Report - bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user

Report Overview

Submitted URL
bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-10 08:12:29
Access
public
Website Title
تبریک می گویم!
Final URL
bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
push-sdk.net	unknown	2022-10-25	2022-11-02	2024-05-09	841 B	16 kB	23.88.8.125
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	458 B	1.3 kB	142.250.74.170
amunfezanttor.com	unknown	2023-03-31	2023-03-31	2024-05-08	483 B	638 B	139.45.197.250
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-05-10	450 B	2.5 kB	142.250.74.131
jouteetu.net	260109	2021-07-08	2021-07-15	2024-05-09	1.3 kB	1.8 kB	139.45.197.251
bontik.ru	unknown	2024-02-21	2024-02-21	2024-04-18	18 kB	492 kB	188.114.96.1
bujerdaz.com	unknown	2022-10-03	2022-10-03	2024-02-25	1.0 kB	16 kB	139.45.197.250
s3.eu-west-2.amazonaws.com	unknown	2005-08-18	2016-08-17	2024-05-08	478 B	529 B	52.95.149.72
rtb.pushdom.co	244282	2018-12-28	2019-01-08	2024-03-22	515 B	158 B	109.200.209.143
richinfo.co	285236	2019-06-20	2019-06-26	2024-04-09	453 B	97 kB	109.200.199.110

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	bujerdaz.com	Sinkholed
2024-05-10	medium	bujerdaz.com	Sinkholed
2024-05-10	medium	amunfezanttor.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/jquery-3.6.0.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F	90 kB	2023-03-07	2024-05-20
Pretty URL bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/jquery-3.6.0.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-20 21:51:17 Times Seen275518 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	unknown	37 B	2023-04-11	2024-05-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31:25 Last Seen2024-05-20 22:32:31 Times Seen238900 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	unknown	3.9 kB	2024-05-10	2024-05-20
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2024-05-10 10:12:29 Last Seen2024-05-20 08:24:08 Times Seen4 Hash ef565dfb5b2dad075d6b92c86d97ec07 d1d013bf40474928fbd2c9cea7ed13ce5ba18dd9 8f6ce72de0d04afa4ae0b5d55fc7b56650d28951459854895434c5cf636f8746 Loading...

	bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high	12 B	2023-03-07	2024-05-20
Pretty URL bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:20:38 Last Seen2024-05-20 08:24:08 Times Seen1284 Hash 0e7f3117900f5a1ae135e55db5c1e2b5 25511a5448140274434558a44b01a184cb6bfd22 7bd21ebbdf4b77e78a5e48b6faf0b08176db888a02e954c3e56eb03028106ce3 Loading...

	bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high	496 B	2023-10-15	2024-05-20
Pretty URL bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-15 23:49:08 Last Seen2024-05-20 08:24:08 Times Seen26 Hash 5c090f806e2a8dc155f9dae67e5c1e47 518ab3983b9ed39f77abafe09ae2bd92f320cee8 2bb47924f441ee9976741243373a05f66ff09e4487ee551c4115d50bd58264e1 Loading...

	bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high	715 B	2024-05-10	2024-05-20
Pretty URL bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 10:12:29 Last Seen2024-05-20 08:24:08 Times Seen8 Hash ab6ebba3fb706f93500c2188ac22ca3f 4503638c2369b61c5daf9687d7fc9fd13b1ea468 b436c807d61d77142b9b767e7d68fd28ae28a18f41c401f8c6e89aee8f43de90 Loading...

	richinfo.co/richpartners/push/js/rp-cl-ob.js?pubid=888249&siteid=332970&niche=llkkk	97 kB	2024-04-06	2024-05-20
Pretty URL richinfo.co/richpartners/push/js/rp-cl-ob.js?pubid=888249&siteid=332970&niche=llkkk IP 109.200.199.110 ASN #49544 i3D.net B.V Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-06 10:11:36 Last Seen2024-05-20 08:24:08 Times Seen23 Hash 48e0c66e13f063ffe401a275add23665 1bb323c0046281baacf09fa4b891a2040721fdab 84887cf8337ccb3b43e39d98601758bf33dea79534abb027f2b9e7bba98e1bff Loading...

	bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high	573 B	2023-03-07	2024-05-20
Pretty URL bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:20:38 Last Seen2024-05-20 08:24:08 Times Seen335 Hash 193ab89d437c826107af05da5fffa150 3122f266bd8d4c65f5653fb4587c90992fa6a7d7 fb83112761432e31619ebd3d1b5570362ec267c974b01d177dc9a47f614d5ca7 Loading...

	bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high	1.4 kB	2023-03-07	2024-05-20
Pretty URL bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:20:48 Last Seen2024-05-20 08:24:08 Times Seen252 Hash e2455d171387f6c0ef8e98595b12a839 22319e161691a20a4cf39f306d85e9f0b0aaaaa9 6ff80c3b2a4913cc9469ba1e317236cb3fe7baf5a68d87ac8e328a429f8da797 Loading...

