bonus.gb1t.ru Open in urlscan Pro
2a00:f940:2:2:1:4:0:106 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://neon.autos/0.007172208605181529
Effective URL:
https://bonus.gb1t.ru/traff.php
Submission: On May 03 via api (May 3rd 2024, 10:26:28 pm UTC) from US — Scanned from DE

Summary HTTP 38 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 13 domains to perform 38 HTTP transactions. The main IP is 2a00:f940:2:2:1:4:0:106, located in Russian Federation and belongs to AS-REG, RU. The main domain is bonus.gb1t.ru.
TLS certificate: Issued by R3 on April 19th 2024. Valid for: 3 months.

This is the only time bonus.gb1t.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	81.177.141.232 81.177.141.232	8342 (RTCOMM-AS) (RTCOMM-AS)
1 1	213.183.48.30 213.183.48.30	56630 (MELBICOM-...) (MELBICOM-EU-AS Melbikomas UAB)
1 1	2a00:f940:2:2... 2a00:f940:2:2:1:1:0:46	197695 (AS-REG) (AS-REG)
4	2a00:f940:2:2... 2a00:f940:2:2:1:4:0:106	197695 (AS-REG) (AS-REG)
20	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
3	172.67.200.135 172.67.200.135	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	188.40.69.138 188.40.69.138	24940 (HETZNER-AS) (HETZNER-AS)
2	167.235.119.90 167.235.119.90	24940 (HETZNER-AS) (HETZNER-AS)
1	91.227.16.12 91.227.16.12	207027 (EXIMIUS-AS) (EXIMIUS-AS)
1	2606:4700:303... 2606:4700:3031::6815:4918	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	167.235.119.87 167.235.119.87	24940 (HETZNER-AS) (HETZNER-AS)
38	10

1 81.177.141.232 (Russian Federation) 1 redirects

ASN8342 (RTCOMM-AS, RU)

neon.autos	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.183.48.30 (Moscow, Russian Federation) 1 redirects

ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT)
PTR: vm612898.melbi.space

neon.today	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:f940:2:2:1:1:0:46 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)

seo-act.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:f940:2:2:1:4:0:106 (Russian Federation)

ASN197695 (AS-REG, RU)

bonus.gb1t.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

linkslot.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.200.135 (United States)

ASN13335 (CLOUDFLARENET, US)

webtrafic.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.40.69.138 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.138.69.40.188.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.235.119.90 (Bühl, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.90.119.235.167.clients.your-server.de

bnster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.227.16.12 (Russian Federation)

ASN207027 (EXIMIUS-AS, RU)
PTR: srv12.host-food.ru

bonusket.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:4918 (United States)

ASN13335 (CLOUDFLARENET, US)

trafiframe.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.235.119.87 (Bühl, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.87.119.235.167.clients.your-server.de

cookie.co1linesu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	linkslot.ru linkslot.ru — Cisco Umbrella Rank: 790137	84 KB
4	gb1t.ru bonus.gb1t.ru	206 KB
3	webtrafic.ru webtrafic.ru — Cisco Umbrella Rank: 877663	17 KB
2	bnster.com bnster.com	30 KB
2	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 34036
1	co1linesu.ru cookie.co1linesu.ru	395 B
1	trafiframe.ru trafiframe.ru
1	bonusket.ru bonusket.ru
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 776	30 KB
1	seo-act.ru 1 redirects seo-act.ru	152 B
1	neon.today 1 redirects neon.today — Cisco Umbrella Rank: 978361	194 B
1	neon.autos 1 redirects neon.autos	143 B
0	googleapis.com Failed ajax.googleapis.com Failed fonts.googleapis.com Failed
38	13

	Domain	Requested by
20	linkslot.ru	bonus.gb1t.ru linkslot.ru
4	bonus.gb1t.ru	bonus.gb1t.ru
3	webtrafic.ru	bonus.gb1t.ru
2	bnster.com	bonus.gb1t.ru bnster.com
2	ad.a-ads.com	bonus.gb1t.ru
1	cookie.co1linesu.ru	bnster.com
1	trafiframe.ru	webtrafic.ru
1	bonusket.ru	webtrafic.ru
1	code.jquery.com	bonus.gb1t.ru
1	seo-act.ru	1 redirects
1	neon.today	1 redirects
1	neon.autos	1 redirects
0	fonts.googleapis.com Failed	bonus.gb1t.ru
0	ajax.googleapis.com Failed	bonus.gb1t.ru
38	14

This site contains links to these domains. Also see Links.

