bonus.gb1t.ru Open in urlscan Pro
2a00:f940:2:2:1:4:0:106 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://neon.autos/0.34453274135446477
Effective URL:
https://bonus.gb1t.ru/traff.php
Submission: On May 06 via api (May 6th 2024, 9:49:35 pm UTC) from US — Scanned from DE

Summary HTTP 42 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 14 domains to perform 42 HTTP transactions. The main IP is 2a00:f940:2:2:1:4:0:106, located in Russian Federation and belongs to AS-REG, RU. The main domain is bonus.gb1t.ru.
TLS certificate: Issued by R3 on April 19th 2024. Valid for: 3 months.

This is the only time bonus.gb1t.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	81.177.141.232 81.177.141.232	8342 (RTCOMM-AS) (RTCOMM-AS)
1 1	213.183.48.30 213.183.48.30	56630 (MELBICOM-...) (MELBICOM-EU-AS Melbikomas UAB)
1 1	2a00:f940:2:2... 2a00:f940:2:2:1:1:0:46	197695 (AS-REG) (AS-REG)
3	188.166.2.160 188.166.2.160	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a00:f940:2:2... 2a00:f940:2:2:1:4:0:106	197695 (AS-REG) (AS-REG)
20	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
4	2606:4700:303... 2606:4700:3031::6815:44fb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	144.76.28.254 144.76.28.254	24940 (HETZNER-AS) (HETZNER-AS)
2	167.235.119.89 167.235.119.89	24940 (HETZNER-AS) (HETZNER-AS)
1	167.235.119.87 167.235.119.87	24940 (HETZNER-AS) (HETZNER-AS)
42	11

1 81.177.141.232 (Russian Federation) 1 redirects

ASN8342 (RTCOMM-AS, RU)

neon.autos	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.183.48.30 (Moscow, Russian Federation) 1 redirects

ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT)
PTR: vm612898.melbi.space

neon.today	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:f940:2:2:1:1:0:46 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)

seo-act.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.166.2.160 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: prod-url.rw

url.rw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:f940:2:2:1:4:0:106 (Russian Federation)

ASN197695 (AS-REG, RU)

bonus.gb1t.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

linkslot.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3031::6815:44fb (United States)

ASN13335 (CLOUDFLARENET, US)

webtrafic.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.28.254 (Hamm, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.254.28.76.144.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.235.119.89 (Bühl, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.89.119.235.167.clients.your-server.de

bnster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.235.119.87 (Bühl, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.87.119.235.167.clients.your-server.de

cookie.co1linesu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	linkslot.ru linkslot.ru — Cisco Umbrella Rank: 790137	84 KB
4	webtrafic.ru webtrafic.ru — Cisco Umbrella Rank: 877663	122 KB
4	gb1t.ru bonus.gb1t.ru	206 KB
3	url.rw url.rw	11 KB
2	bnster.com bnster.com	30 KB
2	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 34036
1	co1linesu.ru cookie.co1linesu.ru	396 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 776	30 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533	248 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	100 KB
1	seo-act.ru 1 redirects seo-act.ru	167 B
1	neon.today 1 redirects neon.today — Cisco Umbrella Rank: 978361	194 B
1	neon.autos 1 redirects neon.autos	143 B
0	googleapis.com Failed ajax.googleapis.com Failed fonts.googleapis.com Failed
42	14

	Domain	Requested by
20	linkslot.ru	bonus.gb1t.ru linkslot.ru
4	webtrafic.ru	bonus.gb1t.ru webtrafic.ru
4	bonus.gb1t.ru	url.rw bonus.gb1t.ru
3	url.rw	url.rw
2	bnster.com	bonus.gb1t.ru bnster.com
2	ad.a-ads.com	bonus.gb1t.ru
1	cookie.co1linesu.ru	bnster.com
1	code.jquery.com	bonus.gb1t.ru
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	url.rw
1	seo-act.ru	1 redirects
1	neon.today	1 redirects
1	neon.autos	1 redirects
0	fonts.googleapis.com Failed	bonus.gb1t.ru
0	ajax.googleapis.com Failed	bonus.gb1t.ru
42	15

This site contains links to these domains. Also see Links.

Domain
linkslot.ru
dsiofhdoj.com
news-tds.xyz
neon.autos
trafiframe.ru
webtrafic.ru

Subject Issuer	Validity	Valid
url.rw R3	`2024-03-27` - `2024-06-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
bonus.gb1t.ru R3	`2024-04-19` - `2024-07-18`	3 months	crt.sh
linkslot.ru E1	`2024-04-16` - `2024-07-15`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
webtrafic.ru GTS CA 1P5	`2024-03-15` - `2024-06-13`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-27` - `2025-01-26`	a year	crt.sh
bnster.com R3	`2024-03-12` - `2024-06-10`	3 months	crt.sh
cookie.co1linesu.ru R3	`2024-03-12` - `2024-06-10`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://bonus.gb1t.ru/traff.php
Frame ID: 3490A8C7FDFA3DF175D10D37F5DCCB4A
Requests: 39 HTTP requests in this frame

