urlscan.io logo urlscan.io
SecurityTrails logo

refstar.at.ua Open in urlscan Pro
193.109.247.235  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://speedflow.io/adult/?a=rr
Effective URL: https://refstar.at.ua/
Submission Tags: demotag1 demotag2 Search All
Submission: On November 08 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 48 IPs in 6 countries across 44 domains to perform 170 HTTP transactions. The main IP is 193.109.247.235, located in Moscow, Russian Federation and belongs to COMPUBYTE-AS, RU. The main domain is refstar.at.ua.
TLS certificate: Issued by GoGetSSL RSA DV CA on June 30th 2020. Valid for: a year.
This is the only time refstar.at.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 198.54.116.135 22612 (NAMECHEAP...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 95.211.229.245 60781 (LEASEWEB-...)
1 162.213.255.36 22612 (NAMECHEAP...)
1 4 107.170.39.103 14061 (DIGITALOC...)
1 35.190.72.161 15169 (GOOGLE)
1 2a04:4e42:1b:... 54113 (FASTLY)
3 42 193.109.247.235 204343 (COMPUBYTE-AS)
1 193.232.121.79 50214 (QWARTA)
1 1 92.53.96.35 9123 (TIMEWEB-AS)
1 2a03:6f00:1::... 9123 (TIMEWEB-AS)
1 172.67.75.144 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 95.215.204.110 204601 (ON-LINE-D...)
1 5.79.90.48 60781 (LEASEWEB-...)
2 147.135.220.104 16276 (OVH)
1 13 2a02:6b8::1:119 13238 (YANDEX)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 88.212.201.198 39134 (UNITEDNET)
1 88.208.7.132 39572 (ADVANCEDH...)
1 5.9.10.165 24940 (HETZNER-AS)
12 2606:4700:303... 13335 (CLOUDFLAR...)
5 2a02:6b8::90 13238 (YANDEX)
1 2 194.190.117.94 204600 (REPUBLER-AS)
1 37.9.245.57 16345 (BEE-AS Ru...)
3 77.245.57.72 36057 (WEBAIR-IN...)
1 195.201.106.117 24940 (HETZNER-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 204.155.145.103 40824 (WZCOM-)
26 195.201.243.71 24940 (HETZNER-AS)
3 159.69.74.8 24940 (HETZNER-AS)
1 195.181.175.49 60068 (CDN77)
1 144.76.9.117 24940 (HETZNER-AS)
4 6 31.172.81.160 44066 (DE-FIRSTC...)
6 6 31.172.81.172 44066 (DE-FIRSTC...)
1 2a00:1450:400... 15169 (GOOGLE)
1 95.213.133.116 49505 (SELECTEL)
2 178.63.43.235 24940 (HETZNER-AS)
1 194.87.190.23 49352 (LOGOL-AS)
2 2 35.190.16.14 15169 (GOOGLE)
6 176.99.5.102 49352 (LOGOL-AS)
1 84.201.152.8 200350 (YANDEXCLOUD)
1 176.99.5.56 49352 (LOGOL-AS)
6 5.254.23.85 3223 (VOXILITY)
2 5 104.16.200.58 13335 (CLOUDFLAR...)
2 6 2001:6d0:4001... 52016 (TNSMSK-)
2 88.212.252.22 7979 (SERVERS-COM)
3 2606:4700::68... 13335 (CLOUDFLAR...)
170 48
1    198.54.116.135 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server193-5.web-hosting.com
speedflow.io
1    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
a.realsrv.com
1    95.211.229.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
syndication.realsrv.com
1    162.213.255.36 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server145-4.web-hosting.com
manyhit.com
4    107.170.39.103 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
traffdaq.com
1    35.190.72.161 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com
c.securepaths.com
1    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
42    193.109.247.235 (Moscow, Russian Federation)

ASN204343 (COMPUBYTE-AS, RU)
PTR: dev.ucoz.net
refstar.at.ua
s1.ucoz.net
1    193.232.121.79 (Russian Federation)

ASN50214 (QWARTA, RU)
cdn-rtb.sape.ru
1    92.53.96.35 (Russian Federation)

ASN9123 (TIMEWEB-AS, RU)
PTR: vh238.timeweb.ru
bitkoin-krany-top.ru
1    2a03:6f00:1::5c35:6023 (Russian Federation)

ASN9123 (TIMEWEB-AS, RU)
bitkoin-krany-top.ru
1    172.67.75.144 (United States)

ASN13335 (CLOUDFLARENET, US)
firefaucet.win
1    2606:4700:3031::ac43:c1ad (United States)

ASN13335 (CLOUDFLARENET, US)
adsspace.net
2    2606:4700:3035::681c:531 (United States)

ASN13335 (CLOUDFLARENET, US)
www.bitcoadz.io
2    95.215.204.110 (Dronten, Netherlands)

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: vm1327710.ssd1.had.yt
super-traf.ru
1    5.79.90.48 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
cp.adviora.com
2    147.135.220.104 (Beaurevoir, France)

ASN16276 (OVH, FR)
PTR: ns3074226.ip-147-135-220.eu
g.cash-ads.com
13    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
informer.yandex.ru
mc.yandex.ru
1    2606:4700:20::681a:87b (United States)

ASN13335 (CLOUDFLARENET, US)
adbit.biz
1    2606:4700:3033::ac43:c61a (United States)

ASN13335 (CLOUDFLARENET, US)
bmfeed.ru
4    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru
counter.yadro.ru
1    88.208.7.132 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
thefuturepubs.com
1    5.9.10.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.10.9.5.clients.your-server.de
acceptable.a-ads.com
12    2606:4700:3031::681b:80dc (United States)

ASN13335 (CLOUDFLARENET, US)
cloudfastads.ru
5    2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
an.yandex.ru
2    194.190.117.94 (Russian Federation)

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb2.kavanga.ru
sync.republer.com
1    37.9.245.57 (Russian Federation)

ASN16345 (BEE-AS Russia, RU)
ssp1.rtb.beeline.ru
3    77.245.57.72 (Netherlands)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
1    195.201.106.117 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.106.201.195.clients.your-server.de
sync.dmp.otm-r.com
1    2606:4700:3031::6818:769c (United States)

ASN13335 (CLOUDFLARENET, US)
pushkintop.ru
1    204.155.145.103 (Dallas, United States)

ASN40824 (WZCOM-, US)
PTR: proven.masterliberty.com
code.tothefuturetech.com
26    195.201.243.71 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ingolstadt.aucourant.info
www.acint.net
3    159.69.74.8 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1290149.sapientru.net
ssp-rtb.sape.ru
1    195.181.175.49 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: frankfurt-47.cdn77.com
p1.dircont3.com
1    144.76.9.117 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.9.76.144.clients.your-server.de
px2.admon.pro
6    31.172.81.160 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
rot.spotsniper.ru
6    31.172.81.172 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.adsniper.ru
1    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
themes.googleusercontent.com
1    95.213.133.116 (Russian Federation)

ASN49505 (SELECTEL, RU)
ps.ntvk1.ru
2    178.63.43.235 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.235.43.63.178.clients.your-server.de
pub-eu.p.otm-r.com
1    194.87.190.23 (Russian Federation)

ASN49352 (LOGOL-AS, RU)
PTR: ops10.rktch.com
co9.rktch.com
2    35.190.16.14 (Mountain View, United States)

ASN15169 (GOOGLE, US)
redirect.frontend.weborama.fr
6    176.99.5.102 (Russian Federation)

ASN49352 (LOGOL-AS, RU)
PTR: d41228.acod.regrucolo.ru
ut.rktch.com
1    84.201.152.8 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)
roserobotx.ru
1    176.99.5.56 (Russian Federation)

ASN49352 (LOGOL-AS, RU)
PTR: d41021.acod.regrucolo.ru
tg.rktch.com
6    5.254.23.85 (Germany)

ASN3223 (VOXILITY, GB)
cache.betweendigital.com
5    104.16.200.58 (United States)

ASN13335 (CLOUDFLARENET, US)
pixel.yabidos.com
6    2001:6d0:4001::226 (Russian Federation)

ASN52016 (TNSMSK-, RU)
www.tns-counter.ru
2    88.212.252.22 (Russian Federation)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
3    2606:4700::6810:4036 (United States)

ASN13335 (CLOUDFLARENET, US)
pre.glotgrx.com
Apex Domain
Subdomains		 Transfer
38 at.ua
refstar.at.ua
442 KB
26 acint.net
www.acint.net
12 KB
18 yandex.ru
informer.yandex.ru
mc.yandex.ru
an.yandex.ru
343 KB
12 cloudfastads.ru
cloudfastads.ru
33 KB
8 betweendigital.com
cache.betweendigital.com
ads.betweendigital.com
167 KB
8 rktch.com
co9.rktch.com
ut.rktch.com
tg.rktch.com
3 KB
6 tns-counter.ru
www.tns-counter.ru
3 KB
6 adsniper.ru
sync3.adsniper.ru
3 KB
6 spotsniper.ru
rot.spotsniper.ru
5 KB
5 yabidos.com
pixel.yabidos.com
27 KB
4 yadro.ru
counter.yadro.ru
708 B
4 ucoz.net
s1.ucoz.net
9 KB
4 sape.ru
cdn-rtb.sape.ru
ssp-rtb.sape.ru
53 KB
4 traffdaq.com
traffdaq.com
4 KB
3 glotgrx.com
pre.glotgrx.com
673 B
3 otm-r.com
sync.dmp.otm-r.com
pub-eu.p.otm-r.com
4 KB
3 adkernel.com
sync.adkernel.com
109 B
2 weborama.fr
redirect.frontend.weborama.fr
630 B
2 republer.com
sync.republer.com
498 B
2 cash-ads.com
g.cash-ads.com
511 B
2 super-traf.ru
super-traf.ru
6 KB
2 bitcoadz.io
www.bitcoadz.io
8 KB
2 bitkoin-krany-top.ru
bitkoin-krany-top.ru
3 KB
2 realsrv.com
a.realsrv.com
syndication.realsrv.com
1 KB
1 roserobotx.ru
roserobotx.ru
1 ntvk1.ru
ps.ntvk1.ru
2 KB
1 googleusercontent.com
themes.googleusercontent.com
59 KB
1 admon.pro
px2.admon.pro
103 B
1 dircont3.com
p1.dircont3.com
9 KB
1 tothefuturetech.com
code.tothefuturetech.com
29 KB
1 pushkintop.ru
pushkintop.ru
1 beeline.ru
ssp1.rtb.beeline.ru
1 a-ads.com
acceptable.a-ads.com
1 thefuturepubs.com
thefuturepubs.com
1021 B
1 bmfeed.ru
bmfeed.ru
37 KB
1 adbit.biz
adbit.biz
4 KB
1 adviora.com
cp.adviora.com
1 KB
1 adsspace.net
adsspace.net
9 KB
1 firefaucet.win
firefaucet.win
168 KB
1 jsdelivr.net
cdn.jsdelivr.net
10 KB
1 securepaths.com
c.securepaths.com
1 manyhit.com
manyhit.com
1 speedflow.io
speedflow.io
1 KB
0 forexcontext.ru Failed
forexcontext.ru Failed
170 44
Domain Requested by
38 refstar.at.ua 3 redirects traffdaq.com
refstar.at.ua
26 www.acint.net cdn-rtb.sape.ru
refstar.at.ua
www.acint.net
12 cloudfastads.ru refstar.at.ua
cloudfastads.ru
12 mc.yandex.ru 1 redirects refstar.at.ua
mc.yandex.ru
6 www.tns-counter.ru 2 redirects refstar.at.ua
6 cache.betweendigital.com cdn-rtb.sape.ru
cache.betweendigital.com
refstar.at.ua
6 ut.rktch.com refstar.at.ua
6 sync3.adsniper.ru 6 redirects
6 rot.spotsniper.ru 4 redirects refstar.at.ua
5 pixel.yabidos.com 2 redirects refstar.at.ua
pixel.yabidos.com
5 an.yandex.ru refstar.at.ua
an.yandex.ru
4 counter.yadro.ru refstar.at.ua
4 s1.ucoz.net refstar.at.ua
s1.ucoz.net
4 traffdaq.com 1 redirects speedflow.io
traffdaq.com
3 pre.glotgrx.com refstar.at.ua
3 ssp-rtb.sape.ru cdn-rtb.sape.ru
3 sync.adkernel.com cp.adviora.com
refstar.at.ua
2 ads.betweendigital.com cache.betweendigital.com
2 redirect.frontend.weborama.fr 2 redirects
2 pub-eu.p.otm-r.com cdn-rtb.sape.ru
pub-eu.p.otm-r.com
2 sync.republer.com 1 redirects cp.adviora.com
2 g.cash-ads.com refstar.at.ua
g.cash-ads.com
2 super-traf.ru refstar.at.ua
super-traf.ru
2 www.bitcoadz.io refstar.at.ua
www.bitcoadz.io
2 bitkoin-krany-top.ru 1 redirects refstar.at.ua
1 tg.rktch.com co9.rktch.com
1 roserobotx.ru s1.ucoz.net
1 co9.rktch.com cdn-rtb.sape.ru
1 ps.ntvk1.ru p1.dircont3.com
1 themes.googleusercontent.com s1.ucoz.net
1 px2.admon.pro refstar.at.ua
1 p1.dircont3.com cdn-rtb.sape.ru
1 code.tothefuturetech.com thefuturepubs.com
1 pushkintop.ru bmfeed.ru
1 sync.dmp.otm-r.com refstar.at.ua
pub-eu.p.otm-r.com
1 ssp1.rtb.beeline.ru cp.adviora.com
1 acceptable.a-ads.com refstar.at.ua
1 thefuturepubs.com refstar.at.ua
1 bmfeed.ru refstar.at.ua
1 adbit.biz refstar.at.ua
1 informer.yandex.ru refstar.at.ua
1 cp.adviora.com refstar.at.ua
1 adsspace.net refstar.at.ua
1 firefaucet.win refstar.at.ua
1 cdn-rtb.sape.ru refstar.at.ua
1 cdn.jsdelivr.net traffdaq.com
1 c.securepaths.com traffdaq.com
1 manyhit.com speedflow.io
1 syndication.realsrv.com a.realsrv.com
1 a.realsrv.com speedflow.io
1 speedflow.io
0 forexcontext.ru Failed refstar.at.ua
170 52

This site contains links to these domains. Also see Links.

Domain
youtu.be
autofaucet.dutchycorp.space
faucetworld.in
many-time.dutchycorp.space
high.bitearns.com
autoclaim.in
autofaucet.org
qwerofaucet.com
coinsking.club
faucet.100count.net
autobitco.in
www.expressfaucet.com
auto.toplevelfaucet.website
sinobu.online
dogecoins.club
popspins.com
blocksmash.io
lootbits.io
faucetdogecoins.com
express.starfaucet.net
joinfaucet.com
profaucet.xyz
express.dutchycorp.space
dutchyclaim.ovh
www.softairbay.com
clingwin.com
firefaucet.win
www.thecryptofaucet.com
coinpanda.xyz
jetcoins.club
larvelfaucet.com
coinopen.site
bitearn.io
freeb.tc
freebitco.in
freecoin.today
bitsfree.net
moremoney.io
bitxfaucet.com
bitcoinker.com
fly-btc.com
kranbosow.ru
dailyfreebits.com
earnbtc.io
www.eobot.com
mellowads.com
moonbit.co.in
btcsmash.io
btcheat.com
i-bits.io
bonusbitcoin.co
cointiply.com
bitfun.co
konstantinova.net
ethercrane.com
vivebtc.win
www.coinrotation.com
bigbtc.win
btcimperator.com
fairmillions.com
freefaucet.io
coincorp.space
topbtc.club
www.starbits.io
fautsy.com
www.gobits.io
claimbits.io
faucet-bitco.in
xfaucet.net
xbit.co.in
btc4coin.info
btc-treats.pw
www.bitssurf.com
favcrypto.club
crypto-lovers.club
trafficplotter.com
gameptp.com
cryptocrane.ru
gdfaucet.com
multifaucet.org
cryptobucks.club
pops-surf.xyz
gilclique.club
bitbit.icu
bitcoin.seobon.su
claimcoin24.com
forumcoin.win
btcfaucet.dogeminercoins.com
faucet.zlink.xyz
dogemate.com
bagi.co.in
keran.co
btc.inet-money.club
zarabiaj-promuj.pl
pigbitcoin.com
faucetbuddy.xyz
btcearn.ueuo.com
cryptorains.datee1975.website
luckydice.net
redbtc.000webhostapp.com
cm-criptomadrid.000webhostapp.com
stepinvest.ru
evebch.xyz
getfree.co.in
free-bcash.com
bchfaucet.info
moonbitcoin.cash
faucetcoins.xyz
claimforcoins.cc
queenfaucet.website
trivisna.com
super-traf.ru
metrika.yandex.ru
www.ucoz.ru
www.facebook.com
twitter.com
www.flickr.com
vimeo.com
rtbsape.com
Subject Issuer Validity Valid
realsrv.com
Let's Encrypt Authority X3		 2020-10-26 -
2021-01-24		 3 months crt.sh
traffdaq.com
Let's Encrypt Authority X3		 2020-10-31 -
2021-01-29		 3 months crt.sh
*.securepaths.com
Let's Encrypt Authority X3		 2020-09-22 -
2020-12-21		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh
*.at.ua
GoGetSSL RSA DV CA		 2020-06-30 -
2021-06-30		 a year crt.sh
*.sape.ru
Let's Encrypt Authority X3		 2020-10-18 -
2021-01-16		 3 months crt.sh
*.ucoz.net
Sectigo RSA Domain Validation Secure Server CA		 2019-04-26 -
2021-04-25		 2 years crt.sh
bitkoin-krany-top.ru
Let's Encrypt Authority X3		 2020-09-28 -
2020-12-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-07 -
2021-08-07		 a year crt.sh
super-traf.ru
Let's Encrypt Authority X3		 2020-09-28 -
2020-12-27		 3 months crt.sh
*.adviora.com
Sectigo RSA Domain Validation Secure Server CA		 2020-03-10 -
2021-06-08		 a year crt.sh
g.cash-ads.com
Let's Encrypt Authority X3		 2020-09-26 -
2020-12-25		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2020-09-29 -
2021-03-11		 5 months crt.sh
*.bmfeed.ru
Let's Encrypt Authority X3		 2020-09-22 -
2020-12-21		 3 months crt.sh
counter.yadro.ru
Let's Encrypt Authority X3		 2020-10-29 -
2021-01-27		 3 months crt.sh
thefuturepubs.com
Let's Encrypt Authority X3		 2020-08-14 -
2020-11-12		 3 months crt.sh
*.a-ads.com
COMODO RSA Domain Validation Secure Server CA		 2018-11-14 -
2020-12-09		 2 years crt.sh
an.yandex.by
Yandex CA		 2020-10-01 -
2021-04-01		 6 months crt.sh
sync.republer.com
Let's Encrypt Authority X3		 2020-10-07 -
2021-01-05		 3 months crt.sh
*.rtb.beeline.ru
Sectigo RSA Domain Validation Secure Server CA		 2020-06-23 -
2022-06-24		 2 years crt.sh
*.adkernel.com
COMODO RSA Domain Validation Secure Server CA		 2017-11-17 -
2021-01-05		 3 years crt.sh
sync.dmp.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-07 -
2021-08-07		 a year crt.sh
*.pushkintop.ru
Let's Encrypt Authority X3		 2020-09-29 -
2020-12-28		 3 months crt.sh
code.tothefuturetech.com
Let's Encrypt Authority X3		 2020-09-19 -
2020-12-18		 3 months crt.sh
*.acint.net
Let's Encrypt Authority X3		 2020-09-30 -
2020-12-29		 3 months crt.sh
1088415191.rsc.cdn77.org
Let's Encrypt Authority X3		 2020-10-19 -
2021-01-17		 3 months crt.sh
px2.admon.pro
Let's Encrypt Authority X3		 2020-10-06 -
2021-01-04		 3 months crt.sh
rot.spotsniper.ru
Let's Encrypt Authority X3		 2020-08-14 -
2020-11-12		 3 months crt.sh
*.googleusercontent.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
*.ntvk1.ru
Sectigo RSA Domain Validation Secure Server CA		 2020-05-11 -
2021-08-09		 a year crt.sh
*.p.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-27 -
2022-02-06		 2 years crt.sh
co9.rktch.com
Let's Encrypt Authority X3		 2020-10-10 -
2021-01-08		 3 months crt.sh
ut.rktch.com
Let's Encrypt Authority X3		 2020-11-06 -
2021-02-04		 3 months crt.sh
roserobotx.ru
Let's Encrypt Authority X3		 2020-11-07 -
2021-02-05		 3 months crt.sh
tg.rktch.com
Let's Encrypt Authority X3		 2020-09-22 -
2020-12-21		 3 months crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-08 -
2022-02-05		 2 years crt.sh
*.tns-counter.ru
GlobalSign Organization Validation CA - SHA256 - G2		 2018-10-29 -
2020-12-01		 2 years crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-06 -
2022-02-16		 2 years crt.sh
*.glotgrx.com
Go Daddy Secure Certificate Authority - G2		 2019-11-13 -
2021-01-12		 a year crt.sh

This page contains 23 frames:

Primary Page: https://refstar.at.ua/
Frame ID: ECA0752E7396B7F38A18EF1EA1F6B177
Requests: 127 HTTP requests in this frame