Domain
linkslot.ru
dsiofhdoj.com
news-tds.xyz
neon.autos
bonusket.ru
webtrafic.ru

Subject Issuer	Validity	Valid
bonus.gb1t.ru R3	`2024-04-19` - `2024-07-18`	3 months	crt.sh
linkslot.ru E1	`2024-04-16` - `2024-07-15`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
webtrafic.ru GTS CA 1P5	`2024-03-15` - `2024-06-13`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-27` - `2025-01-26`	a year	crt.sh
bnster.com R3	`2024-03-12` - `2024-06-10`	3 months	crt.sh
bonusket.ru R3	`2024-04-13` - `2024-07-12`	3 months	crt.sh
trafiframe.ru GTS CA 1P5	`2024-03-28` - `2024-06-26`	3 months	crt.sh
cookie.co1linesu.ru R3	`2024-03-12` - `2024-06-10`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://bonus.gb1t.ru/traff.php
Frame ID: 724815E3D5894A539981F1EB3ED48370
Requests: 34 HTTP requests in this frame

Frame: https://ad.a-ads.com/335460?size=200x200
Frame ID: 8865F1F2B9FCD08C9107ABC24A63DDEE
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/335472?size=200x200
Frame ID: 2784EF717E8B8E0B5193E4E0DC7C1F7B
Requests: 1 HTTP requests in this frame

Frame: https://bonusket.ru/?r=1AToSSRZ4ZhactL357F495jeMiYQWkXpJL
Frame ID: F253E66ED467866FF55C4829C26DB51E
Requests: 1 HTTP requests in this frame

Frame: https://trafiframe.ru/iframe.php
Frame ID: 9B351A3E5734761D4D7B077F847D7C12
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://neon.autos/0.007172208605181529 HTTP 307
https://neon.autos/0.007172208605181529 HTTP 301
https://neon.today/ptp/v/0.007172208605181529 HTTP 302
https://seo-act.ru/?key=1 HTTP 302
http://bonus.gb1t.ru/traff.php HTTP 307
https://bonus.gb1t.ru/traff.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

92 %
HTTPS

33 %
IPv6

13
Domains

14
Subdomains

10
IPs

4
Countries

367 kB
Transfer

757 kB
Size

19
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://linkslot.ru/banner?id=119448

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=119447

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=119443

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=124327

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=119445

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=119446

Search URL Search Domain Scan URL

URL: http://linkslot.ru/link.php?id=119794
Title: Купить ссылку здесь за 5 руб.

Search URL Search Domain Scan URL

URL: http://linkslot.ru/?ref=lzip
Title: Поставить к себе на сайт

Search URL Search Domain Scan URL

URL: https://linkslot.ru/banner?id=124324

Search URL Search Domain Scan URL

URL: http://dsiofhdoj.com/cs?wsa=642867a3e299d201357034
Title: Adsteroid

Search URL Search Domain Scan URL

URL: https://news-tds.xyz/?p=ZjBiYjcyNzE3ZGU3YTI0Njk5ZmYxZmFjMzY5ZTZlNDN8MzkxNDg2fEdlbkxpbmt8fDEwMDB8OTAzNjY4NTk=&v=2&poid=0&coid=0
Title: traffstock

Search URL Search Domain Scan URL

URL: https://neon.autos/24633
Title: Neon

Search URL Search Domain Scan URL

URL: https://bonusket.ru/?r=1AToSSRZ4ZhactL357F495jeMiYQWkXpJL

Search URL Search Domain Scan URL

URL: https://webtrafic.ru/reklama?uid=1150
Title: WEBTRAFIC.RU

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://neon.autos/0.007172208605181529 HTTP 307
https://neon.autos/0.007172208605181529 HTTP 301
https://neon.today/ptp/v/0.007172208605181529 HTTP 302
https://seo-act.ru/?key=1 HTTP 302
http://bonus.gb1t.ru/traff.php HTTP 307
https://bonus.gb1t.ru/traff.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request traff.php Show response
bonus.gb1t.ru/
Redirect Chain

http://neon.autos/0.007172208605181529
https://neon.autos/0.007172208605181529
https://neon.today/ptp/v/0.007172208605181529
https://seo-act.ru/?key=1
http://bonus.gb1t.ru/traff.php
https://bonus.gb1t.ru/traff.php

7 KB
3 KB

955ms
634ms

Document
text/html

2a00:f940:2:2:1:4:0:106
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://bonus.gb1t.ru/traff.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:106 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx / PHP/5.6.36
Resource Hash: b2e82d73dea7e08c23f95d61ee781e06be7299d51ee29f97782b139f876e6416

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 03 May 2024 22:26:23 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
x-powered-by: PHP/5.6.36

Redirect headers

Location: https://bonus.gb1t.ru/traff.php
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css.css
bonus.gb1t.ru/ 6 KB
2 KB 108ms
107ms Stylesheet
text/css 2a00:f940:2:2:1:4:0:106
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://bonus.gb1t.ru/css.css
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:106 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: ffdfb3d5d60fee4467f8d997f406fec864cd6e2a5bebb80f5efba35cef330706

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/traff.php
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:26:23 GMT
content-encoding: gzip
last-modified: Sun, 05 Jun 2016 18:00:42 GMT
server: nginx
content-type: text/css

