| bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/11.png | 188.114.96.1 | 200 OK | 4.2 kB |
URL GET HTTP/3bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/11.png IP188.114.96.1:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerGoogle Trust Services LLC Subjectbontik.ru Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT
File typePNG image data, 531 x 531, 4-bit colormap, non-interlaced Hasha37a23b2a0618413adef70fb8204160b 77ea62ed00de2374e9680384a0f0ac2c119c6875 e036e6f8908a87aa0e5189b8096ed0e4faed461b17eb7646c9e48011d2b27b5c
GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/11.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 4220
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-107c"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 2138
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YaVxcuuODU7%2FcAX%2Fbm2Uckwe7oCgkBYmYiP%2BCkLRhibePn5HAD%2BPTTba68%2FMghVkz1JnSDii83mQaards2T3fu%2FxeFuI8C7KkvtOmP2KSpUuFtPqpzUElscc%2FGU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647bebc569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/spin.png | 188.114.96.1 | 200 OK | 9.4 kB |
URL GET HTTP/3bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/spin.png IP188.114.96.1:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerGoogle Trust Services LLC Subjectbontik.ru Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT
File typePNG image data, 136 x 137, 8-bit/color RGBA, non-interlaced Hash7b5a73affea89f7a61cf02447cd8b28f aac3bbde34f52de14d589c9e1f1eaff0d2c86050 661a42f28393a654900c07858bc59ef1c608420765e93788aa3f58dcd8c84bc1
GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/spin.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 9424
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-24d0"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 4076
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Avq2xIbZJfEQoi0e3RP1IS3E7RDgBUuJJ0MkcKu7xoor6kMp1ahXxakaL54CSA8hGi8KL4sHgFJMn4kgy6v1yYXdsz5IeEhqxKtZVF7jP83LegUIlxleTaIWuvU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647bec4569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/aespinner.png | 188.114.96.1 | 200 OK | 126 kB |
URL GET HTTP/3bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/aespinner.png IP188.114.96.1:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerGoogle Trust Services LLC Subjectbontik.ru Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT
File typePNG image data, 567 x 567, 8-bit/color RGBA, non-interlaced Size126 kB (126108 bytes) Hashe5f969c1532c1f9aac059f8a531db3c7 1b0798cfb4aa87c49deeaff3b2b846a6b687b5d7 c1d88f2a0c42fc191f0d11324143c441fd6bc7dadc004894d03d5f13d01f6482
GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/aespinner.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 126108
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-1ec9c"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 1207
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rYcJUIq%2BoKON6xMkDL%2FSbe6HsWORNtuB5jBvKkvPj1279fbpgS8KJvanRQAgMgNcLrydFnST9%2FjBZ4%2Ff%2B4zRQKFfC0CGEErPJH0sIAN72UFT%2BpLz%2BcnA952D1do%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647bec0569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/arprize.png | 188.114.96.1 | 200 OK | 58 kB |
URL GET HTTP/3bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/arprize.png IP188.114.96.1:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerGoogle Trust Services LLC Subjectbontik.ru Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT
File typePNG image data, 212 x 186, 8-bit/color RGBA, non-interlaced Hash5f80643811b2ab458d3f36cc2dac2e66 eeaee9e449dd2964bdc0d65e9193791de6410225 a5d88103e55770fdcc60f24e509d65f4ebf2b85949b0e8f420e63afa60df9562
GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/arprize.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 58151
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-e327"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 6546
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AXETpNc9dAkirOdDdilNvpHspFLNMleGQnPAlFg5dtEzoJ2dZy1OjNqc2ZHa69y%2FIEmVk2JBXxPPer%2ByrFSErA8PeyoXoPFI5eKkr1QLGq6LjHqm3va94PgFQ%2FY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647bec6569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/1.png | 188.114.96.1 | 200 OK | 20 kB |
URL GET HTTP/3bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/1.png IP188.114.96.1:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerGoogle Trust Services LLC Subjectbontik.ru Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT
File typePNG image data, 50 x 52, 8-bit/color RGB, non-interlaced Hash72af383b6e6785cc96323a7fad263c75 aa5b65f777efa7ab5aa38c65c212341f2971da78 a14c6e3749c84f8be26a39f0bc5850d78749909e9026827ef771e135a47042ed
GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/1.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 20401
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-4fb1"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 1207
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ox%2BVGUIhC7H%2F5U5vQy7tohdcHBqqON6fyEj1LyAGy4ZXB47eY%2FXHjHqI3RdFFb9b8jz76eKmjzcG2OLqWQWM1OCiSV72VXhqifpgFfc7moYmpNR6wIhfzKa%2BzbE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647bec8569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/2.png | 188.114.96.1 | 200 OK | 20 kB |
URL GET HTTP/3bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/2.png IP188.114.96.1:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerGoogle Trust Services LLC Subjectbontik.ru Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT
File typePNG image data, 50 x 52, 8-bit/color RGB, non-interlaced Hash29e59d546ce5ae8ef7dba842b2a93cb6 ad6fa56bc8b02f5c697f3f9c457e4cefcf3b088e 7282399c604f5d63aa3a3ccb461a7b89964b39fae7d9d6319d711725515c12c3
GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/2.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 20427
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-4fcb"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 7082
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OowL9KOarg9l9I6%2BkdCYoAn9B0lQwNDy1Yw5bTGx6ayK8qrYF%2FkMPu1SwCx5gToP1sgoSYbHfIKLBjALU%2FUqk7NkoTix63byAIKwR4Y3EEl6zdHtG%2B0b9hlbLRY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647bec9569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/3.png | 188.114.96.1 | 200 OK | 21 kB |
URL GET HTTP/3bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/3.png IP188.114.96.1:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerGoogle Trust Services LLC Subjectbontik.ru Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT
File typePNG image data, 50 x 52, 8-bit/color RGB, non-interlaced Hash3f1d16a48e13d4ec00c13d4822b37c8f 757621298ffb8b44eabae9966db367fd505a9f24 49cf854f9509eff14d9af023bdc0a4d5f6ef8d535ba65fc2a3e6f576935250c1
GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/3.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 21081
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-5259"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 7075
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n1oN%2FMdU5%2BaBYMlD6AiTgHJPkQMgssBT%2BPUKWmBqZLtSkOBtDniGFACGrec0jpn1%2FH4x%2BlKTdaMLsTQAwN4YiamVUH4SJOTH0a%2BKWBlps%2BjGpZkTmUUcdzuRjEg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647becd569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high | 188.114.96.1 | 200 OK | 32 kB |
URL User Request GET HTTP/2bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectbontik.ru Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT
File typeJavaScript source, ASCII text, with very long lines (674) Hash051decfb86bf09883a82cf68e749883f 2f53044fdda0b643b4db6f7af41c865b3f81c1c1 82a7c4cec67e5c2ea1d119614db3d2ade04ad45f4be831da8af3a188fdc55234
GET /click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 08:12:02 GMT
content-type: text/html; charset=utf-8
set-cookie: uclick=9lzw7susvr; expires=Sat, 11-May-2024 08:12:02 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b; expires=Sat, 11-May-2024 08:12:02 GMT; Max-Age=86400; path=/; secure; SameSite=none
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DxF%2FMEfAWL5YwzX2zfLDAO1h3vkEHvl%2BWIpUfQxeqzUExZpmvpDp7qYE43mFQQvf1AdzSIWWab33B1yr0aYPbPNZbHHXumZ6iQWlhDrXKGuDPH4W7q1Z%2FEAWwI4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88187644df52b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/5.png | 188.114.96.1 | 200 OK | 6.0 kB |
URL GET HTTP/3bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/5.png IP188.114.96.1:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerGoogle Trust Services LLC Subjectbontik.ru Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT
File typePNG image data, 50 x 52, 8-bit/color RGB, non-interlaced Hash8b6ae9d5f0edaeb043509b63f0798466 b4173bc837da393ce683d5c0021dd7e541d32947 1fbb172f707cf016e445c0febaa6e10ec9d68f5c10de845eb8b100632664a054
GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/5.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 5996
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-176c"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 6684
