urlscan.io logo urlscan.io
SecurityTrails logo

humadecure.gq Open in urlscan Pro
160.20.147.80  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://8kijhpbsz9test3.trappavarcabeamo.cf/q3bCCwDV?keyword=Steven.mullineaux%40fleetmatics.com&sub1=clear&sub3=saargate.de
Effective URL: http://humadecure.gq/?s1=mqmq&s3=el
Submission Tags: falconsandbox
Submission: On October 16 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 7 domains to perform 11 HTTP transactions. The main IP is 160.20.147.80, located in Frankfurt am Main, Germany and belongs to COMBAHTON combahton GmbH, DE. The main domain is humadecure.gq.
This is the only time humadecure.gq was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2 216.119.156.49 46562 (PERFORMIVE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 146.190.228.148 14061 (DIGITALOC...)
5 160.20.147.80 30823 (COMBAHTON...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 5 2a02:6b8::1:119 208722 (GLOBAL_DC)
1 87.236.16.245 198610 (BEGET-AS)
11 4
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
8kijhpbsz9test3.trappavarcabeamo.cf
2    216.119.156.49 (Atlanta, United States)

ASN46562 (PERFORMIVE, US)
PTR: 216.119.156.49.static.midphase.com
dateexotic.com
1    2606:4700:3033::ac43:cc70 (United States)

ASN13335 (CLOUDFLARENET, US)
alexatracker.com
1    146.190.228.148 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
146.190.228.148
5    160.20.147.80 (Frankfurt am Main, Germany)

ASN30823 (COMBAHTON combahton GmbH, DE)
humadecure.gq
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
svntrk.com
5    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
1    87.236.16.245 (Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: ssl.loki.beget.com
hello-site.ru
Apex Domain
Subdomains		 Transfer
5 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3510
74 KB
5 humadecure.gq
humadecure.gq
355 KB
2 dateexotic.com
dateexotic.com
849 B
1 hello-site.ru
hello-site.ru
841 B
1 svntrk.com
svntrk.com — Cisco Umbrella Rank: 422603
530 B
1 alexatracker.com
alexatracker.com — Cisco Umbrella Rank: 421760
609 B
1 trappavarcabeamo.cf
8kijhpbsz9test3.trappavarcabeamo.cf
1 KB
11 7
Domain Requested by
5 mc.yandex.ru 1 redirects humadecure.gq
mc.yandex.ru
5 humadecure.gq humadecure.gq
2 dateexotic.com 2 redirects
1 hello-site.ru humadecure.gq
1 svntrk.com humadecure.gq
1 alexatracker.com 1 redirects
1 8kijhpbsz9test3.trappavarcabeamo.cf 1 redirects
11 7

This site contains no links.

Subject Issuer Validity Valid
*.svntrk.com
E1		 2022-10-01 -
2022-12-30		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-05-21 -
2022-10-31		 5 months crt.sh

This page contains 1 frames:

Primary Page: http://humadecure.gq/?s1=mqmq&s3=el
Frame ID: 3047C3ADC6AECF0C9AE6D91E3CF5D293
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

She is waiting

Page URL History Show full URLs

  1. https://8kijhpbsz9test3.trappavarcabeamo.cf/q3bCCwDV?keyword=Steven.mullineaux%40fleetmatics.com&sub1=clear&sub3=saargat... HTTP 302
    https://dateexotic.com/agEA?usid=bghbussn0mm&email=Steven.mullineaux%40fleetmatics.com&sub1=clear&p... HTTP 302
    https://alexatracker.com/?r=aHR0cHM6Ly9kYXRlZXhvdGljLmNvbS9hZ0VBP3VzaWQ9YmdoYnVzc24wbW0mZW1haWw9U3Rld... HTTP 301
    https://dateexotic.com/agEA?usid=bghbussn0mm&email=Steven.mullineaux%40fleetmatics.com&sub1=clear&p... HTTP 302
    http://146.190.228.148/gGsS7C?click_id=bghbussn0mm HTTP 302
    http://humadecure.gq/?s1=mqmq&s3=el Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

