urlscan.io logo urlscan.io
SecurityTrails logo

festyy.com Open in urlscan Pro
2606:4700:20::ac43:44fa  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://speedflow.io/adult/?a=rr
Effective URL: http://festyy.com/wXYrxE
Submission Tags: demotag1 demotag2 Search All
Submission: On November 08 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 17 domains to perform 31 HTTP transactions. The main IP is 2606:4700:20::ac43:44fa, located in United States and belongs to CLOUDFLARENET, US. The main domain is festyy.com.
This is the only time festyy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 198.54.116.135 22612 (NAMECHEAP...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 95.211.229.246 60781 (LEASEWEB-...)
1 162.213.255.36 22612 (NAMECHEAP...)
1 3 107.170.39.103 14061 (DIGITALOC...)
1 35.190.72.161 15169 (GOOGLE)
1 2a04:4e42:3::621 54113 (FASTLY)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.226.156.177 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 35.227.234.224 15169 (GOOGLE)
3 143.204.215.83 16509 (AMAZON-02)
1 143.204.215.75 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
31 20
1    198.54.116.135 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server193-5.web-hosting.com
speedflow.io
1    2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
a.realsrv.com
1    95.211.229.246 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
syndication.realsrv.com
1    162.213.255.36 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server145-4.web-hosting.com
manyhit.com
3    107.170.39.103 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
traffdaq.com
1    35.190.72.161 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com
c.securepaths.com
1    2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
5    2606:4700:20::ac43:44fa (United States)

ASN13335 (CLOUDFLARENET, US)
festyy.com
1    2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700:20::681a:6da (United States)

ASN13335 (CLOUDFLARENET, US)
static.sh.st
2    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.226.156.177 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-177.dus51.r.cloudfront.net
d3ud741uvs727m.cloudfront.net
1    2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    35.227.234.224 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 224.234.227.35.bc.googleusercontent.com
analytics.shorte.st
3    143.204.215.83 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-83.fra53.r.cloudfront.net
ncediscou.fun
1    143.204.215.75 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-75.fra53.r.cloudfront.net
ncorports.top
1    2606:4700:20::ac43:4a21 (United States)

ASN13335 (CLOUDFLARENET, US)
ads.shorte.st
2    2606:4700:3033::6818:64dd (United States)

ASN13335 (CLOUDFLARENET, US)
shortestminer.com
Domain Requested by
5 festyy.com traffdaq.com
festyy.com
static.sh.st
3 ncediscou.fun d3ud741uvs727m.cloudfront.net
3 static.sh.st festyy.com
3 traffdaq.com 1 redirects speedflow.io
traffdaq.com
2 shortestminer.com 1 redirects static.sh.st
2 analytics.shorte.st static.sh.st
2 www.google-analytics.com festyy.com
www.google-analytics.com
1 ads.shorte.st static.sh.st
1 ncorports.top festyy.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com festyy.com
1 d3ud741uvs727m.cloudfront.net festyy.com
1 fonts.googleapis.com festyy.com
1 cdn.jsdelivr.net traffdaq.com
1 c.securepaths.com traffdaq.com
1 manyhit.com speedflow.io
1 syndication.realsrv.com a.realsrv.com
1 a.realsrv.com speedflow.io
1 speedflow.io
31 19

This site contains no links.

Subject Issuer Validity Valid
realsrv.com
Let's Encrypt Authority X3		 2020-10-26 -
2021-01-24		 3 months crt.sh
traffdaq.com
Let's Encrypt Authority X3		 2020-10-31 -
2021-01-29		 3 months crt.sh
*.securepaths.com
Let's Encrypt Authority X3		 2020-09-22 -
2020-12-21		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
ncediscou.fun
Amazon		 2020-10-22 -
2021-11-20		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh

This page contains 7 frames:

Primary Page: http://festyy.com/wXYrxE
Frame ID: 5C010B90D508A43494CCBB2BFBEF4C1D
Requests: 25 HTTP requests in this frame

Frame: http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604797453112&sub=&tags=&screen_resolution=1600x1200&el=%22
Frame ID: AA7934D8A180577494148E07E12B53D0
Requests: 1 HTTP requests in this frame

Frame: http://manyhit.com/autosurf_if.php?user=speedflow
Frame ID: 4B74ADE79376C6A357B77D23B28AAD35
Requests: 1 HTTP requests in this frame

Frame: http://ncediscou.fun/aXlSTmMIGzEjXAhEMGgWGxVva1EvXGAIB1oMNnlXWAwkPVRbTj9gAAUWJyoFGxY8Ok0HHCZrUS9JMXwPHBthITIrHhMEMTgaEw0PIzcDIloKIRciNSgBYg8lKDcHATAjKRQdNgE9ABtaJA4xGCg/LDYIIh0xAyVbKj06HzY/PDUFJSs7BxZTAhsUORc9LmM5Ky4oFwsxHgoaCRsOOBEmVyw+Kns1IThrHSURDgYMFCQuFyUbCjIHdwc+LCYqMAUKFwoUHi0aHFMrMRAEND4QKgUwLDQTDyEaHxp+GwohKi0wKhImKjABDjMdUlgyEX4bCiFiOicnFX93ASMsCA8wWEgZCwsCHBM2Wyw9EzkmLA42AzsqFQIfJVw4CgsbPi5jeyssKyEqIh43NB8wGTUKGwwPOBMbKDFJFBQgOBYICSIzMQElCy06NRcHLytmAzBYSWodUhk4Cn8xIS4UewA/PAQXMFhIGQ8iDjAWKQQILRQ5Ez1JECsyLwEfGDERLQU2VzshPhcsOiwiLDs/DjAcNVAhBH4UPi4UFy8uPBwvOzgNER8lHR8RGy5PEyEhDRlEBQNWDzUdLAwnIzs0MA
Frame ID: 76B61A609082409E26D442C959E8441A
Requests: 1 HTTP requests in this frame