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i5j6jTQWLoK%2B22pZCj3TtlIlfXxTfX0M0UhJhxTeU7IyPGrqWpP44Dyvolm%2FSNjSS7KyyivmYzmt%2FWe5BC%2BfVlOg%2Bt5fhJoannZqNH2lWLBGFSh3AuvWyAeC3IU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647bed6569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/6.png | 188.114.96.1 | 200 OK | 7.7 kB |
URL GET HTTP/3bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/6.png IP188.114.96.1:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerGoogle Trust Services LLC Subjectbontik.ru Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT
File typePNG image data, 50 x 52, 8-bit/color RGB, non-interlaced Hashd0c785a1000318f01a3004ba52bb6bed fc2b30f76884e8a493353d53ca608da556479349 eb2ee47bfa12e0b29d440f20470f10e4eae63ade8cabbfbe1bed8b3b27adc67b
GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/6.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 7713
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-1e21"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 1206
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WCO3%2B0gk4%2FLhywToWWtYb1OgE9S2Mm9lyYZKau12m%2Bm9nttawLH1jZnVJRs741tDGjf1BSY%2BfjjuLMWjjsNN44mjhlKybKhgESyy8p0m6Zv6fQWWNqg%2BmK6JBPE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647bed8569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/7.png | 188.114.96.1 | 200 OK | 8.1 kB |
URL GET HTTP/3bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/7.png IP188.114.96.1:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerGoogle Trust Services LLC Subjectbontik.ru Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT
File typePNG image data, 50 x 52, 8-bit/color RGB, non-interlaced Hash26958d2dfdbb2b9c702128456dfa9b63 c3852725dd934e0df8c21a16a4ca1784ac24cc91 cf36393abf98f448205bb15c4ce13fc73ecce186513f83a15b29dd01a7dfe617
GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/7.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 8061
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-1f7d"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 2899
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=79vacuoLz26jRKxV57wxZoRt%2BjC6h%2FN6UiQP6kqonWOltgPZYRXCB1TR8mz%2Fj3Iq%2BbLqbxVU3Jn5hKeIwVjxyQtYT80itzHerzTiFRzDqh%2F29%2FDnPMpowYqBWLU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647bedb569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/8.png | 188.114.96.1 | 200 OK | 22 kB |
URL GET HTTP/3bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/8.png IP188.114.96.1:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerGoogle Trust Services LLC Subjectbontik.ru Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT
File typePNG image data, 50 x 52, 8-bit/color RGB, non-interlaced Hash9634b826e90a6e95ed9e94979a94c7d1 5c870a8212826fdde281a72c17f36bdec5ebe18d 324942873b96e25417a34702624cbf95d3642add9a38b42a1d88c5498e3888db
GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/8.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 21765
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-5505"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 6684
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gEdlF5cBXSUivBeV%2BgjAihqNtreW25KTtBM7RSDcUQJewJ6NhX99%2Fd2Ih366lFfTbNVDI0wVhIKXL8pjwrb%2Bqff8GSIsjs0hNfAXBSOCWpX6ccWF0%2FNhPTVuddw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647bee1569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/translate_24dp.png | 188.114.96.1 | 200 OK | 846 B |
URL GET HTTP/3bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/translate_24dp.png IP188.114.96.1:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerGoogle Trust Services LLC Subjectbontik.ru Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT
File typePNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced Hashe9cd262114358f26b7608b56905185dc 6dbde0a96deaab2b529723ce26c62043cf9180ab 5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/translate_24dp.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 846
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-34e"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 5430
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qTJVDlhPZuakeGls5IOuX8HOOr8vaLodUNmwCz2eyW13A338D9vvx%2FyhtWSKI81LdQ%2FcD%2F0lXYwucOvCH9eJ%2B5%2FknROFrtmqC5K%2B8KICisyoL8MzxjUlS1X4sD8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647cee6569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/jquery-3.6.0.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F | 188.114.96.1 | 200 OK | 90 kB |
URL GET HTTP/3bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/jquery-3.6.0.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F IP188.114.96.1:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerGoogle Trust Services LLC Subjectbontik.ru Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/jquery-3.6.0.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: application/octet-stream
content-length: 89501
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-15d9d"
strict-transport-security: max-age=31536000
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3JlbyZt8bpn1qpeDhnC%2FlxX%2BoXdbNnKU8CYABbjceQNUt8gVQubKgEoUM7zAF9k%2FXAhvKzIv025S%2BOUFSVwXEuTAsM3krCjlZHomJQv8h19jmV%2FEd%2B5UeDmBb3Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88187647aeb1569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| push-sdk.net/f/sdk.js?z=1169213 | 23.88.8.125 | 200 OK | 15 kB |
URL GET HTTP/2push-sdk.net/f/sdk.js?z=1169213 IP23.88.8.125:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerLet's Encrypt Subjectpush-sdk.net FingerprintEF:07:FF:9E:FF:54:65:75:76:5D:48:DC:E3:45:59:45:0B:9A:86:95 ValiditySun, 14 Apr 2024 03:34:59 GMT - Sat, 13 Jul 2024 03:34:58 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (53344), with no line terminators Hashdf17f9793d0bbfbec3c9285f3dcc6200 12f0459f4095371bee63e6dd5f04ea9451cff933 1c60c387936024b9abb1b2514bba07be7725ffad25903c7faf23eecb61e222d7
GET /f/sdk.js?z=1169213 HTTP/1.1
Host: push-sdk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Angie
date: Fri, 10 May 2024 08:12:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 14884
content-encoding: gzip
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| bontik.ru/landers/lpz/lpfiles/cassandra/Binomo/NewVariation/vvloq33mfjb.jpg | 188.114.96.1 | 200 OK | 472 B |
URL GET HTTP/3bontik.ru/landers/lpz/lpfiles/cassandra/Binomo/NewVariation/vvloq33mfjb.jpg IP188.114.96.1:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerGoogle Trust Services LLC Subjectbontik.ru Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT
Hashd0606c1958297bda75d460e1086fafc8 02e4356b17b4c926dd0417252b9512a702ca7ecc c2c0d7df6fde6345af3b303669fcff56b6c2289a1fef751c76fac1782b6d8310
GET /landers/lpz/lpfiles/cassandra/Binomo/NewVariation/vvloq33mfjb.jpg HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 3305
last-modified: Fri, 10 May 2024 07:16:58 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TtRPzp8dDPqlv6fj9PXxWD0Y3Z96n5ndWfoJ%2B3b5ztamTlMLpjFEqzHr%2FrlO83Q4pL3r%2Fo1zv0LptSonQOGTQQDTXgInZkVVeeMqZh2f48SqWuxgr8TWvcz447c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187648b897569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,cyrillic-ext | 142.250.74.170 | 200 OK | 700 B |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,cyrillic-ext IP142.250.74.170:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hashe0fd6be3182dd641e1ff9568a94e74a5 0a1567a992d1a58e530a6a52aa82dae0a4f48c57 bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
GET /css?family=Roboto:400,300,700&subset=latin,cyrillic-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 08:12:03 GMT
date: Fri, 10 May 2024 08:12:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| bujerdaz.com/zone?&pub=0&zone_id=6229059&is_mobile=false&domain=bontik.ru&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=d9a8a8e0-3342-4707-963f-cb0254864138&action=prerequest | 139.45.197.250 | 200 OK | 0 B |
URL POST HTTP/2bujerdaz.com/zone?&pub=0&zone_id=6229059&is_mobile=false&domain=bontik.ru&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=d9a8a8e0-3342-4707-963f-cb0254864138&action=prerequest IP139.45.197.250:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerLet's Encrypt Subjectbujerdaz.com Fingerprint0C:8C:A0:AE:3A:F2:8E:BC:C9:F8:38:17:34:12:6E:06:46:3D:35:A3 ValidityMon, 15 Apr 2024 05:19:24 GMT - Sun, 14 Jul 2024 05:19:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=6229059&is_mobile=false&domain=bontik.ru&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=d9a8a8e0-3342-4707-963f-cb0254864138&action=prerequest HTTP/1.1
Host: bujerdaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bontik.ru
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 08:12:03 GMT
content-length: 0
x-trace-id: 469a8394695493a9aa8afe207d696106
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bontik.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/sweetalert.css | 188.114.96.1 | 200 OK | 3.6 kB |
URL GET HTTP/3bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/sweetalert.css IP188.114.96.1:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerGoogle Trust Services LLC Subjectbontik.ru Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT
Hash2c192b2dd454462bc2b603c4ca2acff8 6d9682def497402ff0aac4f4bd996023cd8c08e5 428853c65b817995a479a49ab30c7ab7b6c15e689bcd2041d3632b4213e48f72
GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/sweetalert.css HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: text/css
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: W/"64abe396-5065"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 5442
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bseRnkJtUeSyC%2FQOJzMQPxBYlUPPvOd67H4Dv2UK7AVObNMb%2B1nMtDCad0OzM2EdH12dywwFOUVhHkBL21ytNS19pg5YEA80tw2Z0sAtCiIyFMzdbIC3Dz6y%2Fzk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647aeb8569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bujerdaz.com/pfe/current/micro.tag.min.js?z=6229059&sw=/sw-check-permissions-5389c.js | 139.45.197.250 | 200 OK | 15 kB |
URL GET HTTP/2bujerdaz.com/pfe/current/micro.tag.min.js?z=6229059&sw=/sw-check-permissions-5389c.js IP139.45.197.250:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerLet's Encrypt Subjectbujerdaz.com Fingerprint0C:8C:A0:AE:3A:F2:8E:BC:C9:F8:38:17:34:12:6E:06:46:3D:35:A3 ValidityMon, 15 Apr 2024 05:19:24 GMT - Sun, 14 Jul 2024 05:19:23 GMT
File typegzip compressed data, max speed, from Unix Hash79ab4f5f20178d8996c060bb397118cb 1c4b2573fec4c28a0fabe5f38102b69cac5b9e97 05c6f230d524bab329e3cd7e74295e02df901851cc6350c1759b308d2ee09038
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?z=6229059&sw=/sw-check-permissions-5389c.js HTTP/1.1
Host: bujerdaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 08:12:03 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:51 GMT
etag: W/"662a3513-9116"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/style_1.css | 188.114.96.1 | 200 OK | 40 B |
URL GET HTTP/3bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/style_1.css IP188.114.96.1:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerGoogle Trust Services LLC Subjectbontik.ru Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT
Hash037f7d342aec95bb41af2f993cd0a484 4886c86c0e3275d60c4a7f57f2ad1438f01de71e bb53320aa1d74be209c31dfa9fb4effd592806b15add4f5ef011c014a8c7aad9
GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/style_1.css HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 2138
last-modified: Fri, 10 May 2024 07:36:25 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JjVMiieb9JwAyRegD9mYpo4TAYnnUkbw1z8yK8Lr%2BmW4VQhNDQ%2BuyBhfm4zDRD5Dq2oiJhojSAtEIyBwZvJT9tuYlxHiKqeHcSViVvrfSeWODPtD9%2Fdp5uJwYxY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647aebb569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/order_me.min.css | 188.114.96.1 | 200 OK | 1.2 kB |
URL GET HTTP/3bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/order_me.min.css IP188.114.96.1:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerGoogle Trust Services LLC Subjectbontik.ru Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT
File typeASCII text, with very long lines (4417), with no line terminators Hashc185346350c987e8e0f552df894b1ccd db2685c3f0c446f1e660686a4f7793170d04f554 c2a44b93c05add6a06589460971a8236fc9522511bd2bf5cf8a046cb1cf631c0
GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/order_me.min.css HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: text/css
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: W/"64abe396-1141"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 3099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DH85EWEKx1pg2PgcQ6mofh2EJUgIKR2mM1WVLD4LCXaMwRoS1R%2FLjPHFkxKAgnAyzMtVxHYY0tNHQaV2DFPkN0INfpt6JE5%2BeFNghs21Vpx1LtJV%2FBpt9OzXnGU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647aeb5569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash4f9bd300ada11e0e05030f7af5419b8b bc833d9fdca62f409eb21cdd0993879dc96b0a9a 30ce9e87ff9510388bf73c9833ef2946696ba6664736876854fbced28ac55211
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bontik.ru/
Content-Type: application/json
Content-Length: 1116
Origin: https://bontik.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 08:12:03 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bontik.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| s3.eu-west-2.amazonaws.com/doplay/lp_images_design/prelps_LPCreator/giftbox_game/like.png | 52.95.149.72 | 200 OK | 175 B |
URL GET HTTP/1.1s3.eu-west-2.amazonaws.com/doplay/lp_images_design/prelps_LPCreator/giftbox_game/like.png IP52.95.149.72:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerAmazon Subject*.s3.eu-west-2.amazonaws.com Fingerprint57:F8:7D:73:9D:60:C9:98:62:89:08:AE:C0:82:1D:70:41:3B:6B:90 ValidityThu, 25 Apr 2024 00:00:00 GMT - Mon, 21 Apr 2025 23:59:59 GMT