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 156ms
99ms Script
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=119448
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 017d075c0bf8033207cdf4b6564011b97b62e905ad7e246e51c858582cb5493d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 03 May 2024 22:26:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eGQtU2pp332U0AtpgE%2F%2BAPNevVGNGE6f4k4fLoni2SvMXG9GKYZu6HroFpbPWTY%2FwcfMlwP3bJ%2BK1DEZUU5HKsyP0NV%2F4JR6zfnkd6dDHr0lCnXQ3CLxSXnF44dAkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 87e3ac23ef9a9765-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 107ms
107ms Script
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=119447
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a72bb689f023b1207ec6e237da47771fe90319f48eff041e750c66fc29ce3011

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 03 May 2024 22:26:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=04vtL4bYx1SaiEr1SzGRHS%2BiSwkY4bQOAIcAgEjxBb5fd4ltxMkeNRnUcYVZ%2F2yca7koY%2BaMLvpR%2F%2BBD2g2DzAF4AEZ9TIkh%2F0Jcvjvg7CyRKHfj%2BQ4knAG%2B4eIneg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 87e3ac243ff29765-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 105ms
105ms Script
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=119443
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35e2345840911a278fdf3c98e429716d241b148086fd67b2a2004dfb34138165

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 03 May 2024 22:26:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2F2oXCajPJGK6ICVI%2BNyckZQOiTPCIXtpMI4U4287IF%2BdNJszbw%2F%2B5YwIpMUU3qYxSvVJPDSNmZVeZUifUTZ7tEII8azcH2JJ3YyO4TYu7QrIwPyV8WT%2BTb2UYiZ7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 87e3ac243ff59765-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 109ms
108ms Script
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=124327
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c127996f2c2e75ef1766d2d59b77d567a8cce7bbcae48321bac008cdde42dd80

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 03 May 2024 22:26:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kFLw8zgYGXZYAbfbZcUzB34CpiWZwWw6GiL4HbnjQxGcN1OwHcfPP6xXOkrtG9S5yvKMgaSutDgYc5uUZUm3mUAYwVo4KFpHUI5bwh2IF0dgdqvfuhQVPTFH68PgLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 87e3ac243ff69765-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 188ms
187ms Script
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=119445
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07d7a25c85435e016e57dfc53a1d0e2c4c694275f5d53d18368d453c9217d1ff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 03 May 2024 22:26:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gtHTjx5NpSXWt8xsywI%2FeXP7pfgz5WOsf80uMNAMDi%2Ff9fkeSRcsLohmvzfY9FS7Gny1hmNoyRy16t4RybMaDCuJArd3MQdHOxTkI3LKHCzfA8lekD9P%2B2fTAdoeJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 87e3ac243ff79765-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 194ms
193ms Script
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=119446
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ded9ca6022b113f485a7c29edb660f7dc404bf0826821cee56b70521046a5fb0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 03 May 2024 22:26:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MLZt00jBhwatXc1cLeEKbOasRY0LhyOy36n418%2FS452saRAKSNW4hY8n%2BcFMSU%2FYvNq%2Fxyapskot24iDoPq2NTpzmUYMj1zsQEKSpWS%2BQXFSv39tMHM3ftA3Q6TSPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 87e3ac243ff89765-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 lincode.php Show response
linkslot.ru/ 7 KB
4 KB 106ms
106ms Script
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/lincode.php?id=119794
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6086dc12195c58f0c977b6c87aadea6a23e7fd5d80cbc4d896afa47cd3931ea6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 03 May 2024 22:26:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FuWhKJk7lBPFs9XnSHAdyYyMtZ05RaX1amMrKWZD078xxuAYyeR%2FjFA2QL6HFs44QTU3wMLTjB5mx0hFT2rzoMWQB27xsvRmEqjRRSEsaAAlWVgMRVlDj1514KfdDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 87e3ac24883a9765-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bancode.php Show response
linkslot.ru/ 7 KB
3 KB 143ms
143ms Script
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=124324
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31ce65bfa712041efc0a4cbf7deb6d63311f2c2c325a8101fd775271a4ba9dbc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 03 May 2024 22:26:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d3TfNfE5GAWhflP92exrO7l2D6tU%2BFa3XA8KeFUWyfK%2FcvLpupuuHPYcUVqzkpr9jWWD665d19Hh9fSiAhKCrXvZvrlg%2B208nihLqsT4wj31v%2FPwV2QaNYssgvwGkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
cache-control: max-age=0, no-cache
cf-ray: 87e3ac24883e9765-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 148ms
48ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:26:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 9323750
x-cache: HIT, HIT
content-length: 30125
x-served-by: cache-lga21971-LGA, cache-mxp6978-MXP
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1714775184.035006,VS0,VE0
etag: W/"28feccc0-15283"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 15, 71538

GET
H3 200 ads.php Show response
webtrafic.ru/ 4 KB
2 KB 213ms
158ms Script
text/html 172.67.200.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafic.ru/ads.php?uid=1150
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3d7d3668af97d3ebd115736a61be52849be229c0a3599d894b174df571a8d35

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 03 May 2024 22:26:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KLyOYB5YLRKz6zAlkatGtGq5dZGqEn%2BUSH2Ps7Eqtca5XctvP0eyxQZt9Y6a6Q5xCS55f71Yd1cRnf6MeFzZj69sWsadA6QdodcAqUCyDW72%2BphnYRScjkMyYSbLHIo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87e3ac24ada61905-FRA
alt-svc: h3=":443"; ma=86400

