/26812653/1?page-url=http%3A%2F%2Fnifty-bonus.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1549445667887%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A2%3Ai%3A20190206093429%3Aet%3A1549445669%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apa%3A1%3Arn%3A516950106%3Ahid%3A923089143%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Av%3A1407%3Ast%3A1549445669%3Au%3A1549445669876269093

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://nifty-bonus.ru/
Origin: http://nifty-bonus.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 06 Feb 2019 09:34:29 GMT
Last-Modified: Wed, 06-Feb-2019 09:34:29 GMT
Server: nginx/1.12.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: http://nifty-bonus.ru
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Wed, 06-Feb-2019 09:34:29 GMT

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 42D4 0
0 20ms
19ms Document
text/html 2a00:1450:4001:81f::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1548975483598&k=6LdY8yQUAAAAAIR78pVFlrlcZkwKkn55V0QOMNr2&cb=muf0ae9yjjim

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1548975483598/recaptcha__en.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9Q+A9XqLRV8+D+84MlYlgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=v1548975483598&k=6LdY8yQUAAAAAIR78pVFlrlcZkwKkn55V0QOMNr2&cb=muf0ae9yjjim
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://nifty-bonus.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 06 Feb 2019 09:34:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-9Q+A9XqLRV8+D+84MlYlgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1124
server: GSE
alt-svc: quic=":443"; ma=2592000; v="44,43,39"

GET
H2 200 gate.php Show response
linkslot.ru/ 2 B
180 B 79ms
43ms XHR
text/html 2606:4700:20::6819:9975
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d2=d1d4cbdeeb94cbe9cfe7db95dad88e96a1a39b9eb384a28b978b938e969fa6a09dae96a89e9f9d99a3
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9975 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/
Origin: http://nifty-bonus.ru

Response headers

date: Wed, 06 Feb 2019 09:34:31 GMT
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 4a4c9f152da6c29c-FRA
content-length: 2

GET gate.php
linkslot.ru/ 0
0

GET
H2 200 gate.php Show response
linkslot.ru/ 2 B
56 B 100ms
22ms XHR
text/html 2606:4700:20::6819:9975
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d2=d1d4cbdeeb94cbe9cfe7db95dad88e96a1a39ba0aa84a28b978b938e969fa6a09dae96a89e9f9d99a3
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9975 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/
Origin: http://nifty-bonus.ru

Response headers

date: Wed, 06 Feb 2019 09:34:31 GMT
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 4a4c9f168a4cc29c-FRA
content-length: 2

GET gate.php
linkslot.ru/ 0
0

GET
H2 200 gate.php
linkslot.ru/ 0
0 81ms
80ms XHR
text/html 2606:4700:20::6819:9975
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d2=d1d4cbdeeb94cbe9cfe7db95dad88e96a1a39ba0af84a28b978b938e969fa6a09dae96a89e9f9d99a3
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9975 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/
Origin: http://nifty-bonus.ru

Response headers

date: Wed, 06 Feb 2019 09:34:31 GMT
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 4a4c9f171c04c29c-FRA
content-length: 2

GET
H2 200 gate.php Show response
linkslot.ru/ 2 B
56 B 40ms
33ms XHR
text/html 2606:4700:20::6819:9975
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d2=d1d4cbdeeb94cbe9cfe7db95dad88e96a1a39ba1aa84a28b978b938e969fa6a09dae96a89e9f9d99a3
Requested by: Host: nifty-bonus.ru
URL: http://nifty-bonus.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:9975 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://nifty-bonus.ru/
Origin: http://nifty-bonus.ru

Response headers

date: Wed, 06 Feb 2019 09:34:31 GMT
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: text/html;charset=windows-1251
access-control-allow-origin: *
cf-ray: 4a4c9f17bd51c29c-FRA
content-length: 2

GET
H/1.1

200
OK

1
mc.yandex.ru/watch/42929409/
Redirect Chain

https://mc.yandex.ru/watch/42929409?page-url=http%3A%2F%2Fnifty-bonus.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1549445667887%3As%3A1600x1200x24%3Ask%3A1%3Aadb%3A2%...
https://mc.yandex.ru/watch/42929409/1?page-url=http%3A%2F%2Fnifty-bonus.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1549445667887%3As%3A1600x1200x24%3Ask%3A1%3Aadb%3A...

