pautyna.ru Open in urlscan Pro
193.124.186.132 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://speedflow.io/adult/?a=rr
Effective URL:
https://pautyna.ru/page1.php
Submission Tags: demotag1 demotag2 Search All
Submission: On November 14 via api (November 14th 2020, 12:05:03 am UTC) from US

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 22 domains to perform 49 HTTP transactions. The main IP is 193.124.186.132, located in Russian Federation and belongs to IHOR-AS, RU. The main domain is pautyna.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 3rd 2020. Valid for: 3 months.

This is the only time pautyna.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	198.54.116.135 198.54.116.135	22612 (NAMECHEAP...) (NAMECHEAP-NET)
3 8	107.170.39.103 107.170.39.103	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 3	185.94.236.23 185.94.236.23	42567 (MOJHOST-EU) (MOJHOST-EU)
2	34.234.209.139 34.234.209.139	14618 (AMAZON-AES) (AMAZON-AES)
1	35.190.72.161 35.190.72.161	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
1 1	2606:4700:303... 2606:4700:3035::ac43:88d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	95.179.157.240 95.179.157.240	20473 (AS-CHOOPA) (AS-CHOOPA)
1 3	193.124.186.132 193.124.186.132	35196 (IHOR-AS) (IHOR-AS)
6	2606:4700:20:... 2606:4700:20::681a:1c9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::ac43:9961	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.139.1.242 37.139.1.242	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	77.221.144.31 77.221.144.31	30968 (INFOBOX-A...) (INFOBOX-AS Infobox.ru Autonomous System)
1	2606:4700:303... 2606:4700:3037::681b:ab50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
49	13

1 198.54.116.135 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server193-5.web-hosting.com

speedflow.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 107.170.39.103 (New York, United States) 3 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

traffdaq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.94.236.23 (Netherlands) 1 redirects

ASN42567 (MOJHOST-EU, NL)

poweredby.jads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.234.209.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-209-139.compute-1.amazonaws.com

cors-anywhere.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.161 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com

c.securepaths.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:88d2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ptp.party	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.179.157.240 (Amsterdam, Netherlands) 1 redirects

ASN20473 (AS-CHOOPA, US)
PTR: neon.today

neon.today	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.124.186.132 (Russian Federation) 1 redirects

ASN35196 (IHOR-AS, RU)
PTR: ih1217915.vds.myihor.ru

test.numerca.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pautyna.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:1c9 (United States)

ASN13335 (CLOUDFLARENET, US)

linkslot.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:9961 (United States)

ASN13335 (CLOUDFLARENET, US)

trafadsense.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.139.1.242 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

multibux.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.221.144.31 (Russian Federation)

ASN30968 (INFOBOX-AS Infobox.ru Autonomous System, RU)
PTR: server-1133368-1

advear.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::681b:ab50 (United States)

ASN13335 (CLOUDFLARENET, US)

qwertypay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	traffdaq.com 3 redirects traffdaq.com	6 KB
6	linkslot.ru linkslot.ru	23 KB
3	jads.co 1 redirects poweredby.jads.co	2 KB
2	advear.ru advear.ru	858 B
2	numerca.ru 1 redirects test.numerca.ru	537 B
2	herokuapp.com cors-anywhere.herokuapp.com	2 KB
1	qwertypay.com qwertypay.com
1	multibux.org multibux.org	6 KB
1	trafadsense.ru trafadsense.ru	2 KB
1	pautyna.ru pautyna.ru	2 KB
1	neon.today 1 redirects neon.today	201 B
1	ptp.party 1 redirects ptp.party	849 B
1	jsdelivr.net cdn.jsdelivr.net	10 KB
1	securepaths.com c.securepaths.com
1	speedflow.io speedflow.io	1 KB
0	payeer.com Failed payeer.com Failed
0	bit-bux.ru Failed bit-bux.ru Failed
0	yadro.ru Failed counter.yadro.ru Failed
0	gxxcbj.com Failed cizyix.gxxcbj.com Failed
0	mixerparanas.ru Failed mixerparanas.ru Failed
0	contextbar.ru Failed a.contextbar.ru Failed
0	cuys.ru Failed cuys.ru Failed
49	22

	Domain	Requested by
8	traffdaq.com	3 redirects speedflow.io traffdaq.com
6	linkslot.ru	pautyna.ru speedflow.io
3	poweredby.jads.co	1 redirects speedflow.io poweredby.jads.co
2	advear.ru	pautyna.ru
2	test.numerca.ru	1 redirects traffdaq.com
2	cors-anywhere.herokuapp.com	speedflow.io
1	qwertypay.com	pautyna.ru
1	multibux.org	pautyna.ru
1	trafadsense.ru	pautyna.ru
1	pautyna.ru
1	neon.today	1 redirects
1	ptp.party	1 redirects
1	cdn.jsdelivr.net	traffdaq.com
1	c.securepaths.com	traffdaq.com
1	speedflow.io
0	payeer.com Failed	trafadsense.ru
0	bit-bux.ru Failed	trafadsense.ru pautyna.ru
0	counter.yadro.ru Failed	pautyna.ru
0	cizyix.gxxcbj.com Failed	pautyna.ru
0	mixerparanas.ru Failed	pautyna.ru
0	a.contextbar.ru Failed	pautyna.ru
0	cuys.ru Failed	pautyna.ru
49	22

This site contains no links.