	unknown	79 B	2023-04-11	2024-05-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38:58 Last Seen2024-05-20 22:22:48 Times Seen126819 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	push-sdk.net/f/sdk.js?z=1169213	53 kB	2024-02-12	2024-05-17
Pretty URL push-sdk.net/f/sdk.js?z=1169213 IP 23.88.8.125 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-12 18:54:18 Last Seen2024-05-17 09:18:28 Times Seen92 Hash df17f9793d0bbfbec3c9285f3dcc6200 12f0459f4095371bee63e6dd5f04ea9451cff933 1c60c387936024b9abb1b2514bba07be7725ffad25903c7faf23eecb61e222d7 Loading...

	bujerdaz.com/pfe/current/micro.tag.min.js?z=6229059&sw=/sw-check-permissions-5389c.js	37 kB	2024-04-25	2024-05-15
Pretty URL bujerdaz.com/pfe/current/micro.tag.min.js?z=6229059&sw=/sw-check-permissions-5389c.js IP 139.45.197.250 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 13:01:48 Last Seen2024-05-15 20:42:51 Times Seen2522 Hash 32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de Loading...

	bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high	667 B	2023-03-07	2024-05-20
Pretty URL bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:20:38 Last Seen2024-05-20 08:24:08 Times Seen253 Hash 215e5c587dcd2e10926eaaaef90cc409 f436af6097069ea9ff3f7cbb21dd87b9056c9fe3 475220e505247f2ef2fcc0f983e0068674df90c66c9ebc69a2981a4f84af75c7 Loading...

HTTP Transactions (35)

URL IP Response Size

bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/11.png

188.114.96.1

200 OK

4.2 kB

URL GET HTTP/3
bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/11.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerGoogle Trust Services LLC
Subjectbontik.ru
Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F
ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT

File type
PNG image data, 531 x 531, 4-bit colormap, non-interlaced
Size
4.2 kB (4220 bytes)
Hash
a37a23b2a0618413adef70fb8204160b
77ea62ed00de2374e9680384a0f0ac2c119c6875
e036e6f8908a87aa0e5189b8096ed0e4faed461b17eb7646c9e48011d2b27b5c

HTTP Headers

GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/11.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 4220
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-107c"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 2138
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YaVxcuuODU7%2FcAX%2Fbm2Uckwe7oCgkBYmYiP%2BCkLRhibePn5HAD%2BPTTba68%2FMghVkz1JnSDii83mQaards2T3fu%2FxeFuI8C7KkvtOmP2KSpUuFtPqpzUElscc%2FGU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647bebc569a-OSL
alt-svc: h3=":443"; ma=86400

bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/spin.png

188.114.96.1

200 OK

9.4 kB

URL GET HTTP/3
bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/spin.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerGoogle Trust Services LLC
Subjectbontik.ru
Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F
ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT

File type
PNG image data, 136 x 137, 8-bit/color RGBA, non-interlaced
Size
9.4 kB (9424 bytes)
Hash
7b5a73affea89f7a61cf02447cd8b28f
aac3bbde34f52de14d589c9e1f1eaff0d2c86050
661a42f28393a654900c07858bc59ef1c608420765e93788aa3f58dcd8c84bc1

HTTP Headers

GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/spin.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 9424
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-24d0"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 4076
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Avq2xIbZJfEQoi0e3RP1IS3E7RDgBUuJJ0MkcKu7xoor6kMp1ahXxakaL54CSA8hGi8KL4sHgFJMn4kgy6v1yYXdsz5IeEhqxKtZVF7jP83LegUIlxleTaIWuvU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647bec4569a-OSL
alt-svc: h3=":443"; ma=86400

bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/aespinner.png

188.114.96.1

200 OK

126 kB

URL GET HTTP/3
bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/aespinner.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerGoogle Trust Services LLC
Subjectbontik.ru
Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F
ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT

File type
PNG image data, 567 x 567, 8-bit/color RGBA, non-interlaced
Size
126 kB (126108 bytes)
Hash
e5f969c1532c1f9aac059f8a531db3c7
1b0798cfb4aa87c49deeaff3b2b846a6b687b5d7
c1d88f2a0c42fc191f0d11324143c441fd6bc7dadc004894d03d5f13d01f6482

HTTP Headers

GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/aespinner.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 126108
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-1ec9c"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 1207
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rYcJUIq%2BoKON6xMkDL%2FSbe6HsWORNtuB5jBvKkvPj1279fbpgS8KJvanRQAgMgNcLrydFnST9%2FjBZ4%2Ff%2B4zRQKFfC0CGEErPJH0sIAN72UFT%2BpLz%2BcnA952D1do%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647bec0569a-OSL
alt-svc: h3=":443"; ma=86400

bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/arprize.png

188.114.96.1

200 OK

58 kB

URL GET HTTP/3
bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/arprize.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerGoogle Trust Services LLC
Subjectbontik.ru
Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F
ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT

File type
PNG image data, 212 x 186, 8-bit/color RGBA, non-interlaced
Size
58 kB (58151 bytes)
Hash
5f80643811b2ab458d3f36cc2dac2e66
eeaee9e449dd2964bdc0d65e9193791de6410225
a5d88103e55770fdcc60f24e509d65f4ebf2b85949b0e8f420e63afa60df9562