11
Requests

36 %
HTTPS

50 %
IPv6

7
Domains

7
Subdomains

4
IPs

4
Countries

429 kB
Transfer

564 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://8kijhpbsz9test3.trappavarcabeamo.cf/q3bCCwDV?keyword=Steven.mullineaux%40fleetmatics.com&sub1=clear&sub3=saargate.de HTTP 302
    https://dateexotic.com/agEA?usid=bghbussn0mm&email=Steven.mullineaux%40fleetmatics.com&sub1=clear&prid=bghbussn0mm HTTP 302
    https://alexatracker.com/?r=aHR0cHM6Ly9kYXRlZXhvdGljLmNvbS9hZ0VBP3VzaWQ9YmdoYnVzc24wbW0mZW1haWw9U3RldmVuLm11bGxpbmVhdXglNDBmbGVldG1hdGljcy5jb20mc3ViMT1jbGVhciZwcmlkPWJnaGJ1c3NuMG1t&h=b9658b6435721c8f47e06477b423a8ea HTTP 301
    https://dateexotic.com/agEA?usid=bghbussn0mm&email=Steven.mullineaux%40fleetmatics.com&sub1=clear&prid=bghbussn0mm&tbsession=857491674011293376&c=3742828384 HTTP 302
    http://146.190.228.148/gGsS7C?click_id=bghbussn0mm HTTP 302
    http://humadecure.gq/?s1=mqmq&s3=el Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://mc.yandex.ru/watch/54239065?wmode=7&page-url=http%3A%2F%2Fhumadecure.gq%2F%3Fs1%3Dmqmq%26s3%3Del&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afp%3A2811%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1481797436026%3Ahid%3A98038431%3Az%3A0%3Ai%3A20221016190850%3Aet%3A1665947330%3Ac%3A1%3Arn%3A429823433%3Arqn%3A1%3Au%3A1665947330966966987%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A21%2C64%2C308%2C1%2C1752%2C0%2C%2C655%2C0%2C%2C%2C%2C2801%3Acpf%3A1%3Antf%3A1%3Ans%3A1665947326983%3Arqnl%3A1%3Ast%3A1665947330%3At%3AShe%20is%20waiting&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/54239065/1?wmode=7&page-url=http%3A%2F%2Fhumadecure.gq%2F%3Fs1%3Dmqmq%26s3%3Del&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afp%3A2811%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1481797436026%3Ahid%3A98038431%3Az%3A0%3Ai%3A20221016190850%3Aet%3A1665947330%3Ac%3A1%3Arn%3A429823433%3Arqn%3A1%3Au%3A1665947330966966987%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A21%2C64%2C308%2C1%2C1752%2C0%2C%2C655%2C0%2C%2C%2C%2C2801%3Acpf%3A1%3Antf%3A1%3Ans%3A1665947326983%3Arqnl%3A1%3Ast%3A1665947330%3At%3AShe%20is%20waiting&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
humadecure.gq/
Redirect Chain
  • https://8kijhpbsz9test3.trappavarcabeamo.cf/q3bCCwDV?keyword=Steven.mullineaux%40fleetmatics.com&sub1=clear&sub3=saargate.de
  • https://dateexotic.com/agEA?usid=bghbussn0mm&email=Steven.mullineaux%40fleetmatics.com&sub1=clear&prid=bghbussn0mm
  • https://alexatracker.com/?r=aHR0cHM6Ly9kYXRlZXhvdGljLmNvbS9hZ0VBP3VzaWQ9YmdoYnVzc24wbW0mZW1haWw9U3RldmVuLm11bGxpbmVhdXglNDBmbGVldG1hdGljcy5jb20mc3ViMT1jbGVhciZwcmlkPWJnaGJ1c3NuMG1t&h=b9658b6435721c...
  • https://dateexotic.com/agEA?usid=bghbussn0mm&email=Steven.mullineaux%40fleetmatics.com&sub1=clear&prid=bghbussn0mm&tbsession=857491674011293376&c=3742828384
  • http://146.190.228.148/gGsS7C?click_id=bghbussn0mm
  • http://humadecure.gq/?s1=mqmq&s3=el
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://humadecure.gq/?s1=mqmq&s3=el
Protocol
HTTP/1.1
Server
160.20.147.80 Frankfurt am Main, Germany, ASN30823 (COMBAHTON combahton GmbH, DE),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
a86aed1af12d43add41dbcca02eb71657a063c07c565dc9239676174eeb0b770