Subject Issuer	Validity	Valid
traffdaq.com Let's Encrypt Authority X3	`2020-10-31` - `2021-01-29`	3 months	crt.sh
*.jads.co Sectigo RSA Domain Validation Secure Server CA	`2019-12-01` - `2020-11-30`	a year	crt.sh
*.herokuapp.com DigiCert SHA2 High Assurance Server CA	`2020-06-15` - `2021-07-07`	a year	crt.sh
*.securepaths.com Let's Encrypt Authority X3	`2020-09-22` - `2020-12-21`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
test.numerca.ru Let's Encrypt Authority X3	`2020-09-06` - `2020-12-05`	3 months	crt.sh
pautyna.ru Let's Encrypt Authority X3	`2020-09-03` - `2020-12-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-05-24` - `2021-05-24`	a year	crt.sh
*.multibux.org GoGetSSL RSA DV CA	`2020-09-05` - `2021-09-05`	a year	crt.sh
advear.ru Let's Encrypt Authority X3	`2020-10-14` - `2021-01-12`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://pautyna.ru/page1.php
Frame ID: 26172B63E6D468D5EAF6097F05965670
Requests: 41 HTTP requests in this frame

Frame: https://traffdaq.com/delivery/dl/47382?category=dating
Frame ID: AECE9359D177D23B8E448F3BC9FF752E
Requests: 1 HTTP requests in this frame

Frame: http://poweredby.jads.co/adshow.php?adzone=880307
Frame ID: 0E4DBC5C9B73F53C45DC473F062136AD
Requests: 1 HTTP requests in this frame

Frame: http://poweredby.jads.co/adshow.php?adzone=880307
Frame ID: BBFD5E835A9698FC362A87F44C343B2A
Requests: 1 HTTP requests in this frame

Frame: https://mixerparanas.ru/?bind-key=ac179c87-0e5a-4e9b-8e1f-9cea6eea5b96&sid9=home&utm_campaign=710&utm_medium=333&utm_source=%5BSID%5D
Frame ID: 6801EACEA788AD2E76E78E1E3574AA12
Requests: 1 HTTP requests in this frame

Frame: https://qwertypay.com/any/shop_tovar/iframe/?aff=263716&line&color=000000&blocks=4&width=240
Frame ID: 8542489DD5398C2D0C8697A6FBA09970
Requests: 1 HTTP requests in this frame

Frame: https://bit-bux.ru/1/traffadsens.php
Frame ID: 7DA4E6AC0221780EF9277DD068D9E803
Requests: 1 HTTP requests in this frame

Frame: https://payeer.com/?partner=10573
Frame ID: 786B2D164A542E9124C0A8E3C2891874
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://speedflow.io/adult/?a=rr Page URL
http://traffdaq.com/delivery/dl/47382?category=gay HTTP 301
https://traffdaq.com/delivery/dl/47382?category=gay Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlZ4WHRiUjBkM3E4KytvSjBLTTEwR3c9PSIsI... Page URL
https://ptp.party/13039 HTTP 301
https://neon.today/ptp/i/13039 HTTP 302
http://test.numerca.ru/rand1.php HTTP 301
https://test.numerca.ru/rand1.php Page URL
https://pautyna.ru/page1.php Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

49
Requests

47 %
HTTPS

36 %
IPv6

22
Domains

22
Subdomains

13
IPs

4
Countries

55 kB
Transfer

152 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://speedflow.io/adult/?a=rr Page URL
http://traffdaq.com/delivery/dl/47382?category=gay HTTP 301
https://traffdaq.com/delivery/dl/47382?category=gay Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlZ4WHRiUjBkM3E4KytvSjBLTTEwR3c9PSIsInZhbHVlIjoiY3lZcTA0SnVsS0VlYWhnbTd4K1U5Z3ZJUTZLM3BTa1lDSW9pbEVieWp5a0E5VUZMMUhacEJObTJQb1FDV0wxNGU4NXRDV1V2RWVGcWNLT3NEdE1YRXF3Tm9kMFhmMW5remI5aysrVEdrTlBFXC85VmtqQ05YelIydEdSUGkxendYZU9QMUgxRk11TUJUa1hLbFZHUmZuYzBRNGpEeUtOZDdhaVwvUm9SWkJ0Nk9JdWlNdnhTV3ZcL0ZnQ01zVXIrdE5penZ4QU12UVNjaW1pV0hLQ3M3R1hvMVk1djczdmY2NTAzMGcyR0NmZnAzZEZuUGFudEJ5NnpaZHQrVUFpWkJ4VWVPR1FyR1kzOFRyMFlDT2tDVDRuV0UzT3dNY2d2aFpSSXZtR2RJbnkraEU9IiwibWFjIjoiYjY2ZTJhNmE3OGFjMmM0Y2RhYThjYTdmOTcxYzY5MTRlZDI5YmVmMWNjZWUwOTkzZGI5NTE3ZGRjNDRmYmMxMCJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8 Page URL
https://ptp.party/13039 HTTP 301
https://neon.today/ptp/i/13039 HTTP 302
http://test.numerca.ru/rand1.php HTTP 301
https://test.numerca.ru/rand1.php Page URL
https://pautyna.ru/page1.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://traffdaq.com/delivery/pu/47382?category=gay HTTP 301
https://traffdaq.com/delivery/pu/47382?category=gay

Request Chain 2

https://poweredby.jads.co/js/jads.js HTTP 301
https://poweredby.jads.co/js/jads2.js

Request Chain 3

http://traffdaq.com/delivery/dl/47382?category=dating HTTP 301
https://traffdaq.com/delivery/dl/47382?category=dating

Request Chain 9

http://traffdaq.com/delivery/dl/47382?category=gay HTTP 301
https://traffdaq.com/delivery/dl/47382?category=gay