43 B
444 B

13ms
13ms

Other
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/42929409/1?page-url=http%3A%2F%2Fnifty-bonus.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1549445667887%3As%3A1600x1200x24%3Ask%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190206093443%3Aet%3A1549445684%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Anb%3A1%3Acl%3A217%3Arn%3A488021869%3Ahid%3A923089143%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C15153%2C15153%2C2%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1407%3Ast%3A1549445684%3Au%3A1549445669876269093%3App%3A2587583065

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Feb 2019 09:34:43 GMT
Last-Modified: Wed, 06-Feb-2019 09:34:43 GMT
Server: nginx/1.12.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Wed, 06-Feb-2019 09:34:43 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 06 Feb 2019 09:34:43 GMT
Last-Modified: Wed, 06-Feb-2019 09:34:43 GMT
Server: nginx/1.12.2
Location: /watch/42929409/1?page-url=http%3A%2F%2Fnifty-bonus.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1549445667887%3As%3A1600x1200x24%3Ask%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190206093443%3Aet%3A1549445684%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Anb%3A1%3Acl%3A217%3Arn%3A488021869%3Ahid%3A923089143%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C15153%2C15153%2C2%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1407%3Ast%3A1549445684%3Au%3A1549445669876269093%3App%3A2587583065
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: http://nifty-bonus.ru
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Wed, 06-Feb-2019 09:34:43 GMT

GET
H/1.1

200
OK

1
mc.yandex.ru/watch/26812653/
Redirect Chain

https://mc.yandex.ru/watch/26812653?page-url=http%3A%2F%2Fnifty-bonus.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1549445667887%3As%3A1600x1200x24%3Ask%3A1%3Aadb%3A2%...
https://mc.yandex.ru/watch/26812653/1?page-url=http%3A%2F%2Fnifty-bonus.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1549445667887%3As%3A1600x1200x24%3Ask%3A1%3Aadb%3A...

43 B
444 B

13ms
12ms

Other
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/26812653/1?page-url=http%3A%2F%2Fnifty-bonus.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1549445667887%3As%3A1600x1200x24%3Ask%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1585x1200%3Ai%3A20190206093444%3Aet%3A1549445684%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A217%3Arn%3A570160148%3Ahid%3A923089143%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C15153%2C15153%2C2%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1407%3Ast%3A1549445684%3Au%3A1549445669876269093%3App%3A2587583065

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://nifty-bonus.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Feb 2019 09:34:44 GMT
Last-Modified: Wed, 06-Feb-2019 09:34:44 GMT
Server: nginx/1.12.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Wed, 06-Feb-2019 09:34:44 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 06 Feb 2019 09:34:44 GMT
Last-Modified: Wed, 06-Feb-2019 09:34:44 GMT
Server: nginx/1.12.2
Location: /watch/26812653/1?page-url=http%3A%2F%2Fnifty-bonus.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1549445667887%3As%3A1600x1200x24%3Ask%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1585x1200%3Ai%3A20190206093444%3Aet%3A1549445684%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A217%3Arn%3A570160148%3Ahid%3A923089143%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C15153%2C15153%2C2%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1407%3Ast%3A1549445684%3Au%3A1549445669876269093%3App%3A2587583065
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: http://nifty-bonus.ru
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Wed, 06-Feb-2019 09:34:44 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: linkslot.ru
URL: https://linkslot.ru/gate.php?d2=d1d4cbdeeb94cbe9cfe7db95dad88e96a1a39b9faa84a28b978b938e969fa6a09dae96a89e9f9d99a3