HTTP Headers

GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/arprize.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 58151
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-e327"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 6546
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AXETpNc9dAkirOdDdilNvpHspFLNMleGQnPAlFg5dtEzoJ2dZy1OjNqc2ZHa69y%2FIEmVk2JBXxPPer%2ByrFSErA8PeyoXoPFI5eKkr1QLGq6LjHqm3va94PgFQ%2FY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647bec6569a-OSL
alt-svc: h3=":443"; ma=86400

bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/1.png

188.114.96.1

200 OK

20 kB

URL GET HTTP/3
bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/1.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerGoogle Trust Services LLC
Subjectbontik.ru
Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F
ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT

File type
PNG image data, 50 x 52, 8-bit/color RGB, non-interlaced
Size
20 kB (20401 bytes)
Hash
72af383b6e6785cc96323a7fad263c75
aa5b65f777efa7ab5aa38c65c212341f2971da78
a14c6e3749c84f8be26a39f0bc5850d78749909e9026827ef771e135a47042ed

HTTP Headers

GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/1.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 20401
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-4fb1"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 1207
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ox%2BVGUIhC7H%2F5U5vQy7tohdcHBqqON6fyEj1LyAGy4ZXB47eY%2FXHjHqI3RdFFb9b8jz76eKmjzcG2OLqWQWM1OCiSV72VXhqifpgFfc7moYmpNR6wIhfzKa%2BzbE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647bec8569a-OSL
alt-svc: h3=":443"; ma=86400

bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/2.png

188.114.96.1

200 OK

20 kB

URL GET HTTP/3
bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/2.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerGoogle Trust Services LLC
Subjectbontik.ru
Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F
ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT

File type
PNG image data, 50 x 52, 8-bit/color RGB, non-interlaced
Size
20 kB (20427 bytes)
Hash
29e59d546ce5ae8ef7dba842b2a93cb6
ad6fa56bc8b02f5c697f3f9c457e4cefcf3b088e
7282399c604f5d63aa3a3ccb461a7b89964b39fae7d9d6319d711725515c12c3

HTTP Headers

GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/2.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 20427
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-4fcb"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 7082
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OowL9KOarg9l9I6%2BkdCYoAn9B0lQwNDy1Yw5bTGx6ayK8qrYF%2FkMPu1SwCx5gToP1sgoSYbHfIKLBjALU%2FUqk7NkoTix63byAIKwR4Y3EEl6zdHtG%2B0b9hlbLRY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647bec9569a-OSL
alt-svc: h3=":443"; ma=86400

bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/3.png

188.114.96.1

200 OK

21 kB

URL GET HTTP/3
bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/3.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerGoogle Trust Services LLC
Subjectbontik.ru
Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F
ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT

File type
PNG image data, 50 x 52, 8-bit/color RGB, non-interlaced
Size
21 kB (21081 bytes)
Hash
3f1d16a48e13d4ec00c13d4822b37c8f
757621298ffb8b44eabae9966db367fd505a9f24
49cf854f9509eff14d9af023bdc0a4d5f6ef8d535ba65fc2a3e6f576935250c1

HTTP Headers

GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/3.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 21081
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-5259"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 7075
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n1oN%2FMdU5%2BaBYMlD6AiTgHJPkQMgssBT%2BPUKWmBqZLtSkOBtDniGFACGrec0jpn1%2FH4x%2BlKTdaMLsTQAwN4YiamVUH4SJOTH0a%2BKWBlps%2BjGpZkTmUUcdzuRjEg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647becd569a-OSL
alt-svc: h3=":443"; ma=86400

bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high

188.114.96.1

200 OK

32 kB

URL User Request GET HTTP/2
bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectbontik.ru
Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F
ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT

File type
JavaScript source, ASCII text, with very long lines (674)
Size
32 kB (31465 bytes)
Hash
051decfb86bf09883a82cf68e749883f
2f53044fdda0b643b4db6f7af41c865b3f81c1c1
82a7c4cec67e5c2ea1d119614db3d2ade04ad45f4be831da8af3a188fdc55234

HTTP Headers

GET /click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 08:12:02 GMT
content-type: text/html; charset=utf-8
set-cookie: uclick=9lzw7susvr; expires=Sat, 11-May-2024 08:12:02 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b; expires=Sat, 11-May-2024 08:12:02 GMT; Max-Age=86400; path=/; secure; SameSite=none
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DxF%2FMEfAWL5YwzX2zfLDAO1h3vkEHvl%2BWIpUfQxeqzUExZpmvpDp7qYE43mFQQvf1AdzSIWWab33B1yr0aYPbPNZbHHXumZ6iQWlhDrXKGuDPH4W7q1Z%2FEAWwI4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88187644df52b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/5.png

188.114.96.1

200 OK

6.0 kB

URL GET HTTP/3
bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/5.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerGoogle Trust Services LLC
Subjectbontik.ru
Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F
ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT

File type
PNG image data, 50 x 52, 8-bit/color RGB, non-interlaced
Size
6.0 kB (5996 bytes)
Hash
8b6ae9d5f0edaeb043509b63f0798466
b4173bc837da393ce683d5c0021dd7e541d32947
1fbb172f707cf016e445c0febaa6e10ec9d68f5c10de845eb8b100632664a054

HTTP Headers

GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/5.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 5996
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-176c"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 6684
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i5j6jTQWLoK%2B22pZCj3TtlIlfXxTfX0M0UhJhxTeU7IyPGrqWpP44Dyvolm%2FSNjSS7KyyivmYzmt%2FWe5BC%2BfVlOg%2Bt5fhJoannZqNH2lWLBGFSh3AuvWyAeC3IU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647bed6569a-OSL
alt-svc: h3=":443"; ma=86400

bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/6.png

188.114.96.1

200 OK

7.7 kB

URL GET HTTP/3
bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/6.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerGoogle Trust Services LLC
Subjectbontik.ru
Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F
ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT

File type
PNG image data, 50 x 52, 8-bit/color RGB, non-interlaced
Size
7.7 kB (7713 bytes)
Hash
d0c785a1000318f01a3004ba52bb6bed
fc2b30f76884e8a493353d53ca608da556479349
eb2ee47bfa12e0b29d440f20470f10e4eae63ade8cabbfbe1bed8b3b27adc67b

HTTP Headers

GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/6.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 7713
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-1e21"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 1206
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WCO3%2B0gk4%2FLhywToWWtYb1OgE9S2Mm9lyYZKau12m%2Bm9nttawLH1jZnVJRs741tDGjf1BSY%2BfjjuLMWjjsNN44mjhlKybKhgESyy8p0m6Zv6fQWWNqg%2BmK6JBPE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647bed8569a-OSL
alt-svc: h3=":443"; ma=86400

bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/7.png

188.114.96.1

200 OK

8.1 kB

URL GET HTTP/3
bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/7.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerGoogle Trust Services LLC
Subjectbontik.ru
Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F
ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT

File type
PNG image data, 50 x 52, 8-bit/color RGB, non-interlaced
Size
8.1 kB (8061 bytes)
Hash
26958d2dfdbb2b9c702128456dfa9b63
c3852725dd934e0df8c21a16a4ca1784ac24cc91
cf36393abf98f448205bb15c4ce13fc73ecce186513f83a15b29dd01a7dfe617

HTTP Headers

GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/7.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 8061
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-1f7d"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 2899
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=79vacuoLz26jRKxV57wxZoRt%2BjC6h%2FN6UiQP6kqonWOltgPZYRXCB1TR8mz%2Fj3Iq%2BbLqbxVU3Jn5hKeIwVjxyQtYT80itzHerzTiFRzDqh%2F29%2FDnPMpowYqBWLU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647bedb569a-OSL
alt-svc: h3=":443"; ma=86400

bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/8.png

188.114.96.1

200 OK

22 kB

URL GET HTTP/3
bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/8.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerGoogle Trust Services LLC
Subjectbontik.ru
Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F
ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT

File type
PNG image data, 50 x 52, 8-bit/color RGB, non-interlaced
Size
22 kB (21765 bytes)
Hash
9634b826e90a6e95ed9e94979a94c7d1
5c870a8212826fdde281a72c17f36bdec5ebe18d
324942873b96e25417a34702624cbf95d3642add9a38b42a1d88c5498e3888db

HTTP Headers

GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/8.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 21765
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-5505"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 6684
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gEdlF5cBXSUivBeV%2BgjAihqNtreW25KTtBM7RSDcUQJewJ6NhX99%2Fd2Ih366lFfTbNVDI0wVhIKXL8pjwrb%2Bqff8GSIsjs0hNfAXBSOCWpX6ccWF0%2FNhPTVuddw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647bee1569a-OSL
alt-svc: h3=":443"; ma=86400

bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/translate_24dp.png

188.114.96.1

200 OK

846 B

URL GET HTTP/3
bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/translate_24dp.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerGoogle Trust Services LLC
Subjectbontik.ru
Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F
ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
Size
846 B (846 bytes)
Hash
e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

HTTP Headers

GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/translate_24dp.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 846
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-34e"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 5430
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qTJVDlhPZuakeGls5IOuX8HOOr8vaLodUNmwCz2eyW13A338D9vvx%2FyhtWSKI81LdQ%2FcD%2F0lXYwucOvCH9eJ%2B5%2FknROFrtmqC5K%2B8KICisyoL8MzxjUlS1X4sD8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647cee6569a-OSL
alt-svc: h3=":443"; ma=86400

bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/jquery-3.6.0.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F