Frame: http://ads.shorte.st/notify.php?key=2ea5b261f06ca771033a5fa9e22493f1&width=1024&height=768&ch=6653090&cp.dest_domain=trackleads.pro&cp.oid=6653090&cp.referrer=&cp.locked=0&cp.proxy=0&cp.quarantine_status=&cp.vno=103&cp.enc_url=4E57IGIn6Zj6Y1xnOv2+Dd8+bCffLWl6Os0YBzNb1H4yEcmpbJb96yU9mlQBKwLyzNuVs8tlFvrJwOTId6ZSCp5/VNkr5Cs/U8rHVW3zNTY=&cp.asid=19a54c8108bb00f848c561dc24365d6ea4020633&title=&description=&keywords=&captcha_verified=0
Frame ID: 4621CFDAD251E0D051EB4A47FC464215
Requests: 1 HTTP requests in this frame

Frame: https://shortestminer.com/?utm_medium=full_interstitial&utm_source=shst_new&utm_campaign=miner_app
Frame ID: DEB3F66156F2ADEF4F0C5B2EE01E3E1C
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 656C08A521B60340FCDB803E2717B99A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://speedflow.io/adult/?a=rr Page URL
  2. http://traffdaq.com/delivery/dl/47382?category=general HTTP 301
    https://traffdaq.com/delivery/dl/47382?category=general Page URL
  3. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkxOOFwvUkI1NlZWc0VGT0hrV1RtZ2tBPT0iL... Page URL
  4. http://festyy.com/wXYrxE Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

31
Requests

42 %
HTTPS

53 %
IPv6

17
Domains

19
Subdomains

20
IPs

4
Countries

280 kB
Transfer

520 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://speedflow.io/adult/?a=rr Page URL
  2. http://traffdaq.com/delivery/dl/47382?category=general HTTP 301
    https://traffdaq.com/delivery/dl/47382?category=general Page URL
  3. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkxOOFwvUkI1NlZWc0VGT0hrV1RtZ2tBPT0iLCJ2YWx1ZSI6IkxIV2pQNG9UZ1VnRHByemFMUXhXWFZRajVhbDhoRXo5S3hQN3VLZFI0ZmV3K2VuMCtsYVRwOTdVZldidmZYWG1leW1PYk9MUm0rRlJzYUI5XC9RV3VLREdBcXhyY3hhTVRXZVhoZnQwSkdlQkRvXC9iS2l2Vkl2RnVjKyt2d1ZzbTdmZlNya0w0UEhNVW81a0VRNk5mVE15Q2Y3OEMwdElvWTd1bVRWdklsTjlmeTZycUNDaTRtNGtRVjd0Vm9MY3oyeWlCM25kdEpjdUdBY05KbGM2cDJwS3RkOWVyS3hidVo3ZkMzU2VGRWsxRU1jN0NPSk5pOHQ3cWY3WFQ0M0IxUlJoM0VcL0JyN29yVFVyT2hPaUo4NDBkOWJha3FMSGV6Y01JMkdqZGY0a29nd0VCNGY4aWpiVXNvZEZpcWpncHFNIiwibWFjIjoiYjFkMWE2MWNhYWRiZmE2MTQzYmVhZmQyZmMzNjJhMTI5MGIyYWE1ZTUyYTc1NTM0ZTMyNjZmMGEzZDIwYzUzMiJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8 Page URL
  4. http://festyy.com/wXYrxE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://traffdaq.com/delivery/dl/47382?category=general HTTP 301
  • https://traffdaq.com/delivery/dl/47382?category=general
Request Chain 15
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 28
  • http://shortestminer.com/?utm_medium=full_interstitial&utm_source=shst_new&utm_campaign=miner_app HTTP 301
  • https://shortestminer.com/?utm_medium=full_interstitial&utm_source=shst_new&utm_campaign=miner_app

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
speedflow.io/adult/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Server
198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server193-5.web-hosting.com
Software
Apache / PHP/7.1.33
Resource Hash
f0304f634f030209d91d76f627b9e80311740c1c224cafaf3e6f137e0b753538

Request headers

Host
speedflow.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr

Response headers

date
Sun, 08 Nov 2020 01:04:12 GMT
server
Apache
x-powered-by
PHP/7.1.33
set-cookie
visits_todaya=1; expires=Sun, 08-Nov-2020 22:59:00 GMT; Max-Age=78887; path=/ time_start=1604797453.0072; expires=Sun, 08-Nov-2020 22:59:00 GMT; Max-Age=78887; path=/ ip=185.212.171.67 mobile=0 country=++ visits_todayi=0; expires=Sun, 08-Nov-2020 22:59:00 GMT; Max-Age=78887; path=/
vary
Accept-Encoding
content-encoding
gzip
content-length
543
content-type
text/html; charset=UTF-8
ads.js
a.realsrv.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.realsrv.com/ads.js
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
d3f814d49049b29143de2fccdbd97d0a1f0739e2554c482684c7c906b535ea43