Domain: linkslot.ru
URL: https://linkslot.ru/gate.php?d2=d1d4cbdeeb94cbe9cfe7db95dad88e96a1a39b9fab84a28b978b938e969fa6a09dae96a89e9f9d99a3

Domain: linkslot.ru
URL: https://linkslot.ru/gate.php?d2=d1d4cbdeeb94cbe9cfe7db95dad88e96a1a39b9faf84a28b978b938e969fa6a09dae96a89e9f9d99a3

Domain: linkslot.ru
URL: https://linkslot.ru/gate.php?d2=d1d4cbdeeb94cbe9cfe7db95dad88e96a1a39b9fb284a28b978b938e969fa6a09dae96a89e9f9d99a3

Domain: linkslot.ru
URL: https://linkslot.ru/gate.php?d2=d1d4cbdeeb94cbe9cfe7db95dad88e96a1a39b9fb384a28b978b938e969fa6a09dae96a89e9f9d99a3

Domain: linkslot.ru
URL: https://linkslot.ru/gate.php?d2=d1d4cbdeeb94cbe9cfe7db95dad88e96a1a39ba0ab84a28b978b938e969fa6a09dae96a89e9f9d99a3

Domain: linkslot.ru
URL: https://linkslot.ru/gate.php?d2=d1d4cbdeeb94cbe9cfe7db95dad88e96a1a39ba0ae84a28b978b938e969fa6a09dae96a89e9f9d99a3