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sun, 16 Oct 2022 19:08:49 GMT
Server
nginx/1.22.0
Transfer-Encoding
chunked
cache-control
private, must-revalidate
expires
-1
pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sun, 16 Oct 2022 19:08:48 GMT
Expires
0
Last-Modified
Sun, 16 Oct 2022 19:08:48 GMT
Location
http://humadecure.gq?s1=mqmq&s3=el
Pragma
no-cache
Server
nginx/1.20.1
Vary
Accept-Encoding
mqmq_634c56c1031c4.js
svntrk.com/assets/ 		0
530 B 		Script
General
Check archive.org
Download Go to
Full URL
https://svntrk.com/assets/mqmq_634c56c1031c4.js
Requested by
Host: humadecure.gq
URL: http://humadecure.gq/?s1=mqmq&s3=el
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 19:08:49 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PhDgUhyzoQH%2B4wlDJ5L3oxIAQzVvE%2B04oIazcynyUm9OEirrwUziOlaNw9Fyxs5orqxf2NWh0LMOxzxsrkFn9HHBsSdtruVNnnwdnlI9iyjall%2Bs9aIJYw4qUQ1G2yhwC%2BRF93d29Ca"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, private
cf-ray
75b315d799bb0b78-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vendor.css
humadecure.gq/landings/25/fonts/ 		14 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://humadecure.gq/landings/25/fonts/vendor.css
Requested by
Host: humadecure.gq
URL: http://humadecure.gq/?s1=mqmq&s3=el
Protocol
HTTP/1.1
Server
160.20.147.80 Frankfurt am Main, Germany, ASN30823 (COMBAHTON combahton GmbH, DE),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
fe1e3a10801c0ea45554f7c125f6f648bfe8676a182ee5927768079ee9b4d3fa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 19:08:49 GMT
last-modified
Wed, 12 Oct 2022 11:03:10 GMT
Server
nginx/1.22.0
etag
"63469eee-3832"
Content-Type
text/css
Connection
keep-alive
accept-ranges
bytes
Content-Length
14386
vendor.js
humadecure.gq/landings/25/js/ 		154 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://humadecure.gq/landings/25/js/vendor.js
Requested by
Host: humadecure.gq
URL: http://humadecure.gq/?s1=mqmq&s3=el
Protocol
HTTP/1.1
Server
160.20.147.80 Frankfurt am Main, Germany, ASN30823 (COMBAHTON combahton GmbH, DE),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
d78c15856572d5a76ab2c1a77800262c2d5276a4204f12648f909e7e79a86521

