s3.amazonaws.com Open in urlscan Pro
52.217.33.14 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://speedflow.io/adult/?a=rr
Effective URL:
https://s3.amazonaws.com/single-fox-aqua/radical-maroon/index.html?vid=c03c9e60-215f-11eb-9dc3-c3fe501d78ea&dl=tjsszfkn.d...
Submission Tags: demotag1 demotag2 Search All
Submission: On November 08 via api (November 8th 2020, 1:14:46 am UTC) from US

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 5 countries across 15 domains to perform 22 HTTP transactions. The main IP is 52.217.33.14, located in Ashburn, United States and belongs to AMAZON-02, US. The main domain is s3.amazonaws.com.
TLS certificate: Issued by DigiCert Baltimore CA-2 G2 on August 4th 2020. Valid for: a year.

This is the only time s3.amazonaws.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	198.54.116.135 198.54.116.135	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	95.211.229.246 95.211.229.246	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	162.213.255.36 162.213.255.36	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 4	107.170.39.103 107.170.39.103	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	35.190.72.161 35.190.72.161	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
2	144.76.40.130 144.76.40.130	24940 (HETZNER-AS) (HETZNER-AS)
1 1	88.212.232.188 88.212.232.188	7979 (SERVERS-COM) (SERVERS-COM)
1 3	188.72.236.136 188.72.236.136	35415 (WEBZILLA) (WEBZILLA)
1 1	212.32.250.10 212.32.250.10	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	139.45.195.38 139.45.195.38	9002 (RETN-AS) (RETN-AS)
1 1	2606:4700:303... 2606:4700:3031::6818:752a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	52.217.33.14 52.217.33.14	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
22	11

1 198.54.116.135 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server193-5.web-hosting.com

speedflow.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

a.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.229.246 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.213.255.36 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server145-4.web-hosting.com

manyhit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.170.39.103 (New York, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

traffdaq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.161 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com

c.securepaths.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.40.130 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.130.40.76.144.clients.your-server.de

all.obozrevatelcom.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.232.188 (Russian Federation) 1 redirects

ASN7979 (SERVERS-COM, US)
PTR: da1.d.fozzy.com

btcxxx.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.72.236.136 (Netherlands) 1 redirects

ASN35415 (WEBZILLA, NL)
PTR: 1f2-12-d2456-136.webazilla.com

expert2020software.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bests0luti0n.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.250.10 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

link.dlvr.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.38 (Ascension Island) 1 redirects

ASN9002 (RETN-AS, EU)

udookrou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6818:752a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

jnyvdahu.expectedangelfish.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.217.33.14 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	amazonaws.com s3.amazonaws.com	98 KB
4	traffdaq.com 1 redirects traffdaq.com	4 KB
2	bests0luti0n.com 1 redirects bests0luti0n.com	930 B
2	obozrevatelcom.info all.obozrevatelcom.info	4 KB
2	realsrv.com a.realsrv.com syndication.realsrv.com	1 KB
1	googleapis.com ajax.googleapis.com	32 KB
1	expectedangelfish.com 1 redirects jnyvdahu.expectedangelfish.com	701 B
1	udookrou.com 1 redirects udookrou.com	1 KB
1	dlvr.live 1 redirects link.dlvr.live	206 B
1	expert2020software.com expert2020software.com	7 KB
1	btcxxx.ru 1 redirects btcxxx.ru	408 B
1	jsdelivr.net cdn.jsdelivr.net	10 KB
1	securepaths.com c.securepaths.com
1	manyhit.com manyhit.com
1	speedflow.io speedflow.io	1 KB
22	15

	Domain	Requested by
8	s3.amazonaws.com	expert2020software.com s3.amazonaws.com ajax.googleapis.com
4	traffdaq.com	1 redirects speedflow.io traffdaq.com
2	bests0luti0n.com	1 redirects expert2020software.com
2	all.obozrevatelcom.info	traffdaq.com speedflow.io
1	ajax.googleapis.com	s3.amazonaws.com
1	jnyvdahu.expectedangelfish.com	1 redirects
1	udookrou.com	1 redirects
1	link.dlvr.live	1 redirects
1	expert2020software.com	speedflow.io
1	btcxxx.ru	1 redirects
1	cdn.jsdelivr.net	traffdaq.com
1	c.securepaths.com	traffdaq.com
1	manyhit.com	speedflow.io
1	syndication.realsrv.com	a.realsrv.com
1	a.realsrv.com	speedflow.io
1	speedflow.io
22	16

This site contains no links.