Request Chain 14

https://ptp.party/13039 HTTP 301
https://neon.today/ptp/i/13039 HTTP 302
http://test.numerca.ru/rand1.php HTTP 301
https://test.numerca.ru/rand1.php

Request Chain 33

https://best-viewer.ru/new?utm_campaign=710&utm_source=[SID]&utm_medium=333 HTTP 307
https://mixerparanas.ru/?bind-key=ac179c87-0e5a-4e9b-8e1f-9cea6eea5b96&sid9=home&utm_campaign=710&utm_medium=333&utm_source=%5BSID%5D

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
speedflow.io/adult/ 1 KB
1 KB 337ms
323ms Document
text/html 198.54.116.135
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Server: 198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server193-5.web-hosting.com
Software: Apache / PHP/7.1.33
Resource Hash: 54c598804c259a4d617e09328f98ffa9968e92b14892d314a8fa2570836cf268

Request headers

Host: speedflow.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr

Response headers

date: Sat, 14 Nov 2020 00:04:24 GMT
server: Apache
x-powered-by: PHP/7.1.33
set-cookie: visits_todaya=1; expires=Sat, 14-Nov-2020 22:59:00 GMT; Max-Age=82476; path=/ country=PT visits_todayi=0; expires=Sat, 14-Nov-2020 22:59:00 GMT; Max-Age=82476; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 777
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

47382 Show response
traffdaq.com/delivery/pu/
Redirect Chain

http://traffdaq.com/delivery/pu/47382?category=gay
https://traffdaq.com/delivery/pu/47382?category=gay

5 KB
2 KB

293ms
117ms

Script
text/html

107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/pu/47382?category=gay
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: 02ac45a6e5206ffe57c50a0846775d830ccd5fbfcc1fdcc3b0bf004034d433f7

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 00:04:25 GMT
Content-Encoding: gzip
Server: nginx/1.16.1 (Ubuntu)
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Location: https://traffdaq.com/delivery/pu/47382?category=gay
Connection: close
Content-length: 0

GET
H/1.1

200
OK

jads2.js Show response
poweredby.jads.co/js/
Redirect Chain

https://poweredby.jads.co/js/jads.js
https://poweredby.jads.co/js/jads2.js

4 KB
2 KB

52ms
18ms

Script
application/x-javascript

185.94.236.23
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://poweredby.jads.co/js/jads2.js
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.236.23 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 00:04:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Dec 2019 19:10:39 GMT
Server: nginx
ETag: W/"5e0262af-eae"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Connection: close

Redirect headers

Location: jads2.js
Date: Sat, 14 Nov 2020 00:04:24 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1

200
OK

47382
traffdaq.com/delivery/dl/ Frame AECE
Redirect Chain

http://traffdaq.com/delivery/dl/47382?category=dating
https://traffdaq.com/delivery/dl/47382?category=dating

0
0

370ms
196ms

Document
text/html

107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/dl/47382?category=dating
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Sat, 14 Nov 2020 00:04:25 GMT
Content-Encoding: gzip

Redirect headers

Content-length: 0
Location: https://traffdaq.com/delivery/dl/47382?category=dating
Connection: close

OPTIONS
H/1.1 200
OK 47382
cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/ Frame 0
0 407ms
104ms Other 34.234.209.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/47382?category=gay
Protocol: HTTP/1.1
Server: 34.234.209.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-209-139.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Origin: http://speedflow.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Cowboy
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: x-requested-with
Access-Control-Expose-Headers: access-control-allow-origin,access-control-allow-methods,access-control-allow-headers
Date: Sat, 14 Nov 2020 00:04:25 GMT
Transfer-Encoding: chunked
Via: 1.1 vegur

GET
H/1.1 200
OK 47382 Show response
cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/ 5 KB
2 KB 1806ms
1806ms XHR
text/html 34.234.209.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/47382?category=gay
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.209.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-209-139.compute-1.amazonaws.com
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: b2b66a7b72372b11f5096a41bb556bf3f416a7a7dc6a6dbb1c4084cf22df3ca1

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

Date: Sat, 14 Nov 2020 00:04:27 GMT
Content-Encoding: gzip
Server: nginx/1.16.1 (Ubuntu)
X-Request-Url: http://traffdaq.com/delivery/pu/47382?category=gay
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: server,date,content-type,transfer-encoding,connection,content-encoding,x-final-url,access-control-allow-origin
Connection: keep-alive
X-Cors-Redirect-1: 301 https://traffdaq.com/delivery/pu/47382?category=gay
X-Final-Url: https://traffdaq.com/delivery/pu/47382?category=gay
Via: 1.1 vegur

GET adshow.php
poweredby.jads.co/ Frame 0E4D 0
0

GET
H/1.1 200
OK Cookie set adshow.php
poweredby.jads.co/ Frame BBFD 0
0 38ms
29ms Document
text/html 185.94.236.23
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://poweredby.jads.co/adshow.php?adzone=880307
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol: HTTP/1.1
Server: 185.94.236.23 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx / PHP/5.6.40
Resource Hash

Request headers

Host: poweredby.jads.co
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

Server: nginx
Date: Sat, 14 Nov 2020 00:04:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=a3127c4fb66f328c68db06b44c2b6bff; expires=Sun, 14-Nov-2021 00:04:25 GMT; Max-Age=31536000; path=/; domain=.juicyads.com imps9689=1; expires=Sun, 15-Nov-2020 00:04:25 GMT; Max-Age=86400; path=/; domain=.juicyads.com juicy_data_1=YToxOntpOjkwOTA1NDtpOjE2MDU1NzE0NjU7fQ%3D%3D; expires=Tue, 17-Nov-2020 00:04:25 GMT; Max-Age=259200; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Tue, 17-Nov-2020 00:04:25 GMT; Max-Age=259200; domain=juicyads.com
Content-Encoding: gzip