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 19:08:49 GMT
last-modified
Wed, 12 Oct 2022 11:03:10 GMT
Server
nginx/1.22.0
etag
"63469eee-26890"
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
accept-ranges
bytes
Content-Length
157840
main-bg.jpg
humadecure.gq/landings/25/img/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://humadecure.gq/landings/25/img/main-bg.jpg
Requested by
Host: humadecure.gq
URL: http://humadecure.gq/?s1=mqmq&s3=el
Protocol
HTTP/1.1
Server
160.20.147.80 Frankfurt am Main, Germany, ASN30823 (COMBAHTON combahton GmbH, DE),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
36fe2a8ae23e8d10507e772ca9049197f2f38ffe8703739f99d9cd5065dd31b1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 19:08:49 GMT
last-modified
Wed, 12 Oct 2022 11:03:10 GMT
Server
nginx/1.22.0
etag
"63469eee-9c3b"
Content-Type
image/jpeg
Connection
keep-alive
accept-ranges
bytes
Content-Length
39995
tag.js
mc.yandex.ru/metrika/ 		208 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: humadecure.gq
URL: http://humadecure.gq/?s1=mqmq&s3=el
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
c01ee4ad73a35630310a11d10b6d654586843d9bf863efea29b231541b409006
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 19:08:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 07 Oct 2022 07:30:00 GMT
etag
"633fab48-11e03"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73219
expires
Sun, 16 Oct 2022 20:08:49 GMT
rings.svg
hello-site.ru//main/images/preloads/ 		2 KB
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hello-site.ru//main/images/preloads/rings.svg
Requested by
Host: humadecure.gq
URL: http://humadecure.gq/landings/25/fonts/vendor.css
Protocol
HTTP/1.1
Server
87.236.16.245 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.loki.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
d887368f18aa4483d5a267a86d1ff5d26a09048bb1c93c0ac9d374e438014342

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://humadecure.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 19:08:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Dec 2014 12:18:37 GMT
Server
nginx-reuseport/1.21.1
ETag
W/"54898b9d-6f8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=30
X-Beget-Proxy
loki.beget.ru
Expires
Sun, 23 Oct 2022 19:08:50 GMT
euclidflex.woff
humadecure.gq/landings/25/fonts/ 		142 KB
142 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://humadecure.gq/landings/25/fonts/euclidflex.woff
Requested by
Host: humadecure.gq
URL: http://humadecure.gq/landings/25/fonts/vendor.css
Protocol
HTTP/1.1
Server
160.20.147.80 Frankfurt am Main, Germany, ASN30823 (COMBAHTON combahton GmbH, DE),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
63db12c663d6e5039dd2ad8b6740855243e8307effc9095183debad225a7fdee

Request headers

Referer
http://humadecure.gq/landings/25/fonts/vendor.css
Origin
http://humadecure.gq
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 19:08:50 GMT
last-modified
Wed, 12 Oct 2022 11:03:10 GMT
Server
nginx/1.22.0
etag
"63469eee-236bc"
Content-Type
application/font-woff
Connection
keep-alive
accept-ranges
bytes
Content-Length
145084
1
mc.yandex.ru/watch/54239065/
Redirect Chain
  • https://mc.yandex.ru/watch/54239065?wmode=7&page-url=http%3A%2F%2Fhumadecure.gq%2F%3Fs1%3Dmqmq%26s3%3Del&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afp%3A2811%3Afu%...
  • https://mc.yandex.ru/watch/54239065/1?wmode=7&page-url=http%3A%2F%2Fhumadecure.gq%2F%3Fs1%3Dmqmq%26s3%3Del&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afp%3A2811%3Af...
439 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/54239065/1?wmode=7&page-url=http%3A%2F%2Fhumadecure.gq%2F%3Fs1%3Dmqmq%26s3%3Del&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afp%3A2811%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1481797436026%3Ahid%3A98038431%3Az%3A0%3Ai%3A20221016190850%3Aet%3A1665947330%3Ac%3A1%3Arn%3A429823433%3Arqn%3A1%3Au%3A1665947330966966987%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A21%2C64%2C308%2C1%2C1752%2C0%2C%2C655%2C0%2C%2C%2C%2C2801%3Acpf%3A1%3Antf%3A1%3Ans%3A1665947326983%3Arqnl%3A1%3Ast%3A1665947330%3At%3AShe%20is%20waiting&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Requested by
Host: humadecure.gq
URL: http://humadecure.gq/?s1=mqmq&s3=el
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
2a27d7c24d80d35781d8aa9e3d546dbb7773e9e45379663d69c75bd5d791cd80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 19:08:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sun, 16-Oct-2022 19:08:50 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
http://humadecure.gq
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
439
x-xss-protection
1; mode=block
expires
Sun, 16-Oct-2022 19:08:50 GMT