Frame: http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604824007863&sub=&tags=&screen_resolution=1600x1200&el=%22
Frame ID: 84BA0374AECE083EBC9B449DDAF1F89C
Requests: 1 HTTP requests in this frame

Frame: http://manyhit.com/autosurf_if.php?user=speedflow
Frame ID: FE0A4F937925AD3500B68E8B4E10D59D
Requests: 1 HTTP requests in this frame

Frame: https://acceptable.a-ads.com/1425088
Frame ID: E17F3206956BFAB5A8D23D948E444CC1
Requests: 1 HTTP requests in this frame

Frame: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=24168&height=250&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=0&responsive=1&page_data=848713d79f661ec19c4b8aa5da984df9&time=1604824012&val_count_adunit=1&deliver=refstar.at.ua&search_keywords=&page_referrer=aHR0cHM6Ly9yZWZzdGFyLmF0LnVhLw==&page_title=%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BE%D0%BA%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20-%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0&meta_description=
Frame ID: 26A25C2F5F14C1CA6453960E3F36DDD8
Requests: 1 HTTP requests in this frame

Frame: https://g.cash-ads.com/?nc=V81UuW4UGi02vzkEb6RzuxWetrPqII6dzwkAaHmGeMQ%3D
Frame ID: 8074D746065AE799FA4A32F4E9E7FB54
Requests: 1 HTTP requests in this frame

Frame: https://sync.republer.com/ssp-sync.html?sc=2&src=adviora&id=0c49e59a-dbc6-4fe8-b455-162f7cff4f61&qset=1
Frame ID: 6AAF8E9260A3DDCF3127C7CE988F0BD6
Requests: 1 HTTP requests in this frame

Frame: https://ssp1.rtb.beeline.ru/userbind?src=adviora&id=0c49e59a-dbc6-4fe8-b455-162f7cff4f61
Frame ID: 3DA5CF915291E4300DAEF46C0E89085C
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=85913&t=image&r=SSP_REDIR_URL
Frame ID: B842962658D2F2ACAA332CDDEED8C42A
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=85915&t=image&r=SSP_REDIR_URL
Frame ID: 056A94AB09D2CD9E18178D8CAEE3D78D
Requests: 1 HTTP requests in this frame

Frame: https://cloudfastads.ru/data/iframe/28270/desktop/5c279a2bf5e49c7c812bbde8
Frame ID: E3B2A65B765F2A079BCCEEA6350F4526
Requests: 1 HTTP requests in this frame

Frame: https://refstar.at.ua/?C23FWST3BNUT8%21VGu%3BlCdC1Wxpj8VZSprPQX0HSyUgJp4P3rhIgD9Y3i3nOHi9yY0fkyDlFL%21NVWAKRO9ffo
Frame ID: 817BD54ED90E45EC6E4C5568CE4A3EBB
Requests: 8 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=14
Frame ID: E26CADA847F71B6C2A318D045F948D8A
Requests: 1 HTTP requests in this frame

Frame: https://pub-eu.p.otm-r.com/static/rb.js?s=ck6s195mdyv1m0868lv9fis3e&page=https%3A%2F%2Frefstar.at.ua%2F&w=300&h=250
Frame ID: 7940E969C6E23DEA80859D815A38893B
Requests: 2 HTTP requests in this frame

Frame: https://pub-eu.p.otm-r.com/adi?s=ck6s195mdyv1m0868lv9fis3e&page=https%3A%2F%2Frefstar.at.ua%2F&w=300&h=250&tz=-60&ref=https%253A%252F%252Frefstar.at.ua%252F&rr=direct&rand=21031cb=1604824013721
Frame ID: 0B2DCFE3003FCAAF3EE67ECC6E8B9203
Requests: 1 HTTP requests in this frame

Frame: https://co9.rktch.com/static/rb.js
Frame ID: 1EF23C63C0EE2AA847177FA008B4E5C0
Requests: 1 HTTP requests in this frame

Frame: https://roserobotx.ru/qySpDHxK
Frame ID: 1306B21ABF68F1D5CA2C5BC0C2E82113
Requests: 1 HTTP requests in this frame

Frame: https://tg.rktch.com/v0?i=11693&p=1&vw=300&vh=250&sw=1600&sh=1200&rk=HUptYW&url=https%3A%2F%2Frefstar.at.ua%2F&siteid=161339934
Frame ID: 1BA6712F2997BBBAECFA473B43BE8318
Requests: 1 HTTP requests in this frame

Frame: https://cache.betweendigital.com/sections/2/2321957.js
Frame ID: B06B1FCA1418AB4EB81C0D48ADADA960
Requests: 7 HTTP requests in this frame

Frame: https://ads.betweendigital.com/adi?frl=1&subid=1452425.161339926&pos=atf&ref=https%3A%2F%2Frefstar.at.ua%2F&tz=-60&fl=0&ord=3945766193843596&rr=direct&c2s=1&r_seq=0&tld=https://refstar.at.ua&tagType=adi&w=300&h=250&s=2321957&jst=ai
Frame ID: C8FBE40243403862EC77D2EB98DA869D
Requests: 1 HTTP requests in this frame

Frame: https://cache.betweendigital.com/sections/2/2321958.js
Frame ID: EBE853287984DC011E8F5C2B48172DF9
Requests: 9 HTTP requests in this frame

Frame: https://ads.betweendigital.com/adi?frl=1&subid=1452425.161339925&pos=atf&ref=https%3A%2F%2Frefstar.at.ua%2F&tz=-60&fl=0&ord=5912486916423423&rr=direct&r_seq=0&tld=https://refstar.at.ua&tagType=adi&w=300&h=250&s=2321958&jst=ai
Frame ID: F40790E682D7CAAC8473B43B3E3106A2
Requests: 1 HTTP requests in this frame

Frame: https://cloudfastads.ru/data/iframe/29058/desktop/5d67ba65b2f92a17f5c3c22a
Frame ID: 2F6C05F16F5B79F90B7314098247C850
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://speedflow.io/adult/?a=rr Page URL
  2. http://traffdaq.com/delivery/dl/47382?category=trans_dating HTTP 301
    https://traffdaq.com/delivery/dl/47382?category=trans_dating Page URL
  3. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InJiOWNYd0hieG1GRXJ5S1Rxa0IxdHc9PSIsI... Page URL
  4. http://refstar.at.ua/ HTTP 301
    https://refstar.at.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link [^>]*href="[^"]+lightbox(?:\.min)?\.css/i
  • script /lightbox.*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<script[^<>]*>[^]{0,128}?src\s*=\s*['"]\/\/counter\.yadro\.ru\/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r/i
Overall confidence: 100%
Detected patterns
  • script /https?:\/\/an\.yandex\.ru\//i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

170
Requests

97 %
HTTPS

28 %
IPv6

44
Domains

52
Subdomains

48
IPs

6
Countries

1449 kB
Transfer

3967 kB
Size

47
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://speedflow.io/adult/?a=rr Page URL
  2. http://traffdaq.com/delivery/dl/47382?category=trans_dating HTTP 301
    https://traffdaq.com/delivery/dl/47382?category=trans_dating Page URL
  3. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InJiOWNYd0hieG1GRXJ5S1Rxa0IxdHc9PSIsInZhbHVlIjoibGlLdlI3clwvVTc3SWlFbUxFNm5tNENJVlZmS2czMitSd2h2aUdSaHNCODh4RjRZcEhhQzUwc095TnQ5aTVmMnhMdm12SDQ1WmNcL1wvaXV2UFAxSDVoZGIzN0FYeU5VaU1lWVhkUGtZZHkwQnQ2WXRIMTUxUEFkSURZdmZNT1VhUHlIUXgzekZqbmhWR1RKZzhpQm9cL2JjalhaMDhtVFBNRUtUM1J2SXNpaTJibVgrcTBveGFkTjJXakJLMlwvbnFKeURENUtKQWppNm81XC95eXQ1b0YxOWpTblRnS3Bkb0liekQ5YlV6a1EwbVBNUEwzeHhreUNoT0xWVEpYSjRkWXlUSEdzalRKdE1OMStQdzlCT1Y3eExKNHpBdER4NFFVRjN5ZFhhek14MG5wbk1vY01Wa2ZPWndMU3dNSVFnSWNJTGwiLCJtYWMiOiI4MTFhYTI0ODdmYWUzNWQ4N2NlZmU5YjgyMGNkMTBhMmE0NjExOWJkMmQ5ZDgzMjBmMjlmY2M5ZGRjNzk1NjBkIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8 Page URL
  4. http://refstar.at.ua/ HTTP 301
    https://refstar.at.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://traffdaq.com/delivery/dl/47382?category=trans_dating HTTP 301
  • https://traffdaq.com/delivery/dl/47382?category=trans_dating
Request Chain 22
  • http://bitkoin-krany-top.ru/wp-content/uploads/2020/03/unnamed.jpg HTTP 301
  • https://bitkoin-krany-top.ru/wp-content/uploads/2020/03/unnamed.jpg
Request Chain 62
  • https://refstar.at.ua/stat/1604824012616?01 HTTP 302
  • http://refstar.at.ua/stat/9300380?11 HTTP 301
  • https://refstar.at.ua/stat/9300380?11
Request Chain 64
  • https://sync.republer.com/ssp-sync.html?sc=2&src=adviora&id=0c49e59a-dbc6-4fe8-b455-162f7cff4f61 HTTP 307
  • https://sync.republer.com/ssp-sync.html?sc=2&src=adviora&id=0c49e59a-dbc6-4fe8-b455-162f7cff4f61&qset=1
Request Chain 70
  • https://mc.yandex.ru/watch/28046940?wmode=7&page-url=https%3A%2F%2Frefstar.at.ua%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1604824011276%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201108092652%3Aet%3A1604824013%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A5508977323%3Arqn%3A1%3Arn%3A703733615%3Ahid%3A24943773%3Ads%3A0%2C194%2C177%2C2%2C269%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A1226%3Agdpr%3A14%3Av%3A1962%3Arqnl%3A1%3Ast%3A1604824013%3Au%3A160482401349741275%3At%3A%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BE%D0%BA%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20-%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0 HTTP 302
  • https://mc.yandex.ru/watch/28046940/1?wmode=7&page-url=https%3A%2F%2Frefstar.at.ua%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1604824011276%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201108092652%3Aet%3A1604824013%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A5508977323%3Arqn%3A1%3Arn%3A703733615%3Ahid%3A24943773%3Ads%3A0%2C194%2C177%2C2%2C269%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A1226%3Agdpr%3A14%3Av%3A1962%3Arqnl%3A1%3Ast%3A1604824013%3Au%3A160482401349741275%3At%3A%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BE%D0%BA%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20-%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0
Request Chain 101
  • https://rot.spotsniper.ru/?src=ujs6 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjN1579BVIF36LEjAk* HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjN1579BVIF36LEjAmiARAoL0fAIZwR64pTDMR6bS_v HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQAhjN1579BVIF36LEjAmiARAoL3LWIZwR66bpACWQyCQ3 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQAxjN1579BVIF36LEjAmiARAoNekEIZwR66bpACWQyCQ3 HTTP 302
  • https://rot.spotsniper.ru/?src=ujs6&s_data=CAIQABjN1579BaIBECg16QQhnBHrpukAJZDIJDc* HTTP 302
  • https://rot.spotsniper.ru/?src=ujs6&s_data=CAIQARjN1579BaIBECgvctYhnBHrpukAJZDIJDc*
Request Chain 102
  • https://rot.spotsniper.ru/?src=ujs6&s_subid=btn HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjN1579BVIF36LEjAlaDgoHc19zdWJpZBIDYnRu HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjN1579BVIF36LEjAlaDgoHc19zdWJpZBIDYnRuogEQKC9y1iGcEeum6QAlkMgkNw** HTTP 302
  • https://rot.spotsniper.ru/?src=ujs6&s_data=CAIQABjN1579BVoOCgdzX3N1YmlkEgNidG6iARAoL3LWIZwR66bpACWQyCQ3 HTTP 302
  • https://rot.spotsniper.ru/?src=ujs6&s_data=CAIQARjN1579BVoOCgdzX3N1YmlkEgNidG6iARAoL3LWIZwR66bpACWQyCQ3
Request Chain 124
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID} HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D&bounce=1&random=1945811057 HTTP 302
  • https://ut.rktch.com/matchspm?pi=1000006&pui=mM/hCPJgpnqAs215GtIXXO
Request Chain 137
  • https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://refstar.at.ua&x=&nci=&adtg=2321957&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
  • https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://refstar.at.ua&x=&nci=&adtg=2321957&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Request Chain 138
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/86288734 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/86288734
Request Chain 140
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/38355295 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/38355295
Request Chain 150
  • https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://refstar.at.ua&x=&nci=&adtg=2321958&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
  • https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://refstar.at.ua&x=&nci=&adtg=2321958&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

170 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
speedflow.io/adult/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Server
198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server193-5.web-hosting.com
Software
Apache / PHP/7.1.33
Resource Hash
cd990629f7165aaa0f251b6af6b8e8abce1263502363894f937c9f170c552296

Request headers

Host
speedflow.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr

Response headers

date
Sun, 08 Nov 2020 08:26:47 GMT
server
Apache
x-powered-by
PHP/7.1.33
set-cookie
visits_todaya=1; expires=Sun, 08-Nov-2020 22:59:00 GMT; Max-Age=52333; path=/ time_start=1604824007.7591; expires=Sun, 08-Nov-2020 22:59:00 GMT; Max-Age=52333; path=/ ip=194.99.105.99 mobile=0 country=DE visits_todayi=0; expires=Sun, 08-Nov-2020 22:59:00 GMT; Max-Age=52333; path=/
vary
Accept-Encoding
content-encoding
gzip
content-length
547
content-type
text/html; charset=UTF-8
ads.js
a.realsrv.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.realsrv.com/ads.js
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
d3f814d49049b29143de2fccdbd97d0a1f0739e2554c482684c7c906b535ea43

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:47 GMT
Content-Encoding
gzip
X-HW
1604824002.dop216.fr8.shc,1604824002.dop216.fr8.t,1604824007.cds129.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
928
Cookie set ads-iframe-display.php
syndication.realsrv.com/ Frame 84BA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604824007863&sub=&tags=&screen_resolution=1600x1200&el=%22
Requested by
Host: a.realsrv.com
URL: https://a.realsrv.com/ads.js
Protocol
HTTP/1.1
Server
95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
syndication.realsrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/

Response headers

Server
nginx
Date
Sun, 08 Nov 2020 08:26:47 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225fa7abc7e7aca3.886177844101328586%22%3B%7D; expires=Tue, 08 Nov 2022 08:26:47 GMT; path=; domain=.realsrv.com;
Content-Encoding
gzip
autosurf_if.php
manyhit.com/ Frame FE0A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://manyhit.com/autosurf_if.php?user=speedflow
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Server
162.213.255.36 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server145-4.web-hosting.com
Software
Apache / PHP/5.4.45
Resource Hash

Request headers

Host
manyhit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/

Response headers

date
Sun, 08 Nov 2020 08:26:47 GMT
server
Apache
x-powered-by
PHP/5.4.45
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
set-cookie
PHPSESSID=6aa98c704a7f57427e07dd4e2d1166ff; path=/
vary
Accept-Encoding
content-encoding
gzip
content-length
1267
content-type
text/html
47382
traffdaq.com/delivery/dl/
Redirect Chain
  • http://traffdaq.com/delivery/dl/47382?category=trans_dating
  • https://traffdaq.com/delivery/dl/47382?category=trans_dating
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://traffdaq.com/delivery/dl/47382?category=trans_dating
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash
e601509fdfb2e0ca99adf303528de06635043f7aa6ef348b59a8c940f7f74eb2

Request headers

Host
traffdaq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/adult/?a=rr

Response headers

Server
nginx/1.16.1 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Cache-Control
no-cache
Date
Sun, 08 Nov 2020 08:26:48 GMT
Content-Encoding
gzip

Redirect headers

Content-length
0
Location
https://traffdaq.com/delivery/dl/47382?category=trans_dating
Connection
close
eyJpdiI6Iml1RFUxaU9tNjJOekJMbGZ4cnEwbUE9PSIsInZhbHVlIjoiWDFkSWdFbUhuSWc5M05aWUs4d01mV1VRM1FJTDBXQ1A2VXZqNWVqYkRMZVwvZUtVV25CeEVLY0piTXVHXC9HS3Z4SUpUSHRXeENTZ29JazhRd0NLR1VRdz09IiwibWFjIjoiMWEyM2I0Z...
traffdaq.com/users/track/ 		0
860 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://traffdaq.com/users/track/eyJpdiI6Iml1RFUxaU9tNjJOekJMbGZ4cnEwbUE9PSIsInZhbHVlIjoiWDFkSWdFbUhuSWc5M05aWUs4d01mV1VRM1FJTDBXQ1A2VXZqNWVqYkRMZVwvZUtVV25CeEVLY0piTXVHXC9HS3Z4SUpUSHRXeENTZ29JazhRd0NLR1VRdz09IiwibWFjIjoiMWEyM2I0ZDJkOTI1OTg3ZTg2ZjQxZDU3MTI1MDk3YjViYTk1YzRlOWY3ZDZiZjllY2M3OTQ4YWY3NzMzZDc3OCJ9
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=trans_dating
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:49 GMT
Cache-Control
no-cache
Server
nginx/1.16.1 (Ubuntu)
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
implement.js
c.securepaths.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://c.securepaths.com/js/implement.js?org=FziBhN0qA1aE5tBQrQLl&s=5fa7abc86c8e1&p=TDQ47382&a=47382&cmp=47382&rd=http%3A%2F%2Fspeedflow.io%2F&rt=click&sl=0&stId=0&ty=l
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=trans_dating
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Nov 2020 08:26:48 GMT
via
1.1 google
status
401
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
x-xss-protection
0
expires
0
fingerprint2.min.js
cdn.jsdelivr.net/fingerprintjs2/1.4.0/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/fingerprintjs2/1.4.0/fingerprint2.min.js
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=trans_dating
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
907997
x-cache
HIT, HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
10191
etag
W/"83f3-ijg3WuTgKQH1Hch06eHdIajrA24"
x-served-by
cache-fra19149-FRA, cache-hhn4036-HHN
date
Sun, 08 Nov 2020 08:26:48 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
47382
traffdaq.com/delivery/directlink/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InJiOWNYd0hieG1GRXJ5S1Rxa0IxdHc9PSIsInZhbHVlIjoibGlLdlI3clwvVTc3SWlFbUxFNm5tNENJVlZmS2czMitSd2h2aUdSaHNCODh4RjRZcEhhQzUwc095TnQ5aTVmMnhMdm12SDQ1WmNcL1wvaXV2UFAxSDVoZGIzN0FYeU5VaU1lWVhkUGtZZHkwQnQ2WXRIMTUxUEFkSURZdmZNT1VhUHlIUXgzekZqbmhWR1RKZzhpQm9cL2JjalhaMDhtVFBNRUtUM1J2SXNpaTJibVgrcTBveGFkTjJXakJLMlwvbnFKeURENUtKQWppNm81XC95eXQ1b0YxOWpTblRnS3Bkb0liekQ5YlV6a1EwbVBNUEwzeHhreUNoT0xWVEpYSjRkWXlUSEdzalRKdE1OMStQdzlCT1Y3eExKNHpBdER4NFFVRjN5ZFhhek14MG5wbk1vY01Wa2ZPWndMU3dNSVFnSWNJTGwiLCJtYWMiOiI4MTFhYTI0ODdmYWUzNWQ4N2NlZmU5YjgyMGNkMTBhMmE0NjExOWJkMmQ5ZDgzMjBmMjlmY2M5ZGRjNzk1NjBkIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=trans_dating
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash
b8775ae40f2fe408a526e88783161c20a0960d04bdad3b8c32341a43d5a4d205

Request headers

Host
traffdaq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://traffdaq.com/delivery/dl/47382?category=trans_dating
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
tdqct=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://traffdaq.com/delivery/dl/47382?category=trans_dating

Response headers

Server
nginx/1.16.1 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Cache-Control
no-cache
Date
Sun, 08 Nov 2020 08:26:51 GMT
Content-Encoding
gzip
Primary Request Cookie set /
refstar.at.ua/
Redirect Chain
  • http://refstar.at.ua/
  • https://refstar.at.ua/
61 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://refstar.at.ua/
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InJiOWNYd0hieG1GRXJ5S1Rxa0IxdHc9PSIsInZhbHVlIjoibGlLdlI3clwvVTc3SWlFbUxFNm5tNENJVlZmS2czMitSd2h2aUdSaHNCODh4RjRZcEhhQzUwc095TnQ5aTVmMnhMdm12SDQ1WmNcL1wvaXV2UFAxSDVoZGIzN0FYeU5VaU1lWVhkUGtZZHkwQnQ2WXRIMTUxUEFkSURZdmZNT1VhUHlIUXgzekZqbmhWR1RKZzhpQm9cL2JjalhaMDhtVFBNRUtUM1J2SXNpaTJibVgrcTBveGFkTjJXakJLMlwvbnFKeURENUtKQWppNm81XC95eXQ1b0YxOWpTblRnS3Bkb0liekQ5YlV6a1EwbVBNUEwzeHhreUNoT0xWVEpYSjRkWXlUSEdzalRKdE1OMStQdzlCT1Y3eExKNHpBdER4NFFVRjN5ZFhhek14MG5wbk1vY01Wa2ZPWndMU3dNSVFnSWNJTGwiLCJtYWMiOiI4MTFhYTI0ODdmYWUzNWQ4N2NlZmU5YjgyMGNkMTBhMmE0NjExOWJkMmQ5ZDgzMjBmMjlmY2M5ZGRjNzk1NjBkIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
dc90cb47bdf8a6066784725a12dd19aafe14aa5b44462fb2b56187d8f62c0513