188.114.96.1

200 OK

90 kB

URL GET HTTP/3
bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/jquery-3.6.0.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerGoogle Trust Services LLC
Subjectbontik.ru
Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F
ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/jquery-3.6.0.min.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: application/octet-stream
content-length: 89501
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-15d9d"
strict-transport-security: max-age=31536000
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3JlbyZt8bpn1qpeDhnC%2FlxX%2BoXdbNnKU8CYABbjceQNUt8gVQubKgEoUM7zAF9k%2FXAhvKzIv025S%2BOUFSVwXEuTAsM3krCjlZHomJQv8h19jmV%2FEd%2B5UeDmBb3Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88187647aeb1569a-OSL
alt-svc: h3=":443"; ma=86400

push-sdk.net/f/sdk.js?z=1169213

23.88.8.125

200 OK

15 kB

URL GET HTTP/2
push-sdk.net/f/sdk.js?z=1169213
IP
23.88.8.125:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerLet's Encrypt
Subjectpush-sdk.net
FingerprintEF:07:FF:9E:FF:54:65:75:76:5D:48:DC:E3:45:59:45:0B:9A:86:95
ValiditySun, 14 Apr 2024 03:34:59 GMT - Sat, 13 Jul 2024 03:34:58 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (53344), with no line terminators
Size
15 kB (14884 bytes)
Hash
df17f9793d0bbfbec3c9285f3dcc6200
12f0459f4095371bee63e6dd5f04ea9451cff933
1c60c387936024b9abb1b2514bba07be7725ffad25903c7faf23eecb61e222d7

HTTP Headers

GET /f/sdk.js?z=1169213 HTTP/1.1
Host: push-sdk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Angie
date: Fri, 10 May 2024 08:12:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 14884
content-encoding: gzip
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
vary: Accept-Encoding
X-Firefox-Spdy: h2

bontik.ru/landers/lpz/lpfiles/cassandra/Binomo/NewVariation/vvloq33mfjb.jpg

188.114.96.1

200 OK

472 B

URL GET HTTP/3
bontik.ru/landers/lpz/lpfiles/cassandra/Binomo/NewVariation/vvloq33mfjb.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerGoogle Trust Services LLC
Subjectbontik.ru
Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F
ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT

File type
data
Size
472 B (472 bytes)
Hash
d0606c1958297bda75d460e1086fafc8
02e4356b17b4c926dd0417252b9512a702ca7ecc
c2c0d7df6fde6345af3b303669fcff56b6c2289a1fef751c76fac1782b6d8310

HTTP Headers

GET /landers/lpz/lpfiles/cassandra/Binomo/NewVariation/vvloq33mfjb.jpg HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 3305
last-modified: Fri, 10 May 2024 07:16:58 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TtRPzp8dDPqlv6fj9PXxWD0Y3Z96n5ndWfoJ%2B3b5ztamTlMLpjFEqzHr%2FrlO83Q4pL3r%2Fo1zv0LptSonQOGTQQDTXgInZkVVeeMqZh2f48SqWuxgr8TWvcz447c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187648b897569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,cyrillic-ext

142.250.74.170

200 OK

700 B

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,cyrillic-ext
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text
Size
700 B (700 bytes)
Hash
e0fd6be3182dd641e1ff9568a94e74a5
0a1567a992d1a58e530a6a52aa82dae0a4f48c57
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d

HTTP Headers

GET /css?family=Roboto:400,300,700&subset=latin,cyrillic-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 08:12:03 GMT
date: Fri, 10 May 2024 08:12:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bujerdaz.com/zone?&pub=0&zone_id=6229059&is_mobile=false&domain=bontik.ru&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=d9a8a8e0-3342-4707-963f-cb0254864138&action=prerequest

139.45.197.250

200 OK

0 B

URL POST HTTP/2
bujerdaz.com/zone?&pub=0&zone_id=6229059&is_mobile=false&domain=bontik.ru&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=d9a8a8e0-3342-4707-963f-cb0254864138&action=prerequest
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerLet's Encrypt
Subjectbujerdaz.com
Fingerprint0C:8C:A0:AE:3A:F2:8E:BC:C9:F8:38:17:34:12:6E:06:46:3D:35:A3
ValidityMon, 15 Apr 2024 05:19:24 GMT - Sun, 14 Jul 2024 05:19:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=6229059&is_mobile=false&domain=bontik.ru&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=d9a8a8e0-3342-4707-963f-cb0254864138&action=prerequest HTTP/1.1
Host: bujerdaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bontik.ru
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 08:12:03 GMT
content-length: 0
x-trace-id: 469a8394695493a9aa8afe207d696106
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bontik.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/sweetalert.css

188.114.96.1

200 OK

3.6 kB

URL GET HTTP/3
bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/sweetalert.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerGoogle Trust Services LLC
Subjectbontik.ru
Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F
ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT

File type
ASCII text
Size
3.6 kB (3621 bytes)
Hash
2c192b2dd454462bc2b603c4ca2acff8
6d9682def497402ff0aac4f4bd996023cd8c08e5
428853c65b817995a479a49ab30c7ab7b6c15e689bcd2041d3632b4213e48f72

HTTP Headers

GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/sweetalert.css HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: text/css
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: W/"64abe396-5065"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 5442
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bseRnkJtUeSyC%2FQOJzMQPxBYlUPPvOd67H4Dv2UK7AVObNMb%2B1nMtDCad0OzM2EdH12dywwFOUVhHkBL21ytNS19pg5YEA80tw2Z0sAtCiIyFMzdbIC3Dz6y%2Fzk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647aeb8569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bujerdaz.com/pfe/current/micro.tag.min.js?z=6229059&sw=/sw-check-permissions-5389c.js