GET 47382
traffdaq.com/delivery/directlink/ 0
0

GET
H/1.1

200
OK

47382
traffdaq.com/delivery/dl/
Redirect Chain

http://traffdaq.com/delivery/dl/47382?category=gay
https://traffdaq.com/delivery/dl/47382?category=gay

3 KB
2 KB

897ms
722ms

Document
text/html

107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/dl/47382?category=gay
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/adult/?a=rr

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Sat, 14 Nov 2020 00:04:29 GMT
Content-Encoding: gzip

Redirect headers

Content-length: 0
Location: https://traffdaq.com/delivery/dl/47382?category=gay
Connection: close

GET
H/1.1 200
OK Cookie set eyJpdiI6IjJwSFhabWlia0hVSTI2VER3cWdFaVE9PSIsInZhbHVlIjoiTm5nS3p6eTB5TkplZmF5UElVelRzbmRzY1ZzMm5oWWt1YlwvSVdXellWTURydUFTaUhxd1JiWU1rdVFudUs3Y1VSXC9PcU5iVnNReFNjVndlZHJ2VGtxZz09IiwibWFjIjoiZjcyNjU1Z...
traffdaq.com/users/track/ 0
856 B 510ms
198ms Image
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffdaq.com/users/track/eyJpdiI6IjJwSFhabWlia0hVSTI2VER3cWdFaVE9PSIsInZhbHVlIjoiTm5nS3p6eTB5TkplZmF5UElVelRzbmRzY1ZzMm5oWWt1YlwvSVdXellWTURydUFTaUhxd1JiWU1rdVFudUs3Y1VSXC9PcU5iVnNReFNjVndlZHJ2VGtxZz09IiwibWFjIjoiZjcyNjU1ZTYyMzIzZjBmOGQwODBlNmQ4ZGVlOTNlMWFkY2Y0YzMyMjUwMTQyYjE4NTZlMDliYWEzYThkOGYxOCJ9
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=gay
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: traffdaq.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: http://speedflow.io/adult/a=rr
Cookie: tdqct=1
Connection: keep-alive
Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 00:04:30 GMT
Cache-Control: no-cache
Server: nginx/1.16.1 (Ubuntu)
Set-Cookie: laravel_session=eyJpdiI6IkE0TnAyXC9hSURCbDZaREhmTW9rNld3PT0iLCJ2YWx1ZSI6Im44UFA2TnVxbFFCazVCNUIzYW1sUFpRQmRvYzRYclVjU1dMYWRiaGZYZDBMSTVobElLTEZtSXhqcnVMZlE3aXRHdnJvSE5EWnF1bHRCQkFWVjRuQVBRPT0iLCJtYWMiOiI4NzFiYWI1NmQ2MGNkOWIzNWE1MWVlYWRlZGRmNWFjZTMwNjk2MGE5MTgzOWFmM2NiZjg2MzE0MjRmNTQyZjllIn0%3D; expires=Sat, 14-Nov-2020 02:04:30 GMT; Max-Age=7200; path=/; HttpOnly referrer=eyJpdiI6IjAzVFd5cDNGTVZDKzZRVGlpMGJHOWc9PSIsInZhbHVlIjoiQXJlSnhBTlRnXC9UejZBWEJ6SDNJaWlBdzNxVmYzWDRPMjFNTUVJc1lucWI4M29KZ3JWTldCM0dwSUxkYUxDU1EiLCJtYWMiOiIzMzYzZGU3Y2MzYzgzOTUzY2EwZjhkNmI3ZDEwNzk2ZTBmMWEzOGY2NmU0NzZhY2M4MWY2NTI0Y2JkNTc2MDBkIn0%3D; path=/; HttpOnly
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H3-Q050 401 implement.js
c.securepaths.com/js/ 0
0 78ms
49ms Script
application/javascript 35.190.72.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c.securepaths.com/js/implement.js?org=FziBhN0qA1aE5tBQrQLl&s=5faf1f0d5b9b0&p=TDQ47382&a=47382&cmp=47382&rd=http%3A%2F%2Fspeedflow.io%2F&rt=click&sl=0&stId=0&ty=l

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=gay

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

161.72.190.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Nov 2020 00:04:29 GMT
via: 1.1 google
status: 401
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
x-xss-protection: 0
expires: 0

GET
H2 200 fingerprint2.min.js
cdn.jsdelivr.net/fingerprintjs2/1.4.0/ 33 KB
10 KB 6ms
4ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/fingerprintjs2/1.4.0/fingerprint2.min.js