Request headers

Host
refstar.at.ua
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InJiOWNYd0hieG1GRXJ5S1Rxa0IxdHc9PSIsInZhbHVlIjoibGlLdlI3clwvVTc3SWlFbUxFNm5tNENJVlZmS2czMitSd2h2aUdSaHNCODh4RjRZcEhhQzUwc095TnQ5aTVmMnhMdm12SDQ1WmNcL1wvaXV2UFAxSDVoZGIzN0FYeU5VaU1lWVhkUGtZZHkwQnQ2WXRIMTUxUEFkSURZdmZNT1VhUHlIUXgzekZqbmhWR1RKZzhpQm9cL2JjalhaMDhtVFBNRUtUM1J2SXNpaTJibVgrcTBveGFkTjJXakJLMlwvbnFKeURENUtKQWppNm81XC95eXQ1b0YxOWpTblRnS3Bkb0liekQ5YlV6a1EwbVBNUEwzeHhreUNoT0xWVEpYSjRkWXlUSEdzalRKdE1OMStQdzlCT1Y3eExKNHpBdER4NFFVRjN5ZFhhek14MG5wbk1vY01Wa2ZPWndMU3dNSVFnSWNJTGwiLCJtYWMiOiI4MTFhYTI0ODdmYWUzNWQ4N2NlZmU5YjgyMGNkMTBhMmE0NjExOWJkMmQ5ZDgzMjBmMjlmY2M5ZGRjNzk1NjBkIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Response headers

Server
nginx
Date
Sun, 08 Nov 2020 08:26:55 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Set-Cookie
2refstaruCoz=; path=/; expires=Fri, 09-Nov-2018 08:26:56 GMT; domain=.refstar.at.ua 2refstaruzll=1604824016; path=/; expires=Mon, 08-Nov-2021 08:26:56 GMT; domain=.refstar.at.ua 2refstarpushi=1; path=/; expires=Mon, 09-Nov-2020 07:26:56 GMT
Cache-Control
no-cache,no-store private
Pragma
no-cache
Vary
host
Last-Modified
Tue, 08 Sep 2020 07:53:10 GMT
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Sun, 08 Nov 2020 08:26:55 GMT
Content-Type
text/html
Content-Length
178
Connection
keep-alive
Keep-Alive
timeout=15
Location
https://refstar.at.ua/
X-Frame-Options
SAMEORIGIN
/
refstar.at.ua/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refstar.at.ua/?yIfbkOzO4NjL0hfleYHWW1pYKwOuGeYuHxvLXyK5xyYTuZz7sHRwGU4XId3I5iPUgrTRtKeaZ9PrZUynk5aWZLyB4J6mXaKFEK8C0muqdBtZbWQABIJBLAnB3dn%3B94gcnzZKjdBTcUQvOEsSpQrOOFqKFjDeuqYkNA%5E2Vb1WH5I2UQ%3BEN5fDtzgI0ObKtz2%5EyABSQgMp%5EiA9QNAXXzDF
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
aecbb29e4ba011387b62482d84026f18f2756e51d2ccf85d9d00d5caade2bd82

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Nov 2020 08:26:55 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
no-cache, no-store, private
Connection
keep-alive
Keep-Alive
timeout=15
/
refstar.at.ua/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refstar.at.ua/?9%5E4%210zG6r%3BEBR70GB7pkkNdN%3BhZEOfZLnmBLSlWVDQf6Q1ayBl%211hpDv8S3mSS%3BdYbM%5EhYJi0%21G671VPjQfSznktQRbxFV7v4W44SD1tCmRA6aX6PEG%21%21%216w4GTD1IsDaQz53N5Z03qSTIjQ3A5chLbm8razd82Xi%3BSlkAwGhXiXIJnX8YXTAqkdV%3BXDkhRFDGlktEyXN%21iVnL6c%5EIco
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
ded99a51e29928d871039c7e51137a3c43a5db4f19ba50af43c163c60223a51a

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Nov 2020 08:26:55 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
no-cache, no-store, private
Connection
keep-alive
Keep-Alive
timeout=15
1231.css
refstar.at.ua/.s/src/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refstar.at.ua/.s/src/css/1231.css
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
710e8fb7ac8a7d4c5aca2a2d0a47be250bb4c75f0ab305e39cd833c17d8fdbdd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Apr 2017 08:03:04 GMT
Server
nginx
ETag
W/"58f86b38-78d3"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=1728000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Sat, 28 Nov 2020 08:26:55 GMT
37519.js
cdn-rtb.sape.ru/rtb-b/js/519/2/ 		165 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-rtb.sape.ru/rtb-b/js/519/2/37519.js
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.232.121.79 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software
nginx /
Resource Hash
849fa6cf5457db558bfc1b1b07dc150d3d2b36e24bf86f4382539af17f94e935
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:52 GMT
content-encoding
gzip
last-modified
Wed, 28 Oct 2020 15:29:50 GMT
server
nginx
x-amz-request-id
164576B7491FF08D
etag
W/"6055c3ebb454650ed0fec24793f1018c-1"
x-cache-status
REVALIDATED
vary
Origin
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=3600
content-security-policy
block-all-mixed-content
x-xss-protection
1; mode=block
expires
Sun, 08 Nov 2020 09:26:52 GMT
base.min.css
refstar.at.ua/.s/src/ 		22 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refstar.at.ua/.s/src/base.min.css?v=291742
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
52d1aa128be4eb5d3f62546a62785d4a9588435866781bcb79556e860bc1f707
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Oct 2020 14:42:28 GMT
Server
nginx
ETag
W/"5f9ad4d4-5673"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=1728000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Sat, 28 Nov 2020 08:26:55 GMT
layer7.min.css
refstar.at.ua/.s/src/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refstar.at.ua/.s/src/layer7.min.css
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
f9cb55e12e8b056b397bfbe5dfc628f923531546b6181aed9627fed55cc5788b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Oct 2020 09:17:51 GMT
Server
nginx
ETag
W/"5f8570bf-5aaf"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=1728000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Sat, 28 Nov 2020 08:26:55 GMT
jquery-1.12.4.min.js
refstar.at.ua/.s/src/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refstar.at.ua/.s/src/jquery-1.12.4.min.js
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Mar 2019 15:36:30 GMT
Server
nginx
ETag
W/"5c87d1fe-17b8b"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
max-age=1728000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Sat, 28 Nov 2020 08:26:55 GMT
uwnd.min.js
refstar.at.ua/.s/src/ 		212 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refstar.at.ua/.s/src/uwnd.min.js?v=061324
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
256e131db582203e441b1459f71b2427baf21210eb54fd8790dd61c7d7853f73
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Nov 2020 10:24:30 GMT
Server
nginx
ETag
W/"5fa5245e-34ec5"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
max-age=1728000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Sat, 28 Nov 2020 08:26:55 GMT
uutils.fcg
s1.ucoz.net/cgi/ 		345 B
557 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.283354035502157
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
fe8c8bff90ac7b3cbccca2bcb59dfbc5d71ae9fed89dee4777ef71d678057351

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:55 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=15
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
ulightbox.min.css
refstar.at.ua/.s/src/ulightbox/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refstar.at.ua/.s/src/ulightbox/ulightbox.min.css
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
05f705f6fe65d073d0af077d7cda33354e570bf53c86e777a45be12c1697dcca
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Jan 2019 11:05:37 GMT
Server
nginx
ETag
W/"5c3c6d01-12f8"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=1728000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Sat, 28 Nov 2020 08:26:55 GMT
ulightbox.min.js
refstar.at.ua/.s/src/ulightbox/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refstar.at.ua/.s/src/ulightbox/ulightbox.min.js
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
eb2476907f027bd6dcf4f61cecffcd85dd4aaf66ee6615d32fba5359615edad7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 May 2020 14:15:53 GMT
Server
nginx
ETag
W/"5ece7619-5713"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
max-age=1728000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Sat, 28 Nov 2020 08:26:55 GMT
bottomInfo.min.js
refstar.at.ua/.s/src/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refstar.at.ua/.s/src/bottomInfo.min.js
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
46348c08676290dcf101dc39ef729028003bfc8706f1c8af0fee030360513292
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Oct 2020 09:17:51 GMT
Server
nginx
ETag
W/"5f8570bf-e64"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
max-age=1728000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Sat, 28 Nov 2020 08:26:55 GMT
social.css
refstar.at.ua/.s/src/ 		2 KB
958 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refstar.at.ua/.s/src/social.css
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
df9ba466bcb8c9eee28c0ea55699ef4e7c15064bb7e1c0d5f0d5a3d2ea8bd7f4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Apr 2017 08:03:03 GMT
Server
nginx
ETag
W/"58f86b37-8f6"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=1728000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Sat, 28 Nov 2020 08:26:55 GMT
unnamed.jpg
bitkoin-krany-top.ru/wp-content/uploads/2020/03/
Redirect Chain
  • http://bitkoin-krany-top.ru/wp-content/uploads/2020/03/unnamed.jpg
  • https://bitkoin-krany-top.ru/wp-content/uploads/2020/03/unnamed.jpg
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bitkoin-krany-top.ru/wp-content/uploads/2020/03/unnamed.jpg
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:1::5c35:6023 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
4d3db0c8e48d8f3587dc7c2f43f3d3a358b02040134b1e387b92f26647aa51d7

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:53 GMT
last-modified
Tue, 17 Mar 2020 17:59:08 GMT
server
nginx/1.16.1
etag
"5e710fec-8cc"
content-type
image/jpeg
status
200
cache-control
max-age=2678400
accept-ranges
bytes
content-length
2252
expires
Wed, 09 Dec 2020 08:26:53 GMT

Redirect headers

Date
Sun, 08 Nov 2020 08:26:52 GMT
Server
nginx/1.16.1
Content-Type
text/html
Location
https://bitkoin-krany-top.ru/wp-content/uploads/2020/03/unnamed.jpg
Cache-Control
max-age=2678400
Connection
keep-alive
Content-Length
169
Expires
Wed, 09 Dec 2020 08:26:52 GMT
banner5.gif
firefaucet.win/static/images/ 		167 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://firefaucet.win/static/images/banner5.gif
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be1d58511293c5c19738f3b55c0ce638e6fde09eae8a280e66f7cbbc6541f597
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:52 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
185243
status
200
strict-transport-security
max-age=15768000; includeSubDomains
content-length
170826
cf-request-id
0648902e590000fa28cd13c000000001
last-modified
Sat, 29 Aug 2020 06:55:55 GMT
server
cloudflare
etag
"5f49fbfb-29b4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jyfu0UenGs26qZU8SVSp1GruiTs7Uht1RYaSaGlRuAAD8Y%2BW3f0WtBwTaC1oFj6luIklpJA7qK2RERHFwKzrSUcZ7kmSOtN3domYWxqJww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5eede95d58ecfa28-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
items.php
adsspace.net/display/ 		45 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsspace.net/display/items.php?725&215&728&90&4
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c1ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
38ee8af29ccb2daefe8cde1f4159ee332ab8009d8808443b4c4d06760af36cfb

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/5.6.40
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
cf-request-id
0648902df00000dfe7f20a0000000001
pragma
no-cache
last-modified
Sun, 08 Nov 2020 08:26:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H9GpLOa6CJC3mkGZbNfZsWYw7%2BpD1gU6Ev%2BWxJVUMTn%2BrRbObb7eAo4cbenwvI42W6rB7I1jLIH7%2FlicrP8sHNeHFbhOoblY2nMve6PNla5DOO2wysYhHIM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-turbo-charged-by
LiteSpeed
cf-ray
5eede95cba41dfe7-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
items.php
www.bitcoadz.io/display/ 		44 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bitcoadz.io/display/items.php?24168&1166&250&250&4&0&0&0&0
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681c:531 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
357a6fa38f1136ed0c847e53fc8517249891cce44ce15500f77b53b5603c4f97

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
cf-request-id
0648902de30000d6f59bbb0000000001
pragma
no-cache
last-modified
Sun, 08 Nov 2020 08:26:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zTvJIRGSstGstWckoTdw%2FrUKrqXOkxzwyzDNtJxCymO0ReEsexRnAdgw2NGZCoVjxa8JoCa4CGpL0ywh%2BnylzTPJBXJ%2Fe%2FtPfUNpcLVmoXNZJlPmOwVTQ3mafNU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
5eede95c9edfd6f5-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
get
super-traf.ru/earn/partner/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://super-traf.ru/earn/partner/get?id=141&type=4&code=1603360494
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.204.110 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm1327710.ssd1.had.yt
Software
Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40 / PHP/7.1.33
Resource Hash
a32adc6e8afd732ce6a936f8bea2481081be79535fe7b6aa5e5165a409ccecd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Nov 2020 08:26:52 GMT
Server
Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
X-Powered-By
PHP/7.1.33
Strict-Transport-Security
max-age=31536000; preload
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
4120
Expires
Thu, 19 Nov 1981 08:52:00 GMT
2761
cp.adviora.com/scripts/rtb/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cp.adviora.com/scripts/rtb/2761
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.79.90.48 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0c4fe8584d0d4b187220640d5265bb0684e79b09f2c7b78e496f7027ee64a8ac

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:52 GMT
content-encoding
deflate
x-aspnetmvc-version
5.2
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
cache-control
private
content-type
application/x-javascript; charset=utf-8
content-length
1015
/
g.cash-ads.com/banner/ 		216 B
511 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/banner/?code=BaUXuQoOGFQEd6DjjxWeb3Esor1d3yt4%2B6je%2FcuY6pE%3D
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.220.104 Beaurevoir, France, ASN16276 (OVH, FR),
Reverse DNS
ns3074226.ip-147-135-220.eu
Software
nginx /
Resource Hash
f8c99839f4c2c5708b32d4fa6bb4fd11ae40be7553e5c27cf251799da468babb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:52 GMT
Content-Encoding
gzip
Server
nginx
X-Frame-Options
deny
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15768000; includeSubDomains
X-XSS-Protection
1; mode=block
3_0_FFFFFFFF_FFFFFFFF_0_pageviews
informer.yandex.ru/informer/28046940/ 		72 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://informer.yandex.ru/informer/28046940/3_0_FFFFFFFF_FFFFFFFF_0_pageviews
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
9f268dddca3e712b5a93769e9b8acc6ee465741e725862fa28f881fac3753f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
403
date
Sun, 08 Nov 2020 08:26:52 GMT
strict-transport-security
max-age=31536000
content-length
72
x-xss-protection
1; mode=block
content-type
text/html
46.gif
refstar.at.ua/.s/img/cp/ 		126 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refstar.at.ua/.s/img/cp/46.gif
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
d851b45a8a53ec033fb16303639dd10cdb72ece6779cefb70b00e4560d91b190
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Mon, 31 Jul 2017 10:30:37 GMT
Server
nginx
ETag
"597f06cd-7e"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Cache-Control
max-age=1728000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
126
Expires
Sat, 28 Nov 2020 08:26:56 GMT
watch.js
mc.yandex.ru/metrika/ 		143 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
58724cf9d89f1cadc735e143b46330c4b7fe0359cfccb2020431f63781d5bc20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:52 GMT
content-encoding
br
last-modified
Fri, 06 Nov 2020 15:42:20 GMT
status
200
etag
"5fa3cd75-a8a5"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
43173
expires
Sun, 08 Nov 2020 09:26:52 GMT
ui.js
refstar.at.ua/.s/t/1231/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refstar.at.ua/.s/t/1231/ui.js
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
7ce8dfb9585a908e467674314847c3b622a6005eae37e1aba2bae7fc050cedc3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2016 13:19:28 GMT
Server
nginx
ETag
W/"56cc5c60-395d"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
max-age=1728000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Sat, 28 Nov 2020 08:26:56 GMT
show_ads.js
adbit.biz/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adbit.biz/js/show_ads.js
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:87b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01155c2b36338a14716722e610fd8d6abc2d03523341c40e09d4617dbcd2e05d

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:52 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
status
200
cf-request-id
0648902de40000979cd2878000000001
last-modified
Fri, 20 Jan 2017 14:20:57 GMT
server
cloudflare
etag
W/"58821cc9-2889"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kzyrwgJ2O%2B4r96UqR2HYUusNw5IOOvuixOU0%2Bag7CS76cgfuI8grxmLa3n94VfncUAvn1F4xHOvpg9DsJrPvWPvaDn2mkOG6VPsrDWzPtTefLOaPG2k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
5eede95cadc9979c-FRA
expires
Sun, 15 Nov 2020 08:26:52 GMT
ucsecond.js
bmfeed.ru/ob/ 		152 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bmfeed.ru/ob/ucsecond.js?domain=refstar.at.ua&proto=https&stream_id=955&sub_id_1=refstar.at.ua&sub_id_2=https
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/?9%5E4%210zG6r%3BEBR70GB7pkkNdN%3BhZEOfZLnmBLSlWVDQf6Q1ayBl%211hpDv8S3mSS%3BdYbM%5EhYJi0%21G671VPjQfSznktQRbxFV7v4W44SD1tCmRA6aX6PEG%21%21%216w4GTD1IsDaQz53N5Z03qSTIjQ3A5chLbm8razd82Xi%3BSlkAwGhXiXIJnX8YXTAqkdV%3BXDkhRFDGlktEyXN%21iVnL6c%5EIco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:c61a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f5d68a2a46c4c56ae0e37405b29c1e9b0b4cb0adb7469aad946dc6daf6e25d7