File typePNG image data, 13 x 12, 4-bit colormap, non-interlaced Hash7f5f867f5a1cc4c7f1bee43696ea4af9 2dfcae77833aa29271c69009dc617688fcfbea0e 2afc36927f6530f2e793065e7e077ddba745cf85dd81eedf5633025ba80924bd
GET /doplay/lp_images_design/prelps_LPCreator/giftbox_game/like.png HTTP/1.1
Host: s3.eu-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: w6Ofgz9uEGnTc+Wno2598K6O2uxT1O7UbOmeIBHLEovCcv1KL7Aw6139RgNjwaRg7FaRVPw3s20=
x-amz-request-id: CJHGHMB3MPN5TZFP
Date: Fri, 10 May 2024 08:12:04 GMT
Last-Modified: Tue, 20 Nov 2018 15:26:43 GMT
ETag: "7f5f867f5a1cc4c7f1bee43696ea4af9"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 175
|
|
| www.gstatic.com/images/branding/product/2x/translate_24dp.png | 142.250.74.131 | 200 OK | 1.8 kB |
URL GET HTTP/2www.gstatic.com/images/branding/product/2x/translate_24dp.png IP142.250.74.131:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashc69c796362406f9e11c7f4bf5bb628da e489ce95ab56208090868882113d7416abf46775 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 06:54:36 GMT
expires: Wed, 07 May 2025 06:54:36 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 263848
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| rtb.pushdom.co/pb/st?sctp=content-locker&m=ht&pid=888249&sid=332970&dm=bontik.ru&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st | 109.200.209.143 | 200 OK | 0 B |
URL GET HTTP/2rtb.pushdom.co/pb/st?sctp=content-locker&m=ht&pid=888249&sid=332970&dm=bontik.ru&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st IP109.200.209.143:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerLet's Encrypt Subjectrtb.pushdom.co Fingerprint12:C4:C5:EF:24:BE:28:31:C7:C1:45:E0:0F:F3:7E:9C:7F:5E:3E:30 ValidityMon, 01 Apr 2024 18:28:04 GMT - Sun, 30 Jun 2024 18:28:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pb/st?sctp=content-locker&m=ht&pid=888249&sid=332970&dm=bontik.ru&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st HTTP/1.1
Host: rtb.pushdom.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Fri, 10 May 2024 08:12:03 GMT
content-type: text/html;charset=UTF-8
content-length: 0
X-Firefox-Spdy: h2
|
|
| richinfo.co/richpartners/push/js/rp-cl-ob.js?pubid=888249&siteid=332970&niche=llkkk | 109.200.199.110 | 200 OK | 97 kB |
URL GET HTTP/2richinfo.co/richpartners/push/js/rp-cl-ob.js?pubid=888249&siteid=332970&niche=llkkk IP109.200.199.110:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerLet's Encrypt Subjectrichinfo.co Fingerprint25:29:37:EE:41:C6:34:D2:D5:4C:10:A7:3F:D7:C5:E4:2E:7D:3B:2D ValidityMon, 25 Mar 2024 13:05:17 GMT - Sun, 23 Jun 2024 13:05:16 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /richpartners/push/js/rp-cl-ob.js?pubid=888249&siteid=332970&niche=llkkk HTTP/1.1
Host: richinfo.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Fri, 10 May 2024 08:12:03 GMT
content-type: application/x-javascript
x-amz-id-2: CkARoW17FA3k+pTHwh1DRvOHGcinaT3JZ2Fh31+oCEh4CgasyCUN+SfBw/ZNWJSImCLcM+dNt/E=
x-amz-request-id: CV3B5XQBENKS6BHV
last-modified: Thu, 02 May 2024 10:22:54 GMT
etag: W/"48e0c66e13f063ffe401a275add23665"
x-amz-server-side-encryption: AES256
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/translateelement.css | 188.114.96.1 | 200 OK | 19 kB |
URL GET HTTP/3bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/translateelement.css IP188.114.96.1:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerGoogle Trust Services LLC Subjectbontik.ru Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT
File typeASCII text, with very long lines (18670) Hashda1ba9d9082da8ca5ed15d88b2e91fd8 c6f0b19f70b5e81eaba5e2d55c51602289053105 d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/translateelement.css HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: text/css
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: W/"64abe396-4924"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 3100
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U5bMAgN2S%2B3S%2BWFhH8mDDfL3S78Tcjh9%2FPWFKYutmYSmC9Mb2ce38PADK69fceknOcUcX2JuE6ApnN%2Bx6ds3sZAbwks03qQe8aw4IDP0%2FlP7OWk4Eua5f2ABamM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647aeaf569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| push-sdk.net/event?z=1169213 | 23.88.8.125 | 200 OK | 0 B |
URL POST HTTP/2push-sdk.net/event?z=1169213 IP23.88.8.125:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerLet's Encrypt Subjectpush-sdk.net FingerprintEF:07:FF:9E:FF:54:65:75:76:5D:48:DC:E3:45:59:45:0B:9A:86:95 ValiditySun, 14 Apr 2024 03:34:59 GMT - Sat, 13 Jul 2024 03:34:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event?z=1169213 HTTP/1.1
Host: push-sdk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 83
Origin: https://bontik.ru
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Angie
date: Fri, 10 May 2024 08:12:03 GMT
content-length: 0
access-control-allow-origin: https://bontik.ru
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
X-Firefox-Spdy: h2
|
|
| bontik.ru/sw-check-permissions-5389c.js?zoneId=6229059 | 188.114.96.1 | 200 OK | 566 B |
URL GET HTTP/3bontik.ru/sw-check-permissions-5389c.js?zoneId=6229059 IP188.114.96.1:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerGoogle Trust Services LLC Subjectbontik.ru Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT
File typeASCII text, with very long lines (605), with no line terminators Hash758a0822d872e8669d2c36246b176efc 28eadf5d00be56d675c15a270ad4bcc14bcb0b6c 2f3e136a12ff17da63d8b51e906a188785a750374579e29be17b77eebf43a55b
GET /sw-check-permissions-5389c.js?zoneId=6229059 HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:04 GMT
content-type: application/javascript
last-modified: Thu, 17 Aug 2023 15:41:27 GMT
etag: W/"64de3fa7-236"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RYMGRC61AxAGLDlLVONPkbwMOOrUQAw2iFN15gfzdL9USK1yr%2BKLa23BRe20VfGzJk%2Bcwm%2F9lvD6N1PpIhAEOBgtuO7h%2F9NvnZJWA15EUv%2FYFtjwJWmLIRtuQvc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818764dfb3d569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/4.png | 188.114.96.1 | 200 OK | 21 kB |
URL GET HTTP/3bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/4.png IP188.114.96.1:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerGoogle Trust Services LLC Subjectbontik.ru Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT
File typePNG image data, 50 x 52, 8-bit/color RGB, non-interlaced Hash934c63c3e8976cc9027841f7ce2882ac 2ac18b90d4fc9db479b8b81d8794830b3c4cc925 9a7be3a1c85923f27bae697630751463b35225e043a2a2fdb5d40425b23eb2d0
GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/4.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 20738
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-5102"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 6684
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FJGRmy1OOLtprzioJvdWtZLljGUVQZGXP%2FGUNPdqAK7ptl0lWbYHAcqauu2B6tZ489mKhnTGhTuFMQLANb2MuQv4OhbtMnDx9fxxal9numxpS9FU1Jsr9mdewr4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647bed0569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 0 B |
IP139.45.197.251:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 490
Origin: https://bontik.ru
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 08:12:03 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 9e36313ab3f649941b50688606a1ad64
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bontik.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| bontik.ru/favicon.ico | 188.114.96.1 | 200 OK | 5.6 kB |
IP188.114.96.1:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerGoogle Trust Services LLC Subjectbontik.ru Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT
File typeMS Windows icon resource - 1 icon, 39x34, 32 bits/pixel Hashdb884d3fed3f81d59e95e27707047c53 fd991a514b1284506bbbd229f4b067c3c7cc3ceb aab68489204839b0f8e37065417c542695e914b959927d0e3afd0d325e3787bc
GET /favicon.ico HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/x-icon
last-modified: Thu, 30 Aug 2018 21:25:42 GMT
etag: W/"5b8860d6-1606"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 3175
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kjrrn8ic31c9Vl02k5ze1y%2FxD7XEc5QhOCWHwRbDTZQWxGB0Q%2FK3rQJakJLPY0iGgWoLFv07rxGVnsaLlWRFud32gUgE936YUoPdkSI7ulhQQQCHxtmmOEDCpmQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818764c7faf569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 0 B |
IP139.45.197.251:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 491
Origin: https://bontik.ru
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 08:12:03 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: aa8c7c47bdba8dbb4deb3f3bd8d18bad
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bontik.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 0 B |
IP139.45.197.251:443
Requested byhttps://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 488
Origin: https://bontik.ru
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 08:12:03 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 7bf153a3fc3aa1155a3882051849fa99
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bontik.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|