Redirect headers

pragma
no-cache
date
Sun, 16 Oct 2022 19:08:50 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 16-Oct-2022 19:08:50 GMT
location
/watch/54239065/1?wmode=7&page-url=http%3A%2F%2Fhumadecure.gq%2F%3Fs1%3Dmqmq%26s3%3Del&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afp%3A2811%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1481797436026%3Ahid%3A98038431%3Az%3A0%3Ai%3A20221016190850%3Aet%3A1665947330%3Ac%3A1%3Arn%3A429823433%3Arqn%3A1%3Au%3A1665947330966966987%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A21%2C64%2C308%2C1%2C1752%2C0%2C%2C655%2C0%2C%2C%2C%2C2801%3Acpf%3A1%3Antf%3A1%3Ans%3A1665947326983%3Arqnl%3A1%3Ast%3A1665947330%3At%3AShe%20is%20waiting&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
access-control-allow-origin
http://humadecure.gq
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 16-Oct-2022 19:08:50 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: humadecure.gq
URL: http://humadecure.gq/?s1=mqmq&s3=el
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 19:08:50 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 07 Oct 2022 07:30:00 GMT
etag
"633fab48-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sun, 16 Oct 2022 20:08:50 GMT
1
mc.yandex.ru/watch/54239065/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/54239065/1?page-url=http%3A%2F%2Fhumadecure.gq%2F%3Fs1%3Dmqmq%26s3%3Del&charset=utf-8&hittoken=1665947330_242e2f3654803d48c0d0d6923aa56bb9e498930a90ffe671a5b6bba8044c26da&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Akqp6gvxtrlkq3u3woc7b0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1481797436026%3Ahid%3A98038431%3Az%3A0%3Ai%3A20221016190850%3Aet%3A1665947330%3Ac%3A1%3Arn%3A278446433%3Arqn%3A2%3Au%3A1665947330966966987%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Antf%3A1%3Ans%3A1665947326983%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665947330&t=gdpr(14)mc(p-1)clc(0-0-0)aw(1)rqnt(2)rqnl(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 19:08:50 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 16-Oct-2022 19:08:50 GMT
content-type
image/gif
access-control-allow-origin
http://humadecure.gq
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 16-Oct-2022 19:08:50 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation string| thirdParty string| r string| vl string| redirectURL function| fadeOutnojquery function| openPopup function| clickButton function| nextStep function| getTimezone function| x64Add function| x64Multiply function| x64Rotl function| x64LeftShift function| x64Xor function| x64Fmix function| x64hash128 function| picassoCanvas function| picasso function| getVideoCardInfo function| $ function| jQuery object| gsapVersions object| Linear object| Power0 object| Quad object| Power1 object| Cubic object| Power2 object| Quart object| Power3 object| Quint object| Power4 object| Strong object| Elastic object| Bounce object| Expo object| Circ object| Sine object| Back object| SteppedEase function| TweenLite function| TweenMax function| TimelineMax function| TimelineLite function| AttrPlugin function| EndArrayPlugin function| RoundPropsPlugin function| ModifiersPlugin function| SnapPlugin object| gsap object| CSSPlugin function| ym object| yaParams string| ce object| Ya object| yaCounter54239065