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 07 Nov 2020 20:01:50 GMT
server
cloudflare
etag
W/"5fa6fd2e-25e21"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JiMRMDJXsOcpvlVlhHk38HaljW0O1tnplW1zFDCt7pBHyy5DKBabS5X5%2FpxbGMzTH032e6JYlhI1Obh%2FKsJhEuEALFsZiwaDjV9OoRVnCSiweDFYtd8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5eede95d7f58dfe3-FRA
cf-request-id
0648902e6c0000dfe334a5c000000001
hit;pushsender
counter.yadro.ru/ 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;pushsender?r;s1600*1200*24;uhttps%3A//refstar.at.ua/;1604824012240
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:52 GMT
Transfer-Encoding
chunked
Server
nginx/1.17.9
Connection
keep-alive
Strict-Transport-Security
max-age=86400
hit;ucoznet
counter.yadro.ru/ 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;ucoznet?r;s1600*1200*24;uhttps%3A//refstar.at.ua/;1604824012241
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:52 GMT
Transfer-Encoding
chunked
Server
nginx/1.17.9
Connection
keep-alive
Strict-Transport-Security
max-age=86400
hit;ucoz_desktop_ad
counter.yadro.ru/ 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;ucoz_desktop_ad?r;s1600*1200*24;uhttps%3A//refstar.at.ua/;1604824012241
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:52 GMT
Transfer-Encoding
chunked
Server
nginx/1.17.9
Connection
keep-alive
Strict-Transport-Security
max-age=86400
5895
thefuturepubs.com/copop/ 		2 KB
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thefuturepubs.com/copop/5895?fc_id=fc_2499684926&nsid={pubid}&partner_subid={click_id}&v=3
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.208.7.132 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx-more /
Resource Hash
dda50009de06bc2c3436957b3a5799b8fef4e5adfa6654119851ac895847eea4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:52 GMT
Content-Encoding
br
Server
nginx-more
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf8
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15768000
head-bg.jpg
refstar.at.ua/.s/t/1231/ 		588 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refstar.at.ua/.s/t/1231/head-bg.jpg
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/.s/src/css/1231.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
24d0fea5aa4a39e775681c47d088cadc93f2a239b8af85ab7af99294e99c7757
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Tue, 23 Feb 2016 13:19:28 GMT
Server
nginx
ETag
"56cc5c60-24c"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=1728000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
588
Expires
Sat, 28 Nov 2020 08:26:56 GMT
header.jpg
refstar.at.ua/.s/t/1231/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refstar.at.ua/.s/t/1231/header.jpg
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/.s/src/css/1231.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
6bb6b6017764b60fe64e64590b4cbe40543b61c2674daf2685e71adae78f3028
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Tue, 23 Feb 2016 13:19:28 GMT
Server
nginx
ETag
"56cc5c60-1bda"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=1728000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
7130
Expires
Sat, 28 Nov 2020 08:26:56 GMT
logo.png
refstar.at.ua/.s/t/1231/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refstar.at.ua/.s/t/1231/logo.png
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/.s/src/css/1231.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
c4fb8d0777311396000b42acae480ff82df63c9b7eef13d1843196b96207929a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Tue, 23 Feb 2016 13:19:28 GMT
Server
nginx
ETag
"56cc5c60-4db"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=1728000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
1243
Expires
Sat, 28 Nov 2020 08:26:56 GMT
user-nav.png
refstar.at.ua/.s/t/1231/ 		219 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refstar.at.ua/.s/t/1231/user-nav.png
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/.s/src/css/1231.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
7758e39f24c9e1275f6530f48ce09ea84c01b0d86229a6fc517a08bab4675be9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Tue, 23 Feb 2016 13:19:28 GMT
Server
nginx
ETag
"56cc5c60-db"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=1728000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
219
Expires
Sat, 28 Nov 2020 08:26:56 GMT
nav-bg.jpg
refstar.at.ua/.s/t/1231/ 		556 B
913 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refstar.at.ua/.s/t/1231/nav-bg.jpg
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/.s/src/css/1231.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
c08047555de064e05a22e37e1ba9f7455fc4fe963e2756ba2bcc14c3bbc3b1aa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Tue, 23 Feb 2016 13:19:28 GMT
Server
nginx
ETag
"56cc5c60-22c"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=1728000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
556
Expires
Sat, 28 Nov 2020 08:26:56 GMT
nav.jpg
refstar.at.ua/.s/t/1231/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refstar.at.ua/.s/t/1231/nav.jpg
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/.s/src/css/1231.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
766d5dbe87182997780e35cf8b2680fe76b9461dd262eda9e67160bb56001694
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Tue, 23 Feb 2016 13:19:28 GMT
Server
nginx
ETag
"56cc5c60-1481"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=1728000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
5249
Expires
Sat, 28 Nov 2020 08:26:56 GMT
nav.png
refstar.at.ua/.s/t/1231/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refstar.at.ua/.s/t/1231/nav.png
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/.s/src/css/1231.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
a3208552bc710558ac77d776a361bfd7fd22b3587e8508ef05584f556562d3a1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Tue, 23 Feb 2016 13:19:28 GMT
Server
nginx
ETag
"56cc5c60-596"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=1728000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
1430
Expires
Sat, 28 Nov 2020 08:26:56 GMT
jura-demibold.woff
refstar.at.ua/.s/t/1231/fonts/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://refstar.at.ua/.s/t/1231/fonts/jura-demibold.woff
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/.s/src/css/1231.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
00470505c2bef94c187329089988c2edf2b08631487c3ec0fe08c88e318cb081
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://refstar.at.ua
Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Tue, 23 Feb 2016 13:19:28 GMT
Server
nginx
ETag
"56cc5c60-8eac"
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Cache-Control
max-age=1728000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
36524
Expires
Sat, 28 Nov 2020 08:26:56 GMT
1425088
acceptable.a-ads.com/ Frame E17F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acceptable.a-ads.com/1425088
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
acceptable.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://refstar.at.ua/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://refstar.at.ua/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 08 Nov 2020 08:26:52 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger
X-Original-Referer
https://refstar.at.ua/
Content-Encoding
gzip
app.js
cloudfastads.ru/ 		77 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloudfastads.ru/app.js
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:80dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
904dc4729e6e838c7e1b29d757c23d76f30e869aa5da1a0734e75c876d8db5ec
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
509205
cf-polished
origSize=78448
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 02 Nov 2020 10:59:24 GMT
server
cloudflare
etag
W/"5f9fe68c-13270"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R5U8bifEuoeOpHSWTWXkcemi8xFMrf6NS52LetLqGh65cPOVGvYcLpS3UMZredFY1fZVSUiK06Xhs0kBkIYK6tNf4s2GNJjlPMx%2BDUu7y3UNbiqJ8INOWcehNBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
expires
Mon, 09 Nov 2020 11:00:07 GMT
cache-control
max-age=604800
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
cf-request-id
0648902efa00002b41193bc000000001
cf-ray
5eede95e5f622b41-FRA
cf-bgj
minify
index.php
www.bitcoadz.io/display/ Frame 26A2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=24168&height=250&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=0&responsive=1&page_data=848713d79f661ec19c4b8aa5da984df9&time=1604824012&val_count_adunit=1&deliver=refstar.at.ua&search_keywords=&page_referrer=aHR0cHM6Ly9yZWZzdGFyLmF0LnVhLw==&page_title=%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BE%D0%BA%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20-%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0&meta_description=
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/items.php?24168&1166&250&250&4&0&0&0&0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681c:531 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
www.bitcoadz.io
:scheme
https
:path
/display/index.php?page=query/items/&aduid=24168&height=250&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=0&responsive=1&page_data=848713d79f661ec19c4b8aa5da984df9&time=1604824012&val_count_adunit=1&deliver=refstar.at.ua&search_keywords=&page_referrer=aHR0cHM6Ly9yZWZzdGFyLmF0LnVhLw==&page_title=%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BE%D0%BA%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20-%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0&meta_description=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://refstar.at.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cf_bm=18e5de1cd3c1564ad13a1b5d55f45cad42357bca-1604824012-1800-AbU5sHKRxZ+fYM1NLoVgvEs9RzWHA2B6ceN5AwZfEbnkBFHs3fJJIBqTsPUODT3AmQmZcTBp8eW1afaxgeChgcI=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://refstar.at.ua/

Response headers

status
200
date
Sun, 08 Nov 2020 08:26:52 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=de037d950f2f3c0e09d0c7ad92db707c01604824012; expires=Tue, 08-Dec-20 08:26:52 GMT; path=/; domain=.bitcoadz.io; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
cf-request-id
0648902ee50000d6f55ab09000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vrdgbBSC6KrkOe9GL9mgrmKSNnghTxfFU%2BR3fAfeLO4Fsc4q1eCow0FZm7TeEKkYT55ATkt7pOTz6Wkn8%2BiEDwt02JiMUxIaeu7lvyp5jbgtJXoJRFCwgznB058%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5eede95e39bfd6f5-FRA
content-encoding
br
sch.png
refstar.at.ua/.s/t/1231/ 		364 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refstar.at.ua/.s/t/1231/sch.png
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/.s/src/css/1231.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
b4833a5f55a719ef3f040ced7640b6cd858f5d7243a6a8bacafc08c4e8e16c50
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Tue, 23 Feb 2016 13:19:28 GMT
Server
nginx
ETag
"56cc5c60-16c"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=1728000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
364
Expires
Sat, 28 Nov 2020 08:26:56 GMT
bg.jpg
refstar.at.ua/.s/t/1231/ 		169 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refstar.at.ua/.s/t/1231/bg.jpg
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/.s/src/css/1231.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
0c069d910a9851b9433b030f8b21b6506dde07f78fc418128567b55a17cc72f0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Tue, 23 Feb 2016 13:19:28 GMT
Server
nginx
ETag
"56cc5c60-2a2ed"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=1728000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
172781
Expires
Sat, 28 Nov 2020 08:26:56 GMT
board.png
refstar.at.ua/.s/t/1231/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refstar.at.ua/.s/t/1231/board.png
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/.s/src/css/1231.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
5b836afb11090f5d597175cc15b85caab3033d6fa9b4dd9020f02d27e2c1055c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Tue, 23 Feb 2016 13:19:28 GMT
Server
nginx
ETag
"56cc5c60-fdca"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=1728000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
64970
Expires
Sat, 28 Nov 2020 08:26:56 GMT
title.png
refstar.at.ua/.s/t/1231/ 		157 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refstar.at.ua/.s/t/1231/title.png
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/.s/src/css/1231.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
fa80c29b1b3a67668b1c891f93d0184fbe984d72f5805c79d80050c0af5bf4c7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Tue, 23 Feb 2016 13:19:28 GMT
Server
nginx
ETag
"56cc5c60-9d"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=1728000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
157
Expires
Sat, 28 Nov 2020 08:26:56 GMT
u.svg
refstar.at.ua/.s/img/icon/social/ 		612 B
972 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refstar.at.ua/.s/img/icon/social/u.svg
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/.s/src/social.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
d0608cf0c4aff79f20a198427f7df73300d643face9bea72b8d406b432b84df9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Mon, 26 Jun 2017 11:42:16 GMT
Server
nginx
ETag
"5950f318-264"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=1728000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
612
Expires
Sat, 28 Nov 2020 08:26:56 GMT
vk.svg
refstar.at.ua/.s/img/icon/social/ 		772 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refstar.at.ua/.s/img/icon/social/vk.svg
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/.s/src/social.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
05a3f8587400860aa87bb18c9a9cd5b22a45ca4fc4a37a7922d29e48549b2fc9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Mon, 26 Jun 2017 11:42:16 GMT
Server
nginx
ETag
"5950f318-304"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=1728000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
772
Expires
Sat, 28 Nov 2020 08:26:56 GMT
fb.svg
refstar.at.ua/.s/img/icon/social/ 		611 B
971 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refstar.at.ua/.s/img/icon/social/fb.svg
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/.s/src/social.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
a9265d79c9ff74d4deeab5dce9643ed838018a6b4346605e002867858534f4bf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Mon, 26 Jun 2017 11:42:16 GMT
Server
nginx
ETag
"5950f318-263"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=1728000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
611
Expires
Sat, 28 Nov 2020 08:26:56 GMT
ya.svg
refstar.at.ua/.s/img/icon/social/ 		660 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refstar.at.ua/.s/img/icon/social/ya.svg
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/.s/src/social.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
b72d3f61ac56b4aa27bad5769589705004aff1f0ad341785ca72dc46ba16de5b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Mon, 26 Jun 2017 11:42:16 GMT
Server
nginx
ETag
"5950f318-294"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=1728000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
660
Expires
Sat, 28 Nov 2020 08:26:56 GMT
gp.svg
refstar.at.ua/.s/img/icon/social/ 		550 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refstar.at.ua/.s/img/icon/social/gp.svg
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/.s/src/social.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
a657a4d5d05c6cd9b9f881ab6941e71f725c7eb451c9f37ceb514e45fdfd441d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Fri, 01 Feb 2019 12:57:26 GMT
Server
nginx
ETag
"5c544236-226"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=1728000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
550
Expires
Sat, 28 Nov 2020 08:26:56 GMT
ok.svg
refstar.at.ua/.s/img/icon/social/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refstar.at.ua/.s/img/icon/social/ok.svg
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/.s/src/social.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
e1369586f1d82834ecc0ccab2f5f1a6f7565f2c715243d956bd7eb1404c8fba9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Mon, 26 Jun 2017 11:42:16 GMT
Server
nginx
ETag
"5950f318-742"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=1728000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
1858
Expires
Sat, 28 Nov 2020 08:26:56 GMT
/
g.cash-ads.com/ Frame 8074 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/?nc=V81UuW4UGi02vzkEb6RzuxWetrPqII6dzwkAaHmGeMQ%3D
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/banner/?code=BaUXuQoOGFQEd6DjjxWeb3Esor1d3yt4%2B6je%2FcuY6pE%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.220.104 Beaurevoir, France, ASN16276 (OVH, FR),
Reverse DNS
ns3074226.ip-147-135-220.eu
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Host
g.cash-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://refstar.at.ua/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://refstar.at.ua/

Response headers

Server
nginx
Date
Sun, 08 Nov 2020 08:26:52 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Strict-Transport-Security
max-age=15768000; includeSubDomains
X-XSS-Protection
1; mode=block
Content-Encoding
gzip
context.js
an.yandex.ru/system/ 		123 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
328def4082161f5f69fcf4ec8610094e8de215418533d6e3d7b1c7351839a817
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Nov 2020 08:26:52 GMT
content-encoding
br
server
nginx/1.12.2
status
200
etag
523485015
x-yandex-req-id
1604824012738297-628973802507682986900107-production-app-host-man-pcode-13
strict-transport-security
max-age=31536000
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 08 Nov 2020 09:26:52 GMT
9300380
refstar.at.ua/stat/
Redirect Chain
  • https://refstar.at.ua/stat/1604824012616?01
  • http://refstar.at.ua/stat/9300380?11
  • https://refstar.at.ua/stat/9300380?11
397 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refstar.at.ua/stat/9300380?11
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
635032661a9d777042cbf1ae64f5278764bd8e946b4da5031905a8053e529a08

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Nov 2020 08:26:56 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, private
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Location
https://refstar.at.ua/stat/9300380?11
Connection
keep-alive
Keep-Alive
timeout=15
Content-Length
178
tag.js
mc.yandex.ru/metrika/ 		368 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
130f24f868c4364f20cd2b7afd416b01e5fe5efea9034701c4130fa14c1910fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:52 GMT
content-encoding
br
last-modified
Thu, 05 Nov 2020 10:01:25 GMT
status
200
etag
"5fa3cd75-175fc"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
95740
expires
Sun, 08 Nov 2020 09:26:52 GMT
ssp-sync.html
sync.republer.com/ Frame 6AAF
Redirect Chain
  • https://sync.republer.com/ssp-sync.html?sc=2&src=adviora&id=0c49e59a-dbc6-4fe8-b455-162f7cff4f61
  • https://sync.republer.com/ssp-sync.html?sc=2&src=adviora&id=0c49e59a-dbc6-4fe8-b455-162f7cff4f61&qset=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.republer.com/ssp-sync.html?sc=2&src=adviora&id=0c49e59a-dbc6-4fe8-b455-162f7cff4f61&qset=1
Requested by
Host: cp.adviora.com
URL: https://cp.adviora.com/scripts/rtb/2761
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.190.117.94 , Russian Federation, ASN204600 (REPUBLER-AS, RU),
Reverse DNS
carp.bspb2.kavanga.ru
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:method
GET
:authority
sync.republer.com
:scheme
https
:path
/ssp-sync.html?sc=2&src=adviora&id=0c49e59a-dbc6-4fe8-b455-162f7cff4f61&qset=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://refstar.at.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ruid=44daa147-8a3c-4f32-846d-2ee4924357c5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://refstar.at.ua/

Response headers

status
200
server
nginx
date
Sun, 08 Nov 2020 08:29:32 GMT
content-type
text/html; charset=utf-8
content-length
230
p3p
policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-host
rssp1
access-control-allow-credentials
true
access-control-allow-origin
*
set-cookie
ruid=44daa147-8a3c-4f32-846d-2ee4924357c5; Max-Age=31536000; Expires=Mon, 8 Nov 2021 08:26:53 GMT; Path=/; Domain=.republer.com; SameSite=None; Secure
strict-transport-security
max-age=0

Redirect headers

status
307
server
nginx
date
Sun, 08 Nov 2020 08:29:32 GMT
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-host
rssp1
access-control-allow-credentials
true
access-control-allow-origin
*
set-cookie
ruid=44daa147-8a3c-4f32-846d-2ee4924357c5; Max-Age=31536000; Expires=Mon, 8 Nov 2021 08:26:52 GMT; Path=/; Domain=.republer.com; SameSite=None; Secure
location
/ssp-sync.html?sc=2&src=adviora&id=0c49e59a-dbc6-4fe8-b455-162f7cff4f61&qset=1
strict-transport-security
max-age=0
userbind
ssp1.rtb.beeline.ru/ Frame 3DA5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp1.rtb.beeline.ru/userbind?src=adviora&id=0c49e59a-dbc6-4fe8-b455-162f7cff4f61
Requested by
Host: cp.adviora.com
URL: https://cp.adviora.com/scripts/rtb/2761
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.9.245.57 , Russian Federation, ASN16345 (BEE-AS Russia, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
ssp1.rtb.beeline.ru
:scheme
https
:path
/userbind?src=adviora&id=0c49e59a-dbc6-4fe8-b455-162f7cff4f61
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://refstar.at.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://refstar.at.ua/

Response headers

status
403
server
nginx
date
Sun, 08 Nov 2020 08:26:53 GMT
content-type
text/html
content-length
548
access-control-allow-credentials
true
access-control-allow-methods
GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-headers
Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
x-host
192.168.152.40
user-sync
sync.adkernel.com/ Frame B842 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=85913&t=image&r=SSP_REDIR_URL
Requested by
Host: cp.adviora.com
URL: https://cp.adviora.com/scripts/rtb/2761
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , Netherlands, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
sync.adkernel.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://refstar.at.ua/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://refstar.at.ua/

Response headers

Server
nginx
Date
Sun, 08 Nov 2020 08:26:52 GMT
Content-Length
0
Connection
close
user-sync
sync.adkernel.com/ Frame 056A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=85915&t=image&r=SSP_REDIR_URL
Requested by
Host: cp.adviora.com
URL: https://cp.adviora.com/scripts/rtb/2761
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , Netherlands, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
sync.adkernel.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://refstar.at.ua/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://refstar.at.ua/

Response headers

Server
nginx
Date
Sun, 08 Nov 2020 08:26:52 GMT
Content-Length
0
Connection
close
adviora
sync.dmp.otm-r.com/match/ 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/adviora
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.106.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.106.201.195.clients.your-server.de
Software
nginx/1.15.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Sun, 08 Nov 2020 08:26:52 GMT
server
nginx/1.15.9
access-control-allow-origin
*
user-sync
sync.adkernel.com/ 		0
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=114651&uid=0c49e59a-dbc6-4fe8-b455-162f7cff4f61
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , Netherlands, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:52 GMT
Server
nginx
Connection
close
Content-Length
0
1
mc.yandex.ru/watch/28046940/
Redirect Chain
  • https://mc.yandex.ru/watch/28046940?wmode=7&page-url=https%3A%2F%2Frefstar.at.ua%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1604824011276%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A21661362610...
  • https://mc.yandex.ru/watch/28046940/1?wmode=7&page-url=https%3A%2F%2Frefstar.at.ua%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1604824011276%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626...
167 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/28046940/1?wmode=7&page-url=https%3A%2F%2Frefstar.at.ua%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1604824011276%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201108092652%3Aet%3A1604824013%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A5508977323%3Arqn%3A1%3Arn%3A703733615%3Ahid%3A24943773%3Ads%3A0%2C194%2C177%2C2%2C269%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A1226%3Agdpr%3A14%3Av%3A1962%3Arqnl%3A1%3Ast%3A1604824013%3Au%3A160482401349741275%3At%3A%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BE%D0%BA%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20-%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
9b728abd5461d536ec0ebe2d1f80f999e3ab4bbd506a3b23827577a658c45b22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Nov 2020 08:26:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 08-Nov-2020 08:26:52 GMT
status
200
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://refstar.at.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
167
x-xss-protection
1; mode=block
expires
Sun, 08-Nov-2020 08:26:52 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 Nov 2020 08:26:52 GMT
last-modified
Sun, 08-Nov-2020 08:26:52 GMT
status
302
location
/watch/28046940/1?wmode=7&page-url=https%3A%2F%2Frefstar.at.ua%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1604824011276%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201108092652%3Aet%3A1604824013%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A5508977323%3Arqn%3A1%3Arn%3A703733615%3Ahid%3A24943773%3Ads%3A0%2C194%2C177%2C2%2C269%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A1226%3Agdpr%3A14%3Av%3A1962%3Arqnl%3A1%3Ast%3A1604824013%3Au%3A160482401349741275%3At%3A%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BE%D0%BA%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20-%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0
access-control-allow-origin
https://refstar.at.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
0
x-xss-protection
1; mode=block
expires
Sun, 08-Nov-2020 08:26:52 GMT
1826
forexcontext.ru/core.php/init/ 		0
0
soc.png
refstar.at.ua/.s/t/1231/ 		727 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refstar.at.ua/.s/t/1231/soc.png
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/.s/src/css/1231.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
cc5978d42fdf039960652c0ffce1b3daf270eb06108a1ef71f5cfe3d61a61037
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Tue, 23 Feb 2016 13:19:28 GMT
Server
nginx
ETag
"56cc5c60-2d7"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=1728000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
727
Expires
Sat, 28 Nov 2020 08:26:56 GMT
teasers
cloudfastads.ru/data/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cloudfastads.ru/data/teasers
Requested by
Host: cloudfastads.ru
URL: https://cloudfastads.ru/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:80dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
214dbbe4610c9fc6569d98db73c0e44007bc0a2a87be265e658badd9aab591c3
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Nov 2020 08:26:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
vary
Accept-Encoding, Origin
cf-request-id
064890302d00002b41e592d000000001
referrer-policy
no-referrer-when-downgrade
server
cloudflare
etag
W/"1d00-Mfy6AcAWo1JZZ5f164SD3TsRLDY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NnZraberRXUqu73Et%2BBg6z1kbnsNv2PFgcf9meCfXttOsEoZjpzK%2Fi9N5irVVUQIjnzDasUH7L6APSIgofr3Sw1683p%2By8ILdlMN6%2BBpsUi%2BZhUNAPjW%2B%2F5lynM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://refstar.at.ua
x-xss-protection
1; mode=block
cache-control
private, max-age=60, stale-while-revalidate=84000
access-control-allow-credentials
true
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
cf-ray
5eede9604ba62b41-FRA
expires
Sun Nov 08 2020 08:28:31 GMT+0300
5c279a2bf5e49c7c812bbde8
cloudfastads.ru/data/iframe/28270/desktop/ Frame E3B2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cloudfastads.ru/data/iframe/28270/desktop/5c279a2bf5e49c7c812bbde8
Requested by
Host: cloudfastads.ru
URL: https://cloudfastads.ru/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:80dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
cloudfastads.ru
:scheme
https
:path
/data/iframe/28270/desktop/5c279a2bf5e49c7c812bbde8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://refstar.at.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://refstar.at.ua/

Response headers

status
200
date
Sun, 08 Nov 2020 08:26:52 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dc2e71090b74e43142e42d2af82946f371604824012; expires=Tue, 08-Dec-20 08:26:52 GMT; path=/; domain=.cloudfastads.ru; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding Origin
access-control-allow-credentials
true
expires
Sun Nov 08 2020 08:26:31 GMT+0300
cache-control
private, max-age=60, stale-while-revalidate=84000
link
</css/inner.css>; rel=preload; as=style; crossorigin, </inner.js>; rel=preload; as=script; crossorigin;
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
cf-request-id
064890303000002b41bf2a3000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bErQ5KnAoTVyIdZQ60Q8vUx%2BNCTjKAIXJ9kWIu1wNffs88HkoaaH3p9xbcssJcaZ0sPpT47HLlvdKBCqjweqnR1lI1K2gD3EjJQ1%2F4%2BpiqXH%2FouX3v4Mn%2FPN1gw%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5eede9604bb62b41-FRA
content-encoding
br
cf-h2-pushed
</css/inner.css>,</inner.js>
insert
cloudfastads.ru/statistics/iframe/ 		330 B
992 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cloudfastads.ru/statistics/iframe/insert
Requested by
Host: cloudfastads.ru
URL: https://cloudfastads.ru/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:80dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
679db9ea7efa215c1b715df6a267165af9cde6566f49635fae9d2125d80eb138
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Nov 2020 08:26:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
vary
Accept-Encoding, Origin
cf-request-id
064890303000002b41c613b000000001
referrer-policy
no-referrer-when-downgrade
server
cloudflare
etag
W/"14a-1/zCusthd4EUE1jxLiTEt3WT4Sk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HaUOrH9M3ZjN5xL%2Fqny5YASXyYpiqHr4%2BwcvU4Rs6t4dY9jk9%2BHy%2BTBkVS%2F9OWwf65UbBHJL5%2F0PHa4hmTiEjVJdyxxfIddQ60bTTcqsKJY%2BeaBLxJaA3OWf4vM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://refstar.at.ua
x-xss-protection
1; mode=block
access-control-allow-credentials
true
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
cf-ray
5eede9604bb42b41-FRA
tbstat
pushkintop.ru/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pushkintop.ru/tbstat?is_safari=0&own_sign=false&own_site=true&state=ownsite-unavailable&stream_id=955&sub_id_1=refstar.at.ua&sub_id_2=https
Requested by
Host: bmfeed.ru
URL: https://bmfeed.ru/ob/ucsecond.js?domain=refstar.at.ua&proto=https&stream_id=955&sub_id_1=refstar.at.ua&sub_id_2=https
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6818:769c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:52 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5aNow8z759dpl7Fu%2BGr1t%2F412Qm2X0cLtU4RMHOCGmPzCo9gFnBnAM94HoHcsX96wFDiALK6pJAa3Ic5rVTlk1d1yPu2sTd77VFcPlf2ayQKezfUesZx9AJF"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
5eede960982964f1-FRA
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken
content-length
0
cf-request-id
0648903063000064f15db1c000000001
/
refstar.at.ua/ Frame 817B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://refstar.at.ua/?C23FWST3BNUT8%21VGu%3BlCdC1Wxpj8VZSprPQX0HSyUgJp4P3rhIgD9Y3i3nOHi9yY0fkyDlFL%21NVWAKRO9ffo
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/?yIfbkOzO4NjL0hfleYHWW1pYKwOuGeYuHxvLXyK5xyYTuZz7sHRwGU4XId3I5iPUgrTRtKeaZ9PrZUynk5aWZLyB4J6mXaKFEK8C0muqdBtZbWQABIJBLAnB3dn%3B94gcnzZKjdBTcUQvOEsSpQrOOFqKFjDeuqYkNA%5E2Vb1WH5I2UQ%3BEN5fDtzgI0ObKtz2%5EyABSQgMp%5EiA9QNAXXzDF
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
877c9f478d7db1ff23fce0d64305d7f878ad0d736a8ce5b869094666f1dec758

Request headers

Host
refstar.at.ua
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://refstar.at.ua/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
2refstaruzll=1604824016; 2refstarpushi=1; _ym_uid=160482401349741275; _ym_d=1604824013; _cc_visit=1; _cc__visit_deep=1; _cc_session=8d983e05-8eaa-4588-a7fc-c313cb46305c; hostpush_data={%22sub_id_1%22:%22refstar.at.ua%22%2C%22sub_id_2%22:%22https%22%2C%22sub_id_3%22:%22%22%2C%22sub_id_4%22:%22%22%2C%22sub_id_5%22:%22%22%2C%22utm_campaign%22:%22%22%2C%22utm_source%22:%22%22%2C%22utm_medium%22:%22%22%2C%22utm_content%22:%22%22%2C%22utm_term%22:%22%22%2C%22stream_id%22:%22955%22%2C%22fetch_url%22:%22%22%2C%22tb_decline%22:%22%22%2C%22tb_confirm%22:%22%22%2C%22force_http%22:%22%22%2C%22block_back_button%22:%22%22%2C%22show_overlay%22:%22%22%2C%22complexity_redirect_urls%22:%22%22%2C%22own_sign%22:%22false%22%2C%22own_site%22:%22true%22%2C%22is_safari%22:0%2C%22is_complexity%22:0}
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://refstar.at.ua/

Response headers

Server
nginx
Date
Sun, 08 Nov 2020 08:26:56 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Cache-Control
no-cache no-store private
Pragma
no-cache
Content-Encoding
gzip
context_partner.css
super-traf.ru/assets/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://super-traf.ru/assets/css/context_partner.css?id=2
Requested by
Host: super-traf.ru
URL: https://super-traf.ru/earn/partner/get?id=141&type=4&code=1603360494
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.204.110 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm1327710.ssd1.had.yt
Software
Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40 /
Resource Hash
5c2eb3f833dc800a6c6bd07d84ef7798e28a075110df2292cf6bdcd362db6de5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:52 GMT
Content-Encoding
gzip
Last-Modified
Sat, 10 Oct 2020 17:30:54 GMT
Server
Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; preload
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=31556926, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
588
Expires
Mon, 08 Nov 2021 08:26:52 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
86 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:52 GMT
last-modified
Fri, 06 Nov 2020 15:42:20 GMT
status
200
etag
"5f9c117e-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sun, 08 Nov 2020 09:26:52 GMT
firstvisible
cloudfastads.ru/statistics/iframe/ 		330 B
508 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cloudfastads.ru/statistics/iframe/firstvisible
Requested by
Host: cloudfastads.ru
URL: https://cloudfastads.ru/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:80dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed7552cda664d33554d6f56f21051ce19370de016b2cc4d4d9fe9982f6ce1a29
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Nov 2020 08:26:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
vary
Accept-Encoding, Origin
cf-request-id
064890306b00002b41d8849000000001
referrer-policy
no-referrer-when-downgrade
server
cloudflare
etag
W/"14a-tRVlxGaItMUzwe87dA6DR8VZINw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GG29f%2Bjvz9hKgienLPCYqFYftRquid1G2njbHqMs%2BARE3c64bFIjyRoVc%2F2CgYAaf18%2BTG3CS6Aw9r6brRCBAczMLjhCVb4%2F8WGcM7aw0FzdVe7rCcyfqjfsxaM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://refstar.at.ua
x-xss-protection
1; mode=block
access-control-allow-credentials
true
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
cf-ray
5eede960aca32b41-FRA
visible
cloudfastads.ru/statistics/iframe/ 		330 B
573 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cloudfastads.ru/statistics/iframe/visible
Requested by
Host: cloudfastads.ru
URL: https://cloudfastads.ru/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:80dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed7552cda664d33554d6f56f21051ce19370de016b2cc4d4d9fe9982f6ce1a29
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Nov 2020 08:26:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
vary
Accept-Encoding, Origin
cf-request-id
064890306c00002b41bf2a8000000001
referrer-policy
no-referrer-when-downgrade
server
cloudflare
etag
W/"14a-tRVlxGaItMUzwe87dA6DR8VZINw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jIzxTghoZsStbjtRPt6bjo95Pf%2F13tv%2By2nNNm3%2BuYe8WVsHeS5cgfsT3WNmgLT8R59pxp83gBKdqFZXoJVfmgDyoeyFQJ4lJB7pJXLvtfsLHR1DfWP956c%2BK2U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://refstar.at.ua
x-xss-protection
1; mode=block
access-control-allow-credentials
true
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
cf-ray
5eede960aca82b41-FRA
jquery-3.4.1.min.js
code.tothefuturetech.com/js/ 		81 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.tothefuturetech.com/js/jquery-3.4.1.min.js
Requested by
Host: thefuturepubs.com
URL: https://thefuturepubs.com/copop/5895?fc_id=fc_2499684926&nsid={pubid}&partner_subid={click_id}&v=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.155.145.103 Dallas, United States, ASN40824 (WZCOM-, US),
Reverse DNS
proven.masterliberty.com
Software
nginx-more /
Resource Hash
47f0580275a8c1e95343e461cb949869ca93dd109f4fa2e45d655d13a0b5d625
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:53 GMT
Content-Encoding
br
Server
nginx-more
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf8
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15768000
aci.js
www.acint.net/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.acint.net/aci.js
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/519/2/37519.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
b4543e0a3b847b39a5caa7f37288ecf8719a547881d6d076ca8112f3d3c7940d

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:53 GMT
content-encoding
gzip
last-modified
Wed, 21 Aug 2019 10:52:49 GMT
server
openresty
etag
"5d5d2281-189c"
content-type
application/x-javascript
status
200
cache-control
max-age=43200
content-length
6300
expires
Sun, 08 Nov 2020 20:26:53 GMT
243784
an.yandex.ru/meta/ 		141 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/243784?grab=dNC30LDRgNCw0LHQvtGC0L7QuiDQvtC90LvQsNC50L0gLSDQk9C70LDQstC90LDRjyDRgdGC0YDQsNC90LjRhtCwCjLQkNCy0YLQvtC60YDQsNC90Ysg0LTQu9GPIEZhdWNldFBheS5pbyDQuCBFeHByZXNzY3J5cHRvLmlvOiAKMmFsdGNvaW4g0LzQvdC-0LPQviDQstCw0LvRjtGCIAoz0KHQsNC80YvQtSDRgdCy0LXQttC40LUg0L_RgNC-0LXQutGC0YshIAoz0KPRh9Cw0YHRgtC-0Log0LTQu9GPINC30LDRgNCw0LHQvtGC0LrQsCEgCjPQodGD0L_QtdGAINC80LDQudC90LjQvdCzINGA0YPQsdC70LXQuSEgCjMzNiUg0L_RgNC40LHRi9C70Lgg0LLRgdC10LPQviDQt9CwIDEg0YfQsNGBISAKM9CQ0YLQu9Cw0L3RgtC40LTQsCEgMzUl0L_RgNC40LHRi9C70Lgg0Log0LTQtdC_0L7Qt9C40YLRgyEgCjPQr9C00LXRgNC90YvQuSDQsdGD0LrRgSEgCg%3D%3D&target-ref=https%3A%2F%2Frefstar.at.ua%2F&charset=utf-8&duid=MTYwNDgyNDAxMzQ5NzQxMjc1&imp-id=1&enable-flat-highlight=1&test-tag=365587616235522&ad-session-id=5303771604824013036&target-id=53711081&tga-with-creatives=1&pcode-test-ids=294710%2C0%2C72%3B294167%2C0%2C34&pcode-flags=%7B%22DEFAULT_SSR_FORMATS%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22motion%22%2C%22zen%22%5D%2C%22DEFAULT_BLACKLIST_PAGES%22%3A%5B%5D%2C%22DEFAULT_BLACKLIST_DEVICES%22%3A%5B%5D%2C%22changableMeta%22%3A1%2C%22PCODEVER%22%3A%2212953%22%7D&server-side-rendering-enabled-formats=posterVertical%0AposterHorizontal%0Amotion%0Azen&pcode-version=12953&flash-ver=0&pcode-icookie=5607547721604824012&available-width=180&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.5%2C%22w%22%3A180%2C%22h%22%3A0%2C%22width%22%3A180%2C%22height%22%3A0%2C%22left%22%3A350%2C%22top%22%3A2510%2C%22visible%22%3A0%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&callback=Ya%5B1330319504379%5D
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
fe6cfcdb23f966463ea697cfbd6b799ca38325b747abf500c5740f1bd39876fe
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 08 Nov 2020 08:26:53 GMT
content-encoding
gzip
last-modified
Sun, 08 Nov 2020 08:26:53 GMT
server
nginx/1.12.2
timing-allow-origin
*
status
200
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://refstar.at.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
x-xss-protection
1; mode=block
expires
Sun, 08 Nov 2020 08:26:53 GMT
0f888f7c5a5b113cd13f.js
an.yandex.ru/partner-code-bundles/12953/ 		325 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/partner-code-bundles/12953/0f888f7c5a5b113cd13f.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
7f121ba8a9ac5e7ef65a2e1e419a48258400991a54a54ace358c7d0c38a585f7
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Origin
https://refstar.at.ua
Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:53 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status
200
content-length
72499
timing-allow-origin
*
last-modified
Thu, 05 Nov 2020 15:55:03 GMT
server
nginx/1.12.2
etag
"bb9582e97adf40ce0d06a74eb8007933"
strict-transport-security
max-age=43200000; includeSubDomains;, max-age=31536000
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 06 Nov 2050 13:44:04 GMT
0c3c6be3dd2a72db0ebd.js
an.yandex.ru/partner-code-bundles/12953/ 		525 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/partner-code-bundles/12953/0c3c6be3dd2a72db0ebd.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
77731cd3b35cfe8551e051bfe44a24c29a024c271c690bf4a89e605def0f8238
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Origin
https://refstar.at.ua
Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:53 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status
200
content-length
83020
timing-allow-origin
*
last-modified
Thu, 05 Nov 2020 15:55:03 GMT
server
nginx/1.12.2
etag
"bdca7266600f78663a98355844a42247"
strict-transport-security
max-age=43200000; includeSubDomains;, max-age=31536000
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 06 Nov 2050 13:44:04 GMT
aeaff69ebe0218413a4c.js
an.yandex.ru/partner-code-bundles/12953/ 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/partner-code-bundles/12953/aeaff69ebe0218413a4c.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
7863b2c6bd5f2a35d3c2920537da6c9f2e91140293244faf4d7008c1536a59c7
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Origin
https://refstar.at.ua
Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:53 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status
200
content-length
15676
timing-allow-origin
*
last-modified
Thu, 05 Nov 2020 15:55:04 GMT
server
nginx/1.12.2
etag
"190bab6f8d89aeff0fb9fffa382e3f56"
strict-transport-security
max-age=43200000; includeSubDomains;, max-age=31536000
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 06 Nov 2050 13:44:04 GMT
50292898
mc.yandex.ru/watch/ 		186 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/50292898?wmode=7&page-url=https%3A%2F%2Frefstar.at.ua%2F&charset=utf-8&browser-info=ti%3A10%3Adp%3A1%3Ans%3A1604824011276%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201108092653%3Aet%3A1604824013%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1214309575798%3Arqn%3A1%3Arn%3A560502170%3Ahid%3A24943773%3Ads%3A0%2C194%2C177%2C2%2C269%2C0%2C0%2C969%2C6%2C%2C%2C%2C1620%3Afp%3A1226%3Awn%3A38550%3Ahl%3A3%3Agdpr%3A14%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1604824013%3Au%3A160482401349741275%3At%3A%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BE%D0%BA%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20-%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
697b71d08fb8deeab43a24dcbbbd3b178fc7c0b72160d185a691ab0ba328da9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 08 Nov 2020 08:26:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 08-Nov-2020 08:26:53 GMT
status
200
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://refstar.at.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
186
x-xss-protection
1; mode=block
expires
Sun, 08-Nov-2020 08:26:53 GMT
1
mc.yandex.ru/watch/28046940/ 		43 B
145 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/28046940/1?page-url=https%3A%2F%2Frefstar.at.ua%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1604824011276%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Az%3A60%3Ai%3A20201108092653%3Aet%3A1604824013%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apa%3A1%3Als%3A5508977323%3Arqn%3A2%3Arn%3A345352124%3Ahid%3A24943773%3Ads%3A%2C%2C%2C%2C%2C%2C%2C969%2C6%2C%2C%2C%2C1620%3Agdpr%3A14%3Av%3A1962%3Arqnl%3A1%3Ast%3A1604824013%3Au%3A160482401349741275
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 08 Nov 2020 08:26:53 GMT
last-modified
Sun, 08-Nov-2020 08:26:53 GMT
status
200
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://refstar.at.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 08-Nov-2020 08:26:53 GMT
1
mc.yandex.ru/watch/50292898/ 		43 B
73 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/50292898/1?page-url=https%3A%2F%2Frefstar.at.ua%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1604824011276%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A2%3Az%3A60%3Ai%3A20201108092653%3Aet%3A1604824013%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apa%3A1%3Als%3A1214309575798%3Arqn%3A2%3Arn%3A989014834%3Ahid%3A24943773%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1604824013%3Au%3A160482401349741275
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 08 Nov 2020 08:26:53 GMT
last-modified
Sun, 08-Nov-2020 08:26:53 GMT
status
200
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://refstar.at.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 08-Nov-2020 08:26:53 GMT
/
ssp-rtb.sape.ru/data/ 		30 B
528 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp-rtb.sape.ru/data/?callback=sapeRTB_5fa7abcd1_65671444&srtbid=37519&scids=161339924&sx=1600&sy=1200&ref=&u=https%3A%2F%2Frefstar.at.ua%2F&allimps=1&fl=0&v=2&tz=%2B01%3A00
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/519/2/37519.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.69.74.8 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1290149.sapientru.net
Software
openresty /
Resource Hash
d196da8fefdb6d02bf7af5cbed5752ceb0e61595d24151826117824db9c57c1d

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:53 GMT
Server
openresty
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
30
Expires
Wed, 19 Apr 2000 11:43:00 GMT
nv.js
p1.dircont3.com/ 		50 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p1.dircont3.com/nv.js
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/519/2/37519.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.49 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-47.cdn77.com
Software
CDN77-Turbo /
Resource Hash
214ac706c680a74ccd70ca524c935602900727cbf833b0d6808d10dd36e442b8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt
AcO1ry8TZ27vFQUAAA==
date
Sun, 08 Nov 2020 08:26:53 GMT
content-encoding
br
last-modified
Fri, 30 Oct 2020 12:17:33 GMT
server
CDN77-Turbo
x-edge-pop
frankfurtDE
etag
W/"5f9c045d-c8dc"
strict-transport-security
max-age=604800
x-cache
HIT
content-type
application/javascript
status
200
x-edge-ip
195.181.175.47
x-age
1301
expires
Fri, 20 Nov 2020 08:05:12 GMT
/
ssp-rtb.sape.ru/data/ 		30 B
528 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp-rtb.sape.ru/data/?callback=sapeRTB_5fa7abcd1_28079047&srtbid=95403&scids=93390459&sx=1600&sy=1200&ref=&allimps=0&fl=0&v=2&tz=%2B01%3A00&u=https%3A%2F%2Frefstar.at.ua%2F
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/519/2/37519.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.69.74.8 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1290149.sapientru.net
Software
openresty /
Resource Hash
21f21d205d877d7cac50f15ac7f7ce3e3a5c48a06c96f583810b56771ca7cf95

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:53 GMT
Server
openresty
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
30
Expires
Wed, 19 Apr 2000 11:43:00 GMT
1
www.acint.net/rtbw/ 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A37519%2C%22sc%22%3A0%2C%22pl%22%3A0%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A373%7D&sid=5fa7abcc-f6c8-b41u-utl0-mnj2lbqifgbq&ref=https%3A%2F%2Frefstar.at.ua%2F&r=1604824013
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:53 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
1
www.acint.net/pxl/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/1?dp=16&id=37519.387434.161339924.0.0.95&sid=5fa7abcc-f6c8-b41u-utl0-mnj2lbqifgbq&ref=https%3A%2F%2Frefstar.at.ua%2F&r=1604824013
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:53 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
1
www.acint.net/rtbw/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A37519%2C%22sc%22%3A0%2C%22pl%22%3A387434%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=5fa7abcc-f6c8-b41u-utl0-mnj2lbqifgbq&ref=https%3A%2F%2Frefstar.at.ua%2F&r=1604824013
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:53 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
pix.gif
px2.admon.pro/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px2.admon.pro/pix.gif?u=1600781154496&scid=&cid=&crid=&dl=5fa7abcc-f6c8-b41u-utl0-mnj2lbqifgbq&appid=&adformat=banner&traffictype=&ts=1604824013094&r=5fa7abcd1_84541475
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
144.76.9.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.9.76.144.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 08 Nov 2020 08:26:53 GMT
Server
nginx
1
www.acint.net/pxl/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/1?dp=16&id=95403.446640.93390459&sid=5fa7abcc-f6c8-b41u-utl0-mnj2lbqifgbq&r=20up4lurn6id
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:53 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
style.css
s1.ucoz.net/adv/dummy/000/css/ Frame 817B 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.ucoz.net/adv/dummy/000/css/style.css
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/?C23FWST3BNUT8%21VGu%3BlCdC1Wxpj8VZSprPQX0HSyUgJp4P3rhIgD9Y3i3nOHi9yY0fkyDlFL%21NVWAKRO9ffo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
25ed1276f20986488e24b40548f023af771181ac7862900bde43cbdaffe0d0b9

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 26 Mar 2019 14:28:17 GMT
Server
nginx
ETag
W/"5c9a3701-19eb"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
Keep-Alive
timeout=15
ucoz-logo.png
s1.ucoz.net/adv/dummy/000/img/ Frame 817B 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ucoz.net/adv/dummy/000/img/ucoz-logo.png
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/?C23FWST3BNUT8%21VGu%3BlCdC1Wxpj8VZSprPQX0HSyUgJp4P3rhIgD9Y3i3nOHi9yY0fkyDlFL%21NVWAKRO9ffo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
fc4f998c5fcacc6cf161f1bedf46ec55e56273670ecce8b59e947b68d3c5bdb2