GET jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 0
0

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 335460
ad.a-ads.com/ Frame 8865 0
0 194ms
86ms Document
text/html 188.40.69.138
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/335460?size=200x200

Requested by

Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.40.69.138 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.138.69.40.188.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bonus.gb1t.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Fri, 03 May 2024 22:26:24 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://bonus.gb1t.ru/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 335472
ad.a-ads.com/ Frame 2784 0
0 180ms
74ms Document
text/html 188.40.69.138
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/335472?size=200x200

Requested by

Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.40.69.138 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.138.69.40.188.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bonus.gb1t.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Fri, 03 May 2024 22:26:24 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://bonus.gb1t.ru/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 kristaly.png
bonus.gb1t.ru/img/ 135 KB
135 KB 192ms
192ms Image
image/png 2a00:f940:2:2:1:4:0:106
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonus.gb1t.ru/img/kristaly.png
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/css.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:106 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 241155c2a3436bfc0a542fc31fe2908ff2bdfc90e1ac7e26c6ba715b01030dcf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/css.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:26:24 GMT
last-modified: Sun, 05 Jun 2016 17:47:50 GMT
server: nginx
accept-ranges: bytes
content-length: 137733
content-type: image/png

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
481 B 244ms
184ms XHR
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c96a3a69ba19d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b97e0dda2ecd1d6ead5eaa09798939b959aa29799aa91a2989798939b959aa2978caa8495999e9997a29c9fa39f9daa97aa
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=119448
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 03 May 2024 22:26:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YQ%2BOqMyb5wI0O4l1DV1V1Pk65G0IJmKVQN56hHY6sG0t59Ui7ERrKZDCgzfVQUOkwLMbaYFch2fibqVc0gF1oRTg70NmS%2Bpfph%2Fj8%2B5%2Fz09B6OfGlci7j7rQ%2BEvCQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87e3ac24fb3f2c00-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 468x60.jpg
linkslot.ru/promo/dummy/ 12 KB
12 KB 95ms
95ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/promo/dummy/468x60.jpg
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:26:24 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Jun 2023 11:22:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "647dc573-2e1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0oZt5TkWgB8Ho90hmygdpPxj0F734kHHyqUhRsBuRyHpOD1n8asb0z%2FCYLdv%2Bvr%2BKgSFk7Obqy7xj2amMv6XG7O2%2FOEPIGEpxvRduePdK%2FlX3z5cYDhU2oXsSL8K9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 87e3ac2498439765-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11802

GET
H2 200 bc.js Show response
bnster.com/widget/ 96 KB
29 KB 145ms
41ms Script
application/javascript 167.235.119.90
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bnster.com/widget/bc.js

Requested by

Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.235.119.90 Bühl, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.90.119.235.167.clients.your-server.de

Software

Resource Hash

0270b73e423fd8122e008c24e073ba95db915ac8363c520fa63eff39a80c379f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:26:24 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800
last-modified: Tue, 09 Apr 2024 12:19:07 GMT
etag: W/"6615323b-17eb7"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
expires: Sat, 04 May 2024 22:26:24 GMT

GET cu.js
bonus.gb1t.ru/ 0
0

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
445 B 187ms
186ms XHR
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c96a3a69b9c9d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b97e3dfe1e997cee997a5cb9798939b959aa29799aa91a2989798939b959aa2978caa8495999e9997a29c9fa39f9dab94a2
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=119443
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 03 May 2024 22:26:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EwLVI9kUR7omMII4QJDtTDIk9vUMdSS0EB7RsoKf%2F%2BAl5xmyuiFOIP1ysjdvEGiTpKuQTr%2FFgmXwK7SbVqSZcthO6oGxZr61pr7ug%2BhrMtolh%2Bwb4VBdWgsNFuCHuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87e3ac24fb422c00-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 200x300.jpg
linkslot.ru/promo/dummy/ 17 KB
18 KB 123ms
123ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/promo/dummy/200x300.jpg
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bb25991538ca880c81d25f85b9c9ac7430f2a3815afe6b2486047480316a82b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:26:24 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 05 Jun 2023 11:22:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "647dc573-44a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IqwsnFebGtES9qw7X8BGVQG9e2UK3PkqTJKSflN1%2FIFmRtZtIUVuAtPhSaIvI70bTzTy29SZgWXhf5OqTxHlJ2tWdDEb5K9jMpZJhcxpwJFBFPE7pU6Z4dSOuTjXKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 87e3ac24f89e9765-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17574