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 01:04:13 GMT
Content-Encoding
gzip
X-HW
1604797448.dop098.fr8.shc,1604797448.dop098.fr8.t,1604797453.cds129.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
928
Cookie set ads-iframe-display.php
syndication.realsrv.com/ Frame AA79 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604797453112&sub=&tags=&screen_resolution=1600x1200&el=%22
Requested by
Host: a.realsrv.com
URL: https://a.realsrv.com/ads.js
Protocol
HTTP/1.1
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
syndication.realsrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/

Response headers

Server
nginx
Date
Sun, 08 Nov 2020 01:04:13 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%225fa7440d241371.68211876305431095%22%3B%7D; expires=Tue, 08 Nov 2022 01:04:13 GMT; path=; domain=.realsrv.com;
Content-Encoding
gzip
autosurf_if.php
manyhit.com/ Frame 4B74 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://manyhit.com/autosurf_if.php?user=speedflow
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Server
162.213.255.36 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server145-4.web-hosting.com
Software
Apache / PHP/5.4.45
Resource Hash

Request headers

Host
manyhit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/

Response headers

date
Sun, 08 Nov 2020 01:04:13 GMT
server
Apache
x-powered-by
PHP/5.4.45
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
set-cookie
PHPSESSID=74aa6392068a005d170bac792ee3c5af; path=/
vary
Accept-Encoding
content-encoding
gzip
content-length
1259
content-type
text/html
47382
traffdaq.com/delivery/dl/
Redirect Chain
  • http://traffdaq.com/delivery/dl/47382?category=general
  • https://traffdaq.com/delivery/dl/47382?category=general
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://traffdaq.com/delivery/dl/47382?category=general
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash
1a1c7cc316ead81f4e2353e456fc9ae7126aef44dea28547dd32140eeb66305d

Request headers

Host
traffdaq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/adult/?a=rr

Response headers

Server
nginx/1.16.1 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Cache-Control
no-cache
Date
Sun, 08 Nov 2020 01:04:21 GMT
Content-Encoding
gzip

Redirect headers

Content-length
0
Location
https://traffdaq.com/delivery/dl/47382?category=general
Connection
close
eyJpdiI6InlGcmYraHg2cjkzZ0NuQmViR29TQVE9PSIsInZhbHVlIjoiTUI1V0MwQ0hmdlwvekZKZ0xtXC9KOXR3ZlRUdWtCaXJ4YUcyQ2Vtblh2SXNjZVAwbkF3SW5zMlkxMGhpdlVaTDdCdElZbmVnK1RBcWptZTdPRnlVNjdodz09IiwibWFjIjoiYTQ1NTg2N...
traffdaq.com/users/track/ 		0
0
implement.js
c.securepaths.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://c.securepaths.com/js/implement.js?org=FziBhN0qA1aE5tBQrQLl&s=5fa74415997a2&p=TDQ47382&a=47382&cmp=47382&rd=http%3A%2F%2Fspeedflow.io%2F&rt=click&sl=0&stId=0&ty=l
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=general
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Nov 2020 01:04:21 GMT
via
1.1 google
status
401
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
x-xss-protection
0
expires
0
fingerprint2.min.js
cdn.jsdelivr.net/fingerprintjs2/1.4.0/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/fingerprintjs2/1.4.0/fingerprint2.min.js
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=general
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
881451
x-cache
HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
10191
etag
W/"83f3-ijg3WuTgKQH1Hch06eHdIajrA24"
x-served-by
cache-fra19170-FRA
date
Sun, 08 Nov 2020 01:04:21 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
47382
traffdaq.com/delivery/directlink/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkxOOFwvUkI1NlZWc0VGT0hrV1RtZ2tBPT0iLCJ2YWx1ZSI6IkxIV2pQNG9UZ1VnRHByemFMUXhXWFZRajVhbDhoRXo5S3hQN3VLZFI0ZmV3K2VuMCtsYVRwOTdVZldidmZYWG1leW1PYk9MUm0rRlJzYUI5XC9RV3VLREdBcXhyY3hhTVRXZVhoZnQwSkdlQkRvXC9iS2l2Vkl2RnVjKyt2d1ZzbTdmZlNya0w0UEhNVW81a0VRNk5mVE15Q2Y3OEMwdElvWTd1bVRWdklsTjlmeTZycUNDaTRtNGtRVjd0Vm9MY3oyeWlCM25kdEpjdUdBY05KbGM2cDJwS3RkOWVyS3hidVo3ZkMzU2VGRWsxRU1jN0NPSk5pOHQ3cWY3WFQ0M0IxUlJoM0VcL0JyN29yVFVyT2hPaUo4NDBkOWJha3FMSGV6Y01JMkdqZGY0a29nd0VCNGY4aWpiVXNvZEZpcWpncHFNIiwibWFjIjoiYjFkMWE2MWNhYWRiZmE2MTQzYmVhZmQyZmMzNjJhMTI5MGIyYWE1ZTUyYTc1NTM0ZTMyNjZmMGEzZDIwYzUzMiJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=general
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash
a9aeb3d1a1fe9265f897a4f32a068ae49ecb3afe8bf92326143a9adaf5f35c5f

Request headers

Host
traffdaq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://traffdaq.com/delivery/dl/47382?category=general
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
tdqct=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://traffdaq.com/delivery/dl/47382?category=general