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Tue, 26 Mar 2019 14:28:17 GMT
Server
nginx
ETag
"5c9a3701-11e9"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
4585
/
rot.spotsniper.ru/ Frame 817B
Redirect Chain
  • https://rot.spotsniper.ru/?src=ujs6
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjN1579BVIF36LEjAk*
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjN1579BVIF36LEjAmiARAoL0fAIZwR64pTDMR6bS_v
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQAhjN1579BVIF36LEjAmiARAoL3LWIZwR66bpACWQyCQ3
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQAxjN1579BVIF36LEjAmiARAoNekEIZwR66bpACWQyCQ3
  • https://rot.spotsniper.ru/?src=ujs6&s_data=CAIQABjN1579BaIBECg16QQhnBHrpukAJZDIJDc*
  • https://rot.spotsniper.ru/?src=ujs6&s_data=CAIQARjN1579BaIBECgvctYhnBHrpukAJZDIJDc*
613 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rot.spotsniper.ru/?src=ujs6&s_data=CAIQARjN1579BaIBECgvctYhnBHrpukAJZDIJDc*
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/?C23FWST3BNUT8%21VGu%3BlCdC1Wxpj8VZSprPQX0HSyUgJp4P3rhIgD9Y3i3nOHi9yY0fkyDlFL%21NVWAKRO9ffo
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
f2457b25b560b7f4a06ba79751b727f2475bef2e3c81f8e2b84c4bdba3a378a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Nov 2020 08:26:54 GMT
X-Content-Type-Options
nosniff
Server
nginx
P3P
CP="NOI DEV TAI PSA PSD OUR STP COM NAV INT DEM STA PRE LOC"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
613
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1985 00:00:01 GMT

Redirect headers

Date
Sun, 08 Nov 2020 08:26:53 GMT
Server
nginx
ETag
282f72d6-219c-11eb-a6e9-002590c82437
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//rot.spotsniper.ru/?src=ujs6&s_data=CAIQARjN1579BaIBECgvctYhnBHrpukAJZDIJDc*
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
/
rot.spotsniper.ru/ Frame 817B
Redirect Chain
  • https://rot.spotsniper.ru/?src=ujs6&s_subid=btn
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjN1579BVIF36LEjAlaDgoHc19zdWJpZBIDYnRu
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjN1579BVIF36LEjAlaDgoHc19zdWJpZBIDYnRuogEQKC9y1iGcEeum6QAlkMgkNw**
  • https://rot.spotsniper.ru/?src=ujs6&s_data=CAIQABjN1579BVoOCgdzX3N1YmlkEgNidG6iARAoL3LWIZwR66bpACWQyCQ3
  • https://rot.spotsniper.ru/?src=ujs6&s_data=CAIQARjN1579BVoOCgdzX3N1YmlkEgNidG6iARAoL3LWIZwR66bpACWQyCQ3
232 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rot.spotsniper.ru/?src=ujs6&s_data=CAIQARjN1579BVoOCgdzX3N1YmlkEgNidG6iARAoL3LWIZwR66bpACWQyCQ3
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/?C23FWST3BNUT8%21VGu%3BlCdC1Wxpj8VZSprPQX0HSyUgJp4P3rhIgD9Y3i3nOHi9yY0fkyDlFL%21NVWAKRO9ffo
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
83443f7014087be2eca63840c47fd3a7683edec7578f2ee064de6495b247b104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Nov 2020 08:26:53 GMT
X-Content-Type-Options
nosniff
Server
nginx
P3P
CP="NOI DEV TAI PSA PSD OUR STP COM NAV INT DEM STA PRE LOC"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
232
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1985 00:00:01 GMT

Redirect headers

Date
Sun, 08 Nov 2020 08:26:53 GMT
Server
nginx
ETag
282f72d6-219c-11eb-a6e9-002590c82437
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//rot.spotsniper.ru/?src=ujs6&s_data=CAIQARjN1579BVoOCgdzX3N1YmlkEgNidG6iARAoL3LWIZwR66bpACWQyCQ3
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
/
www.acint.net/mc/ Frame E26C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.acint.net/mc/?dp=14
Requested by
Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash

Request headers

:method
GET
:authority
www.acint.net
:scheme
https
:path
/mc/?dp=14
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://refstar.at.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
aid=fwAAAV+nq80h5ADVS0t3Av3IXhG3kPBFAc+xr6VXQDkeP35C
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://refstar.at.ua/

Response headers

status
200
server
openresty
date
Sun, 08 Nov 2020 08:26:53 GMT
content-type
text/html
set-cookie
cSyncDp7v2=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp14v3=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp17=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp23=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp24=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp32=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp37=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp40=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp45v2=1604824013; expires=Thu, 12-Nov-20 02:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp54v2=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp62=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp67v2=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp68=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp71=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp75=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp77=1604824013; expires=Wed, 25-Nov-20 20:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp84=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp85=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp88=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp95v2=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp101=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp104=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp107=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp111=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp112v2=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp125=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp126=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp127=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp136=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp138=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp144=1604824013; expires=Tue, 08-Dec-20 08:26:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding
gzip
/
www.acint.net/hit/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/hit/?v=0.2.1&uid=7d3d8b27-7495-4525-9e3f-458285b31f44&dp=14&tz=%2B01%3A00&nc=40687778&u=https%3A%2F%2Frefstar.at.ua%2F&r=&rs=1600x1200&t=%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BE%D0%BA%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20-%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0&oE=1&oP=1&dT=2020-11-08T09%3A26%3A53.188&fu=72c2852d-209c-4634-afb6-a980d3d84872
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:53 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
LKf8nhXsWg5ybwEGXk8UBQ.woff
themes.googleusercontent.com/static/fonts/ptsans/v5/ Frame 817B 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://themes.googleusercontent.com/static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff
Requested by
Host: s1.ucoz.net
URL: https://s1.ucoz.net/adv/dummy/000/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5dfdd878d2d6bdd50f37fde1800a044753dd00bac3c3a30a35f999b422a48ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://refstar.at.ua
Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 06 Nov 2020 11:57:49 GMT
x-content-type-options
nosniff
age
160144
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60332
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Nov 2021 11:57:49 GMT
3
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/3?dp=16&id=95403.446640.93390459&sid=5fa7abcc-f6c8-b41u-utl0-mnj2lbqifgbq&r=ptokl57u1k5w
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:53 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
/
ps.ntvk1.ru/nv/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ps.ntvk1.ru/nv/?top_href=https%3A%2F%2Frefstar.at.ua%2F
Requested by
Host: p1.dircont3.com
URL: https://p1.dircont3.com/nv.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.213.133.116 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.15.7 /
Resource Hash
4aad16115e150be26ecbabeb9d856f628dbe882d7202b6d62979f373b766a664
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 08 Nov 2020 08:26:53 GMT
Access-Control-Request-Method
POST
Server
nginx/1.15.7
Accept-Language
en-US,en;q=0.8
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=604800
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://refstar.at.ua
Accept
*/*
Connection
keep-alive
Access-Control-Allow-Credentials
true
X-Nativka-Host
ps2.ntvk1.ru
Content-Encoding
gzip
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Key, Cookie, Referer, User-Agent, Host, Connection
Access-Control-Request-Headers
origin, content-type
rb.js
pub-eu.p.otm-r.com/static/ Frame 7940 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pub-eu.p.otm-r.com/static/rb.js?s=ck6s195mdyv1m0868lv9fis3e&page=https%3A%2F%2Frefstar.at.ua%2F&w=300&h=250
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/519/2/37519.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.63.43.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.235.43.63.178.clients.your-server.de
Software
nginx/1.17.10 /
Resource Hash
a978a942a7ab642584ee3212735516ba7aa0937285bb1921ac6113d901453db2

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:53 GMT
last-modified
Mon, 27 Apr 2020 12:13:35 GMT
server
nginx/1.17.10
status
200
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
4272
3
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/3?dp=16&id=37519.387434.161339924.0.0.95&sid=5fa7abcc-f6c8-b41u-utl0-mnj2lbqifgbq&ref=https%3A%2F%2Frefstar.at.ua%2F&r=1604824013
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:53 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
truncated
/ 		612 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74dcd398eafd7dbc3d07b76625839f63f464de97b26adca97ac30883cf79b0d9

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
1
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/1?dp=68&id=37519.387434.161339928.0.2.112&sid=5fa7abcc-f6c8-b41u-utl0-mnj2lbqifgbq&ref=https%3A%2F%2Frefstar.at.ua%2F&r=1604824013
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:53 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
1
www.acint.net/rtbw/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A37519%2C%22sc%22%3A0%2C%22pl%22%3A387434%2C%22ev%22%3A%22vis0%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=5fa7abcc-f6c8-b41u-utl0-mnj2lbqifgbq&ref=https%3A%2F%2Frefstar.at.ua%2F&r=1604824013
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:53 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
243784
mc.yandex.ru/watch/ 		35 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/243784?wmode=7&cnt-class=1&nohit=1&page-url=https%3A%2F%2Frefstar.at.ua%2F&charset=utf-8&browser-info=ti%3A10%3Adp%3A1%3Ans%3A1604824011276%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A3%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201108092652%3Aet%3A1604824014%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aad%3A1%3Apv%3A1%3Als%3A169229713467%3Arn%3A681422799%3Ahid%3A24943773%3Agdpr%3A14%3Aeu%3A1%3Av%3A1962%3Arqnl%3A1%3Ast%3A1604824014%3Au%3A160482401349741275%3At%3A%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BE%D0%BA%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20-%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 08 Nov 2020 08:26:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 08-Nov-2020 08:26:53 GMT
status
200
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://refstar.at.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
35
x-xss-protection
1; mode=block
expires
Sun, 08-Nov-2020 08:26:53 GMT
1
mc.yandex.ru/watch/243784/ 		43 B
73 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/243784/1?cnt-class=1&page-url=https%3A%2F%2Frefstar.at.ua%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1604824011276%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A3%3Az%3A60%3Ai%3A20201108092653%3Aet%3A1604824014%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apa%3A1%3Als%3A169229713467%3Arqn%3A1%3Arn%3A509640437%3Ahid%3A24943773%3Ads%3A0%2C194%2C177%2C2%2C269%2C0%2C0%2C969%2C6%2C%2C%2C%2C1620%3Afp%3A1226%3Agdpr%3A14%3Aeu%3A1%3Av%3A1962%3Arqnl%3A1%3Ast%3A1604824014%3Au%3A160482401349741275
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 08 Nov 2020 08:26:53 GMT
last-modified
Sun, 08-Nov-2020 08:26:53 GMT
status
200
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://refstar.at.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 08-Nov-2020 08:26:53 GMT
243784
mc.yandex.ru/watch/ 		43 B
73 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/243784?cnt-class=1&page-url=https%3A%2F%2Frefstar.at.ua%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1604824011276%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A3%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201108092653%3Aet%3A1604824014%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apv%3A1%3Als%3A169229713467%3Arqn%3A2%3Arn%3A849282180%3Ahid%3A24943773%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1962%3Arqnl%3A1%3Ast%3A1604824014%3Au%3A160482401349741275%3At%3A%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BE%D0%BA%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20-%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 08 Nov 2020 08:26:53 GMT
last-modified
Sun, 08-Nov-2020 08:26:53 GMT
status
200
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://refstar.at.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 08-Nov-2020 08:26:53 GMT
aotm.js
sync.dmp.otm-r.com/match/ Frame 7940 		0
0
adi
pub-eu.p.otm-r.com/ Frame 0B2D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pub-eu.p.otm-r.com/adi?s=ck6s195mdyv1m0868lv9fis3e&page=https%3A%2F%2Frefstar.at.ua%2F&w=300&h=250&tz=-60&ref=https%253A%252F%252Frefstar.at.ua%252F&rr=direct&rand=21031cb=1604824013721
Requested by
Host: pub-eu.p.otm-r.com
URL: https://pub-eu.p.otm-r.com/static/rb.js?s=ck6s195mdyv1m0868lv9fis3e&page=https%3A%2F%2Frefstar.at.ua%2F&w=300&h=250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.63.43.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.235.43.63.178.clients.your-server.de
Software
nginx/1.17.10 /
Resource Hash

Request headers

:method
GET
:authority
pub-eu.p.otm-r.com
:scheme
https
:path
/adi?s=ck6s195mdyv1m0868lv9fis3e&page=https%3A%2F%2Frefstar.at.ua%2F&w=300&h=250&tz=-60&ref=https%253A%252F%252Frefstar.at.ua%252F&rr=direct&rand=21031cb=1604824013721
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://refstar.at.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://refstar.at.ua/

Response headers

status
200
server
nginx/1.17.10
date
Sun, 08 Nov 2020 08:26:53 GMT
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
expires
0
pragma
no-cache
set-cookie
mpid=NWZhN2FiY2QxMTc5ZWIxNg==; Path=/; Domain=otm-r.com; Max-Age=31536000; Secure; SameSite=None
content-encoding
gzip
rb.js
co9.rktch.com/static/ Frame 1EF2 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://co9.rktch.com/static/rb.js
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/519/2/37519.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.87.190.23 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
ops10.rktch.com
Software
nginx/1.14.2 /
Resource Hash
37d9fdcb589bfab4d9557628567c02db962393f3306d31658425f073721b317d

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Aug 2020 09:34:49 GMT
Server
nginx/1.14.2
ETag
W/"5f350939-1945"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Expose-Headers
Content-Length,Content-Range
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
3
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/3?dp=68&id=37519.387434.161339928.0.2.112&sid=5fa7abcc-f6c8-b41u-utl0-mnj2lbqifgbq&ref=https%3A%2F%2Frefstar.at.ua%2F&r=1604824014
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:53 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
1
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/1?dp=112&id=37519.387434.161339934.0.3.83&sid=5fa7abcc-f6c8-b41u-utl0-mnj2lbqifgbq&ref=https%3A%2F%2Frefstar.at.ua%2F&r=1604824014
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:53 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
visible
cloudfastads.ru/statistics/teaser/ 		482 B
954 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cloudfastads.ru/statistics/teaser/visible
Requested by
Host: cloudfastads.ru
URL: https://cloudfastads.ru/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:80dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57256bd3d351cfbd642d5b2bd187eac509c1b0f58d58b0a24b261b52af3fecd0
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Nov 2020 08:26:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
vary
Accept-Encoding, Origin
cf-request-id
064890341600002b412808f000000001
referrer-policy
no-referrer-when-downgrade
server
cloudflare
etag
W/"1e2-EXVMEhZlDjtm3CaIsaS6OMpvcW4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d7gvQIOEjw0cV%2B3hYHgcS0J6v%2Bm%2FFgGVGiIo5Uvtj2XzJWtJGiozWQ8Plqmh3ViRxz%2Fy9D49tS%2Br9T7o%2FwIedhFe6H%2FPCS5BicaliKiNSy3kmA4Q%2FYYT8uOEPqM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://refstar.at.ua
x-xss-protection
1; mode=block
access-control-allow-credentials
true
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
cf-ray
5eede9668b3a2b41-FRA
hit;ucoz_topline_worldwide
counter.yadro.ru/ Frame 817B 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;ucoz_topline_worldwide?rhttps%3A//refstar.at.ua/;s1600*1200*24;uhttps%3A//refstar.at.ua/%3FC23FWST3BNUT8%2521VGu%253BlCdC1Wxpj8VZSprPQX0HSyUgJp4P3rhIgD9Y3i3nOHi9yY0fkyDlFL%2521NVWAKRO9ffo;1604824014020
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/?C23FWST3BNUT8%21VGu%3BlCdC1Wxpj8VZSprPQX0HSyUgJp4P3rhIgD9Y3i3nOHi9yY0fkyDlFL%21NVWAKRO9ffo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:54 GMT
Transfer-Encoding
chunked
Server
nginx/1.17.9
Connection
keep-alive
Strict-Transport-Security
max-age=86400
bg.gif
s1.ucoz.net/adv/dummy/000/img/ Frame 817B 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ucoz.net/adv/dummy/000/img/bg.gif
Requested by
Host: s1.ucoz.net
URL: https://s1.ucoz.net/adv/dummy/000/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.235 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, RU),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
16c9962c4ecd52efc16d9d639d52fc60b9e427b6e454190d162f1aa1d220ad50

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:57 GMT
Last-Modified
Tue, 26 Mar 2019 14:28:17 GMT
Server
nginx
ETag
"5c9a3701-4f4"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
1268
matchspm
ut.rktch.com/
Redirect Chain
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D&bounce=1&random=1945811057
  • https://ut.rktch.com/matchspm?pi=1000006&pui=mM/hCPJgpnqAs215GtIXXO
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ut.rktch.com/matchspm?pi=1000006&pui=mM/hCPJgpnqAs215GtIXXO
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.5.102 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
d41228.acod.regrucolo.ru
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:55 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.14.2
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Accept, Authorization
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS

Redirect headers

pragma
no-cache
date
Sun, 08 Nov 2020 08:26:55 GMT
via
1.1 google
last-modified
Sun, 08 Nov 2020 08:26:55 GMT
server
nginx/1.12.0
status
302
location
https://ut.rktch.com/matchspm?pi=1000006&pui=mM/hCPJgpnqAs215GtIXXO
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
matchspm
ut.rktch.com/ 		0
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ut.rktch.com/matchspm?pi=2&pui=e7f12b96e5b44eca904f535b8ebf361f
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.5.102 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
d41228.acod.regrucolo.ru
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:54 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.14.2
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Accept, Authorization
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
matchbt
ut.rktch.com/ 		88 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ut.rktch.com/matchbt?bi=29
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.5.102 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
d41228.acod.regrucolo.ru
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:54 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type
image/png
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Accept, Authorization
matchbt
ut.rktch.com/ 		88 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ut.rktch.com/matchbt?bi=27
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.5.102 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
d41228.acod.regrucolo.ru
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:54 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type
image/png
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Accept, Authorization
matchbt
ut.rktch.com/ 		88 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ut.rktch.com/matchbt?bi=50
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.5.102 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
d41228.acod.regrucolo.ru
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:54 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type
image/png
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Accept, Authorization
matchbt
ut.rktch.com/ 		88 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ut.rktch.com/matchbt?bi=39
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.5.102 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
d41228.acod.regrucolo.ru
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:54 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type
image/png
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Accept, Authorization
Cookie set qySpDHxK
roserobotx.ru/ Frame 1306 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://roserobotx.ru/qySpDHxK
Requested by
Host: s1.ucoz.net
URL: https://s1.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.283354035502157
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.201.152.8 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Host
roserobotx.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://refstar.at.ua/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://refstar.at.ua/

Response headers

Server
nginx
Date
Sun, 08 Nov 2020 08:26:55 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
332
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires
0
Last-Modified
Sun, 08 Nov 2020 08:26:55 GMT
Pragma
no-cache
Set-Cookie
_subid=3pca89r35plvro;Expires=Wednesday, 09-Dec-2020 08:26:55 GMT;Max-Age=2678400;Path=/ _token=uuid_3pca89r35plvro_3pca89r35plvro5fa7abcfba6f69.21173291;Expires=Wednesday, 09-Dec-2020 08:26:55 GMT;Max-Age=2678400;Path=/
X-Content-Type-Options
nosniff
v0
tg.rktch.com/ Frame 1BA6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tg.rktch.com/v0?i=11693&p=1&vw=300&vh=250&sw=1600&sh=1200&rk=HUptYW&url=https%3A%2F%2Frefstar.at.ua%2F&siteid=161339934
Requested by
Host: co9.rktch.com
URL: https://co9.rktch.com/static/rb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.5.56 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
d41021.acod.regrucolo.ru
Software
nginx/1.14.2 /
Resource Hash

Request headers

Host
tg.rktch.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://refstar.at.ua/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
b_uid=e1cae1a78dd952fe88546ded9c6e1a169d51
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://refstar.at.ua/

Response headers

Server
nginx/1.14.2
Date
Sun, 08 Nov 2020 08:26:55 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
POST
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
86400
Access-Control-Allow-Headers
Content-Type, Authorization, x-ad4-*
2321957.js
cache.betweendigital.com/sections/2/ Frame B06B 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/sections/2/2321957.js
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/519/2/37519.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.85 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
a668aeeddcb190a10c36561fa5253aa84b76734cdbf947da9092db8162607dc7

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sun, 08 Nov 2020 08:26:55 GMT
content-encoding
gzip
last-modified
Thu, 15 Oct 2020 02:43:30 GMT
server
nginx
etag
W/"5f87b752-23b4"
content-type
application/javascript
3
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/3?dp=112&id=37519.387434.161339934.0.3.83&sid=5fa7abcc-f6c8-b41u-utl0-mnj2lbqifgbq&ref=https%3A%2F%2Frefstar.at.ua%2F&r=1604824016
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:55 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
1
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/1?dp=7&id=37519.387434.161339926.0.5.54&sid=5fa7abcc-f6c8-b41u-utl0-mnj2lbqifgbq&ref=https%3A%2F%2Frefstar.at.ua%2F&r=1604824016
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:55 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
async_rtb.js
cache.betweendigital.com/code/ Frame B06B 		304 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/async_rtb.js
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/2321957.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.85 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
1b1f280688f47e2b4957c2cb9eaaa46752631e903649db1ebec56fdf610af0e5

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:55 GMT
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 13:08:52 GMT
server
nginx
etag
W/"5f96ca64-4bf7c"
content-type
application/javascript
status
200
cache-control
public, max-age=900, immutable
1x1.gif
cache.betweendigital.com/code/ Frame B06B 		43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache.betweendigital.com/code/1x1.gif
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.85 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:55 GMT
last-modified
Tue, 08 Oct 2019 15:27:01 GMT
server
nginx
etag
"5d9caac5-2b"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
43
fltiukqt.js
pixel.yabidos.com/ Frame B06B
Redirect Chain
  • https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://refstar.at.ua&x=&nci=&adtg=2321957&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
  • https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://refstar.at.ua&x=&nci=&adtg=2321957&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://refstar.at.ua&x=&nci=&adtg=2321957&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6816e29afd28ec19a8117347057ebac92b311321e5383b9ec9db06ef542d2934