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
444 B 190ms
190ms XHR
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c96a3a69ba09d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8bd9d4d39bd9cfe1b0c9dcd39798939b959aa29799aa91a2989798939b959aa28a999d84a39f989c9aa29a9baa9b9aad94
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=119447
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 03 May 2024 22:26:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hWrKKDOXDbF0DQEJvQ%2FiPUtx7ybvoqpjI23CvdRncSTuW7mqKYQvnzyy%2BLCLG0Rg%2BfcY7j5tlana3CB5ATtdksqFhugGPcg6OnHzx54qkjpA%2FJ2NVtJTLXCMoOLePg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87e3ac24fb442c00-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
441 B 186ms
185ms XHR
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c979ea599a09d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b95a0dbe1a8d899e5c2ddd0da98939b959aa29799aa91a2989798939b959aa2978caa8495999e9997a29c9fa39f9dab94a6
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=124327
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 03 May 2024 22:26:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k5Rn6gSjgYm1dixZxu2AR0TCpBtKaXWT%2BWLmT3nyzGBAQr5eZMqzeCYYkr%2FUP1GSIvDP1sRlLbw3Q9k7okexR4TovQBRtPBtP9t0a76IjMJPRdwkVK7nBhGeEKKLNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87e3ac250b4f2c00-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 100x100.jpg
linkslot.ru/promo/dummy/ 8 KB
8 KB 99ms
99ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/promo/dummy/100x100.jpg
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a32c37a54506db47e10f2b3fc9bf37b9ddb971590e151747fd6abf062df5193

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:26:24 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Jun 2023 11:22:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "647dc573-1f66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2BlsO4QvIvYFg87hs4x14WdN7Mnh5x%2BGJSsViiiiR9VNutnSVoEMLlxqsCWqnjjkXxwKViIDozctIqF8AJruPlbYBNaSQEbWzUImDJdyzuLiu%2BH%2FJaHYfEz2Geka3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 87e3ac2508ad9765-FRA
alt-svc: h3=":443"; ma=86400
content-length: 8038

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
445 B 196ms
195ms XHR
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c96a3a9a09d9d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b96cf9da0e79fd6f3d4d8d79798939b959aa29799aa91a2989798939b959aa2978caa8495999e9997a29c9fa39f9dac92a3
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/lincode.php?id=119794
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 03 May 2024 22:26:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IAYOz6rckwNe4kB7%2FPKw01V8kYxJC%2Bgrpo031tvUbuD0MKYH01BD5RCA4JPdUIuBYmIDmGCq%2BFlNFAdiVGsdVInjQHxUcuQQJxWFZU6JGoxndGZ3%2FZq2z%2F2MLV459Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87e3ac257ba22c00-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
446 B 191ms
190ms XHR
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c96a3a69b9e9d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b96d098d3a3d9d8e3cce3cd9798939b959aa29799aa91a2989798939b959aa2978caa8495999e9997a29c9fa39f9dac92a7
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=119445
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 03 May 2024 22:26:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zcj6bZ7lbiSnWYH%2FN%2Bxi7UhiDwmBUQkMFFsiLl3pJSPtvrHTK1%2BA1B%2Buwbr7iDudNSGjRC%2BEuXZgf4CrfvycdpC4fZtWVoc%2B6lovFZF5nuyroNYvzs31uNd5u0rQ9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87e3ac257ba72c00-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
445 B 194ms
194ms XHR
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c979ea5999d9d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b959cd7cfe99cdfe491a5d8ca98939b959aa29799aa91a2989798939b959aa2978caa8495999e9997a29c9fa39f9dac92a9
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=124324
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 03 May 2024 22:26:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jnN%2Frd20Y0d0LIlyEJYdc9Pl4%2F1qpzpZCjXldM0yXxSHF9BjeOyhu46IpgFjjNdiOs7MifkbLB9kVTQ5NTagShyqIzNLH1VG93Ac%2BmU%2BCLtnEsdsSsZt%2BLhUV7NxNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87e3ac257ba82c00-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 gate.php Show response
linkslot.ru/ 2 B
443 B 186ms
185ms XHR
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/gate.php?d1=c5dad3dfe595d0dc92e696d9dd869c96a3a69b9f9d92a898978b949d959a95d4d8f4caded4c8979899958a9aded2e8c5e1dfda88d1df859ba29599b581e9d1d59e97a685e2a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ca69599a891a09887dbc4d1c6dcdb969ead98a09b9d8b94e1c9a3a9d4d2e499e6ddd698939b959aa29799aa91a2989798939b959aa2978caa8495999e9997a29c9fa39f9dac93a2
Requested by: Host: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=119446
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-page-speed: 1.13.35.2-0
date: Fri, 03 May 2024 22:26:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=19kUCRSzdSSgNANViyQgY71fwSS8vhGLTA4grTI%2FkuNRJ%2Bn85gyfYAdmQ95awE%2BPJef6Fu8DhyWtIkleWr%2BatOw8wPKzJDMf48MU61e5CroHZ7u0EiVk07U2aEaH3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
cf-ray: 87e3ac258bb02c00-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 200x200.jpg
linkslot.ru/promo/dummy/ 15 KB
15 KB 94ms
93ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/promo/dummy/200x200.jpg
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77a6b3466cb376003db40b3adb3170556393ef2c131836c68acd18cabfc1ab4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:26:24 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Jun 2023 11:22:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "647dc573-3ad5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=67Um2eVR4sD6cWNQHLM5nGUVIiYcMqbAM8sSSw8lkD6nHR27igeMA04zzn0Kenh7HVKd%2FdiGnnyLkArI82MTVejCdj9AXd1BPm%2F%2FLCJRU%2F4xMHy4JPw6r4Uoxf4v%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 87e3ac25891d9765-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15061