Response headers

Server
nginx/1.16.1 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Cache-Control
no-cache
Date
Sun, 08 Nov 2020 01:04:24 GMT
Content-Encoding
gzip
Primary Request Cookie set wXYrxE
festyy.com/ 		64 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://festyy.com/wXYrxE
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkxOOFwvUkI1NlZWc0VGT0hrV1RtZ2tBPT0iLCJ2YWx1ZSI6IkxIV2pQNG9UZ1VnRHByemFMUXhXWFZRajVhbDhoRXo5S3hQN3VLZFI0ZmV3K2VuMCtsYVRwOTdVZldidmZYWG1leW1PYk9MUm0rRlJzYUI5XC9RV3VLREdBcXhyY3hhTVRXZVhoZnQwSkdlQkRvXC9iS2l2Vkl2RnVjKyt2d1ZzbTdmZlNya0w0UEhNVW81a0VRNk5mVE15Q2Y3OEMwdElvWTd1bVRWdklsTjlmeTZycUNDaTRtNGtRVjd0Vm9MY3oyeWlCM25kdEpjdUdBY05KbGM2cDJwS3RkOWVyS3hidVo3ZkMzU2VGRWsxRU1jN0NPSk5pOHQ3cWY3WFQ0M0IxUlJoM0VcL0JyN29yVFVyT2hPaUo4NDBkOWJha3FMSGV6Y01JMkdqZGY0a29nd0VCNGY4aWpiVXNvZEZpcWpncHFNIiwibWFjIjoiYjFkMWE2MWNhYWRiZmE2MTQzYmVhZmQyZmMzNjJhMTI5MGIyYWE1ZTUyYTc1NTM0ZTMyNjZmMGEzZDIwYzUzMiJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:44fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40-0+deb8u12
Resource Hash
6cd558d5c4556c7bd178cda69a72451d9886b3e55bc69de1dc1844df94a10f39
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Host
festyy.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr

Response headers

Date
Sun, 08 Nov 2020 01:04:24 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d7defe2e03738df57393c2fdf6c71b5701604797464; expires=Tue, 08-Dec-20 01:04:24 GMT; path=/; domain=.festyy.com; HttpOnly; SameSite=Lax PHPSESSID=vdqn8ev6stj4rc7s71i50001f1; expires=Sun, 08-Nov-2020 02:04:24 GMT; Max-Age=3600; path=/; domain=.shorte.st; HttpOnly hl=en; expires=Mon, 08-Nov-2021 01:04:24 GMT; Max-Age=31536000; path=/ cookies-enable=1; path=/; httponly
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.40-0+deb8u12
Cache-Control
no-cache
X-Frame-Options
DENY
X-Server-ID
shn03
X-UA-Compatible
IE=Edge
Access-Control-Allow-Origin
*
CF-Cache-Status
DYNAMIC
cf-request-id
0646fb18380000062def392000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HPD7BDKNonE5LZVd7xRHzWqEQq5ki2lbvqNjGzRPeNm8mFS3PmXI%2FHtti3FezpNesj1aLad3Y9WsQfH08Iin16qqY0dueHpPV144TEExOYpl7%2BN%2BoIGK"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
5eeb6139fecb062d-FRA
Content-Encoding
gzip
css
fonts.googleapis.com/ 		3 KB
638 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,700
Requested by
Host: festyy.com
URL: http://festyy.com/wXYrxE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
95018d6b90baf42d8f20f3b7e24c2de4cf27560fe7af07d39eea0e9ed9acf517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 07 Nov 2020 23:48:43 GMT
server
ESF
date
Sun, 08 Nov 2020 01:04:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 08 Nov 2020 01:04:24 GMT
tracking.gif
festyy.com/bundles/advertisement/img/ 		0
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://festyy.com/bundles/advertisement/img/tracking.gif?test=19a54c8108bb00f848c561dc24365d6ea4020633
Requested by
Host: festyy.com
URL: http://festyy.com/wXYrxE
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:44fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 01:04:24 GMT
CF-Cache-Status
MISS
NEL
{"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
0
cf-request-id
0646fb18c80000062dd9948000000001
X-UA-Compatible
IE=Edge
Last-Modified
Wed, 19 Feb 2020 11:57:41 GMT
Server
cloudflare
ETag
"5e4d22b5-0"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D0TeB1M%2BP27dDE8wQjYUv%2FLIMnhec82oDEKFcJDe0%2B6RvwcxyZ6DP1QlN0Mmd3uby9JX9heBkBlP%2BaA8wKv5W3IlbiKfzcpkR8RrQ6xeagtFWoM2OQsq"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-Server-ID
shn09
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
5eeb613ad823062d-FRA
advertisement-tracking-6653090.gif
festyy.com/bundles/smeweb/img/ 		43 B
779 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://festyy.com/bundles/smeweb/img/advertisement-tracking-6653090.gif?t=1604797464
Requested by
Host: festyy.com
URL: http://festyy.com/wXYrxE
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:44fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 01:04:24 GMT
CF-Cache-Status
MISS
NEL
{"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
43
cf-request-id
0646fb18e000001782090bf000000001
X-UA-Compatible
IE=Edge
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aNKD20bz%2FTu4uU4f7v7615eLaforK0NcVX91GJ0l%2FRjhticSAuERfoHGTO2V%2Br48SQGPp8%2B%2Fb3AkGfpMsEC40a%2FztgsXOACVSjG%2BdG4mm5iRUoU6q1Q5"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-Server-ID
shn11
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
5eeb613b0ba21782-FRA
tracking-6653090.gif
festyy.com/bundles/smeweb/img/ 		43 B
777 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://festyy.com/bundles/smeweb/img/tracking-6653090.gif?t=1604797464
Requested by
Host: festyy.com
URL: http://festyy.com/wXYrxE
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:44fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 01:04:24 GMT
CF-Cache-Status
MISS
NEL
{"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
43
cf-request-id
0646fb18e0000005edee1d0000000001
X-UA-Compatible
IE=Edge
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hoGsDXlX%2FdNLCmfw%2FMJBi9GXscl84%2FRjbbtBqJq3306l4Jnx6%2B8fAjZXnholexSlExEmVefA0rs%2BYU2F4UekAN1vn3MqV8mVtZ5as4LjnJivWYIQ%2B3sN"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-Server-ID
shn03
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
5eeb613b0a7d05ed-FRA
logo1707.png
static.sh.st/b5/4c/45/48/be/0d/ca/35/64/1c/e2/75/9d/8f/9e/2c/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.sh.st/b5/4c/45/48/be/0d/ca/35/64/1c/e2/75/9d/8f/9e/2c/logo1707.png?2020-02-19.0
Requested by
Host: festyy.com
URL: http://festyy.com/wXYrxE
Protocol
HTTP/1.1
Server
2606:4700:20::681a:6da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd7607ab554a8c5af9aed32593ae99aaf0682198dbbd277372e8b663bd98b001