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:56 GMT
content-encoding
gzip
cf-cache-status
HIT
age
63
status
200
content-length
1579
cf-request-id
0648903d4c0000bdb4733db000000001
last-modified
Mon, 02 Nov 2020 21:28:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
5eede9754e65bdb4-AMS
expires
Sun, 08 Nov 2020 10:26:56 GMT

Redirect headers

date
Sun, 08 Nov 2020 08:26:56 GMT
server
cloudflare
status
301
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://refstar.at.ua&x=&nci=&adtg=2321957&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
cache-control
max-age=3600
cf-ray
5eede974ee44bdb4-AMS
cf-request-id
0648903d120000bdb47b0c0000000001
expires
Sun, 08 Nov 2020 09:26:56 GMT
86288734
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/ Frame B06B
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/86288734
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/86288734
43 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/86288734
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.1.0/1.14.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
ms-counter-3.1.0/1.14.0
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 08 Nov 2020 08:26:56 GMT
Server
ms-counter-3.1.0/1.14.0
Strict-Transport-Security
max-age=2678400
Content-Type
image/gif
Location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/86288734
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
adi
ads.betweendigital.com/ Frame C8FB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adi?frl=1&subid=1452425.161339926&pos=atf&ref=https%3A%2F%2Frefstar.at.ua%2F&tz=-60&fl=0&ord=3945766193843596&rr=direct&c2s=1&r_seq=0&tld=https://refstar.at.ua&tagType=adi&w=300&h=250&s=2321957&jst=ai
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/async_rtb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
ads.betweendigital.com
:scheme
https
:path
/adi?frl=1&subid=1452425.161339926&pos=atf&ref=https%3A%2F%2Frefstar.at.ua%2F&tz=-60&fl=0&ord=3945766193843596&rr=direct&c2s=1&r_seq=0&tld=https://refstar.at.ua&tagType=adi&w=300&h=250&s=2321957&jst=ai
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://refstar.at.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
dc=mow1; tuuid=01f2942a-bb6e-5139-aed7-5d57f170f69a; ut=X6erzQAJmQjXVdBeMsjdGwS6NU52oXlyiRPXag==; ss=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://refstar.at.ua/

Response headers

status
200
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
38355295
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame B06B
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/38355295
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/38355295
43 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/38355295
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.1.0/1.14.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
ms-counter-3.1.0/1.14.0
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 08 Nov 2020 08:26:56 GMT
Server
ms-counter-3.1.0/1.14.0
Strict-Transport-Security
max-age=2678400
Content-Type
image/gif
Location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/38355295
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
www.acint.net/ping/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/ping/?v=0.2.1&uid=7d3d8b27-7495-4525-9e3f-458285b31f44&dp=14&tz=%2B01%3A00&nc=34745714&dT=2020-11-08T09%3A26%3A56.198
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:56 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
impimg.gif
pre.glotgrx.com/ Frame B06B 		26 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/impimg.gif?cb=1604824016237&qid=53532313f523632313f5436393&cid=964&s=https://refstar.at.ua&p=BX&x=&adtg=2321957&nsi=&si=&nci=&nai=&ua=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&ai=&flsrc=1
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:56 GMT
cf-cache-status
HIT
last-modified
Mon, 01 Jun 2020 01:14:19 GMT
server
cloudflare
age
2159
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
5eede9759e1e2484-FRA
content-length
26
cf-request-id
0648903d82000024844d24e000000001
expires
Sun, 08 Nov 2020 10:26:56 GMT
/
ssp-rtb.sape.ru/crypme/ 		101 B
438 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp-rtb.sape.ru/crypme/?callback=sapeRTBreadBtwResponse_37519&place=387434&partner=7
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/519/2/37519.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.69.74.8 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1290149.sapientru.net
Software
openresty /
Resource Hash
02e350966d5ce886454e6c2c0c3f06d73abe15896d4afe16c731ad412b72b3c0

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 08:26:56 GMT
Server
openresty
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
101
Expires
Wed, 19 Apr 2000 11:43:00 GMT
3
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/3?dp=7&id=37519.387434.161339926.0.5.54&sid=5fa7abcc-f6c8-b41u-utl0-mnj2lbqifgbq&ref=https%3A%2F%2Frefstar.at.ua%2F&r=1604824016
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:56 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
5
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/5?dp=54&id=37519.387434.161339930.0.6.183&sid=5fa7abcc-f6c8-b41u-utl0-mnj2lbqifgbq&ref=https%3A%2F%2Frefstar.at.ua%2F&r=1604824016
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:56 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
1
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/1?dp=307&id=37519.387434.161339925.0.8.154&sid=5fa7abcc-f6c8-b41u-utl0-mnj2lbqifgbq&ref=https%3A%2F%2Frefstar.at.ua%2F&r=1604824016
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:56 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
2321958.js
cache.betweendigital.com/sections/2/ Frame EBE8 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/sections/2/2321958.js
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/519/2/37519.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.85 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
382d02e41c6b0bbe5677619f0c869770bcd05bfe412278b3e30c915acec25ace

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sun, 08 Nov 2020 08:26:56 GMT
content-encoding
gzip
last-modified
Thu, 15 Oct 2020 02:46:54 GMT
server
nginx
etag
W/"5f87b81e-23ab"
content-type
application/javascript
1x1.gif
cache.betweendigital.com/code/ Frame EBE8 		43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache.betweendigital.com/code/1x1.gif
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/2321958.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.85 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:56 GMT
last-modified
Tue, 08 Oct 2019 15:27:01 GMT
server
nginx
etag
"5d9caac5-2b"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
43
async_rtb.js
cache.betweendigital.com/code/ Frame EBE8 		304 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/async_rtb.js
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/sections/2/2321958.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.85 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
1b1f280688f47e2b4957c2cb9eaaa46752631e903649db1ebec56fdf610af0e5

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:56 GMT
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 13:08:52 GMT
server
nginx
etag
W/"5f96ca64-4bf7c"
content-type
application/javascript
status
200
cache-control
public, max-age=900, immutable
fltiukqt.js
pixel.yabidos.com/ Frame EBE8
Redirect Chain
  • https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://refstar.at.ua&x=&nci=&adtg=2321958&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
  • https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://refstar.at.ua&x=&nci=&adtg=2321958&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://refstar.at.ua&x=&nci=&adtg=2321958&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6816e29afd28ec19a8117347057ebac92b311321e5383b9ec9db06ef542d2934

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:56 GMT
content-encoding
gzip
cf-cache-status
HIT
age
63
status
200
content-length
1579
cf-request-id
0648903ee00000bdb475aa6000000001
last-modified
Mon, 02 Nov 2020 21:28:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
5eede977cf9dbdb4-AMS
expires
Sun, 08 Nov 2020 10:26:56 GMT

Redirect headers

date
Sun, 08 Nov 2020 08:26:56 GMT
server
cloudflare
status
301
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://refstar.at.ua&x=&nci=&adtg=2321958&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
cache-control
max-age=3600
cf-ray
5eede9776f7abdb4-AMS
cf-request-id
0648903ea00000bdb47aba1000000001
expires
Sun, 08 Nov 2020 09:26:56 GMT
12110098
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/ Frame EBE8 		43 B
620 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/12110098
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.1.0/1.14.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=2678400

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
ms-counter-3.1.0/1.14.0
Strict-Transport-Security
max-age=2678400
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:01 GMT
adi
ads.betweendigital.com/ Frame F407 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adi?frl=1&subid=1452425.161339925&pos=atf&ref=https%3A%2F%2Frefstar.at.ua%2F&tz=-60&fl=0&ord=5912486916423423&rr=direct&r_seq=0&tld=https://refstar.at.ua&tagType=adi&w=300&h=250&s=2321958&jst=ai
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/async_rtb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
ads.betweendigital.com
:scheme
https
:path
/adi?frl=1&subid=1452425.161339925&pos=atf&ref=https%3A%2F%2Frefstar.at.ua%2F&tz=-60&fl=0&ord=5912486916423423&rr=direct&r_seq=0&tld=https://refstar.at.ua&tagType=adi&w=300&h=250&s=2321958&jst=ai
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://refstar.at.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
dc=mow1; tuuid=01f2942a-bb6e-5139-aed7-5d57f170f69a; ut=X6erzQAJmQjXVdBeMsjdGwS6NU52oXlyiRPXag==; ss=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://refstar.at.ua/

Response headers

status
200
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
43335242
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame EBE8 		43 B
620 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/43335242
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.1.0/1.14.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=2678400

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 Nov 2020 08:26:56 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
ms-counter-3.1.0/1.14.0
Strict-Transport-Security
max-age=2678400
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:01 GMT
flimpobj.js
pixel.yabidos.com/ Frame EBE8 		30 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1604824016637&ver1=2.2.4&qid=53532313f523632313f5436393&rnd=ycooze1ujijz&cid=964
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://refstar.at.ua&x=&nci=&adtg=2321958&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e98d86c250a12f33af947f035482f843bb63fcdc26ff2b69d3b8cd7779a12cbb

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:56 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4468
status
200
content-length
23878
cf-request-id
0648903f1e0000bdb47528b000000001
last-modified
Mon, 02 Nov 2020 21:28:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
5eede9783fc6bdb4-AMS
expires
Sun, 08 Nov 2020 10:26:56 GMT
vbl.gif
pre.glotgrx.com/ Frame EBE8 		26 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1604824016750&rnd=ycooze1ujijz&ifm=2&uai=2&cid=964&s=https%253A//refstar.at.ua&p=BX&x=&adtg=2321958&ats=0&atf=srtb_iframe_387434_307&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:56 GMT
cf-cache-status
HIT
last-modified
Mon, 01 Jun 2020 01:14:19 GMT
server
cloudflare
age
4579
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
5eede978cc632484-FRA
content-length
26
cf-request-id
0648903f7c00002484a5260000000001
expires
Sun, 08 Nov 2020 10:26:56 GMT
nflrc.gif
pre.glotgrx.com/ Frame EBE8 		26 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1604824016738421&ver=1.2r81&qid=53532313f523632313f5436393&p=BX&s=https%253A//refstar.at.ua&x=&cid=964&od1=&od2=&adtg=2321958&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=ycooze1ujijz&impid=&tps=6&ver1=2.2.4&lon=&lat=&ua=&os=&mm=&di=&ip=&ci=&pp=&bp=&w=&h=&pn=&1=6f0ee731b7b4ce8ac0f9c16acf24ceb7&2=1.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=3&7={%22e%22:%2267%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=srtb_iframe_387434_307&dbgcid=964&ifm=2&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=0&icp=&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-26-p-fl-2-s-fl-21-x-fl-0-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-7-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-lon-fl-0-lat-fl-0-ua-fl-0-os-fl-0-mm-fl-0-di-fl-0-ip-fl-0-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-0-h-fl-0-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andMacIntel&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=300x250&gpu=undefined&ncf=4g_9.5_undefined_null_0_undefined_false&fli=3429136985&flerr=0&trim=&fio=21
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:56 GMT
cf-cache-status
HIT
last-modified
Mon, 01 Jun 2020 01:14:19 GMT
server
cloudflare
age
1667
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
5eede978cc672484-FRA
content-length
26
cf-request-id
0648903f7d0000248488be6000000001
expires
Sun, 08 Nov 2020 10:26:56 GMT
teasers
cloudfastads.ru/data/ 		15 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cloudfastads.ru/data/teasers
Requested by
Host: cloudfastads.ru
URL: https://cloudfastads.ru/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:80dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
943d053c41465f44ea0ef38b5aec3987618a713d202c6b1b5868175b7abdc53b
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Nov 2020 08:26:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
vary
Accept-Encoding, Origin
cf-request-id
06489041c100002b41dba41000000001
referrer-policy
no-referrer-when-downgrade
server
cloudflare
etag
W/"3be4-eM2Dh/AIAHv55BAzNXhaNBn7wRQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FYcr5qPCTDyqQ0KR650M9Z3Iu5FSTaiAyR6rg0g8GZ7CukwlrMe%2FsAlwhbBpHSaqLkLCI1wfJGg%2FK%2FsRccDuRS9Hm%2FuGFf6G8byUmx4Zfgye0awHDoBbeaKsOi0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://refstar.at.ua
x-xss-protection
1; mode=block
cache-control
private, max-age=60, stale-while-revalidate=84000
access-control-allow-credentials
true
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
cf-ray
5eede97c69c22b41-FRA
expires
Sun Nov 08 2020 08:14:02 GMT+0300
5d67ba65b2f92a17f5c3c22a
cloudfastads.ru/data/iframe/29058/desktop/ Frame 2F6C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cloudfastads.ru/data/iframe/29058/desktop/5d67ba65b2f92a17f5c3c22a
Requested by
Host: cloudfastads.ru
URL: https://cloudfastads.ru/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:80dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
cloudfastads.ru
:scheme
https
:path
/data/iframe/29058/desktop/5d67ba65b2f92a17f5c3c22a
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://refstar.at.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://refstar.at.ua/

Response headers

status
200
date
Sun, 08 Nov 2020 08:26:57 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d1d4d6a4cedfc5ff71c4fd9da7ed2d9d11604824017; expires=Tue, 08-Dec-20 08:26:57 GMT; path=/; domain=.cloudfastads.ru; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding Origin
access-control-allow-credentials
true
expires
Sun Nov 08 2020 08:26:31 GMT+0300
cache-control
private, max-age=60, stale-while-revalidate=84000
link
</css/inner.css>; rel=preload; as=style; crossorigin, </inner.js>; rel=preload; as=script; crossorigin;
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
cf-request-id
06489041c400002b410d308000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hyFmuah60CCOg2E5j8GVfEYy1Cinojnb%2B0aNpExE3Yust7MdH8HSY9oXwE3zAi4LUV8NCxrIUMc9w4R17O%2BpK30OJreJ975VP44sKcmMC7VfWnst%2FAATs8w0OzM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5eede97c69d32b41-FRA
content-encoding
br
cf-h2-pushed
</css/inner.css>,</inner.js>
insert
cloudfastads.ru/statistics/iframe/ 		330 B
773 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cloudfastads.ru/statistics/iframe/insert
Requested by
Host: cloudfastads.ru
URL: https://cloudfastads.ru/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:80dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
759ec0af78abb926b4b5cff205719f3b5b8390a8ea0e2b1292e582997612debe
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Nov 2020 08:26:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
vary
Accept-Encoding, Origin
cf-request-id
06489041c300002b41d89e8000000001
referrer-policy
no-referrer-when-downgrade
server
cloudflare
etag
W/"14a-Tth7lwSs9D9HXL4PD5NV+WrSKK4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Rb8WcpOixmrj9q5eGK94piKw0TucFxaTevlrnChViniEapY2jn0MUljwHFbMpmHoMI4ofO3oHb7NdnJNrH5FFG%2Br5tp3YE7wzrmiT%2BIEt2qP79Armgz%2FXqOGXHI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://refstar.at.ua
x-xss-protection
1; mode=block
access-control-allow-credentials
true
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
cf-ray
5eede97c69d02b41-FRA
3
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/3?dp=307&id=37519.387434.161339925.0.8.154&sid=5fa7abcc-f6c8-b41u-utl0-mnj2lbqifgbq&ref=https%3A%2F%2Frefstar.at.ua%2F&r=1604824017
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:57 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
5
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/5?dp=154&id=37519.387434.161339932.0.9.212&sid=5fa7abcc-f6c8-b41u-utl0-mnj2lbqifgbq&ref=https%3A%2F%2Frefstar.at.ua%2F&r=1604824017
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:57 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
1
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/1?dp=80&id=37519.387434.161339933.0.11.0&sid=5fa7abcc-f6c8-b41u-utl0-mnj2lbqifgbq&ref=https%3A%2F%2Frefstar.at.ua%2F&r=1604824017
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:57 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
visible
cloudfastads.ru/statistics/iframe/ 		330 B
716 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cloudfastads.ru/statistics/iframe/visible
Requested by
Host: cloudfastads.ru
URL: https://cloudfastads.ru/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:80dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
939aae107b9a9ac5d2035a4f098850ecd8d5488cd8213c753c77c50fefada76a
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Nov 2020 08:26:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
vary
Accept-Encoding, Origin
cf-request-id
06489041c700002b413522e000000001
referrer-policy
no-referrer-when-downgrade
server
cloudflare
etag
W/"14a-phq31CbcMZAcdQa0Dnp9t4Ts99U"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KSxPKj5XIPQF9r%2FWqpHXVhawj9CiMOIajpFp2p0N7az0sbIk5nkkjFzDTceu937QJisc5EwTdzA7MSKKUYiMwlUABB%2F%2BiQW76I9oU89cmKB2ZKN1GZnkbB%2FPX3s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://refstar.at.ua
x-xss-protection
1; mode=block
access-control-allow-credentials
true
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
cf-ray
5eede97c79db2b41-FRA
2
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/2?dp=80&id=37519.387434.161339933.0.11.0&sid=5fa7abcc-f6c8-b41u-utl0-mnj2lbqifgbq&ref=https%3A%2F%2Frefstar.at.ua%2F&r=1604824017
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:57 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
1
www.acint.net/rtbw/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A37519%2C%22sc%22%3A0%2C%22pl%22%3A387434%2C%22ev%22%3A%22ad%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=5fa7abcc-f6c8-b41u-utl0-mnj2lbqifgbq&ref=https%3A%2F%2Frefstar.at.ua%2F&r=1604824017
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:57 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
visible
cloudfastads.ru/statistics/teaser/ 		378 B
717 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cloudfastads.ru/statistics/teaser/visible
Requested by
Host: cloudfastads.ru
URL: https://cloudfastads.ru/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:80dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1886b3768813bc3d0b7084f1003b593132cf7c43cfb60b8f028035539ab36d5
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Nov 2020 08:26:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
vary
Accept-Encoding, Origin
cf-request-id
06489045a900002b41c280c000000001
referrer-policy
no-referrer-when-downgrade
server
cloudflare
etag
W/"17a-sYdxGeSfN3SxQFPT8yzPNbOfXMM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WaT5iHB2EjSft4eTnOpZ13J8rL76%2B1it7vYNJtoBvlP%2Fk8mZYQB9uZa8lAbNPIwggaLuG39AbVVt8lTw48qiHjcQ5NevzpBJ5vWHvQk7Ft1BjWRBHYQbbZAZxmU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://refstar.at.ua
x-xss-protection
1; mode=block
access-control-allow-credentials
true
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
cf-ray
5eede982a89f2b41-FRA
1
www.acint.net/rtbw/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A37519%2C%22sc%22%3A0%2C%22pl%22%3A387434%2C%22ev%22%3A%22vis100%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=5fa7abcc-f6c8-b41u-utl0-mnj2lbqifgbq&ref=https%3A%2F%2Frefstar.at.ua%2F&r=1604824019
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:59 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
1
www.acint.net/rtbw/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/rtbw/1?dp=80&cd=%7B%22st%22%3A37519%2C%22sc%22%3A161339933%2C%22pl%22%3A387434%2C%22ev%22%3A%22view100%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=5fa7abcc-f6c8-b41u-utl0-mnj2lbqifgbq&ref=https%3A%2F%2Frefstar.at.ua%2F&r=1604824019
Requested by
Host: refstar.at.ua
URL: https://refstar.at.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 08:26:59 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
50292898
mc.yandex.ru/watch/ 		43 B
145 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/50292898?page-url=https%3A%2F%2Frefstar.at.ua%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1604824011276%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201108092708%3Aet%3A1604824028%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A102%3Als%3A1214309575798%3Arqn%3A3%3Arn%3A104263742%3Ahid%3A24943773%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C12309%2C12309%2C8%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1964%3Awv%3A2%3Arqnl%3A1%3Ast%3A1604824028%3Au%3A160482401349741275
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 08 Nov 2020 08:27:08 GMT
last-modified
Sun, 08-Nov-2020 08:27:08 GMT
status
200
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://refstar.at.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 08-Nov-2020 08:27:08 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
forexcontext.ru
URL
http://forexcontext.ru/core.php/init/1826?r=&session=2611303&flash=no&7741511
Domain
sync.dmp.otm-r.com
URL
https://sync.dmp.otm-r.com/match/aotm.js