21 Cookies

Domain/Path Name / Value
8kijhpbsz9test3.trappavarcabeamo.cf/ Name: _subid
Value: bghbussn0mm
8kijhpbsz9test3.trappavarcabeamo.cf/ Name: _token
Value: uuid_bghbussn0mm_bghbussn0mm634c56bf362fb6.64565346
8kijhpbsz9test3.trappavarcabeamo.cf/ Name: b15e4
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjExOVwiOjE2NjU5NDczMjd9LFwiY2FtcGFpZ25zXCI6e1wiMzJcIjoxNjY1OTQ3MzI3fSxcInRpbWVcIjoxNjY1OTQ3MzI3fSJ9.N6B1rjukB4dYCMHU9c1q9d3MADgmRT6XVhe5WqT5XtM
alexatracker.com/ Name: trbarid
Value: 857491674011293376
dateexotic.com/ Name: trbarid
Value: 8bf89e1a48fc1da70ce00f4f94478b440403cd3edf90e3f84638c4a90994f6d9a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bs%3A18%3A%22857491674011293376%22%3B%7D
dateexotic.com/ Name: tbar_uc1
Value: 6487f82d4a5e32f9d6fa527421a762dc1ee1bf579e8965f651f5f88c9eec3e8ca%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22tbar_uc1%22%3Bi%3A1%3Bs%3A44%3A%22U3RldmVuLm11bGxpbmVhdXhAZmxlZXRtYXRpY3MuY29t%22%3B%7D
146.190.228.148/ Name: _subid
Value: 34jugacsn0mq
146.190.228.148/ Name: b15e4
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0NFwiOjE2NjU5NDczMjh9LFwiY2FtcGFpZ25zXCI6e1wiNDJcIjoxNjY1OTQ3MzI4fSxcInRpbWVcIjoxNjY1OTQ3MzI4fSJ9.wbEZt4AQ4Ej8xQYvfE9W2nrX9gSFrszWo6wyvC2RoYE
humadecure.gq/ Name: XSRF-TOKEN
Value: eyJpdiI6Ildyd0VseXIwWlJ2am5TNk9BUVQ2Q2c9PSIsInZhbHVlIjoiQTJPNldxMlBMQUNvSGpjNEZ2OE1RRVV3QzMvQkpsbzJEa1o2RnYyWTgvZWhoa0ZPK2FzVjBkaGh1MzJqM2cwSiIsIm1hYyI6IjM2YjRlNjQxZjgzZThkY2ZmMTI4YTg2NTkxNmU4NjQ2MWIwMDYzNmIwNzExMjVjMWU1MDg2Yjk4OTRiNGQ3MTMifQ%3D%3D
humadecure.gq/ Name: laravel_session
Value: eyJpdiI6ImVDSGVEMGtuSGNzT1dqenh6NEdiU2c9PSIsInZhbHVlIjoiYUpQSUl2dGpzK09rMHJJcU5oL0tjenBVUzlSN1p1alBWMk1zMW5hNW4ySHFYemFRZEdTZDZpTG0zRXFZbm41MiIsIm1hYyI6IjA2ODhjNGY1MDEyN2YwOTk0NzU5N2EzMDYzZWMyOWYxMzljYzY3MzEyNGFkMmU0MzVhZmMxZjUzMmIxYTNiOGIifQ%3D%3D
humadecure.gq/ Name: SRVNAME
Value: w1
svntrk.com/ Name: svnimp
Value: 634c56c15a549
.humadecure.gq/ Name: _ym_uid
Value: 1665947330966966987
.humadecure.gq/ Name: _ym_d
Value: 1665947330
.yandex.ru/ Name: yandexuid
Value: 5065998231665947330
.yandex.ru/ Name: yuidss
Value: 5065998231665947330
mc.yandex.ru/ Name: yabs-sid
Value: 2559665891665947330
.yandex.ru/ Name: i
Value: zb8dWEyhGYsFim4+S1R/3rerDfQxjLpShPC+mi8+kDdfrIrQItBicBsQfAm171LCivAsYP9hBA2auJTOn01vEnjh+g8=
.yandex.ru/ Name: ymex
Value: 1697483330.yrts.1665947330#1697483330.yrtsi.1665947330
.humadecure.gq/ Name: _ym_isad
Value: 2
.humadecure.gq/ Name: _ym_visorc
Value: b