Frame: https://ad.a-ads.com/335460?size=200x200
Frame ID: 9620D5067B98A2CE78C412583234C89D
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/335472?size=200x200
Frame ID: 41D81422C877D91B21947926D97FA5A8
Requests: 1 HTTP requests in this frame

Frame: https://webtrafic.ru/
Frame ID: CC0D28229BD35369367DD14925388200
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://neon.autos/0.34453274135446477 HTTP 307
https://neon.autos/0.34453274135446477 HTTP 301
https://neon.today/ptp/v/0.34453274135446477 HTTP 302
https://seo-act.ru/?key=1 HTTP 302
https://url.rw/jfgs1 Page URL
http://bonus.gb1t.ru/traff.php HTTP 307
https://bonus.gb1t.ru/traff.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

93 %
HTTPS

54 %
IPv6

14
Domains

15
Subdomains

11
IPs

4
Countries

583 kB
Transfer

1170 kB
Size

12
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://linkslot.ru/banner?id=119448

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=119447

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=119443

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=124327

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=119445

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=119446

Search URL Search Domain Scan URL

URL: http://linkslot.ru/link.php?id=119794
Title: Купить ссылку здесь за 5 руб.

Search URL Search Domain Scan URL

URL: http://linkslot.ru/?ref=lzip
Title: Поставить к себе на сайт

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=124324

Search URL Search Domain Scan URL

URL: http://dsiofhdoj.com/cs?wsa=642867a3e299d201357034
Title: Adsteroid

Search URL Search Domain Scan URL

URL: https://news-tds.xyz/?p=ZjBiYjcyNzE3ZGU3YTI0Njk5ZmYxZmFjMzY5ZTZlNDN8MzkxNDg2fEdlbkxpbmt8fDEwMDB8OTAzNjY4NTk=&v=2&poid=0&coid=0
Title: traffstock

Search URL Search Domain Scan URL

URL: https://neon.autos/24633
Title: Neon

Search URL Search Domain Scan URL

URL: https://trafiframe.ru/iframe.php

Search URL Search Domain Scan URL

URL: https://webtrafic.ru/reklama?uid=1150
Title: WEBTRAFIC.RU

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://neon.autos/0.34453274135446477 HTTP 307
https://neon.autos/0.34453274135446477 HTTP 301
https://neon.today/ptp/v/0.34453274135446477 HTTP 302
https://seo-act.ru/?key=1 HTTP 302
https://url.rw/jfgs1 Page URL
http://bonus.gb1t.ru/traff.php HTTP 307
https://bonus.gb1t.ru/traff.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://neon.autos/0.34453274135446477 HTTP 307
https://neon.autos/0.34453274135446477 HTTP 301
https://neon.today/ptp/v/0.34453274135446477 HTTP 302
https://seo-act.ru/?key=1 HTTP 302
https://url.rw/jfgs1

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

jfgs1 Show response
url.rw/
Redirect Chain

http://neon.autos/0.34453274135446477
https://neon.autos/0.34453274135446477
https://neon.today/ptp/v/0.34453274135446477
https://seo-act.ru/?key=1
https://url.rw/jfgs1

3 KB
2 KB

352ms
64ms

Document
text/html

188.166.2.160
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://url.rw/jfgs1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.166.2.160 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: prod-url.rw
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: df254f1c0d60ffd9b22209ba78fc848b24f6d76b641c29d7bae8c0689ece039d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 06 May 2024 21:49:29 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.52 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 06 May 2024 21:49:29 GMT
location: https://url.rw/jfgs1
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31536000;
x-powered-by: PHP/7.4.33

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 298 KB
100 KB 113ms
42ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JJFL3Y4WJS

Requested by

Host: url.rw
URL: https://url.rw/jfgs1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab769b298bc11ae57c0bd445ba78bbaf98e69c0dcb697cf433d3cb6e7559d382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://url.rw/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:49:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101531
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 May 2024 21:49:30 GMT

GET
H/1.1 200
OK favicon.png
url.rw/images/ 521 B
805 B 36ms
36ms Image
image/png 188.166.2.160
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://url.rw/images/favicon.png
Requested by: Host: url.rw
URL: https://url.rw/jfgs1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.166.2.160 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: prod-url.rw
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 396da1c97d616b29b8875dd6e35559fff0f2d0655594fbc1dfb4b3afb9a1a365

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://url.rw/jfgs1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 06 May 2024 21:49:30 GMT
Last-Modified: Tue, 29 Aug 2023 10:00:10 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "209-6040ce0543e80"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 521

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 110ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JJFL3Y4WJS&gtm=45je4510v9137012356za200&_p=1715032170036&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=188991946.1715032170&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1715032170&sct=1&seg=0&dl=https%3A%2F%2Furl.rw%2Fjfgs1&dt=Url.rw%20-%20Simplifying%20URLs%20for%20the%20Digital%20Age&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2086
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JJFL3Y4WJS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://url.rw/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 21:49:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://url.rw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found favicon.ico
url.rw/ 6 KB
8 KB 63ms
63ms Other
text/html 188.166.2.160
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://url.rw/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.166.2.160 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: prod-url.rw
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 8cbc10ee9755ef972000f666711a5c4d0e025d3cedf53079ba3bfd8f2b19a968