Verdicts & Comments Add Verdict or Comment

211 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes string| ucoz_rndid function| uOnDomOrLater function| uShowAdBanner string| ustub_url function| call_subscribe string| hst string| browser object| browserRegex boolean| isMobile undefined| hideURLbar string| navTitle function| $ function| jQuery function| _uFocus function| _uGetOffset function| _uMenu function| _uMENU function| _uComboBox function| _uSuggestList function| _uDraggable function| _uSlider function| _uTabCtrl function| _uWnd function| _txt function| _uColorBox function| _uParseXML function| _defAjaxError object| _hookAjaxError function| _uAjaxRequest function| _hookAjaxSuccess function| _defAjaxSuccess function| _defAjaxFormError function| _defAjaxFormComplete function| _uPostForm function| _uAjaxQueue function| includeJSfile object| _entrRm function| _entrRem function| _coloredTDs function| openLayerB function| _showOnTop function| encodeJS function| shrinkSpaces function| encodeHtmlVal function| _uLoadJS function| _uLoadCSS function| _uLoadCSSSync function| _uLoadFiles function| dumpObject function| _uHighlightA function| _uBuildMenu function| _uReplaceMenu function| _ubuild_submenus function| uSetCookie function| _uButton function| _uButtonEn function| _uButtonStringSwitch function| _uButtonArraySwitch function| uToolTip function| _uTransStr object| typeaheadUtil function| _uOverlay function| _uStopAllAudioPlayers function| _uAudioPlayer function| _uVideoPlayer function| _uPageMenu function| convertSize function| isES6 object| ulb object| bottomInfoData object| browserObject string| ua number| msie undefined| version boolean| fixedFlag string| openEf function| _bldCont1 object| uBottomInfo object| uCoz function| uSocialLogin number| sw number| breakpoint boolean| mobile object| ClicksCloudAsyncCallbacks function| xyzstickyhide function| xyzstickyshow function| xyzstickyfloat function| base64_encode function| Set_Cookie_Data function| Get_Cookie function| Set_Cookie function| myEquals function| myEqualsIgnoreCase function| utf8_encode object| ItemDataScript_split string| ItemDataScript_dir object| ItemDataScript_parameter string| ItemDataScript_parameter_new object| ItemDataScript_parameter_seperate string| aduid string| pid string| width string| height string| displaytype string| stickysupport number| responsive string| block_id function| xyzstickyfloat_handler24168 object| adq object| page_meta_data string| page_title string| page_referrer string| meta_description string| meta_keywords string| search_keywords number| title_length number| description_length number| currently_rendered number| currently_rendered_flag string| currently_rendered_adunit string| ret string| iframe_src undefined| yandexContextAsyncCallbacks function| ym object| areas object| rootDiv string| prop object| syncFrame function| checkAllSync function| onSyncFinish function| testCookie object| Ya object| yaCounter28046940 object| me object| t object| jQuery1124047964619345773674 number| tz_sessin_id object| ClicksCloud object| _0x4e5c function| _0x2c71 string| urlorigin string| ad_idzone string| ad_width string| ad_height function| createCookie function| readCookie function| eraseCookie function| checkAdHeights function| dom_ready function| post_noads_handler function| post_skin_handler function| post_expandable_handler function| post_pop_handler function| post_interstitial_handler function| post_native_handler function| native_resize_handler object| config_map string| popns function| SapeRtbCommon function| SapeRtbPlayer function| SapeRtbClientCode object| aafVYIyfvUHGVufyud object| _acic object| sapeRtbHandler_37519 string| srtb_sid object| yaCounter50292898 object| pcodeStaticJsonp12953 undefined| yandex_context_callbacks boolean| adbit_ads_loading object| ad_list object| sapeRtbBannerPopupCount function| sapeRTB_5fa7abcd1_28079047 number| _AUExGYqNVn0H object| responsedata object| _acil object| _ntvk1 object| srtb_current_partners object| yaCounter243784 function| z7OO function| G422 function| l5AA function| E5AA function| w8yy function| N8ww function| i033 function| n8ww object| zone_5895_pop function| sapeRTBreadBtwResponse_37519

47 Cookies

Domain/Path Name / Value
.acint.net/ Name: cSyncDp144
Value: 1604824013
.acint.net/ Name: cSyncDp136
Value: 1604824013
.acint.net/ Name: cSyncDp138
Value: 1604824013
.acint.net/ Name: cSyncDp127
Value: 1604824013
.acint.net/ Name: cSyncDp126
Value: 1604824013
.acint.net/ Name: cSyncDp111
Value: 1604824013
.acint.net/ Name: cSyncDp107
Value: 1604824013
.acint.net/ Name: cSyncDp95v2
Value: 1604824013
.acint.net/ Name: cSyncDp88
Value: 1604824013
.acint.net/ Name: cSyncDp85
Value: 1604824013
.acint.net/ Name: cSyncDp84
Value: 1604824013
.acint.net/ Name: cSyncDp77
Value: 1604824013
.acint.net/ Name: cSyncDp67v2
Value: 1604824013
.acint.net/ Name: cSyncDp45v2
Value: 1604824013
.advarkads.com/ Name: u
Value: 06cd587c-5685-48f4-be11-16c2f832591c
.bitcoadz.io/ Name: __cf_bm
Value: 18e5de1cd3c1564ad13a1b5d55f45cad42357bca-1604824012-1800-AbU5sHKRxZ+fYM1NLoVgvEs9RzWHA2B6ceN5AwZfEbnkBFHs3fJJIBqTsPUODT3AmQmZcTBp8eW1afaxgeChgcI=
.acint.net/ Name: cSyncDp40
Value: 1604824013
.acint.net/ Name: cSyncDp101
Value: 1604824013
.acint.net/ Name: cSyncDp68
Value: 1604824013
.acint.net/ Name: cSyncDp37
Value: 1604824013
.refstar.at.ua/ Name: 2refstaruzll
Value: 1604824016
refstar.at.ua/ Name: _cc_session
Value: 8d983e05-8eaa-4588-a7fc-c313cb46305c
.acint.net/ Name: cSyncDp14v3
Value: 1604824013
.republer.com/ Name: ruid
Value: 44daa147-8a3c-4f32-846d-2ee4924357c5
.acint.net/ Name: cSyncDp104
Value: 1604824013
.acint.net/ Name: cSyncDp71
Value: 1604824013
.acint.net/ Name: cSyncDp17
Value: 1604824013
.acint.net/ Name: cSyncDp23
Value: 1604824013
.at.ua/ Name: _ym_isad
Value: 2
refstar.at.ua/ Name: ucvid
Value: VlEY54hrBz
.acint.net/ Name: cSyncDp24
Value: 1604824013
refstar.at.ua/ Name: fid
Value: 72c2852d-209c-4634-afb6-a980d3d84872
.at.ua/ Name: _ym_visorc_50292898
Value: b
.acint.net/ Name: cSyncDp54v2
Value: 1604824013
refstar.at.ua/ Name: _cc_visit
Value: 1
.acint.net/ Name: cSyncDp112v2
Value: 1604824013
.acint.net/ Name: aid
Value: fwAAAV+nq80h5ADVS0t3Av3IXhG3kPBFAc+xr6VXQDkeP35C
.acint.net/ Name: cSyncDp62
Value: 1604824013
refstar.at.ua/ Name: 2refstarpushi
Value: 1
.at.ua/ Name: hostpush_data
Value: {%22sub_id_1%22:%22refstar.at.ua%22%2C%22sub_id_2%22:%22https%22%2C%22sub_id_3%22:%22%22%2C%22sub_id_4%22:%22%22%2C%22sub_id_5%22:%22%22%2C%22utm_campaign%22:%22%22%2C%22utm_source%22:%22%22%2C%22utm_medium%22:%22%22%2C%22utm_content%22:%22%22%2C%22utm_term%22:%22%22%2C%22stream_id%22:%22955%22%2C%22fetch_url%22:%22%22%2C%22tb_decline%22:%22%22%2C%22tb_confirm%22:%22%22%2C%22force_http%22:%22%22%2C%22block_back_button%22:%22%22%2C%22show_overlay%22:%22%22%2C%22complexity_redirect_urls%22:%22%22%2C%22own_sign%22:%22false%22%2C%22own_site%22:%22true%22%2C%22is_safari%22:0%2C%22is_complexity%22:0}
.acint.net/ Name: cSyncDp32
Value: 1604824013
.acint.net/ Name: cSyncDp125
Value: 1604824013
.acint.net/ Name: cSyncDp75
Value: 1604824013
refstar.at.ua/ Name: _cc__visit_deep
Value: 1
.at.ua/ Name: _ym_uid
Value: 160482401349741275
.acint.net/ Name: cSyncDp7v2
Value: 1604824013
.at.ua/ Name: _ym_d
Value: 1604824013

91 Console Messages

Source Level URL
Text
console-api log URL: https://refstar.at.ua/?9%5E4%210zG6r%3BEBR70GB7pkkNdN%3BhZEOfZLnmBLSlWVDQf6Q1ayBl%211hpDv8S3mSS%3BdYbM%5EhYJi0%21G671VPjQfSznktQRbxFV7v4W44SD1tCmRA6aX6PEG%21%21%216w4GTD1IsDaQz53N5Z03qSTIjQ3A5chLbm8razd82Xi%3BSlkAwGhXiXIJnX8YXTAqkdV%3BXDkhRFDGlktEyXN%21iVnL6c%5EIco(Line 25)
Message:
Pushsender push
console-api log URL: https://cloudfastads.ru/app.js(Line 1)
Message:
~===== METRIKA LOADED !!!
console-api log URL: https://bmfeed.ru/ob/ucsecond.js?domain=refstar.at.ua&proto=https&stream_id=955&sub_id_1=refstar.at.ua&sub_id_2=https(Line 1)
Message:
TCL: parts refstar,at,ua
console-api log URL: https://bmfeed.ru/ob/ucsecond.js?domain=refstar.at.ua&proto=https&stream_id=955&sub_id_1=refstar.at.ua&sub_id_2=https(Line 1)
Message:
HTTPS: Notification worker is unavailable. Exit.
console-api log URL: https://bmfeed.ru/ob/ucsecond.js?domain=refstar.at.ua&proto=https&stream_id=955&sub_id_1=refstar.at.ua&sub_id_2=https(Line 1)
Message:
Dispatching event: unavailable
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://code.tothefuturetech.com/js/jquery-3.4.1.min.js(Line 1)
Message:
console.clear

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.realsrv.com
acceptable.a-ads.com
adbit.biz
ads.betweendigital.com
adsspace.net
an.yandex.ru
bitkoin-krany-top.ru
bmfeed.ru
c.securepaths.com
cache.betweendigital.com
cdn-rtb.sape.ru
cdn.jsdelivr.net
cloudfastads.ru
co9.rktch.com
code.tothefuturetech.com
counter.yadro.ru
cp.adviora.com
firefaucet.win
forexcontext.ru
g.cash-ads.com
informer.yandex.ru
manyhit.com
mc.yandex.ru
p1.dircont3.com
pixel.yabidos.com
pre.glotgrx.com
ps.ntvk1.ru
pub-eu.p.otm-r.com
pushkintop.ru
px2.admon.pro
redirect.frontend.weborama.fr
refstar.at.ua
roserobotx.ru
rot.spotsniper.ru
s1.ucoz.net
speedflow.io
ssp-rtb.sape.ru
ssp1.rtb.beeline.ru
super-traf.ru
sync.adkernel.com
sync.dmp.otm-r.com
sync.republer.com
sync3.adsniper.ru
syndication.realsrv.com
tg.rktch.com
thefuturepubs.com
themes.googleusercontent.com
traffdaq.com
ut.rktch.com
www.acint.net
www.bitcoadz.io
www.tns-counter.ru
forexcontext.ru
sync.dmp.otm-r.com
104.16.200.58
107.170.39.103
144.76.9.117
147.135.220.104
159.69.74.8
162.213.255.36
172.67.75.144
176.99.5.102
176.99.5.56
178.63.43.235
193.109.247.235
193.232.121.79
194.190.117.94
194.87.190.23
195.181.175.49
195.201.106.117
195.201.243.71
198.54.116.135
2001:4de0:ac19::1:b:3a
2001:6d0:4001::226
204.155.145.103
2606:4700:20::681a:87b
2606:4700:3031::6818:769c
2606:4700:3031::681b:80dc
2606:4700:3031::ac43:c1ad
2606:4700:3033::ac43:c61a
2606:4700:3035::681c:531
2606:4700::6810:4036
2a00:1450:4001:803::2001
2a02:6b8::1:119
2a02:6b8::90
2a03:6f00:1::5c35:6023
2a04:4e42:1b::621
31.172.81.160
31.172.81.172
35.190.16.14
35.190.72.161
37.9.245.57
5.254.23.85
5.79.90.48
5.9.10.165
77.245.57.72
84.201.152.8
88.208.7.132
88.212.201.198
88.212.252.22
92.53.96.35
95.211.229.245
95.213.133.116
95.215.204.110
00470505c2bef94c187329089988c2edf2b08631487c3ec0fe08c88e318cb081
01155c2b36338a14716722e610fd8d6abc2d03523341c40e09d4617dbcd2e05d
02e350966d5ce886454e6c2c0c3f06d73abe15896d4afe16c731ad412b72b3c0
05a3f8587400860aa87bb18c9a9cd5b22a45ca4fc4a37a7922d29e48549b2fc9
05f705f6fe65d073d0af077d7cda33354e570bf53c86e777a45be12c1697dcca
0c069d910a9851b9433b030f8b21b6506dde07f78fc418128567b55a17cc72f0
0c4fe8584d0d4b187220640d5265bb0684e79b09f2c7b78e496f7027ee64a8ac
130f24f868c4364f20cd2b7afd416b01e5fe5efea9034701c4130fa14c1910fa
16c9962c4ecd52efc16d9d639d52fc60b9e427b6e454190d162f1aa1d220ad50
1b1f280688f47e2b4957c2cb9eaaa46752631e903649db1ebec56fdf610af0e5
214ac706c680a74ccd70ca524c935602900727cbf833b0d6808d10dd36e442b8
214dbbe4610c9fc6569d98db73c0e44007bc0a2a87be265e658badd9aab591c3
21f21d205d877d7cac50f15ac7f7ce3e3a5c48a06c96f583810b56771ca7cf95
24d0fea5aa4a39e775681c47d088cadc93f2a239b8af85ab7af99294e99c7757
256e131db582203e441b1459f71b2427baf21210eb54fd8790dd61c7d7853f73
25ed1276f20986488e24b40548f023af771181ac7862900bde43cbdaffe0d0b9
328def4082161f5f69fcf4ec8610094e8de215418533d6e3d7b1c7351839a817
357a6fa38f1136ed0c847e53fc8517249891cce44ce15500f77b53b5603c4f97
37d9fdcb589bfab4d9557628567c02db962393f3306d31658425f073721b317d
382d02e41c6b0bbe5677619f0c869770bcd05bfe412278b3e30c915acec25ace
38ee8af29ccb2daefe8cde1f4159ee332ab8009d8808443b4c4d06760af36cfb
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
46348c08676290dcf101dc39ef729028003bfc8706f1c8af0fee030360513292
47f0580275a8c1e95343e461cb949869ca93dd109f4fa2e45d655d13a0b5d625
4aad16115e150be26ecbabeb9d856f628dbe882d7202b6d62979f373b766a664
4d3db0c8e48d8f3587dc7c2f43f3d3a358b02040134b1e387b92f26647aa51d7
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
52d1aa128be4eb5d3f62546a62785d4a9588435866781bcb79556e860bc1f707
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57256bd3d351cfbd642d5b2bd187eac509c1b0f58d58b0a24b261b52af3fecd0
58724cf9d89f1cadc735e143b46330c4b7fe0359cfccb2020431f63781d5bc20
5b836afb11090f5d597175cc15b85caab3033d6fa9b4dd9020f02d27e2c1055c
5c2eb3f833dc800a6c6bd07d84ef7798e28a075110df2292cf6bdcd362db6de5
5dfdd878d2d6bdd50f37fde1800a044753dd00bac3c3a30a35f999b422a48ee1
635032661a9d777042cbf1ae64f5278764bd8e946b4da5031905a8053e529a08
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
679db9ea7efa215c1b715df6a267165af9cde6566f49635fae9d2125d80eb138
6816e29afd28ec19a8117347057ebac92b311321e5383b9ec9db06ef542d2934
697b71d08fb8deeab43a24dcbbbd3b178fc7c0b72160d185a691ab0ba328da9f
6bb6b6017764b60fe64e64590b4cbe40543b61c2674daf2685e71adae78f3028
710e8fb7ac8a7d4c5aca2a2d0a47be250bb4c75f0ab305e39cd833c17d8fdbdd
74dcd398eafd7dbc3d07b76625839f63f464de97b26adca97ac30883cf79b0d9
759ec0af78abb926b4b5cff205719f3b5b8390a8ea0e2b1292e582997612debe
766d5dbe87182997780e35cf8b2680fe76b9461dd262eda9e67160bb56001694
7758e39f24c9e1275f6530f48ce09ea84c01b0d86229a6fc517a08bab4675be9
77731cd3b35cfe8551e051bfe44a24c29a024c271c690bf4a89e605def0f8238
7863b2c6bd5f2a35d3c2920537da6c9f2e91140293244faf4d7008c1536a59c7
7ce8dfb9585a908e467674314847c3b622a6005eae37e1aba2bae7fc050cedc3
7f121ba8a9ac5e7ef65a2e1e419a48258400991a54a54ace358c7d0c38a585f7
7f5d68a2a46c4c56ae0e37405b29c1e9b0b4cb0adb7469aad946dc6daf6e25d7
83443f7014087be2eca63840c47fd3a7683edec7578f2ee064de6495b247b104
849fa6cf5457db558bfc1b1b07dc150d3d2b36e24bf86f4382539af17f94e935
877c9f478d7db1ff23fce0d64305d7f878ad0d736a8ce5b869094666f1dec758
904dc4729e6e838c7e1b29d757c23d76f30e869aa5da1a0734e75c876d8db5ec
939aae107b9a9ac5d2035a4f098850ecd8d5488cd8213c753c77c50fefada76a
943d053c41465f44ea0ef38b5aec3987618a713d202c6b1b5868175b7abdc53b
9b728abd5461d536ec0ebe2d1f80f999e3ab4bbd506a3b23827577a658c45b22
9f268dddca3e712b5a93769e9b8acc6ee465741e725862fa28f881fac3753f16
a3208552bc710558ac77d776a361bfd7fd22b3587e8508ef05584f556562d3a1
a32adc6e8afd732ce6a936f8bea2481081be79535fe7b6aa5e5165a409ccecd4
a657a4d5d05c6cd9b9f881ab6941e71f725c7eb451c9f37ceb514e45fdfd441d
a668aeeddcb190a10c36561fa5253aa84b76734cdbf947da9092db8162607dc7
a9265d79c9ff74d4deeab5dce9643ed838018a6b4346605e002867858534f4bf
a978a942a7ab642584ee3212735516ba7aa0937285bb1921ac6113d901453db2
aecbb29e4ba011387b62482d84026f18f2756e51d2ccf85d9d00d5caade2bd82
b4543e0a3b847b39a5caa7f37288ecf8719a547881d6d076ca8112f3d3c7940d
b4833a5f55a719ef3f040ced7640b6cd858f5d7243a6a8bacafc08c4e8e16c50
b72d3f61ac56b4aa27bad5769589705004aff1f0ad341785ca72dc46ba16de5b
b8775ae40f2fe408a526e88783161c20a0960d04bdad3b8c32341a43d5a4d205
be1d58511293c5c19738f3b55c0ce638e6fde09eae8a280e66f7cbbc6541f597
c08047555de064e05a22e37e1ba9f7455fc4fe963e2756ba2bcc14c3bbc3b1aa
c4fb8d0777311396000b42acae480ff82df63c9b7eef13d1843196b96207929a
cc5978d42fdf039960652c0ffce1b3daf270eb06108a1ef71f5cfe3d61a61037
cd990629f7165aaa0f251b6af6b8e8abce1263502363894f937c9f170c552296
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0608cf0c4aff79f20a198427f7df73300d643face9bea72b8d406b432b84df9
d196da8fefdb6d02bf7af5cbed5752ceb0e61595d24151826117824db9c57c1d
d3f814d49049b29143de2fccdbd97d0a1f0739e2554c482684c7c906b535ea43
d851b45a8a53ec033fb16303639dd10cdb72ece6779cefb70b00e4560d91b190
dc90cb47bdf8a6066784725a12dd19aafe14aa5b44462fb2b56187d8f62c0513
dda50009de06bc2c3436957b3a5799b8fef4e5adfa6654119851ac895847eea4
ded99a51e29928d871039c7e51137a3c43a5db4f19ba50af43c163c60223a51a
df9ba466bcb8c9eee28c0ea55699ef4e7c15064bb7e1c0d5f0d5a3d2ea8bd7f4
e1369586f1d82834ecc0ccab2f5f1a6f7565f2c715243d956bd7eb1404c8fba9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e601509fdfb2e0ca99adf303528de06635043f7aa6ef348b59a8c940f7f74eb2
e98d86c250a12f33af947f035482f843bb63fcdc26ff2b69d3b8cd7779a12cbb
eb2476907f027bd6dcf4f61cecffcd85dd4aaf66ee6615d32fba5359615edad7
ed7552cda664d33554d6f56f21051ce19370de016b2cc4d4d9fe9982f6ce1a29
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f1886b3768813bc3d0b7084f1003b593132cf7c43cfb60b8f028035539ab36d5
f2457b25b560b7f4a06ba79751b727f2475bef2e3c81f8e2b84c4bdba3a378a5
f8c99839f4c2c5708b32d4fa6bb4fd11ae40be7553e5c27cf251799da468babb
f9cb55e12e8b056b397bfbe5dfc628f923531546b6181aed9627fed55cc5788b
fa80c29b1b3a67668b1c891f93d0184fbe984d72f5805c79d80050c0af5bf4c7
fc4f998c5fcacc6cf161f1bedf46ec55e56273670ecce8b59e947b68d3c5bdb2
fe6cfcdb23f966463ea697cfbd6b799ca38325b747abf500c5740f1bd39876fe
fe8c8bff90ac7b3cbccca2bcb59dfbc5d71ae9fed89dee4777ef71d678057351