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 01:04:24 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
74829
Connection
keep-alive
Content-Length
6226
cf-request-id
0646fb18e000001f5505306000000001
X-UA-Compatible
IE=Edge
Last-Modified
Fri, 17 Jul 2015 13:29:04 GMT
Server
cloudflare
ETag
"55a90320-1852"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rUjPSEQbtMD%2BtsUDtg31Ni1CodCCuWeN7RbW4PaCnAAEubAiXyyr7wdmFev02iCIx8FBnngXxIV6RhbVRQZ29cM0do2olvPDoOcsgGFTgYlATun9TLPQK84%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
X-Server-ID
shn09
Cache-Control
max-age=86400
Accept-Ranges
bytes
CF-RAY
5eeb613b0dbb1f55-FRA
Expires
Sun, 08 Nov 2020 04:17:15 GMT
interstitial-page.js
static.sh.st/js/packed/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.sh.st/js/packed/interstitial-page.js?2020-02-19.0
Requested by
Host: festyy.com
URL: http://festyy.com/wXYrxE
Protocol
HTTP/1.1
Server
2606:4700:20::681a:6da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bfd84441ea51484204c8ca64bfd0dd137c5c95e236c32fd380da19ab00510b4

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 01:04:24 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
74829
Cf-Polished
origSize=68001
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0646fb18e00000e00bea9e7000000001
X-UA-Compatible
IE=Edge
Expires
Sun, 08 Nov 2020 04:17:15 GMT
Last-Modified
Wed, 19 Feb 2020 11:58:09 GMT
Server
cloudflare
ETag
W/"5e4d22d1-109a1"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x5wSZPdAaPXnF9NYlzcYQcpvhcKUgS9dEpVX6COY%2BfSBqVt%2BvMNqyvKRZbfp6J3xWfk8ckF1lkuJOOeXlROuMIftbgL%2FHKPvin0%2Fmms6jBLmqGB9I3Fp4xM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
X-Server-ID
shn03
Cache-Control
max-age=86400
CF-RAY
5eeb613b085be00b-FRA
Cf-Bgj
minify
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: festyy.com
URL: http://festyy.com/wXYrxE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
4499
date
Sat, 07 Nov 2020 23:49:25 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sun, 08 Nov 2020 01:49:25 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
/
d3ud741uvs727m.cloudfront.net/ 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d3ud741uvs727m.cloudfront.net/?vudud=716233
Requested by
Host: festyy.com
URL: http://festyy.com/wXYrxE
Protocol
HTTP/1.1
Server
13.226.156.177 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-177.dus51.r.cloudfront.net
Software
/
Resource Hash
5f6b963db29a7e36446cb60e1b62a78700ab310b4dc3b9b8aa0f47a8dcb01c17

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Nov 2020 01:04:24 GMT
content-encoding
gzip
X-Amz-Cf-Pop
DUS51-C1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection
keep-alive
Content-Length
38661
Via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
X-Amz-Cf-Id
pfhr-lNIz6iBVPCXt4SGgI9fmXmez3gyfEkyM-ZNXFz4sAgO6lf26A==
gtm.js
www.googletagmanager.com/ 		69 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5SFMWPJ
Requested by
Host: festyy.com
URL: http://festyy.com/wXYrxE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4f6ffaa3bff8c7f09c9bf51fc4574e1e1f6c66fb4515fcc5065f79046030c8a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 01:04:24 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27870
x-xss-protection
0
last-modified
Sun, 08 Nov 2020 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 08 Nov 2020 01:04:24 GMT
widget-sprite.png
static.sh.st/bundles/smeweb/img/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.sh.st/bundles/smeweb/img/widget-sprite.png?2020-02-19.0
Requested by
Host: festyy.com
URL: http://festyy.com/wXYrxE
Protocol
HTTP/1.1
Server
2606:4700:20::681a:6da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8146dfca511f063c33c05e13e151ed3d3456441590a4b1358bbc99b320a02b8d