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=gay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1396259
x-cache: HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 10191
etag: W/"83f3-ijg3WuTgKQH1Hch06eHdIajrA24"
x-served-by: cache-fra19178-FRA
date: Sat, 14 Nov 2020 00:04:29 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 47382
traffdaq.com/delivery/directlink/ 2 KB
1 KB 25317ms
25276ms Document
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlZ4WHRiUjBkM3E4KytvSjBLTTEwR3c9PSIsInZhbHVlIjoiY3lZcTA0SnVsS0VlYWhnbTd4K1U5Z3ZJUTZLM3BTa1lDSW9pbEVieWp5a0E5VUZMMUhacEJObTJQb1FDV0wxNGU4NXRDV1V2RWVGcWNLT3NEdE1YRXF3Tm9kMFhmMW5remI5aysrVEdrTlBFXC85VmtqQ05YelIydEdSUGkxendYZU9QMUgxRk11TUJUa1hLbFZHUmZuYzBRNGpEeUtOZDdhaVwvUm9SWkJ0Nk9JdWlNdnhTV3ZcL0ZnQ01zVXIrdE5penZ4QU12UVNjaW1pV0hLQ3M3R1hvMVk1djczdmY2NTAzMGcyR0NmZnAzZEZuUGFudEJ5NnpaZHQrVUFpWkJ4VWVPR1FyR1kzOFRyMFlDT2tDVDRuV0UzT3dNY2d2aFpSSXZtR2RJbnkraEU9IiwibWFjIjoiYjY2ZTJhNmE3OGFjMmM0Y2RhYThjYTdmOTcxYzY5MTRlZDI5YmVmMWNjZWUwOTkzZGI5NTE3ZGRjNDRmYmMxMCJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=gay
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://traffdaq.com/delivery/dl/47382?category=gay
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tdqct=1; laravel_session=eyJpdiI6ImRuUWxkc0w4cXh0UTVVaTZkXC9xbmVBPT0iLCJ2YWx1ZSI6InBsb0hIWU9QUnhJekZUeEw3V2x1Vng1WEErWlljSU4xZHRMZVBPeVQ2RmhZczIwNXdDelwvYlBFMHZmRGx6TkJ4MFpERDFpTnBJVmRrbGlvdFoxUlpVQT09IiwibWFjIjoiZDFkOTFjZDBkMzYxNDM1ZGI0MDk5YTg4NDhiY2EzZGMxNDFjMDQxYzc5NTY3YzY4NzZhNTEzNWZmOGIzMTY3YyJ9; referrer=eyJpdiI6IkNBdk0zWjZQR1crRDg2b3BHUTM0TVE9PSIsInZhbHVlIjoia1RaaUVoeGh2Wnh1VHlTSk01Nk0zXC9mc3NLQ3piNkJ0UVNOVEtpWnNPVW5SXC9IWWxNdjkxbFltTWE5b25NUGthIiwibWFjIjoiZTFjMTJjNWE5YjQzNTJiYWI4ZDlkNmIyNTVkMDIxOTZhYTViZmI5ZDMwZmM1MzMxYjEwY2JhODIzYzIwNjY0NSJ9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://traffdaq.com/delivery/dl/47382?category=gay

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Sat, 14 Nov 2020 00:04:54 GMT
Content-Encoding: gzip

GET
H/1.1

302
Found

rand1.php
test.numerca.ru/
Redirect Chain

https://ptp.party/13039
https://neon.today/ptp/i/13039
http://test.numerca.ru/rand1.php
https://test.numerca.ru/rand1.php

76 B
318 B

207ms
63ms

Document
text/html

193.124.186.132
IHOR-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://test.numerca.ru/rand1.php

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlZ4WHRiUjBkM3E4KytvSjBLTTEwR3c9PSIsInZhbHVlIjoiY3lZcTA0SnVsS0VlYWhnbTd4K1U5Z3ZJUTZLM3BTa1lDSW9pbEVieWp5a0E5VUZMMUhacEJObTJQb1FDV0wxNGU4NXRDV1V2RWVGcWNLT3NEdE1YRXF3Tm9kMFhmMW5remI5aysrVEdrTlBFXC85VmtqQ05YelIydEdSUGkxendYZU9QMUgxRk11TUJUa1hLbFZHUmZuYzBRNGpEeUtOZDdhaVwvUm9SWkJ0Nk9JdWlNdnhTV3ZcL0ZnQ01zVXIrdE5penZ4QU12UVNjaW1pV0hLQ3M3R1hvMVk1djczdmY2NTAzMGcyR0NmZnAzZEZuUGFudEJ5NnpaZHQrVUFpWkJ4VWVPR1FyR1kzOFRyMFlDT2tDVDRuV0UzT3dNY2d2aFpSSXZtR2RJbnkraEU9IiwibWFjIjoiYjY2ZTJhNmE3OGFjMmM0Y2RhYThjYTdmOTcxYzY5MTRlZDI5YmVmMWNjZWUwOTkzZGI5NTE3ZGRjNDRmYmMxMCJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

193.124.186.132 , Russian Federation, ASN35196 (IHOR-AS, RU),

Reverse DNS

ih1217915.vds.myihor.ru

Software

nginx/1.16.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Host: test.numerca.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlZ4WHRiUjBkM3E4KytvSjBLTTEwR3c9PSIsInZhbHVlIjoiY3lZcTA0SnVsS0VlYWhnbTd4K1U5Z3ZJUTZLM3BTa1lDSW9pbEVieWp5a0E5VUZMMUhacEJObTJQb1FDV0wxNGU4NXRDV1V2RWVGcWNLT3NEdE1YRXF3Tm9kMFhmMW5remI5aysrVEdrTlBFXC85VmtqQ05YelIydEdSUGkxendYZU9QMUgxRk11TUJUa1hLbFZHUmZuYzBRNGpEeUtOZDdhaVwvUm9SWkJ0Nk9JdWlNdnhTV3ZcL0ZnQ01zVXIrdE5penZ4QU12UVNjaW1pV0hLQ3M3R1hvMVk1djczdmY2NTAzMGcyR0NmZnAzZEZuUGFudEJ5NnpaZHQrVUFpWkJ4VWVPR1FyR1kzOFRyMFlDT2tDVDRuV0UzT3dNY2d2aFpSSXZtR2RJbnkraEU9IiwibWFjIjoiYjY2ZTJhNmE3OGFjMmM0Y2RhYThjYTdmOTcxYzY5MTRlZDI5YmVmMWNjZWUwOTkzZGI5NTE3ZGRjNDRmYmMxMCJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Response headers