139.45.197.250

200 OK

15 kB

URL GET HTTP/2
bujerdaz.com/pfe/current/micro.tag.min.js?z=6229059&sw=/sw-check-permissions-5389c.js
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerLet's Encrypt
Subjectbujerdaz.com
Fingerprint0C:8C:A0:AE:3A:F2:8E:BC:C9:F8:38:17:34:12:6E:06:46:3D:35:A3
ValidityMon, 15 Apr 2024 05:19:24 GMT - Sun, 14 Jul 2024 05:19:23 GMT

File type
gzip compressed data, max speed, from Unix
Size
15 kB (14718 bytes)
Hash
79ab4f5f20178d8996c060bb397118cb
1c4b2573fec4c28a0fabe5f38102b69cac5b9e97
05c6f230d524bab329e3cd7e74295e02df901851cc6350c1759b308d2ee09038

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfe/current/micro.tag.min.js?z=6229059&sw=/sw-check-permissions-5389c.js HTTP/1.1
Host: bujerdaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 08:12:03 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:51 GMT
etag: W/"662a3513-9116"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/style_1.css

188.114.96.1

200 OK

40 B

URL GET HTTP/3
bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/style_1.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerGoogle Trust Services LLC
Subjectbontik.ru
Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F
ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT

File type
ASCII text
Size
40 B (40 bytes)
Hash
037f7d342aec95bb41af2f993cd0a484
4886c86c0e3275d60c4a7f57f2ad1438f01de71e
bb53320aa1d74be209c31dfa9fb4effd592806b15add4f5ef011c014a8c7aad9

HTTP Headers

GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/style_1.css HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 2138
last-modified: Fri, 10 May 2024 07:36:25 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JjVMiieb9JwAyRegD9mYpo4TAYnnUkbw1z8yK8Lr%2BmW4VQhNDQ%2BuyBhfm4zDRD5Dq2oiJhojSAtEIyBwZvJT9tuYlxHiKqeHcSViVvrfSeWODPtD9%2Fdp5uJwYxY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647aebb569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/order_me.min.css

188.114.96.1

200 OK

1.2 kB

URL GET HTTP/3
bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/order_me.min.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerGoogle Trust Services LLC
Subjectbontik.ru
Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F
ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT

File type
ASCII text, with very long lines (4417), with no line terminators
Size
1.2 kB (1154 bytes)
Hash
c185346350c987e8e0f552df894b1ccd
db2685c3f0c446f1e660686a4f7793170d04f554
c2a44b93c05add6a06589460971a8236fc9522511bd2bf5cf8a046cb1cf631c0

HTTP Headers

GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/order_me.min.css HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: text/css
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: W/"64abe396-1141"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 3099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DH85EWEKx1pg2PgcQ6mofh2EJUgIKR2mM1WVLD4LCXaMwRoS1R%2FLjPHFkxKAgnAyzMtVxHYY0tNHQaV2DFPkN0INfpt6JE5%2BeFNghs21Vpx1LtJV%2FBpt9OzXnGU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647aeb5569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

amunfezanttor.com/event

139.45.197.250

200 OK

94 B

URL OPTIONS HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA
ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT

File type
JSON text data
Size
94 B (94 bytes)
Hash
4f9bd300ada11e0e05030f7af5419b8b
bc833d9fdca62f409eb21cdd0993879dc96b0a9a
30ce9e87ff9510388bf73c9833ef2946696ba6664736876854fbced28ac55211

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bontik.ru/
Content-Type: application/json
Content-Length: 1116
Origin: https://bontik.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 08:12:03 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bontik.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

s3.eu-west-2.amazonaws.com/doplay/lp_images_design/prelps_LPCreator/giftbox_game/like.png

52.95.149.72

200 OK

175 B

URL GET HTTP/1.1
s3.eu-west-2.amazonaws.com/doplay/lp_images_design/prelps_LPCreator/giftbox_game/like.png
IP
52.95.149.72:443
ASN
#16509 AMAZON-02

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerAmazon
Subject*.s3.eu-west-2.amazonaws.com
Fingerprint57:F8:7D:73:9D:60:C9:98:62:89:08:AE:C0:82:1D:70:41:3B:6B:90
ValidityThu, 25 Apr 2024 00:00:00 GMT - Mon, 21 Apr 2025 23:59:59 GMT

File type
PNG image data, 13 x 12, 4-bit colormap, non-interlaced
Size
175 B (175 bytes)
Hash
7f5f867f5a1cc4c7f1bee43696ea4af9
2dfcae77833aa29271c69009dc617688fcfbea0e
2afc36927f6530f2e793065e7e077ddba745cf85dd81eedf5633025ba80924bd