Subject Issuer	Validity	Valid
realsrv.com Let's Encrypt Authority X3	`2020-10-26` - `2021-01-24`	3 months	crt.sh
traffdaq.com Let's Encrypt Authority X3	`2020-10-31` - `2021-01-29`	3 months	crt.sh
*.securepaths.com Let's Encrypt Authority X3	`2020-09-22` - `2020-12-21`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
obozrevatelcom.info Let's Encrypt Authority X3	`2020-09-27` - `2020-12-26`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://s3.amazonaws.com/single-fox-aqua/radical-maroon/index.html?vid=c03c9e60-215f-11eb-9dc3-c3fe501d78ea&dl=tjsszfkn.dizzypig.xyz
Frame ID: 8F4645A28A030D8FFF1E2E0823F52CAF
Requests: 20 HTTP requests in this frame

Frame: http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604798065977&sub=&tags=&screen_resolution=1600x1200&el=%22
Frame ID: 2EA00917E733BF0E6EAD15DEE705895D
Requests: 1 HTTP requests in this frame

Frame: http://manyhit.com/autosurf_if.php?user=speedflow
Frame ID: FEE9BF2E3BF9A3B5CD9D567C4581F4AA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://speedflow.io/adult/?a=rr Page URL
http://traffdaq.com/delivery/dl/47382?category=gay_dating HTTP 301
https://traffdaq.com/delivery/dl/47382?category=gay_dating Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkV5cFBcLzVrZXdwZnlMdnFYWHRJUll3PT0iL... Page URL
https://all.obozrevatelcom.info/?p=N2NhMDdmZGEyY2ZiMWIyYTNiMjZhZjgwYmQ2OTVmOWR8Mzg5MTk3fEdlbkxpbmt8fDEwMDB8N... Page URL
https://btcxxx.ru/searchsatfir/search.php?Q=KEYWORD&utm_source=traffstock.net&utm_medium=strea... HTTP 302
http://expert2020software.com/Mpas1FoAHRGp1-xTQQAVT0CAERFNAASALtxYM8A Page URL
http://bests0luti0n.com/n4as1JpAHNGp18DcgAAwT0CAERFNAASAOJVGPQA?jts=128&jtf=959705&w=1600&h=1200&jth... HTTP 302
https://link.dlvr.live/click?pid=761&offer_id=43762&sub2=AHNGp18DcgAAwT0CAERFNAASAOJVGPQA HTTP 302
https://udookrou.com/link?z=3615175&var=761-&ymid=5fa7467569df830001dc97c4 HTTP 302
https://jnyvdahu.expectedangelfish.com/?cid=1228&clkid=349110769222168635&sid=3615175_761- HTTP 302
https://s3.amazonaws.com/single-fox-aqua/radical-maroon/index.html?vid=c03c9e60-215f-11eb-9dc3-c3fe50... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