Server: nginx/1.16.1
Date: Sat, 14 Nov 2020 00:04:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location
Strict-Transport-Security: max-age=31536000;

Redirect headers

Server: nginx/1.16.1
Date: Sat, 14 Nov 2020 00:04:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://test.numerca.ru:443/rand1.php

GET
H/1.1 200
OK Primary Request page1.php
pautyna.ru/ 4 KB
2 KB 238ms
106ms Document
text/html 193.124.186.132
IHOR-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pautyna.ru/page1.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

193.124.186.132 , Russian Federation, ASN35196 (IHOR-AS, RU),

Reverse DNS

ih1217915.vds.myihor.ru

Software

nginx/1.16.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Host: pautyna.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://test.numerca.ru/rand1.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://test.numerca.ru/rand1.php

Response headers

Server: nginx/1.16.1
Date: Sat, 14 Nov 2020 00:04:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;

GET
H2 200 bancode.php
linkslot.ru/ 14 KB
5 KB 451ms
168ms Script
application/javascript 2606:4700:20::681a:1c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=263777
Requested by: Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 00:04:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dVYyDENHSvTnwsZfo2XwZpN4SQPfZSWf1AaD9MyiWpAcSWfIoSD5%2B7gvbrTfXcXKec2knLhHLy4UGbVWQTG5RTWlXlB6cN07a1sOVIujDp55VY42bPtXzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=windows-1251
status: 200
cf-ray: 5f1c7a636f070605-FRA
cf-request-id: 0665aad2220000060516b84000000001

GET
H2 200 bancode.php
linkslot.ru/ 14 KB
5 KB 443ms
162ms Script
application/javascript 2606:4700:20::681a:1c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=263778
Requested by: Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 00:04:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CtWKjBoO5AkewRozThIYXfz16UKElU9w6y%2BeZuhzKes132iDXS4tHHiDhpRKa3ylBjBC%2FmRvXyGc%2BlynFaSqmwvya1thswMrmaqqjayYYMT6CpP1bZQTgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=windows-1251
status: 200
cf-ray: 5f1c7a636f0c0605-FRA
cf-request-id: 0665aad222000006055690e000000001

GET
H2 200 bancode.php
linkslot.ru/ 14 KB
0 438ms
180ms Script
application/javascript 2606:4700:20::681a:1c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=263785
Requested by: Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 00:04:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gBaDxjwdUsHhq0Kx8geR5j5INrUSmCaQlK7rLP4UJjJmDDtBwFXJOAVjCxfD70K%2BXfLpixeAl0yapo%2B0h%2BxaxjhdQ3N4iJZyNBjGx8q4ul%2BkEl0NXz%2BSRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=windows-1251
status: 200
cf-ray: 5f1c7a636f0d0605-FRA
cf-request-id: 0665aad222000006059b8fd000000001

GET
H2 200 bancode.php
linkslot.ru/ 14 KB
5 KB 358ms
101ms Script
application/javascript 2606:4700:20::681a:1c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=263787
Requested by: Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 00:04:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UMdSJp4EbBtEc3U8J3WKAaryXyg%2BHu%2FUsjOvasx5FnwntAEKJ%2BKTCuJ66TBuuBUuKFmkL5xwjKFodCF2Yvs8rj1PAKLsbBMyTQBzgP4YOBto70bIzNckBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=windows-1251
status: 200
cf-ray: 5f1c7a636f0e0605-FRA
cf-request-id: 0665aad22200000605562a1000000001

GET
H2 200 4108
trafadsense.ru/adsview/js/ 2 KB
2 KB 437ms
180ms Script
text/html 2606:4700:3035::ac43:9961
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trafadsense.ru/adsview/js/4108
Requested by: Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:9961 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.8
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 00:04:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.8
status: 200
cf-request-id: 0665aad2220000bed8d39d6000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qhQAeJu9opcYVIUM2Vww2leojzIHxhroZFeKoLA9BeAZOHyJPvNqUvvnfu4vn1l6UMvEOkc2CZaZp%2BdcDfARBAzpYlAwlxE1qOvTDYdG90DrycTuBXtMGt2akg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5f1c7a636884bed8-FRA
x-beget-proxy: install.beget.ru, amper2.beget.ru
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 bancode.php
linkslot.ru/ 14 KB
5 KB 422ms
175ms Script
application/javascript 2606:4700:20::681a:1c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=263788
Requested by: Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 00:04:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JmLp6iO0436gD2RC4mPpt8ZyF%2Bl5ZWNH9UPKgXEmr12LawUEjZWA2nrHDdpvoSyXY5r9Lf2A7FNlAczcvGxgXxgVikkyez3d6xdakPN5lPUYKBCQK4mdnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=windows-1251
status: 200
cf-ray: 5f1c7a636f100605-FRA
cf-request-id: 0665aad22200000605700e2000000001

GET
H/1.1 200
OK bancode.php
multibux.org/ 11 KB
6 KB 428ms
39ms Script
text/javascript 37.139.1.242
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://multibux.org/bancode.php?id=337
Requested by: Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PHP/5.5.9-1ubuntu4.26
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Nov 2020 00:04:55 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.5.9-1ubuntu4.26
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 bancode.php
linkslot.ru/ 14 KB
5 KB 345ms
100ms Script
application/javascript 2606:4700:20::681a:1c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkslot.ru/bancode.php?id=263790
Requested by: Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 00:04:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DGN2RfGSaxim6l5Njec9E1P%2BQvG%2FQbTFEtmBjxfOjiwNhIDfp004O17hNv97UWijfOeS7oZsyr35ghCMt2uj08g3lk0lBNmugJ7%2Fed4V%2F3RZDby3yh9lPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=windows-1251
status: 200
cf-ray: 5f1c7a636f110605-FRA
cf-request-id: 0665aad223000006055a357000000001

GET bancode.php
linkslot.ru/ 0
0

GET bancode.php
cuys.ru/ 0
0

GET bar.php
a.contextbar.ru/ 0
0

GET
H/1.1 200
OK partner
advear.ru/click/ 1 B
429 B 379ms
101ms Script
text/html 77.221.144.31
INFOBOX-AS Infobo...