HTTP Headers

GET /doplay/lp_images_design/prelps_LPCreator/giftbox_game/like.png HTTP/1.1
Host: s3.eu-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: w6Ofgz9uEGnTc+Wno2598K6O2uxT1O7UbOmeIBHLEovCcv1KL7Aw6139RgNjwaRg7FaRVPw3s20=
x-amz-request-id: CJHGHMB3MPN5TZFP
Date: Fri, 10 May 2024 08:12:04 GMT
Last-Modified: Tue, 20 Nov 2018 15:26:43 GMT
ETag: "7f5f867f5a1cc4c7f1bee43696ea4af9"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 175

www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.131

200 OK

1.8 kB

URL GET HTTP/2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 06:54:36 GMT
expires: Wed, 07 May 2025 06:54:36 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 263848
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

rtb.pushdom.co/pb/st?sctp=content-locker&m=ht&pid=888249&sid=332970&dm=bontik.ru&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st

109.200.209.143

200 OK

0 B

URL GET HTTP/2
rtb.pushdom.co/pb/st?sctp=content-locker&m=ht&pid=888249&sid=332970&dm=bontik.ru&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st
IP
109.200.209.143:443
ASN
#49544 i3D.net B.V

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerLet's Encrypt
Subjectrtb.pushdom.co
Fingerprint12:C4:C5:EF:24:BE:28:31:C7:C1:45:E0:0F:F3:7E:9C:7F:5E:3E:30
ValidityMon, 01 Apr 2024 18:28:04 GMT - Sun, 30 Jun 2024 18:28:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pb/st?sctp=content-locker&m=ht&pid=888249&sid=332970&dm=bontik.ru&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st HTTP/1.1
Host: rtb.pushdom.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.21.4.1
date: Fri, 10 May 2024 08:12:03 GMT
content-type: text/html;charset=UTF-8
content-length: 0
X-Firefox-Spdy: h2

richinfo.co/richpartners/push/js/rp-cl-ob.js?pubid=888249&siteid=332970&niche=llkkk

109.200.199.110

200 OK

97 kB

URL GET HTTP/2
richinfo.co/richpartners/push/js/rp-cl-ob.js?pubid=888249&siteid=332970&niche=llkkk
IP
109.200.199.110:443
ASN
#49544 i3D.net B.V

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerLet's Encrypt
Subjectrichinfo.co
Fingerprint25:29:37:EE:41:C6:34:D2:D5:4C:10:A7:3F:D7:C5:E4:2E:7D:3B:2D
ValidityMon, 25 Mar 2024 13:05:17 GMT - Sun, 23 Jun 2024 13:05:16 GMT

File type

Size
97 kB (96639 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /richpartners/push/js/rp-cl-ob.js?pubid=888249&siteid=332970&niche=llkkk HTTP/1.1
Host: richinfo.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.21.4.1
date: Fri, 10 May 2024 08:12:03 GMT
content-type: application/x-javascript
x-amz-id-2: CkARoW17FA3k+pTHwh1DRvOHGcinaT3JZ2Fh31+oCEh4CgasyCUN+SfBw/ZNWJSImCLcM+dNt/E=
x-amz-request-id: CV3B5XQBENKS6BHV
last-modified: Thu, 02 May 2024 10:22:54 GMT
etag: W/"48e0c66e13f063ffe401a275add23665"
x-amz-server-side-encryption: AES256
content-encoding: gzip
X-Firefox-Spdy: h2

bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/translateelement.css

188.114.96.1

200 OK

19 kB

URL GET HTTP/3
bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/translateelement.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerGoogle Trust Services LLC
Subjectbontik.ru
Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F
ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT

File type
ASCII text, with very long lines (18670)
Size
19 kB (18724 bytes)
Hash
da1ba9d9082da8ca5ed15d88b2e91fd8
c6f0b19f70b5e81eaba5e2d55c51602289053105
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166

HTTP Headers

GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/translateelement.css HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: text/css
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: W/"64abe396-4924"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 3100
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U5bMAgN2S%2B3S%2BWFhH8mDDfL3S78Tcjh9%2FPWFKYutmYSmC9Mb2ce38PADK69fceknOcUcX2JuE6ApnN%2Bx6ds3sZAbwks03qQe8aw4IDP0%2FlP7OWk4Eua5f2ABamM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647aeaf569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

push-sdk.net/event?z=1169213

23.88.8.125

200 OK

0 B

URL POST HTTP/2
push-sdk.net/event?z=1169213
IP
23.88.8.125:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerLet's Encrypt
Subjectpush-sdk.net
FingerprintEF:07:FF:9E:FF:54:65:75:76:5D:48:DC:E3:45:59:45:0B:9A:86:95
ValiditySun, 14 Apr 2024 03:34:59 GMT - Sat, 13 Jul 2024 03:34:58 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /event?z=1169213 HTTP/1.1
Host: push-sdk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 83
Origin: https://bontik.ru
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Angie
date: Fri, 10 May 2024 08:12:03 GMT
content-length: 0
access-control-allow-origin: https://bontik.ru
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
X-Firefox-Spdy: h2

bontik.ru/sw-check-permissions-5389c.js?zoneId=6229059

188.114.96.1

200 OK

566 B

URL GET HTTP/3
bontik.ru/sw-check-permissions-5389c.js?zoneId=6229059
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerGoogle Trust Services LLC
Subjectbontik.ru
Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F
ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT

File type
ASCII text, with very long lines (605), with no line terminators
Size
566 B (566 bytes)
Hash
758a0822d872e8669d2c36246b176efc
28eadf5d00be56d675c15a270ad4bcc14bcb0b6c
2f3e136a12ff17da63d8b51e906a188785a750374579e29be17b77eebf43a55b

HTTP Headers

GET /sw-check-permissions-5389c.js?zoneId=6229059 HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:04 GMT
content-type: application/javascript
last-modified: Thu, 17 Aug 2023 15:41:27 GMT
etag: W/"64de3fa7-236"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RYMGRC61AxAGLDlLVONPkbwMOOrUQAw2iFN15gfzdL9USK1yr%2BKLa23BRe20VfGzJk%2Bcwm%2F9lvD6N1PpIhAEOBgtuO7h%2F9NvnZJWA15EUv%2FYFtjwJWmLIRtuQvc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818764dfb3d569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/4.png

188.114.96.1

200 OK

21 kB

URL GET HTTP/3
bontik.ru/landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/4.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerGoogle Trust Services LLC
Subjectbontik.ru
Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F
ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT

File type
PNG image data, 50 x 52, 8-bit/color RGB, non-interlaced
Size
21 kB (20738 bytes)
Hash
934c63c3e8976cc9027841f7ce2882ac
2ac18b90d4fc9db479b8b81d8794830b3c4cc925
9a7be3a1c85923f27bae697630751463b35225e043a2a2fdb5d40425b23eb2d0

HTTP Headers

GET /landers/forex_app_v5new_fa/v5/v5new/Congratulations!_files/4.png HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/png
content-length: 20738
last-modified: Mon, 10 Jul 2023 10:55:18 GMT
etag: "64abe396-5102"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 6684
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FJGRmy1OOLtprzioJvdWtZLljGUVQZGXP%2FGUNPdqAK7ptl0lWbYHAcqauu2B6tZ489mKhnTGhTuFMQLANb2MuQv4OhbtMnDx9fxxal9numxpS9FU1Jsr9mdewr4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88187647bed0569a-OSL
alt-svc: h3=":443"; ma=86400

jouteetu.net/custom

139.45.197.251

200 OK

0 B

URL POST HTTP/2
jouteetu.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 490
Origin: https://bontik.ru
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 08:12:03 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 9e36313ab3f649941b50688606a1ad64
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bontik.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

bontik.ru/favicon.ico

188.114.96.1

200 OK

5.6 kB

URL GET HTTP/3
bontik.ru/favicon.ico
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerGoogle Trust Services LLC
Subjectbontik.ru
Fingerprint0A:59:FA:DE:D6:E6:54:37:E6:C2:6F:71:E2:20:E1:F3:20:05:E4:5F
ValiditySat, 20 Apr 2024 20:09:35 GMT - Fri, 19 Jul 2024 20:09:34 GMT

File type
MS Windows icon resource - 1 icon, 39x34, 32 bits/pixel
Size
5.6 kB (5638 bytes)
Hash
db884d3fed3f81d59e95e27707047c53
fd991a514b1284506bbbd229f4b067c3c7cc3ceb
aab68489204839b0f8e37065417c542695e914b959927d0e3afd0d325e3787bc

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: bontik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Cookie: uclick=9lzw7susvr; uclickhash=9lzw7susvr-9lzw7susvr-h9gx0-0-q552vr-dvcibl-uq15i4-01e41b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 08:12:03 GMT
content-type: image/x-icon
last-modified: Thu, 30 Aug 2018 21:25:42 GMT
etag: W/"5b8860d6-1606"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 3175
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kjrrn8ic31c9Vl02k5ze1y%2FxD7XEc5QhOCWHwRbDTZQWxGB0Q%2FK3rQJakJLPY0iGgWoLFv07rxGVnsaLlWRFud32gUgE936YUoPdkSI7ulhQQQCHxtmmOEDCpmQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818764c7faf569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

jouteetu.net/custom

139.45.197.251

200 OK

0 B

URL POST HTTP/2
jouteetu.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 491
Origin: https://bontik.ru
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 08:12:03 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: aa8c7c47bdba8dbb4deb3f3bd8d18bad
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bontik.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

jouteetu.net/custom

139.45.197.251

200 OK

0 B

URL POST HTTP/2
jouteetu.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://bontik.ru/click.php?key=mnw5is713i5dqbvtgg2w&visitor_id=812709952702657402&cost=0.000105&zoneid=7393037&campaignid=7827312&country=IR&bannerid=20052259&zone_type={zone_type}&osversion=unspecified_android&browser=samsung&creative=creo&device=other&user_activity=high
Certificate
IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 488
Origin: https://bontik.ru
DNT: 1
Connection: keep-alive
Referer: https://bontik.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 08:12:03 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 7bf153a3fc3aa1155a3882051849fa99
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bontik.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by