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 01:04:24 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
65541
Connection
keep-alive
Content-Length
84545
cf-request-id
0646fb18ed000063ef40b45000000001
X-UA-Compatible
IE=Edge
Expires
Sun, 08 Nov 2020 06:52:03 GMT
Last-Modified
Wed, 19 Feb 2020 11:57:41 GMT
Server
cloudflare
ETag
"5e4d22b5-14a41"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eliUQYQURApcZ%2BUo2Y86FfJk7Go63zLgl9nje%2FSFbo606hmPWZRf%2BeSw%2FpPlhd9lBpEOaTxDkDP6vtQ%2F4CsjbFdnar%2FPy6f8l00JjqmLirYSAKfxHYFEqyE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
X-Server-ID
shn03
Cache-Control
max-age=86400
Accept-Ranges
bytes
CF-RAY
5eeb613b188d63ef-FRA
Cf-Bgj
h2pri
1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v18/ 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v18/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://festyy.com
Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 06 Nov 2020 20:00:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 30 Sep 2020 20:45:21 GMT
server
sffe
age
104633
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42444
x-xss-protection
0
expires
Sat, 06 Nov 2021 20:00:31 GMT
displayed
analytics.shorte.st/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
http://analytics.shorte.st/displayed
Protocol
HTTP/1.1
Server
35.227.234.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.234.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-requested-with
Origin
http://festyy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Sun, 08 Nov 2020 01:04:24 GMT
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
POST, OPTIONS
Access-Control-Allow-Headers
origin, content-type, accept,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Credentials
true
Content-Length
0
X-Server-ID
shortest-analytics-jxf5
Via
1.1 google
displayed
analytics.shorte.st/ 		0
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://analytics.shorte.st/displayed
Requested by
Host: static.sh.st
URL: http://static.sh.st/js/packed/interstitial-page.js?2020-02-19.0
Protocol
HTTP/1.1
Server
35.227.234.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.234.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
text/javascript, text/html, application/xml, text/xml, */*
Referer
http://speedflow.io/adult/a=rr
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Sun, 08 Nov 2020 01:04:25 GMT
Via
1.1 google
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, OPTIONS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
X-Server-ID
shortest-analytics-jxf5
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin, content-type, accept,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
utx
ncediscou.fun/ 		0
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ncediscou.fun/utx?cb=oHMWYfhUJJ4q&top=festyy.com&tid=716233
Requested by
Host: d3ud741uvs727m.cloudfront.net
URL: http://d3ud741uvs727m.cloudfront.net/?vudud=716233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-83.fra53.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Nov 2020 01:04:26 GMT
via
1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
FRA53-C1
status
204
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://festyy.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
oXCtqfaa1_jivcB4I19m7wSpabrfuyVGh3Fip_PPx9jdzFZ2Yg1ZnQ==
DjAcNVAhBH4UPi4UFy8uPBwvOzgNER8lHR8RGy5PEyEhDRlEBQNWDzUdLAwnIzs0MA
ncediscou.fun/aXlSTmMIGzEjXAhEMGgWGxVva1EvXGAIB1oMNnlXWAwkPVRbTj9gAAUWJyoFGxY8Ok0HHCZrUS9JMXwPHBthITIrHhMEMTgaEw0PIzcDIloKIRciNSgBYg8lKDcHATAjKRQdNgE9ABtaJA4xGCg/LDYIIh0xAyVbKj06HzY/PDUFJSs7BxZTAhs... Frame 76B6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://ncediscou.fun/aXlSTmMIGzEjXAhEMGgWGxVva1EvXGAIB1oMNnlXWAwkPVRbTj9gAAUWJyoFGxY8Ok0HHCZrUS9JMXwPHBthITIrHhMEMTgaEw0PIzcDIloKIRciNSgBYg8lKDcHATAjKRQdNgE9ABtaJA4xGCg/LDYIIh0xAyVbKj06HzY/PDUFJSs7BxZTAhsUORc9LmM5Ky4oFwsxHgoaCRsOOBEmVyw+Kns1IThrHSURDgYMFCQuFyUbCjIHdwc+LCYqMAUKFwoUHi0aHFMrMRAEND4QKgUwLDQTDyEaHxp+GwohKi0wKhImKjABDjMdUlgyEX4bCiFiOicnFX93ASMsCA8wWEgZCwsCHBM2Wyw9EzkmLA42AzsqFQIfJVw4CgsbPi5jeyssKyEqIh43NB8wGTUKGwwPOBMbKDFJFBQgOBYICSIzMQElCy06NRcHLytmAzBYSWodUhk4Cn8xIS4UewA/PAQXMFhIGQ8iDjAWKQQILRQ5Ez1JECsyLwEfGDERLQU2VzshPhcsOiwiLDs/DjAcNVAhBH4UPi4UFy8uPBwvOzgNER8lHR8RGy5PEyEhDRlEBQNWDzUdLAwnIzs0MA
Requested by
Host: d3ud741uvs727m.cloudfront.net
URL: http://d3ud741uvs727m.cloudfront.net/?vudud=716233
Protocol
HTTP/1.1
Server
143.204.215.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-83.fra53.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Host
ncediscou.fun
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://festyy.com/wXYrxE
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://festyy.com/wXYrxE