General

Check archive.org

Show headers Download Go to

Full URL: https://advear.ru/click/partner?id=29887&type=3&code=1577086808
Requested by: Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.221.144.31 , Russian Federation, ASN30968 (INFOBOX-AS Infobox.ru Autonomous System, RU),
Reverse DNS: server-1133368-1
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Nov 2020 00:04:57 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK partner
advear.ru/click/ 1 B
429 B 330ms
73ms Script
text/html 77.221.144.31
INFOBOX-AS Infobo...

General

Check archive.org

Show headers Download Go to

Full URL: https://advear.ru/click/partner?id=29887&type=1&code=1577086808
Requested by: Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.221.144.31 , Russian Federation, ASN30968 (INFOBOX-AS Infobox.ru Autonomous System, RU),
Reverse DNS: server-1133368-1
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Nov 2020 00:04:57 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET lincode.php
linkslot.ru/ 0
0

GET bancode.php
multibux.org/ 0
0

GET bancode.php
linkslot.ru/ 0
0

GET bancode.php
cuys.ru/ 0
0

GET

/
mixerparanas.ru/ Frame 6801
Redirect Chain

https://best-viewer.ru/new?utm_campaign=710&utm_source=[SID]&utm_medium=333
https://mixerparanas.ru/?bind-key=ac179c87-0e5a-4e9b-8e1f-9cea6eea5b96&sid9=home&utm_campaign=710&utm_medium=333&utm_source=%5BSID%5D

0
0

GET DSi07lf9fj9oTCKM0KCYpVwq0wwEsg
cizyix.gxxcbj.com/v/ 0
0

GET
H2 200 /
qwertypay.com/any/shop_tovar/iframe/ Frame 8542 0
0 346ms
133ms Document
text/html 2606:4700:3037::681b:ab50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qwertypay.com/any/shop_tovar/iframe/?aff=263716&line&color=000000&blocks=4&width=240
Requested by: Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:ab50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: qwertypay.com
:scheme: https
:path: /any/shop_tovar/iframe/?aff=263716&line&color=000000&blocks=4&width=240
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pautyna.ru/page1.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://pautyna.ru/page1.php

Response headers

status: 200
date: Sat, 14 Nov 2020 00:04:57 GMT
content-type: text/html;charset=UTF-8
set-cookie: __cfduid=d65129cd72e2c1a8cc76270d6fcc19be01605312297; expires=Mon, 14-Dec-20 00:04:57 GMT; path=/; domain=.qwertypay.com; HttpOnly; SameSite=Lax PHPSESSID=4koc9rngfccrfrhk62ibk9pip2; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 0665aad2230000177aef0ef000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xD3Ab%2BK3p1e%2Brajat9deJfgWzVkJFQn5UyrMmB1XRKeEUjt%2FJU16NQ7onBPVKAw%2BcCiuWdzV5w44Kjv2ZzJWYSQziePnYA02HZr68%2Bi3mogkdTkv8GoeI3bB"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f1c7a636928177a-FRA
content-encoding: br

GET hit
counter.yadro.ru/ 0
0

GET gate.php
linkslot.ru/ 0
0

GET 468x60.jpg
linkslot.ru/promo/dummy/ 0
0

GET gate.php
linkslot.ru/ 0
0

GET 8fe500e3c3a660f69c4792ee7d2679aa.gif
linkslot.ru/uploads/ 0
0

GET buyb.png
linkslot.ru/img/ 0
0

GET gate.php
linkslot.ru/ 0
0

GET traffadsens.php
bit-bux.ru/1/ Frame 7DA4 0
0

GET /
payeer.com/ Frame 786B 0
0

GET 468x60.gif
bit-bux.ru/banners/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: poweredby.jads.co
URL: http://poweredby.jads.co/adshow.php?adzone=880307

Domain: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlhwNlVubCt2MDF3MXpaWklOVVNWaUE9PSIsInZhbHVlIjoiXC84cGVZR2lkRDdQMThSV3ZFVHRvdGVIYW5QTHd6Z25VKzNLQmJiK3ZyUDFubmFMbGJpNVQzTUtWU3hrXC9oNXFsbFBoaGtLbUxTak5abGVlOWVFMDJ3MEdEU1hLM2ZTdlo0MTBPdzQzMWhlNVlkYk01dnA1V0RYWXp3dTVYMWMzbDJkSlZOUFpxcHk5YVhONCsrUDJuMFYrVGJVK0h2UlA0RmtCTTdcL3lWVjYzZ2pWMW1SMjlWUENNcVllaEx6eWJRTFQ1a3pcL1RqQVBUaFRxSkY0TGs4Mnc9PSIsIm1hYyI6IjIzNjc1MDE4ODZhMmU4MDdiMzhmOGRiMmEyNzVhZTE5ZDgzYWYxOTMxZjMzYjFmN2Q5ZjI5MmE3ZTMxZjcyMWMifQ%3D%3D