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://url.rw/jfgs1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 06 May 2024 21:49:30 GMT
Cache-Control: no-cache, private
Server: Apache/2.4.52 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

Primary Request traff.php Show response
bonus.gb1t.ru/
Redirect Chain

http://bonus.gb1t.ru/traff.php
https://bonus.gb1t.ru/traff.php

7 KB
3 KB

500ms
356ms

Document
text/html

2a00:f940:2:2:1:4:0:106
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://bonus.gb1t.ru/traff.php
Requested by: Host: url.rw
URL: https://url.rw/jfgs1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:106 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx / PHP/5.6.36
Resource Hash: da88ab4d22f7dadcc248dfdb0c9b07834064b6ddbebb223bc9a1e4b82b699525

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 06 May 2024 21:49:32 GMT
server: nginx
x-powered-by: PHP/5.6.36

Redirect headers

Location: https://bonus.gb1t.ru/traff.php
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css.css
bonus.gb1t.ru/ 6 KB
2 KB 92ms
89ms Stylesheet
text/css 2a00:f940:2:2:1:4:0:106
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://bonus.gb1t.ru/css.css
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:106 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: ffdfb3d5d60fee4467f8d997f406fec864cd6e2a5bebb80f5efba35cef330706

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:49:32 GMT
content-encoding: gzip
last-modified: Sun, 05 Jun 2016 18:00:42 GMT
server: nginx
content-type: text/css

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 128ms
91ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=119448
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 017d075c0bf8033207cdf4b6564011b97b62e905ad7e246e51c858582cb5493d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Mon, 06 May 2024 21:49:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JhR2LbqGT4WbAoNMk3mitZz9mU9EoyfhUvAB%2Btgbzh62OlcxL%2Bh1tQW5%2F9HYcsPBEvLq6IWwHjA4JwNgsDhZGIrzIC7xeHzxtKpc7FBhU8epAu9oDc2YKMGgM0gwEpIZZzXr8Dyv9wluwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 87fc2e4719209f16-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 114ms
113ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=119447
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a72bb689f023b1207ec6e237da47771fe90319f48eff041e750c66fc29ce3011

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Mon, 06 May 2024 21:49:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=913Jmm7o%2FHNpY0%2BfMOCbl5z%2BBpewHik2b9Ao%2F9w6WAY9JAnl9lzddWlzb5UhdaYluLNNsL227311hmAb41y9WcohHFfU0TGCYcAW0vQthaLRwh9zTx7262XD1x7yhYg67%2B2YRMcdUFq2Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 87fc2e4779749f16-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 115ms
113ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=119443
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35e2345840911a278fdf3c98e429716d241b148086fd67b2a2004dfb34138165

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Mon, 06 May 2024 21:49:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mJoOG1UQm%2Fk7jZQZhS0GJRV3hga4dm5XY23L5QqHUFxye5VKfGRlbB5EoP5AIRFjt58awr%2FpIal0s5WwUcNzaWs9Ll2eBpw35IjJDwEomrAJBWU7ue4eniuM2S65DdQtrcJAw48QjkbeTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 87fc2e47797b9f16-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 179ms
178ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=124327
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c127996f2c2e75ef1766d2d59b77d567a8cce7bbcae48321bac008cdde42dd80

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Mon, 06 May 2024 21:49:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KO1MylVIPARXb11mjjTYKsJG9rXFjRdfOx03AHW9nvv1AI%2FbbwhpDd9C4Ynd3iyiORZ6T9tWx7fySNHzjfO589N%2F1lxzOhdFDjd4FeKx1KwFxqnSJw8el%2F5zPd6S6HCl9I8m6DIv4BVo%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 87fc2e47797f9f16-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 170ms
169ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=119445
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07d7a25c85435e016e57dfc53a1d0e2c4c694275f5d53d18368d453c9217d1ff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Mon, 06 May 2024 21:49:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lCZ1NXXS8oRG%2BtxmKPxUIaVz6oNc0QS004zvqbr0rXAOtGMhB4adI6h7%2Bdvs6fQ%2FHfSFIWzsg155Avmo4CD8voQ4ghwdVsAJQgFN8k2IF5T0f0ILfXfy0U1OY3%2F1wuEz3tC3ZiCeWh0vgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 87fc2e4779809f16-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 192ms
191ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=119446
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ded9ca6022b113f485a7c29edb660f7dc404bf0826821cee56b70521046a5fb0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Mon, 06 May 2024 21:49:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FL1KrxuE7ENjsBQRsokt0KFsY73hiDeWeAZvrHqzGLU6my5LCa6JutXggfr90NURgH9TC5i5DllQVquYshXX4yI4ymEwYrNvzEG5okwcq2EOIK6gH0CfnilhTi8RmmseFynKjeHoziHrRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 87fc2e4779819f16-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 lincode.php Show response
linkslot.ru/ 7 KB
4 KB 176ms
176ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/lincode.php?id=119794
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6086dc12195c58f0c977b6c87aadea6a23e7fd5d80cbc4d896afa47cd3931ea6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Mon, 06 May 2024 21:49:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nWQHIWY7ss0JClFuL10TNscqJQjcbyGnuvP8EoXohn30yZprriefgjnhLGbtqb7DHFG2Ms991A0cYUj03pCvXI7L24rSggwXhxbPVuS69rIK3RCSBgYh6Jwp7yxuSS3Kh5US7OCnPM0XrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 87fc2e47b9b39f16-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 167ms
167ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=124324
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31ce65bfa712041efc0a4cbf7deb6d63311f2c2c325a8101fd775271a4ba9dbc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Mon, 06 May 2024 21:49:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kza2TfNYZp%2BH%2B41DS98ETKNegVQrImTOmqzYWY%2FYO%2BDzsfk57wbzBo%2BRWnBzc4RHQv%2Fjt5XLCIxMorUKAqz3jY0Oxtsw9hQoRKSgtCzcH0QRfRlP9HXlIKFwpEdjOYiNxYk1AeO6jaM1hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 87fc2e47b9b59f16-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 109ms
25ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:49:32 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 9580737
x-cache: HIT, HIT
content-length: 30125
x-served-by: cache-lga21971-LGA, cache-fra-etou8220127-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1715032173.707162,VS0,VE0
etag: W/"28feccc0-15283"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 18, 108727

GET
H3 200 ads.php Show response
webtrafic.ru/ 4 KB
2 KB 997ms
958ms Script
text/html 2606:4700:3031::6815:44fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafic.ru/ads.php?uid=1150
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:44fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c04d7a43d4071a5d458bfe3052c85c15e2a9ebf97e9c1d1f6c50d69af47fedd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Mon, 06 May 2024 21:49:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fhrwMW7SUO0ZfrTebCtj0%2FcQhBL9k1266xXeetqr8DWCtMA%2FKF7EwXzmAVVzeBhdN91O9cVfO6DmPGyTQPQo4q7gRCJa97IONGl0SuyrBragxNLRqJ1sig2J17II9ce36LDaM1QgFGsLaV0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87fc2e47b90c1c2e-FRA
alt-svc: h3=":443"; ma=86400

GET jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 0
0

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 335460
ad.a-ads.com/ Frame 9620 0
0 169ms
90ms Document
text/html 144.76.28.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/335460?size=200x200

Requested by

Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.76.28.254 Hamm, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.254.28.76.144.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Mon, 06 May 2024 21:49:32 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 335472
ad.a-ads.com/ Frame 41D8 0
0 128ms
50ms Document
text/html 144.76.28.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/335472?size=200x200

Requested by

Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.76.28.254 Hamm, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.254.28.76.144.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Mon, 06 May 2024 21:49:32 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 kristaly.png
bonus.gb1t.ru/img/ 135 KB
135 KB 147ms
146ms Image
image/png 2a00:f940:2:2:1:4:0:106
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonus.gb1t.ru/img/kristaly.png
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/css.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:106 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 241155c2a3436bfc0a542fc31fe2908ff2bdfc90e1ac7e26c6ba715b01030dcf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/css.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:49:32 GMT
last-modified: Sun, 05 Jun 2016 17:47:50 GMT
server: nginx
accept-ranges: bytes
content-length: 137733
content-type: image/png

GET
H2 200 bc.js Show response
bnster.com/widget/ 96 KB
29 KB 137ms
44ms Script
application/javascript 167.235.119.89
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bnster.com/widget/bc.js

Requested by

Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.235.119.89 Bühl, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.89.119.235.167.clients.your-server.de

Software

Resource Hash

0270b73e423fd8122e008c24e073ba95db915ac8363c520fa63eff39a80c379f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:49:32 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800
last-modified: Tue, 09 Apr 2024 12:19:07 GMT
etag: W/"6615323b-17eb7"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
expires: Tue, 07 May 2024 21:49:32 GMT

GET cu.js
bonus.gb1t.ru/ 0
0

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
491 B 120ms
88ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c96a3a69ba19d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b94ced5cce79bd5aa91dde2d298939b959aa29799aa91a2989798939b959aa2978caa8495999e99989b989ca39e9bb195ab
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=119448
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Mon, 06 May 2024 21:49:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zllUwQTfgI1vwgpu6rgsIflnp%2FMaLeDbkqXlq08Vfo3PKidB%2FSpIojS2qMGPmgDcJKiMyGRsJXs5An%2FxccwxOkx4YrNClw7oviqqfkUek54dqNMszqSFgAtrV2fXxBET1ZJF75PwhSjSdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87fc2e47fbd51c40-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 468x60.jpg
linkslot.ru/promo/dummy/ 12 KB
12 KB 38ms
37ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/promo/dummy/468x60.jpg
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:49:32 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Jun 2023 11:22:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: "647dc573-2e1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iy8YplFYWYNyPiNYKqST9Za%2BCvgqVzBZVMtLNaVoyac6mbGCZvwsKwfbSqaoowWJSnMqNb%2BHzisxzsNP11ovZSFEW5ZhUCO4MSh8Uy6h0A8NGPYmaZ5QewAap2PhvWgGZ79KoLXR%2FgQ50g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 87fc2e47c9c49f16-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11802

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
458 B 179ms
178ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c96a3a69ba09d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b97a1ceced3d9a2f0cce0d99798939b959aa29799aa91a2989798939b959aa2978caa8495999e99989b989ca39e9bb293a6
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=119447
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Mon, 06 May 2024 21:49:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eF7%2FxLJKQR%2BGx8ZHTkL5s%2B0%2BbKO9wgdCUkiPsTYwB1JsoHqG5lr9vegUIfI2VcBzxj62I6TgZQbdeJRgEdyqzbFkImBM028IgO687rK8bzPSPN0fHIR5waHXZX3xqr8NYfEhTLpDrJueYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87fc2e483c101c40-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
462 B 89ms
88ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c96a3a69b9c9d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b94d4dd9fd8a0d9b3c3e498ce98939b959aa29799aa91a2989798939b959aa2978caa8495999e99989b989ca39e9bb293a8
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=119443
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Mon, 06 May 2024 21:49:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bw%2B%2F7TokkCUJ84DFmBKrQbffrosOq61FM9n82Q83%2F1GkIvF4PDHMek1Mlz%2FGr4qI1QRrZTQLJwYFao3XpOBYuT%2B33IggJID%2FhsQXlEd9RYZI29sPf6d2FuY3vby9uWPJxPqRPGczE1Vy9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87fc2e483c121c40-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 200x300.jpg
linkslot.ru/promo/dummy/ 17 KB
18 KB 41ms
41ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/promo/dummy/200x300.jpg
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bb25991538ca880c81d25f85b9c9ac7430f2a3815afe6b2486047480316a82b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:49:32 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Jun 2023 11:22:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: "647dc573-44a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uyKe6R8sOF1zW2B9z5Nt54Zyy7Hbyz02Yah%2FXRabGyKMv9pDNJdhJJxl5HTV11n3j3SCE37%2BRlCDpb%2BmaQvgENb6T4iDojYGc0yf58WDN50dNJlh%2FssGFJYz2ioSt2fX0kQvATRo1qZk1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 87fc2e483a749f16-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17574

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
457 B 87ms
86ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c96a3a69b9e9d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b94cd9a9ed6d6e0f2d9dcd6d298939b959aa29799aa91a2989798939b959aa2978caa8495999e99989b989ca39e9bb299a2
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=119445
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Mon, 06 May 2024 21:49:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DukoMXLPqZaRQLKREWQ1%2F1f2pJKCXYg4isgXVeNH1BaQJqIhjerhWfN94GSIXp7eM7dVd1YIQ8kKpx4koRTaeU2CCEulIUUwgh5se9UkBDub%2Fy5fR7nPUStXGvGR%2FvG4BD38%2B4GOVGi2xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87fc2e489ca31c40-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
457 B 82ms
82ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c979ea599a09d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b95e4d39fa49fd9ab9aa4db9798939b959aa29799aa91a2989798939b959aa2978caa8495999e99989b989ca39e9bb391a2
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=124327
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Mon, 06 May 2024 21:49:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mu6p7n%2FER5KkyURd%2BlIyez65vbMOCnLk1FjOyDxkfMKl6Y6NH%2FRuUK8NBUwE2q4CJompwTVPKFlCHIcwPwrnE6qGYD6HcGJFCFwhpQMQ7JKT8O2g3I6Cq1gmIiorISGy6yzeMbm3U4n8Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87fc2e48bcd51c40-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 100x100.jpg
linkslot.ru/promo/dummy/ 8 KB
8 KB 41ms
41ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/promo/dummy/100x100.jpg
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a32c37a54506db47e10f2b3fc9bf37b9ddb971590e151747fd6abf062df5193

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:49:32 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Jun 2023 11:22:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9
etag: "647dc573-1f66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S1i2vBstLqLPhCuyJcVJcy2Ni8MS3FsQDzBTeoRuY9RTRCM3G8ZjuJ2qMKhOdIzbq608VvGwYe7UCmZWTWmGtJCn2xLWWrue1MnnhW%2FX3lccSvQcNNDaK1svC0OHeIgvj5adjEEtmmVkfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 87fc2e48badf9f16-FRA
alt-svc: h3=":443"; ma=86400
content-length: 8038

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
457 B 173ms
172ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c96a3a69b9f9d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b97e599dfe6d09fe3cca59c9798939b959aa29799aa91a2989798939b959aa2978caa8495999e99989b989ca39e9bb391a5
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=119446
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Mon, 06 May 2024 21:49:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FvXnPTriBSVyvArI2vny2SHSLGP0Hn3kix4CUkV2L536t%2BfpZIYWtyHwkEUMWSFobAr6rc%2FX395AOZnPsoOLManZaDKB9NGnk2aGnAl97O4YGEPIr%2FUwKlvZjVGF1iUcZyrr4toofafRZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87fc2e48bcda1c40-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 200x200.jpg
linkslot.ru/promo/dummy/ 15 KB
15 KB 41ms
40ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/promo/dummy/200x200.jpg
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77a6b3466cb376003db40b3adb3170556393ef2c131836c68acd18cabfc1ab4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:49:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: "647dc573-3ad5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WyAAWNj5Aw0mK4ARISSgVUs8XXVtylZ4Pp%2BlcoyysPPtDa24kWbfaaU%2BXpAm2G4ukjSTwvjdGsFozORaVEmUE3phFjhrhCMXpSaaE88Y0QtlVHYQ970I4gP2QqXPBPrZ9gMPbss3aMep%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 87fc2e48bae89f16-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15061
expires: Thu, 18 Apr 2024 09:03:10 GMT