Response headers

Content-Type
text/html
Content-Length
1265
Connection
keep-alive
Date
Sun, 08 Nov 2020 01:04:26 GMT
Server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
X-Cache
Miss from cloudfront
Via
1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
T3EKlNWKWxe9QAsbEO45PyuRtg553TLGuI_0bGRSGYzqKxOW0d7VMg==
collect
www.google-analytics.com/j/ 		2 B
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1366658558&t=pageview&_s=1&dl=http%3A%2F%2Ffestyy.com%2FwXYrxE&ul=en-us&de=UTF-8&dt=Earn%20money%20on%20short%20links.%20Make%20short%20links%20and%20earn%20the%20biggest%20money%20-%20shorte.st&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAAABAAAAAC~&jid=387100771&gjid=1643278744&cid=422114528.1604797465&uid=6653090&tid=UA-42296749-1&_gid=924859534.1604797465&_r=1&_slc=1&cd2=2020-02-19.0&cd7=6653090&cd5=0&z=1533341109
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Nov 2020 01:04:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
http://festyy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
popunder.gif
ncorports.top/ 		35 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ncorports.top/popunder.gif
Requested by
Host: festyy.com
URL: http://festyy.com/wXYrxE
Protocol
HTTP/1.1
Server
143.204.215.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-75.fra53.r.cloudfront.net
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Sun, 08 Nov 2020 01:04:26 GMT
content-encoding
gzip
X-Amz-Cf-Pop
FRA53-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
Connection
keep-alive
Content-Length
58
Via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
X-Amz-Cf-Id
_d236q5_7IhQMbsvG157Hg0ibbanFU2whC5dZvxQNFcBnv65CShgcw==
multi
ncediscou.fun/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ncediscou.fun/multi?tid=716233&red=1&cs=Rkh6QVZ3fk50YHQrGHFuInpJdmZ2&abt=0&v=1.0.48.0&sm=76&k=make%20shorte%20earn%20short%20links%20money&sts=0&prn=0&emb=0&fs=1&ref=http%3A%2F%2Ffestyy.com%2FwXYrxE&jst=0&enr=0&lcua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F83.0.4103.61%20safari%2F537.36&tzd=1&uloc=&if=0&_lYdo=1604797466936&crc=1
Requested by
Host: d3ud741uvs727m.cloudfront.net
URL: http://d3ud741uvs727m.cloudfront.net/?vudud=716233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-83.fra53.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
fe7d44da14de843b7305f71fa35b66b04dac9cd9ad4bb1d63fee3625586122ce

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Nov 2020 01:04:27 GMT
content-encoding
gzip
server
openresty/1.17.8.2
x-amz-cf-pop
FRA53-C1
status
200
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://festyy.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
text/plain
content-length
1882
via
1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
x-amz-cf-id
rT8Hb_12C9KRPU1pbiTBBBfJp6MSXrN6-Nrr3jQs-RcS1TL7RFBpVw==
Cookie set notify.php
ads.shorte.st/ Frame 4621 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://ads.shorte.st/notify.php?key=2ea5b261f06ca771033a5fa9e22493f1&width=1024&height=768&ch=6653090&cp.dest_domain=trackleads.pro&cp.oid=6653090&cp.referrer=&cp.locked=0&cp.proxy=0&cp.quarantine_status=&cp.vno=103&cp.enc_url=4E57IGIn6Zj6Y1xnOv2+Dd8+bCffLWl6Os0YBzNb1H4yEcmpbJb96yU9mlQBKwLyzNuVs8tlFvrJwOTId6ZSCp5/VNkr5Cs/U8rHVW3zNTY=&cp.asid=19a54c8108bb00f848c561dc24365d6ea4020633&title=&description=&keywords=&captcha_verified=0
Requested by
Host: static.sh.st
URL: http://static.sh.st/js/packed/interstitial-page.js?2020-02-19.0
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:4a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40-0+deb8u12
Resource Hash

Request headers

Host
ads.shorte.st
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://festyy.com/wXYrxE
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://festyy.com/wXYrxE

Response headers

Date
Sun, 08 Nov 2020 01:04:27 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dcb53cbf1827e37dfb938ed43342506721604797466; expires=Tue, 08-Dec-20 01:04:26 GMT; path=/; domain=.shorte.st; HttpOnly; SameSite=Lax
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.40-0+deb8u12
Cache-Control
no-cache
X-Server-ID
shn12
X-UA-Compatible
IE=Edge
CF-Cache-Status
DYNAMIC
cf-request-id
0646fb2147000006215ab53000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a9Oy1CD8UwMdk3TvZP2LakPFhSQBly5uFZIZkX%2F4OJ8yXrrDk%2BxieBwHYARpmMFcErrTOc7J2BW1VGo8M24KeYGgqwGEilnApx9dtW5r25NtN2Jx8JTjfDMI"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
5eeb61487caa0621-FRA
Content-Encoding
gzip
/
shortestminer.com/ Frame DEB3
Redirect Chain
  • http://shortestminer.com/?utm_medium=full_interstitial&utm_source=shst_new&utm_campaign=miner_app
  • https://shortestminer.com/?utm_medium=full_interstitial&utm_source=shst_new&utm_campaign=miner_app
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://shortestminer.com/?utm_medium=full_interstitial&utm_source=shst_new&utm_campaign=miner_app
Requested by
Host: static.sh.st
URL: http://static.sh.st/js/packed/interstitial-page.js?2020-02-19.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6818:64dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
shortestminer.com
:scheme
https
:path
/?utm_medium=full_interstitial&utm_source=shst_new&utm_campaign=miner_app
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://festyy.com/wXYrxE
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://festyy.com/wXYrxE

Response headers

status
200
date
Sun, 08 Nov 2020 01:04:26 GMT
content-type
text/html
set-cookie
__cfduid=dd854d5fd6d230e3832356893bb501db01604797466; expires=Tue, 08-Dec-20 01:04:26 GMT; path=/; domain=.shortestminer.com; HttpOnly; SameSite=Lax; Secure
x-guploader-uploadid
ABg5-UzWayrm8vD6-rzXPihllmjPP59umxDkhzhJSTgPPFQOLJA3twL_r1lGUSgqAGhTtdJ1trzOaWGEuOi6LclC6_g
expires
Sun, 08 Nov 2020 01:45:11 GMT
last-modified
Wed, 16 Oct 2019 13:24:59 GMT
x-goog-generation
1571232299185754
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
26789
x-goog-meta-goog-reserved-file-mtime
1571232246
content-language
en
x-goog-hash
crc32c=45uqFg== md5=qeJHIonqnomOHLRCk4k8Jg==
x-goog-storage-class
MULTI_REGIONAL
age
1155
cache-control
public, max-age=3600
cf-cache-status
DYNAMIC
cf-request-id
0646fb21660000d6c972904000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=44QvinfxLbHqJCBq7Xi9ADdPQP%2BvqtYeFGkU49hxFj8Bo6jK7BJJXMdtp5Gztb4IXg7UhbxMI%2BZfbEycSxSF3Sau3DXkhqqhY76zS3vtsXeIJKZ5EvwewgwL3awe%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5eeb6148a9d7d6c9-FRA
content-encoding
br

Redirect headers

Date
Sun, 08 Nov 2020 01:04:26 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sun, 08 Nov 2020 02:04:26 GMT
Location
https://shortestminer.com/?utm_medium=full_interstitial&utm_source=shst_new&utm_campaign=miner_app
cf-request-id
0646fb2147000024880515c000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U0ToJjTJ2HqSI2ZUue6vIKr6tlotNY4iJBKRZulS8qQZ6ltWxAI4H90%2FciVko7oBy5BliR3s3zdRfQvG%2FuWOYjzYBhUQeInz59mu%2F3QEuuDhvZUM51lw4vljECQ2hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
5eeb61487b4b2488-FRA
truncated
/ Frame 656C 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
end-adsession
festyy.com/shortest-url/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://festyy.com/shortest-url/end-adsession?adSessionId=19a54c8108bb00f848c561dc24365d6ea4020633&adbd=0&callback=reqwest_1604797464843
Requested by
Host: static.sh.st
URL: http://static.sh.st/js/packed/interstitial-page.js?2020-02-19.0
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:44fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40-0+deb8u12
Resource Hash

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 01:04:33 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"report_to":"cf-nel","max_age":604800}
X-Powered-By
PHP/5.6.40-0+deb8u12
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0646fb38b4000005ed08b7f000000001
X-UA-Compatible
IE=Edge
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WNjvqT0MUvsijLd0SUQYLNhKHTXrSlYtt1H1jM%2FopnmBqWj5HhY7XrZ8Q2OmkD7KWek%2BGFrgSSIA9W6G54JSrvT9OaHVKsIqtWM52XGCLR7zD4zoNWeX"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
X-Server-ID
shn09
Cache-Control
no-cache
CF-RAY
5eeb616def6905ed-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
traffdaq.com
URL
https://traffdaq.com/users/track/eyJpdiI6InlGcmYraHg2cjkzZ0NuQmViR29TQVE9PSIsInZhbHVlIjoiTUI1V0MwQ0hmdlwvekZKZ0xtXC9KOXR3ZlRUdWtCaXJ4YUcyQ2Vtblh2SXNjZVAwbkF3SW5zMlkxMGhpdlVaTDdCdElZbmVnK1RBcWptZTdPRnlVNjdodz09IiwibWFjIjoiYTQ1NTg2NDI1MGUyMjIzZTkyNmVkOTFjY2IzZjMzNmEyYjRjMThkNzgzOTMwNWI5YzM2NGE1NjM1ZDg4ZGYxMCJ9

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.realsrv.com
ads.shorte.st
analytics.shorte.st
c.securepaths.com
cdn.jsdelivr.net
d3ud741uvs727m.cloudfront.net
festyy.com
fonts.googleapis.com
fonts.gstatic.com
manyhit.com
ncediscou.fun
ncorports.top
shortestminer.com
speedflow.io
static.sh.st
syndication.realsrv.com
traffdaq.com
www.google-analytics.com
www.googletagmanager.com
traffdaq.com
107.170.39.103
13.226.156.177
143.204.215.75
143.204.215.83
162.213.255.36
198.54.116.135
2001:4de0:ac19::1:b:3b
2606:4700:20::681a:6da
2606:4700:20::ac43:44fa
2606:4700:20::ac43:4a21
2606:4700:3033::6818:64dd
2a00:1450:4001:814::2003
2a00:1450:4001:815::200e
2a00:1450:4001:821::2008
2a00:1450:4001:824::200a
2a04:4e42:3::621
35.190.72.161
35.227.234.224
95.211.229.246
1a1c7cc316ead81f4e2353e456fc9ae7126aef44dea28547dd32140eeb66305d
3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9
4bfd84441ea51484204c8ca64bfd0dd137c5c95e236c32fd380da19ab00510b4
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
4f6ffaa3bff8c7f09c9bf51fc4574e1e1f6c66fb4515fcc5065f79046030c8a7
5f6b963db29a7e36446cb60e1b62a78700ab310b4dc3b9b8aa0f47a8dcb01c17
6cd558d5c4556c7bd178cda69a72451d9886b3e55bc69de1dc1844df94a10f39
8146dfca511f063c33c05e13e151ed3d3456441590a4b1358bbc99b320a02b8d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
95018d6b90baf42d8f20f3b7e24c2de4cf27560fe7af07d39eea0e9ed9acf517
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a9aeb3d1a1fe9265f897a4f32a068ae49ecb3afe8bf92326143a9adaf5f35c5f
bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3f814d49049b29143de2fccdbd97d0a1f0739e2554c482684c7c906b535ea43
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
f0304f634f030209d91d76f627b9e80311740c1c224cafaf3e6f137e0b753538
fd7607ab554a8c5af9aed32593ae99aaf0682198dbbd277372e8b663bd98b001
fe7d44da14de843b7305f71fa35b66b04dac9cd9ad4bb1d63fee3625586122ce