GET
H2 200 /
bonusket.ru/ Frame F253 0
0 563ms
220ms Document
text/html 91.227.16.12
EXIMIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bonusket.ru/?r=1AToSSRZ4ZhactL357F495jeMiYQWkXpJL

Requested by

Host: webtrafic.ru
URL: https://webtrafic.ru/ads.php?uid=1150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.227.16.12 , Russian Federation, ASN207027 (EXIMIUS-AS, RU),

Reverse DNS

srv12.host-food.ru

Software

nginx/1.14.1 / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bonus.gb1t.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 03 May 2024 22:26:24 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
referrer-policy: unsafe-url
server: nginx/1.14.1
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
x-power-supply-by: 220 Volt
x-powered-by: PHP/7.4.33

GET
H2 200 iframe.php
trafiframe.ru/ Frame 9B35 0
0 250ms
151ms Document
text/html 2606:4700:3031::6815:4918
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trafiframe.ru/iframe.php
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/ads.php?uid=1150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4918 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bonus.gb1t.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 87e3ac26480a1e52-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 03 May 2024 22:26:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4i4X8%2FnADS114e4RRMs7dSMrJ2I1ihobeXItbpj3ylSH7jJYNXTgDbY%2BKlzwHsb%2FBJWZL4X6k9cy0aU0yZN73BQR14zVRsijk2g%2BFNUGZd8n3Uu%2FGQralrGZc7T9Fms2NRb4BDRJrgFKNYq4"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-page-speed: 1.13.35.2-0

GET
H3 200 cab130883aa549246a1c21be51e3b130.jpg
webtrafic.ru/banners/ 13 KB
13 KB 48ms
47ms Image
image/jpeg 172.67.200.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtrafic.ru/banners/cab130883aa549246a1c21be51e3b130.jpg
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6c6b55547382dd86569c85eece8bcbedc2d5e77a1c28a6d0990d1b832958849

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:26:24 GMT
cf-cache-status: HIT
x-original-content-length: 17483
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7098
alt-svc: h3=":443"; ma=86400
content-length: 13269
server: cloudflare
etag: W/"PSA-aj-YNrJKxVKpz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5G61pPCU6IBpp35tDPLyDdQK8IBJzKZk1SPsPX9iV3LE0pPflzHjocSenC5Uv0l07piQYbr8KDaKu6UXeqIUn3yD61gi6tdpdbYvb5CYeb6bsZHEqorQb6RQ2DrMksU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87e3ac259e601905-FRA
expires: Fri, 03 May 2024 20:14:56 GMT

GET
H3 200 logo.png
webtrafic.ru/img/ 885 B
1 KB 55ms
54ms Image
image/png 172.67.200.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtrafic.ru/img/logo.png
Requested by: Host: bonus.gb1t.ru
URL: https://bonus.gb1t.ru/traff.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bf5a139827bcf9070b9ff40d1f9780ab42087551c35fc85a94394999911c219

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:26:24 GMT
cf-cache-status: HIT
x-original-content-length: 1200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3636359
alt-svc: h3=":443"; ma=86400
content-length: 885
server: cloudflare
etag: W/"PSA-aj-T5WUueMRUX"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2nHhe4VaSCXVfH2pHN%2BGG9%2BKN2ilySqxBlAtlFCj4DBOWaRsCuiHRW%2B8b3T3cmsCufM%2FXadxV6eMjgri15euEtuyDHNtgW9tl2Z4L9SoNz6ln28249QQeIUjWyr5Nno%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=314985815
accept-ranges: bytes
cf-ray: 87e3ac25de881905-FRA
expires: Thu, 16 Mar 2034 12:24:01 GMT

GET
H2 200 user Show response
cookie.co1linesu.ru/ 35 B
395 B 138ms
39ms XHR
text/html 167.235.119.87
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie.co1linesu.ru/user?domain=https%3A%2F%2Fbonus.gb1t.ru

Requested by

Host: bnster.com
URL: https://bnster.com/widget/bc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.235.119.87 Bühl, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.87.119.235.167.clients.your-server.de

Software

Resource Hash

92af0bd2149d9780f3111dc13ae9918aa8a2301e940dd86f3ecbb74e43268411

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: cache
date: Fri, 03 May 2024 22:26:24 GMT
strict-transport-security: max-age=15724800
last-modified: Wed, 30 Jun 2010 21:36:48 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://bonus.gb1t.ru
cache-control: private, max-age=157680000
access-control-allow-credentials: true
content-length: 35
expires: Thu, 03 May 2029 01:26:24 MSK