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
458 B 177ms
176ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c979ea5999d9d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b97d3d8dda7ded9ae98d8db9798939b959aa29799aa91a2989798939b959aa2978caa8495999e99989b989ca39e9bb392aa
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=124324
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Mon, 06 May 2024 21:49:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=97x58S1T1SYToQXf6n46yQ3a%2BJ0%2FQBNv2DHV7j%2Bi2nII24%2Fn8MNrgCZuy8B8mACk98oy0JOhbXnntJA680sowd3jw7AUucz7iOsUv4zHZ3%2Fdj4EO1WEohrCnqY380nFzjI4CJDdZzg4%2BOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87fc2e48ccf11c40-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
456 B 170ms
169ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c96a3a9a09d9d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b96e0cbccdad9e3b3caaad59798939b959aa29799aa91a2989798939b959aa2978caa8495999e99989b989ca39e9bb393a6
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/lincode.php?id=119794
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Mon, 06 May 2024 21:49:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YgdAPm8FaEcZglGC%2Br4GZnjXPeeSmGdg248vjdKCJKkWvATGT05qO3QuusJd7D5TzxMU0ge5e8x2XM2OxDBBWeqQCJpM%2FmtD150KFxdYoFTaEXZOdh5WVhLRTZrWyqED8%2BvzKSJVvgIQ0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87fc2e48dcf91c40-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 user Show response
cookie.co1linesu.ru/ 35 B
396 B 135ms
39ms XHR
text/html 167.235.119.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie.co1linesu.ru/user?domain=https%3A%2F%2Fbonus.gb1t.ru

Requested by

Host: bnster.com
URL: https://bnster.com/widget/bc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.235.119.87 Bühl, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.87.119.235.167.clients.your-server.de

Software

Resource Hash

63161a84771dda336165c59f4b05677459bb02b335b27403aecabea717fb8688

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: cache
date: Mon, 06 May 2024 21:49:33 GMT
strict-transport-security: max-age=15724800
last-modified: Wed, 30 Jun 2010 21:36:48 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://bonus.gb1t.ru
cache-control: private, max-age=157680000
access-control-allow-credentials: true
content-length: 35
expires: Sun, 06 May 2029 00:49:33 MSK

POST
H2 200 / Show response
bnster.com/bg/ 84 B
548 B 137ms
51ms XHR
text/html 167.235.119.89
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bnster.com/bg/?vid=v2_7c4b98bb8943cbaa411e7b1847de2c82&streams%5B%5D=713409070&user_data%5Bis_mobile%5D=0&user_data%5Bis_touch_device%5D=0&user_data%5Bwindow%5D%5Bwidth%5D=1600&user_data%5Bwindow%5D%5Bheight%5D=1200&user_data%5Buser_agent%5D=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F124.0.0.0%20Safari%2F537.36&user_data%5Bplatform%5D=Win32&user_data%5Blanguage%5D=de-DE&user_data%5Bdomain%5D=https%3A%2F%2Fbonus.gb1t.ru&user_data%5Bhref%5D=https%3A%2F%2Fbonus.gb1t.ru%2Ftraff.php&user_data%5Bhas_adblock%5D=0&user_data%5Bblock_size%5D%5B713409070%5D%5Bwidth%5D=1060&user_data%5Bblock_size%5D%5B713409070%5D%5Bheight%5D=118

Requested by

Host: bnster.com
URL: https://bnster.com/widget/bc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.235.119.89 Bühl, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.89.119.235.167.clients.your-server.de

Software

Resource Hash

b7f7568a2eee70114bd4674c7e684f01e28b12cf12631cc673a0a2ccecfb0a96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 06 May 2024 21:49:33 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3 200 /
webtrafic.ru/ Frame CC0D 0
0 538ms
498ms Document
text/html 2606:4700:3031::6815:44fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafic.ru/
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/ads.php?uid=1150
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:44fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 87fc2e4dfbe18ff4-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 06 May 2024 21:49:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c14nlh7oiGOMKuAoZC%2FVkrkewvqKqJWXAtYOZIw1QT1fbeisSSvaVYuiI1HiWKhGz2iLY5d0z0kHs2yXl5kL0RhGZDb1HQuSge1cmYb5UHYHJLOmED4AigxCMGw1NOCObxhU4OZPmP2LLec%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-page-speed: 1.13.35.2-0

GET
H3 200 90b29578f0ce068cb0f9026ef78e2190.gif
webtrafic.ru/banners/ 118 KB
118 KB 36ms
34ms Image
image/gif 2606:4700:3031::6815:44fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtrafic.ru/banners/90b29578f0ce068cb0f9026ef78e2190.gif
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:44fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bef36d1149db269dcae3850c398c7c21e801d1e68b6c7af5fde2170354163b4d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:49:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9
etag: "64d69727-1d7ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RV9eJcGnYQuH1JleXEQYee4toOc6%2Fv7cJEdhoPSdzhEcF6ooJwsSzPmT1VXRQuAaj6Spd37s5f2Gz%2Fc08cT4D3IpbI4d7g%2BZAEyIUkr1ZBX0cG09%2BWWj3qvSfRAHQtKFeni1iLJy71ota2I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87fc2e4dbf261c2e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 120812
expires: Mon, 06 May 2024 14:28:02 GMT

GET
H3 200 logo.png
webtrafic.ru/img/ 885 B
1 KB 116ms
114ms Image
image/png 2606:4700:3031::6815:44fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtrafic.ru/img/logo.png
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:44fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bf5a139827bcf9070b9ff40d1f9780ab42087551c35fc85a94394999911c219

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:49:33 GMT
cf-cache-status: HIT
x-original-content-length: 1200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4059769
alt-svc: h3=":443"; ma=86400
content-length: 885
server: cloudflare
etag: W/"PSA-aj-T5WUueMRUX"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aTWK44adBzlKNRnW65jzqVZAIag68QERlzzmq131D9igRLb26Z1u%2BmrTslCHrL0xZ6me1eDo67IS2OGNGboAX1qU8NqZZp2OamSmDN0dkzWXm9TBiBbVsnWy%2FrgZSXTRofVGekRz5PKJH4s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315152236
accept-ranges: bytes
cf-ray: 87fc2e4dbf281c2e-FRA
expires: Thu, 16 Mar 2034 12:24:01 GMT

GET
H2 404 favicon.ico
bonus.gb1t.ru/ 307 KB
67 KB 146ms
146ms Other
text/html 2a00:f940:2:2:1:4:0:106
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://bonus.gb1t.ru/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:106 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: caa963bd5cd38d0c8ea391986da6067b12e5a2f9ad2f09ec281bfe7ae3103134

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 21:49:35 GMT
content-encoding: gzip
last-modified: Sat, 09 Sep 2023 08:02:27 GMT
server: nginx
content-type: text/html; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto:400,100,300

Domain: bonus.gb1t.ru
URL: http://bonus.gb1t.ru/cu.js

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.url.rw/	1970-01-21 05:59:52	Name: _ga Value: GA1.1.188991946.1715032170
url.rw/	1970-01-20 20:23:59	Name: XSRF-TOKEN Value: eyJpdiI6ImNTWnRMVUFKKzI1d1dHSHpCZEJzQWc9PSIsInZhbHVlIjoiWm0zUGR1MHRDaDkrOHdXMW9EK0ViaXFsTUZrajJxSTRMcGJ2S0FCenpUUjBvNFlMbGkyU0tvdktpYWFvOWYvTnZVWkhQTkFLWlNFWFVKK0ppRXlBRC9Dd2Q2OE9PR0NxdWlzUDZraVovaXpKNlY2TEFsRDVyR1ZvY1F0bElkOFgiLCJtYWMiOiI3M2FmM2NmNTI5Njk1NjYzNjE2N2U0ZTg1YTBmZDlkNzIxMGRmZDYwMmRlZDRiNjEwYzljZDQzZDNhOGY2MmQ1IiwidGFnIjoiIn0%3D
url.rw/	1970-01-20 20:23:59	Name: urlrw_session Value: eyJpdiI6ImJwdFg3Y3JKc1BSR24xL0NUS3VTanc9PSIsInZhbHVlIjoiZWxvcDhzL0s0NXpJV3JTOHBQWjhaY0NoWHlvOGtwSVY4SXpheXZKUWVIdGZ6U0dWazJkcDdJU0tRQkhHQXpOQ3dqVnFIOEw4bE80b1kvaVlrWWZhUXNFdGtGR1c1NlY4cTM2ejRha0hpNWNTTysxSExxMzRmUjJNaSt1T1hqNisiLCJtYWMiOiIwMmE3YjJhYmQxOTA2MWM0NDkyY2ViMmU4OGExMDEzM2Q1MzkyOTI3YmI0OWYwMWE1NzQ5N2YyMmViMTYxOWZhIiwidGFnIjoiIn0%3D
.url.rw/	1970-01-21 05:59:52	Name: _ga_JJFL3Y4WJS Value: GS1.1.1715032170.1.0.1715032172.0.0.0
bonus.gb1t.ru/	1970-01-20 20:23:55	Name: nova Value: 3ufbhrz9i8m000000000000000000000
informer.yandex.ru/	1970-01-21 05:09:28	Name: bh Value: EkEiQ2hyb21pdW0iO3Y9IjEyNCIsICJHb29nbGUgQ2hyb21lIjt2PSIxMjQiLCAiTm90LUEuQnJhbmQiO3Y9Ijk5IioCPzA6ByJMaW51eCI=
.yandex.ru/	1970-01-21 05:59:52	Name: i Value: hgXInEObU4M0zOFFTKN/tXQkfcc+wIBwscZ5Tt3S2MbURPsy7MgADd12B+JaLdPB3kacE3wSHiuQxNZq1AG6uy7ph9Q=
.yandex.ru/	1970-01-21 05:59:52	Name: yandexuid Value: 439971501715032174
.yandex.ru/	1970-01-21 05:09:28	Name: yashr Value: 5652153421715032174
mc.yandex.ru/	1970-01-21 05:09:28	Name: bh Value: EkEiQ2hyb21pdW0iO3Y9IjEyNCIsICJHb29nbGUgQ2hyb21lIjt2PSIxMjQiLCAiTm90LUEuQnJhbmQiO3Y9Ijk5IioCPzA6ByJMaW51eCI=
.webtrafic.ru/	1970-01-21 05:09:28	Name: _ym_uid Value: 1715032175802642542
.webtrafic.ru/	1970-01-21 05:09:28	Name: _ym_d Value: 1715032175

47 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://url.rw/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://bonus.gb1t.ru/traff.php Message: Mixed Content: The page at 'https://bonus.gb1t.ru/traff.php' was loaded over HTTPS, but requested an insecure script 'http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://bonus.gb1t.ru/traff.php Message: Mixed Content: The page at 'https://bonus.gb1t.ru/traff.php' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Roboto:400,100,300'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://bonus.gb1t.ru/traff.php Message: Mixed Content: The page at 'https://bonus.gb1t.ru/traff.php' was loaded over HTTPS, but requested an insecure script 'http://bonus.gb1t.ru/cu.js'. This request has been blocked; the content must be served over HTTPS.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://bonus.gb1t.ru/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
ajax.googleapis.com
bnster.com
bonus.gb1t.ru
code.jquery.com
cookie.co1linesu.ru
fonts.googleapis.com
linkslot.ru
neon.autos
neon.today
region1.google-analytics.com
seo-act.ru
url.rw
webtrafic.ru
www.googletagmanager.com
ajax.googleapis.com
bonus.gb1t.ru
fonts.googleapis.com
144.76.28.254
167.235.119.87
167.235.119.89
188.166.2.160
2001:4860:4802:32::36
213.183.48.30
2606:4700:3031::6815:44fb
2a00:1450:4001:831::2008
2a00:f940:2:2:1:1:0:46
2a00:f940:2:2:1:4:0:106
2a04:4e42:400::649
2a06:98c1:3121::3
81.177.141.232
017d075c0bf8033207cdf4b6564011b97b62e905ad7e246e51c858582cb5493d
0270b73e423fd8122e008c24e073ba95db915ac8363c520fa63eff39a80c379f
07d7a25c85435e016e57dfc53a1d0e2c4c694275f5d53d18368d453c9217d1ff
1bb25991538ca880c81d25f85b9c9ac7430f2a3815afe6b2486047480316a82b
241155c2a3436bfc0a542fc31fe2908ff2bdfc90e1ac7e26c6ba715b01030dcf
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
31ce65bfa712041efc0a4cbf7deb6d63311f2c2c325a8101fd775271a4ba9dbc
35e2345840911a278fdf3c98e429716d241b148086fd67b2a2004dfb34138165
396da1c97d616b29b8875dd6e35559fff0f2d0655594fbc1dfb4b3afb9a1a365
6086dc12195c58f0c977b6c87aadea6a23e7fd5d80cbc4d896afa47cd3931ea6
63161a84771dda336165c59f4b05677459bb02b335b27403aecabea717fb8688
6a32c37a54506db47e10f2b3fc9bf37b9ddb971590e151747fd6abf062df5193
6c04d7a43d4071a5d458bfe3052c85c15e2a9ebf97e9c1d1f6c50d69af47fedd
7bf5a139827bcf9070b9ff40d1f9780ab42087551c35fc85a94394999911c219
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8cbc10ee9755ef972000f666711a5c4d0e025d3cedf53079ba3bfd8f2b19a968
a72bb689f023b1207ec6e237da47771fe90319f48eff041e750c66fc29ce3011
ab769b298bc11ae57c0bd445ba78bbaf98e69c0dcb697cf433d3cb6e7559d382
b7f7568a2eee70114bd4674c7e684f01e28b12cf12631cc673a0a2ccecfb0a96
bef36d1149db269dcae3850c398c7c21e801d1e68b6c7af5fde2170354163b4d
c127996f2c2e75ef1766d2d59b77d567a8cce7bbcae48321bac008cdde42dd80
caa963bd5cd38d0c8ea391986da6067b12e5a2f9ad2f09ec281bfe7ae3103134
d77a6b3466cb376003db40b3adb3170556393ef2c131836c68acd18cabfc1ab4
da88ab4d22f7dadcc248dfdb0c9b07834064b6ddbebb223bc9a1e4b82b699525
ded9ca6022b113f485a7c29edb660f7dc404bf0826821cee56b70521046a5fb0
df254f1c0d60ffd9b22209ba78fc848b24f6d76b641c29d7bae8c0689ece039d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857
ffdfb3d5d60fee4467f8d997f406fec864cd6e2a5bebb80f5efba35cef330706

bonus.gb1t.ru Open in urlscan Pro 2a00:f940:2:2:1:4:0:106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

93 %HTTPS

54 %IPv6

14 Domains

15 Subdomains

11 IPs

4 Countries

583 kBTransfer

1170 kBSize

12 Cookies

14 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bonus.gb1t.ru Open in urlscan Pro
2a00:f940:2:2:1:4:0:106 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

93 %
HTTPS

54 %
IPv6

14
Domains

15
Subdomains

11
IPs

4
Countries

583 kB
Transfer

1170 kB
Size

12
Cookies

42 HTTP transactions
0 data transactions