Domain: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=265527

Domain: cuys.ru
URL: https://cuys.ru/bancode.php?id=3683

Domain: cuys.ru
URL: https://cuys.ru/bancode.php?id=3684

Domain: a.contextbar.ru
URL: https://a.contextbar.ru/bar.php?url=5496

Domain: linkslot.ru
URL: https://linkslot.ru/lincode.php?id=263792

Domain: multibux.org
URL: https://multibux.org/bancode.php?id=239

Domain: linkslot.ru
URL: https://linkslot.ru/bancode.php?id=271129

Domain: cuys.ru
URL: https://cuys.ru/bancode.php?id=3688

Domain: mixerparanas.ru
URL: https://mixerparanas.ru/?bind-key=ac179c87-0e5a-4e9b-8e1f-9cea6eea5b96&sid9=home&utm_campaign=710&utm_medium=333&utm_source=%5BSID%5D

Domain: cizyix.gxxcbj.com
URL: http://cizyix.gxxcbj.com/v/DSi07lf9fj9oTCKM0KCYpVwq0wwEsg

Domain: counter.yadro.ru
URL: https://counter.yadro.ru/hit?t18.2;rhttps%3A//test.numerca.ru/rand1.php;s1600*1200*24;uhttps%3A//pautyna.ru/page1.php;hPage%201;0.24999539417431915

Domain: linkslot.ru
URL: https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999e96a29e9a95989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88a9beddae39cd6e0c6d7d59ca29799aa91a2989798939b959aa29799aa91a298978b938ecddee6d7dcb490a1dcccdbd799d3dfdfccdbddc2a0dadc97d5ccd3cea395d9e2d195999d98989e969ca4a0a0b192a8

Domain: linkslot.ru
URL: https://linkslot.ru/promo/dummy/468x60.jpg

Domain: linkslot.ru
URL: https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999e96a29da195989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88a9ee4d1ded797d994d4cfa2a29799aa91a2989798939b959aa29799aa91a298978b938ecddee6d7dcb490a1dcccdbd799d3dfdfccdbddc2a0dadc97d5ccd3cea395d9e2d195999d98989e969ca4a0a0b193a9

Domain: linkslot.ru
URL: https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999e96a29ca295989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88ae1eed0dbcad1d0c7d1cea2a29799aa91a2989798939b959aa29799aa91a2988a9886d3d9dee2daa3a990e6cddadc91d9dad7d7d9ccdb8fe4dd96dac4d9c99ba0d7d1ea84a39e979d969c979cab9ea1ab92

Domain: linkslot.ru
URL: https://linkslot.ru/uploads/8fe500e3c3a660f69c4792ee7d2679aa.gif

Domain: linkslot.ru
URL: https://linkslot.ru/img/buyb.png

Domain: linkslot.ru
URL: https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999e96a29ca195989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88a9aec9ad9dec99ec9ddc6d7aa9799aa91a2989798939b959aa29799aa91a298978b938ecddee6d7dcb490a1dcccdbd799d3dfdfccdbddc2a0dadc97d5ccd3cea395d9e2d195999d98989e969ca4a0a0b393a7

Domain: linkslot.ru
URL: https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999e96a29da295989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88a9be6d6a99fd3cbc79edc9aa29799aa91a2989798939b959aa29799aa91a298978b938ecddee6d7dcb490a1dcccdbd799d3dfdfccdbddc2a0dadc97d5ccd3cea395d9e2d195999d98989e969ca4a0a0b394a7

Domain: bit-bux.ru
URL: https://bit-bux.ru/1/traffadsens.php

Domain: payeer.com
URL: https://payeer.com/?partner=10573

Domain: bit-bux.ru
URL: https://bit-bux.ru/banners/468x60.gif

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.contextbar.ru
advear.ru
bit-bux.ru
c.securepaths.com
cdn.jsdelivr.net
cizyix.gxxcbj.com
cors-anywhere.herokuapp.com
counter.yadro.ru
cuys.ru
linkslot.ru
mixerparanas.ru
multibux.org
neon.today
pautyna.ru
payeer.com
poweredby.jads.co
ptp.party
qwertypay.com
speedflow.io
test.numerca.ru
trafadsense.ru
traffdaq.com
a.contextbar.ru
bit-bux.ru
cizyix.gxxcbj.com
counter.yadro.ru
cuys.ru
linkslot.ru
mixerparanas.ru
multibux.org
payeer.com
poweredby.jads.co
traffdaq.com
107.170.39.103
185.94.236.23
193.124.186.132
198.54.116.135
2606:4700:20::681a:1c9
2606:4700:3035::ac43:88d2
2606:4700:3035::ac43:9961
2606:4700:3037::681b:ab50
2a04:4e42:3::621
34.234.209.139
35.190.72.161
37.139.1.242
77.221.144.31
95.179.157.240
02ac45a6e5206ffe57c50a0846775d830ccd5fbfcc1fdcc3b0bf004034d433f7
54c598804c259a4d617e09328f98ffa9968e92b14892d314a8fa2570836cf268
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51
b2b66a7b72372b11f5096a41bb556bf3f416a7a7dc6a6dbb1c4084cf22df3ca1

pautyna.ru Open in urlscan Pro 193.124.186.132 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

47 %HTTPS

36 %IPv6

22 Domains

22 Subdomains

13 IPs

4 Countries

55 kBTransfer

152 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

pautyna.ru Open in urlscan Pro
193.124.186.132 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

47 %
HTTPS

36 %
IPv6

22
Domains

22
Subdomains

13
IPs

4
Countries

55 kB
Transfer

152 kB
Size

0
Cookies

49 HTTP transactions
0 data transactions