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bitcoadz.io/	1970-01-18 22:24:09	Name: imp_ads Value: 14684-1
.bitcoadz.io/	1970-01-19 07:09:41	Name: __cfduid Value: d9363a564c0ba62e770898eb9733b98c11549445682
mellowads.com/	1970-01-19 00:33:38	Name: user Value: referrer=
emeraldbux.com/	1970-01-18 22:24:09	Name: sticky_ads_view_15484_8357 Value: 1
.mellowads.com/	1970-01-19 07:09:41	Name: __cfduid Value: d7b110703bc26e295a829f7feadca46b81549445681
orbisbux.com/	1970-01-18 22:24:09	Name: sticky_ads_view_15481_8357 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
ad.adcountry.net
adalso.com
ads.people-group.net
ajax.googleapis.com
coinmedia.co
dmg.digitaltarget.ru
hit20.hotlog.ru
js.hotlog.ru
linkslot.ru
mc.yandex.ru
nifty-bonus.ru
s1.coinmedia.co
www.google.com
www.gstatic.com
yastatic.net
linkslot.ru
138.201.244.154
176.9.125.108
185.15.175.133
212.8.244.21
23.94.144.154
2606:4700:20::6819:9975
2606:4700:20::6819:9a75
2606:4700:30::6812:21a5
2a00:1450:4001:806::200a
2a00:1450:4001:814::2003
2a00:1450:4001:81f::2004
2a02:6b8:20::215
2a02:6b8::1:119
5.9.10.165
5.9.100.69
95.163.105.112
95.163.105.93
0cc98d8e92a98749ce2cc2ecfd5cba57cdffa8e04048f66785646ddd3a2d6f75
1ebd67b2566b90a69309edcb1d611d215da89cc796b5d7c9f7fde366e7df677a
2103285c1f97a73375ef59754d59086f8405cbbfc5096f9b6d743c0dfc613c6e
219f4f6919f44acab444c97a34f866d922cce43f6a6f0d89c4f2b3a204ac5b0e
2462686d344ef1fd4018b47593f655e60e8f0e31c9c6d75e78d2197c3c1f08b7
24e783c578e733e71830561d8e8e41c7ef7a3aea2a50f22074a7c006b7739a35
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2d6b8ecb2f70ad50610c2956c63e8b068d64b18b39ab2d3736fa5a81c8a2cac9
2fca3b294c81df7bc01ec06c6bdda0bf8e54dc68e347cb210944872907520fa1
3731d33260ab2bb651f565cce6fdbcd7a7cb94cbd0190fba1c7065f02d7d89ea
379fe9eb56cf944ed0d091ded994a7b6df3de0ea55e744f7d110af39d1f0e5f3
3973bf29330efa9c03373a998f2d4c2b2e2c42696cd355c03494278d846d1576
40f09dcdb226fb60428bfe107e02f6c50db1561694264b0144e0155f9f3e4140
455d2064e6dc6296420524cc458893bebe3e874aec5ac2f9eb95bffbac0d931e
4e38fc3f7abd76cfea81b72c72b33241f8c8ea75d48e257d5ad9c51873604aeb
4fcf18a19588804a8cb78413404c8da8a6bdfe22629ceb0b5003fee082128977
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57fdc78b1fd61a73c479319f01933ba3849bc18e4bfc333fdee13fcbff9d4a32
5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29
5ff50479114c5f8894ea6bc542b97af4823dade56553dfb8be868e2e510097e0
68ae9a33184c7f6633f458526d972545f97da3da137eed51f34c5b4db5555f1e
76eb8386fc5ab8d4d792552d2d586b6538f08e8522b370fb2c4d1c9396337d29
8ef587ad48948b55d4541ec56e549854fffd9a50299e9e3331f2206e2130a336
90731b60c2eebeba995cb4a21bf7875cf09d7c83debf312b02064d2c278bc3c7
9589d56dbf6408f2c94ca1c48e6ce046d4e013b4950ca7d818836af5586f0611
965494a939bca3af9064d92ef2134120a28a780bc0bfa475f5e4f1005d0bb25f
971270d1ef3076890f3d899e673a23050f4ba3e79d1781e7bf9a2064e53cc130
9badabfc4bad7894450c39708cc4173169a728d22de8f85c26300abbac0e3188
a3793367eb29e038e5a8227a169d5f7bd521a83d574b91146dc2cb8205fb66d9
ad9992b60f37e02679e797397a313f66005867795da80a49bfbef14cf5c0ee8d
ba0af688fc63282938e44a5e642819dbded912d352e641c36c1db1a2e2bfbf7a
bace2b95c8aa4f3aa7b80a8b2044b219369ec73536018508dd834484018f7c0f
c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776
c8e0c9a98fd7ca3a59fe9cbaaf2217b7c0e01c9492c0ffe10e08eab62eff0229
c8e4926838891efbf2efcf8364a5125d7030b58da8c5dc3e27bb23b90e4830d7
ce574825a37b5b0747777b0fecccdaa83f4adc1f43defffa3c15441cdf18fb74
d701c92aa688a0347637a4687a4932b42943ca240e28a63c5bbbc5e90db790d9
d704efe6080f929aac4aa4cc5b37d8b600c688a6bad8faee897f6faeaaab643a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4cbfd8e5eb4901e639177976eb5eb30675a676548439c4a40f831e521dafa1d
ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857
f175b938e5ecb6984390f0d9a1f317b18e7b5379f214a55266a6fd8b69642cb0
f244eec919970f7423b5cef0592811f7ee7d2d882387b50137ce0f424d80df5f
f64f60b60f581caadfa1cf9b012ca732c4f4a24c8475027e7b7a225f20ce4278
fba2be85c7aa39d6a8c3590768fd251d4298ec5bb74d790316bf7b87ee5dc471
fc3c54e1ae4572e74d5c7c85442bbf72bd7cd905d900267e27712d79b3f51b2d
fdb6449a04fdf738ea304dcc68d04e2d00acb08d418a59278d91d55ffe7f6451

nifty-bonus.ru Open in urlscan Pro 212.8.244.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

77 Requests

65 %HTTPS

47 %IPv6

14 Domains

16 Subdomains

17 IPs

4 Countries

916 kBTransfer

1438 kBSize

6 Cookies

35 Outgoing links

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nifty-bonus.ru Open in urlscan Pro
212.8.244.21 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

65 %
HTTPS

47 %
IPv6

14
Domains

16
Subdomains

17
IPs

4
Countries

916 kB
Transfer

1438 kB
Size

6
Cookies

77 HTTP transactions
9 data transactions