POST
H2 200 / Show response
bnster.com/bg/ 84 B
548 B 125ms
45ms XHR
text/html 167.235.119.90
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bnster.com/bg/?vid=v2_3f64c0227e64edaa0d5a4d2ae495db3b&streams%5B%5D=713409070&user_data%5Bis_mobile%5D=0&user_data%5Bis_touch_device%5D=0&user_data%5Bwindow%5D%5Bwidth%5D=1600&user_data%5Bwindow%5D%5Bheight%5D=1200&user_data%5Buser_agent%5D=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F124.0.0.0%20Safari%2F537.36&user_data%5Bplatform%5D=Win32&user_data%5Blanguage%5D=de-DE&user_data%5Bdomain%5D=https%3A%2F%2Fbonus.gb1t.ru&user_data%5Bhref%5D=https%3A%2F%2Fbonus.gb1t.ru%2Ftraff.php&user_data%5Bhas_adblock%5D=0&user_data%5Bblock_size%5D%5B713409070%5D%5Bwidth%5D=1060&user_data%5Bblock_size%5D%5B713409070%5D%5Bheight%5D=118

Requested by

Host: bnster.com
URL: https://bnster.com/widget/bc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.235.119.90 Bühl, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.90.119.235.167.clients.your-server.de

Software

Resource Hash

6828c218a24af0a7595cd6c6f92164afe61c8bf322ce74705b8528fe913b2ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://bonus.gb1t.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 03 May 2024 22:26:24 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 404 favicon.ico
bonus.gb1t.ru/ 307 KB
67 KB 322ms
322ms Other
text/html 2a00:f940:2:2:1:4:0:106
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://bonus.gb1t.ru/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:106 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: caa963bd5cd38d0c8ea391986da6067b12e5a2f9ad2f09ec281bfe7ae3103134

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bonus.gb1t.ru/traff.php
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:26:27 GMT
content-encoding: gzip
last-modified: Sat, 09 Sep 2023 08:02:27 GMT
server: nginx
content-type: text/html; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto:400,100,300

Domain: bonus.gb1t.ru
URL: http://bonus.gb1t.ru/cu.js

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bonus.gb1t.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: efada7bf9b14b3e95a4ca1c1baf06f77
bonus.gb1t.ru/	1970-01-20 20:19:38	Name: nova Value: 1vd97mij8tuo00000000000000000000
informer.yandex.ru/	1970-01-21 05:05:11	Name: bh Value: EkEiQ2hyb21pdW0iO3Y9IjEyNCIsICJHb29nbGUgQ2hyb21lIjt2PSIxMjQiLCAiTm90LUEuQnJhbmQiO3Y9Ijk5IioCPzA6ByJMaW51eCI=
.yandex.ru/	1970-01-21 05:55:35	Name: i Value: tTbIsXsa4nwAnOTnv+RjpIfnPscdVYtmGk2LiumEQJjNGl6BL7WWEiubmxuX2cAZwoSKgm6s/2awPZGiuP3tuaJCEFE=
.yandex.ru/	1970-01-21 05:55:35	Name: yandexuid Value: 9114241001714775184
.yandex.ru/	1970-01-21 05:05:11	Name: yashr Value: 4753603381714775184
mc.yandex.ru/	1970-01-21 05:05:11	Name: bh Value: EkEiQ2hyb21pdW0iO3Y9IjEyNCIsICJHb29nbGUgQ2hyb21lIjt2PSIxMjQiLCAiTm90LUEuQnJhbmQiO3Y9Ijk5IioCPzA6ByJMaW51eCI=
.yandex.com/	1970-01-21 05:05:11	Name: yashr Value: 3870775711714775185
mc.yandex.com/	1970-01-21 05:05:11	Name: bh Value: EkEiQ2hyb21pdW0iO3Y9IjEyNCIsICJHb29nbGUgQ2hyb21lIjt2PSIxMjQiLCAiTm90LUEuQnJhbmQiO3Y9Ijk5IioCPzA6ByJMaW51eCI=
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 406374901714775185
.yandex.com/	1970-01-21 05:55:35	Name: i Value: U0jEMcANApd/7Sd+QX7K7QF+Q/K/SKNmMhFxvbkCqg9tMFpAdd2kn3D93eZiCJ0V2K+E7QixkHD0ZV/UfC0wimWB9uI=
.yandex.com/	1970-01-21 05:55:35	Name: yandexuid Value: 4736914091714775185
.yandex.com/	1970-01-21 05:05:11	Name: yuidss Value: 4736914091714775185
.yandex.com/	1970-01-21 05:05:11	Name: ymex Value: 1746311185.yrts.1714775185#1746311185.yrtsi.1714775185
.yandex.com/	1970-01-21 05:05:11	Name: bh Value: Ej8iQ2hyb21pdW0iO3Y9IjEyNCIsIkdvb2dsZSBDaHJvbWUiO3Y9IjEyNCIsIk5vdC1BLkJyYW5kIjt2PSI5OSIaBSJ4ODYiIhAiMTI0LjAuNjM2Ny4xMTgiKgI/MDoHIkxpbnV4IkIIIjUuMTUuMCJKBCI2NCJSXCJDaHJvbWl1bSI7dj0iMTI0LjAuNjM2Ny4xMTgiLCJHb29nbGUgQ2hyb21lIjt2PSIxMjQuMC42MzY3LjExOCIsIk5vdC1BLkJyYW5kIjt2PSI5OS4wLjAuMCIi
.yandex.ru/	1970-01-21 05:55:35	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-21 05:55:35	Name: is_gdpr_b Value: CLGdUBD5+QEYAQ==
.yandex.ru/	1970-01-21 05:05:11	Name: receive-cookie-deprecation Value: 1
yandex.ru/	1970-01-21 05:05:11	Name: bh Value: EkEiQ2hyb21pdW0iO3Y9IjEyNCIsICJHb29nbGUgQ2hyb21lIjt2PSIxMjQiLCAiTm90LUEuQnJhbmQiO3Y9Ijk5IioCPzA6ByJMaW51eCI=