22
Requests

77 %
HTTPS

27 %
IPv6

15
Domains

16
Subdomains

11
IPs

5
Countries

158 kB
Transfer

239 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://speedflow.io/adult/?a=rr Page URL
http://traffdaq.com/delivery/dl/47382?category=gay_dating HTTP 301
https://traffdaq.com/delivery/dl/47382?category=gay_dating Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkV5cFBcLzVrZXdwZnlMdnFYWHRJUll3PT0iLCJ2YWx1ZSI6IjlRUnd1dFltblVDYkk3YjJPM3p3RFpoa0tjU2JUWFNNMDVUTUs0ZnB5UGNoWUl4SURnZ3FCRXRFMGl0M1E4ZWN3STVJMlQwdllBR2dCYk5Oa251SXJaVVNybHVva1wvQ2xaaldnWmd5Skp1bXNIVHV0ejdZXC95RDZiUzV5WW9pRnoySmVLWmk4c3Z0Zjd5VkppWStSeVR3TXFrdEZNUTN2T240ZEVMajdsVFZFYllNMEhWT2J0N3phbkE5clhFRndYeTBSbzMzWnNDbVZ4d3pjNEpGMmxwd20yUEp0NSswXC9FMlA1RkJwU2lBczJVdmNvcFJkVVFNbDRSUlBvV3FVek1kXC81TFJZNnFiY1BZWmVQTzVTY0hBWUZoK1drUVZaeENqXC9UTEJnRHZIUUZ6XC9TbE00UE52MHJNNEpWWVRSWk9rIiwibWFjIjoiMmJkOTdlMDIzODBmMDc5MWQyZTRjMGU0MGI1YmM4ZGQ0YWI3YzdiNWJlYWE0NjgzNWE0NjAyYmNmZmZjN2ZjMyJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8 Page URL
https://all.obozrevatelcom.info/?p=N2NhMDdmZGEyY2ZiMWIyYTNiMjZhZjgwYmQ2OTVmOWR8Mzg5MTk3fEdlbkxpbmt8fDEwMDB8NTE2Nzg3MjA=&v=2&poid=0&coid=0 Page URL
https://btcxxx.ru/searchsatfir/search.php?Q=KEYWORD&utm_source=traffstock.net&utm_medium=stream&utm_campaign=0&utm_content=source_V1yiifwjdwDJJ7VwmSB5xOmLiyS2FXKQ2Qb6QWS6BOTLiL_B0Lk@ HTTP 302
http://expert2020software.com/Mpas1FoAHRGp1-xTQQAVT0CAERFNAASALtxYM8A Page URL
http://bests0luti0n.com/n4as1JpAHNGp18DcgAAwT0CAERFNAASAOJVGPQA?jts=128&jtf=959705&w=1600&h=1200&jth=39e1b05a42 HTTP 302
https://link.dlvr.live/click?pid=761&offer_id=43762&sub2=AHNGp18DcgAAwT0CAERFNAASAOJVGPQA HTTP 302
https://udookrou.com/link?z=3615175&var=761-&ymid=5fa7467569df830001dc97c4 HTTP 302
https://jnyvdahu.expectedangelfish.com/?cid=1228&clkid=349110769222168635&sid=3615175_761- HTTP 302
https://s3.amazonaws.com/single-fox-aqua/radical-maroon/index.html?vid=c03c9e60-215f-11eb-9dc3-c3fe501d78ea&dl=tjsszfkn.dizzypig.xyz Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://traffdaq.com/delivery/dl/47382?category=gay_dating HTTP 301
https://traffdaq.com/delivery/dl/47382?category=gay_dating

Request Chain 11

https://btcxxx.ru/searchsatfir/search.php?Q=KEYWORD&utm_source=traffstock.net&utm_medium=stream&utm_campaign=0&utm_content=source_V1yiifwjdwDJJ7VwmSB5xOmLiyS2FXKQ2Qb6QWS6BOTLiL_B0Lk@ HTTP 302
http://expert2020software.com/Mpas1FoAHRGp1-xTQQAVT0CAERFNAASALtxYM8A

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
speedflow.io/adult/ 1 KB
1 KB 170ms
170ms Document
text/html 198.54.116.135
NAMECHEAP-NET

General

s3.amazonaws.com Open in urlscan Pro 52.217.33.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

77 %HTTPS

27 %IPv6

15 Domains

16 Subdomains

11 IPs

5 Countries

158 kBTransfer

239 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

0 Cookies

Indicators

s3.amazonaws.com Open in urlscan Pro
52.217.33.14 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

77 %
HTTPS

27 %
IPv6

15
Domains

16
Subdomains

11
IPs

5
Countries

158 kB
Transfer

239 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions