urlscan.io logo urlscan.io
SecurityTrails logo

trud.fun Open in urlscan Pro
2606:4700:30::6818:601e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://daax.site/
Effective URL: https://trud.fun/hezi?tds=1&url_id=3128454&url_full_id=367
Submission: On January 15 via manual from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 16 HTTP transactions. The main IP is 2606:4700:30::6818:601e, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is trud.fun.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 13th 2020. Valid for: 9 months.
This is the only time trud.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 217.112.35.88 30943 (UTRANSIT-...)
1 190.115.19.162 262254 (DDOS-GUAR...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
2 2a02:6b8::1:119 13238 (YANDEX)
1 2 2606:4700:30:... 13335 (CLOUDFLAR...)
16 6
5    217.112.35.88 (United Kingdom)

ASN30943 (UTRANSIT-AS Utransit Global Backbone Network, GB)
PTR: v82-u.valuehost.ru
daax.site
infcom.valuehost.ru
1    190.115.19.162 (Belize)

ASN262254 (DDOS-GUARD CORP., BZ)
e-pay.group
1    2606:4700:30::6812:3567 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
lavapay.org
2    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
2    2606:4700:30::6818:601e (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
trud.fun
Apex Domain
Subdomains		 Transfer
4 daax.site
daax.site
80 KB
2 yandex.ru
mc.yandex.ru
132 KB
2 trud.fun
trud.fun Failed
790 B
1 lavapay.org
lavapay.org
1 valuehost.ru
infcom.valuehost.ru
999 B
1 e-pay.group
e-pay.group
353 B
16 6
Domain Requested by
4 daax.site daax.site
2 mc.yandex.ru daax.site
mc.yandex.ru
2 trud.fun daax.site
1 lavapay.org daax.site
1 infcom.valuehost.ru daax.site
1 e-pay.group daax.site
16 6

This site contains no links.

Subject Issuer Validity Valid
e-pay.group
Let's Encrypt Authority X3		 2020-01-13 -
2020-04-12		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-12-04 -
2020-10-09		 10 months crt.sh
mc.yandex.ru
Yandex CA		 2019-09-23 -
2020-09-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://trud.fun/hezi?tds=1&url_id=3128454&url_full_id=367
Frame ID: 4767E13CBBF30884F1DBD47779571BE7
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://daax.site/ Page URL
  2. https://trud.fun//tds/qd1o HTTP 302
    http://trud.fun/hezi?tds=1&url_id=3128454&url_full_id=367 HTTP 307
    https://trud.fun/hezi?tds=1&url_id=3128454&url_full_id=367 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

16
Requests

31 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

213 kB
Transfer

640 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://daax.site/ Page URL
  2. https://trud.fun//tds/qd1o HTTP 302
    http://trud.fun/hezi?tds=1&url_id=3128454&url_full_id=367 HTTP 307
    https://trud.fun/hezi?tds=1&url_id=3128454&url_full_id=367 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://allclicks.biz/zdxl HTTP 302
  • http://trud.fun/zdxl?url_id=3128454&url_full_id=366 HTTP 307
  • https://trud.fun/zdxl?url_id=3128454&url_full_id=366
Request Chain 6
  • https://allclicks.biz/34ag HTTP 302
  • http://trud.fun/34ag?url_id=3128454&url_full_id=366 HTTP 307
  • https://trud.fun/34ag?url_id=3128454&url_full_id=366
Request Chain 7
  • https://allclicks.biz/889n HTTP 302
  • http://trud.fun/889n?url_id=3128454&url_full_id=366 HTTP 307
  • https://trud.fun/889n?url_id=3128454&url_full_id=366
Request Chain 8
  • https://allclicks.biz/fit3 HTTP 302
  • http://trud.fun/fit3?url_id=3128454&url_full_id=366 HTTP 307
  • https://trud.fun/fit3?url_id=3128454&url_full_id=366

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
daax.site/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://daax.site/
Protocol
HTTP/1.1
Server
217.112.35.88 , United Kingdom, ASN30943 (UTRANSIT-AS Utransit Global Backbone Network, GB),
Reverse DNS
v82-u.valuehost.ru
Software
nginx/1.5.7 / PHP/5.2.17
Resource Hash
0b4455af7efa6008c84186a4239febb182f28b649ad38c9d21cb25047aa6c8a0

Request headers

Host
daax.site
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Server
nginx/1.5.7
Date
Wed, 15 Jan 2020 03:38:46 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
X-Powered-By
PHP/5.2.17
Access-Control-Allow-Origin
*
Content-Encoding
gzip
style.css
daax.site/ 		74 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://daax.site/style.css
Requested by
Host: daax.site
URL: http://daax.site/
Protocol
HTTP/1.1
Server
217.112.35.88 , United Kingdom, ASN30943 (UTRANSIT-AS Utransit Global Backbone Network, GB),
Reverse DNS
v82-u.valuehost.ru
Software
nginx/1.5.7 /
Resource Hash
5be1d8393e38dd5b9ddf983dafad03d91ae1ba73e81ccfcc14450b0ba7de9280

Request headers

Referer
http://daax.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 03:38:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Dec 2019 01:45:31 GMT
Server
nginx/1.5.7
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=604800, max-age=604800, must-revalidate, public
Connection
keep-alive
Keep-Alive
timeout=20
Expires
Wed, 22 Jan 2020 03:38:46 GMT
tds.js
daax.site/ 		1 KB
1009 B 		Script
General
Check archive.org
Download Go to
Full URL
http://daax.site/tds.js
Requested by
Host: daax.site
URL: http://daax.site/
Protocol
HTTP/1.1
Server
217.112.35.88 , United Kingdom, ASN30943 (UTRANSIT-AS Utransit Global Backbone Network, GB),
Reverse DNS
v82-u.valuehost.ru
Software
nginx/1.5.7 /
Resource Hash
80d43382c3a9cbac71555cd714436c5439d7b537d5cc6591c61fb8d75ee478a1

Request headers

Referer
http://daax.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 03:38:46 GMT
Content-Encoding
gzip
Last-Modified
Sat, 11 Jan 2020 20:12:42 GMT
Server
nginx/1.5.7
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=604800, max-age=604800, must-revalidate, public
Connection
keep-alive
Keep-Alive
timeout=20
Expires
Wed, 22 Jan 2020 03:38:46 GMT
request_tds.php
e-pay.group/ 		37 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e-pay.group/request_tds.php
Requested by
Host: daax.site
URL: http://daax.site/tds.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.19.162 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ngjit /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2628000, max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://daax.site/
Origin
http://daax.site

Response headers

strict-transport-security
max-age=2628000, max-age=15768000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
server
ngjit
status
200
date
Wed, 15 Jan 2020 03:38:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
content-security-policy
upgrade-insecure-requests;
oval.svg
infcom.valuehost.ru/images/ 		694 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://infcom.valuehost.ru/images/oval.svg
Requested by
Host: daax.site
URL: http://daax.site/
Protocol
HTTP/1.1
Server
217.112.35.88 , United Kingdom, ASN30943 (UTRANSIT-AS Utransit Global Backbone Network, GB),
Reverse DNS
v82-u.valuehost.ru
Software
nginx/1.5.7 /
Resource Hash

Request headers

Referer
http://daax.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 03:38:46 GMT
Last-Modified
Mon, 28 Sep 2015 14:52:14 GMT
Server
nginx/1.5.7
ETag
"9a3969a-2b6-5609541e"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
694
zdxl
trud.fun/
Redirect Chain
  • https://allclicks.biz/zdxl
  • http://trud.fun/zdxl?url_id=3128454&url_full_id=366
  • https://trud.fun/zdxl?url_id=3128454&url_full_id=366
0
0
34ag
trud.fun/
Redirect Chain
  • https://allclicks.biz/34ag
  • http://trud.fun/34ag?url_id=3128454&url_full_id=366
  • https://trud.fun/34ag?url_id=3128454&url_full_id=366
0
0
889n
trud.fun/
Redirect Chain
  • https://allclicks.biz/889n
  • http://trud.fun/889n?url_id=3128454&url_full_id=366
  • https://trud.fun/889n?url_id=3128454&url_full_id=366
0
0
fit3
trud.fun/
Redirect Chain
  • https://allclicks.biz/fit3
  • http://trud.fun/fit3?url_id=3128454&url_full_id=366
  • https://trud.fun/fit3?url_id=3128454&url_full_id=366
0
0
7d1b
lavapay.org/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lavapay.org/7d1b
Requested by
Host: daax.site
URL: http://daax.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3567 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://daax.site/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers
style.css
daax.site/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://daax.site/style.css
Requested by
Host: daax.site
URL: http://daax.site/
Protocol
HTTP/1.1
Server
217.112.35.88 , United Kingdom, ASN30943 (UTRANSIT-AS Utransit Global Backbone Network, GB),
Reverse DNS
v82-u.valuehost.ru
Software
nginx/1.5.7 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://daax.site/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 03:38:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Dec 2019 01:45:31 GMT
Server
nginx/1.5.7
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=604800, max-age=604800, must-revalidate, public
Connection
keep-alive
Keep-Alive
timeout=20
Expires
Wed, 22 Jan 2020 03:38:46 GMT
watch.js
mc.yandex.ru/metrika/ 		135 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: daax.site
URL: http://daax.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://daax.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 03:38:48 GMT
Content-Encoding
br
Last-Modified
Thu, 26 Dec 2019 10:39:25 GMT
Server
nginx/1.14.2
ETag
"5e048ddd-9e06"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
40454
Expires
Wed, 15 Jan 2020 04:38:48 GMT
tag.js
mc.yandex.ru/metrika/ 		362 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: daax.site
URL: http://daax.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://daax.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 15 Jan 2020 03:38:48 GMT
Content-Encoding
br
Last-Modified
Thu, 26 Dec 2019 10:39:25 GMT
Server
nginx/1.14.2
ETag
"5e048ddd-16ddd"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
93661
Expires
Wed, 15 Jan 2020 04:38:48 GMT
Primary Request hezi
trud.fun/
Redirect Chain
  • https://trud.fun//tds/qd1o
  • http://trud.fun/hezi?tds=1&url_id=3128454&url_full_id=367
  • https://trud.fun/hezi?tds=1&url_id=3128454&url_full_id=367
298 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://trud.fun/hezi?tds=1&url_id=3128454&url_full_id=367
Requested by
Host: daax.site
URL: http://daax.site/tds.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:601e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48c10faf9c13bb0b673b53e31748a30beccb00fd9b1de74a4054bc548419da96

Request headers

:method
GET
:authority
trud.fun
:scheme
https
:path
/hezi?tds=1&url_id=3128454&url_full_id=367
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://daax.site/
accept-encoding
gzip, deflate, br
cookie
__cfduid=dccb39eefc9cb1dc360ff1670980975dd1579059528; __ddg1=Lr5NFIfoCiwzThWTcz9V
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://daax.site/

Response headers

status
404
date
Wed, 15 Jan 2020 03:38:48 GMT
content-type
text/html; charset=utf-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5554d1a2aae0c2a4-FRA
content-encoding
br

Redirect headers

Location
https://trud.fun/hezi?tds=1&url_id=3128454&url_full_id=367
Non-Authoritative-Reason
HSTS
37661465
mc.yandex.ru/watch/ 		0
0
advert.gif
mc.yandex.ru/metrika/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
trud.fun
URL
https://trud.fun/zdxl?url_id=3128454&url_full_id=366
Domain
trud.fun
URL
https://trud.fun/34ag?url_id=3128454&url_full_id=366
Domain
trud.fun
URL
https://trud.fun/889n?url_id=3128454&url_full_id=366
Domain
trud.fun
URL
https://trud.fun/fit3?url_id=3128454&url_full_id=366
Domain
mc.yandex.ru
URL
https://mc.yandex.ru/watch/37661465?wmode=7&page-url=http%3A%2F%2Fdaax.site%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1579059527498%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20200115043848%3Aet%3A1579059528%3Aen%3Awindows-1251%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A576783086%3Ahid%3A232217681%3Ads%3A47%2C13%2C147%2C2%2C0%2C0%2C0%2C187%2C0%2C486%2C%2C%2C401%3Afp%3A408%3Awn%3A39145%3Ahl%3A2%3Agdpr%3A14%3Av%3A1792%3Ast%3A1579059528%3Au%3A1579059528133333291
Domain
mc.yandex.ru
URL
https://mc.yandex.ru/metrika/advert.gif

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

2 Cookies

Domain/Path Name / Value
.trud.fun/ Name: __ddg1
Value: Lr5NFIfoCiwzThWTcz9V
.trud.fun/ Name: __cfduid
Value: dccb39eefc9cb1dc360ff1670980975dd1579059528