84 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://bonus.gb1t.ru/traff.php Message: Mixed Content: The page at 'https://bonus.gb1t.ru/traff.php' was loaded over HTTPS, but requested an insecure script 'http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://bonus.gb1t.ru/traff.php Message: Mixed Content: The page at 'https://bonus.gb1t.ru/traff.php' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Roboto:400,100,300'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://bonus.gb1t.ru/traff.php Message: Mixed Content: The page at 'https://bonus.gb1t.ru/traff.php' was loaded over HTTPS, but requested an insecure script 'http://bonus.gb1t.ru/cu.js'. This request has been blocked; the content must be served over HTTPS.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bonus.gb1t.ru/traff.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://bonus.gb1t.ru/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
ajax.googleapis.com
bnster.com
bonus.gb1t.ru
bonusket.ru
code.jquery.com
cookie.co1linesu.ru
fonts.googleapis.com
linkslot.ru
neon.autos
neon.today
seo-act.ru
trafiframe.ru
webtrafic.ru
ajax.googleapis.com
bonus.gb1t.ru
fonts.googleapis.com
167.235.119.87
167.235.119.90
172.67.200.135
188.114.97.3
188.40.69.138
213.183.48.30
2606:4700:3031::6815:4918
2a00:f940:2:2:1:1:0:46
2a00:f940:2:2:1:4:0:106
2a04:4e42:400::649
81.177.141.232
91.227.16.12
017d075c0bf8033207cdf4b6564011b97b62e905ad7e246e51c858582cb5493d
0270b73e423fd8122e008c24e073ba95db915ac8363c520fa63eff39a80c379f
07d7a25c85435e016e57dfc53a1d0e2c4c694275f5d53d18368d453c9217d1ff
1bb25991538ca880c81d25f85b9c9ac7430f2a3815afe6b2486047480316a82b
241155c2a3436bfc0a542fc31fe2908ff2bdfc90e1ac7e26c6ba715b01030dcf
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
31ce65bfa712041efc0a4cbf7deb6d63311f2c2c325a8101fd775271a4ba9dbc
35e2345840911a278fdf3c98e429716d241b148086fd67b2a2004dfb34138165
6086dc12195c58f0c977b6c87aadea6a23e7fd5d80cbc4d896afa47cd3931ea6
6828c218a24af0a7595cd6c6f92164afe61c8bf322ce74705b8528fe913b2ec1
6a32c37a54506db47e10f2b3fc9bf37b9ddb971590e151747fd6abf062df5193
7bf5a139827bcf9070b9ff40d1f9780ab42087551c35fc85a94394999911c219
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
92af0bd2149d9780f3111dc13ae9918aa8a2301e940dd86f3ecbb74e43268411
a72bb689f023b1207ec6e237da47771fe90319f48eff041e750c66fc29ce3011
b2e82d73dea7e08c23f95d61ee781e06be7299d51ee29f97782b139f876e6416
c127996f2c2e75ef1766d2d59b77d567a8cce7bbcae48321bac008cdde42dd80
caa963bd5cd38d0c8ea391986da6067b12e5a2f9ad2f09ec281bfe7ae3103134
d3d7d3668af97d3ebd115736a61be52849be229c0a3599d894b174df571a8d35
d77a6b3466cb376003db40b3adb3170556393ef2c131836c68acd18cabfc1ab4
ded9ca6022b113f485a7c29edb660f7dc404bf0826821cee56b70521046a5fb0
ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857
f6c6b55547382dd86569c85eece8bcbedc2d5e77a1c28a6d0990d1b832958849
ffdfb3d5d60fee4467f8d997f406fec864cd6e2a5bebb80f5efba35cef330706

bonus.gb1t.ru Open in urlscan Pro 2a00:f940:2:2:1:4:0:106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

92 %HTTPS

33 %IPv6

13 Domains

14 Subdomains

10 IPs

4 Countries

367 kBTransfer

757 kBSize

19 Cookies

14 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bonus.gb1t.ru Open in urlscan Pro
2a00:f940:2:2:1:4:0:106 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

92 %
HTTPS

33 %
IPv6

13
Domains

14
Subdomains

10
IPs

4
Countries

367 kB
Transfer

757 kB
Size

19
Cookies

38 HTTP transactions
0 data transactions