urlscan.io logo urlscan.io
SecurityTrails logo

pautyna.ru Open in urlscan Pro
193.124.186.132  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://speedflow.io/adult/?a=rr
Effective URL: https://pautyna.ru/page2.php
Submission Tags: demotag1 demotag2 Search All
Submission: On November 15 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 5 countries across 24 domains to perform 119 HTTP transactions. The main IP is 193.124.186.132, located in Russian Federation and belongs to IHOR-AS, RU. The main domain is pautyna.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 3rd 2020. Valid for: 3 months.
This is the only time pautyna.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 198.54.116.135 22612 (NAMECHEAP...)
2 7 107.170.39.103 14061 (DIGITALOC...)
1 2 185.94.236.21 42567 (MOJHOST-EU)
1 5.9.10.165 24940 (HETZNER-AS)
2 52.86.12.80 14618 (AMAZON-AES)
1 35.190.72.161 15169 (GOOGLE)
1 2a04:4e42:3::621 54113 (FASTLY)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 95.179.157.240 20473 (AS-CHOOPA)
1 4 193.124.186.132 35196 (IHOR-AS)
49 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
14 37.139.1.242 14061 (DIGITALOC...)
7 185.235.128.238 204601 (ON-LINE-D...)
4 88.198.46.180 24940 (HETZNER-AS)
4 77.221.144.31 30968 (INFOBOX-A...)
2 4 92.38.192.253 12695 (DINET-AS)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 62.249.138.216 20485 (TRANSTELE...)
2 88.212.201.210 39134 (UNITEDNET)
119 19
1    198.54.116.135 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server193-5.web-hosting.com
speedflow.io
7    107.170.39.103 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
traffdaq.com
2    185.94.236.21 (Netherlands)

ASN42567 (MOJHOST-EU, NL)
poweredby.jads.co
1    5.9.10.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.10.9.5.clients.your-server.de
acceptable.a-ads.com
2    52.86.12.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-12-80.compute-1.amazonaws.com
cors-anywhere.herokuapp.com
1    35.190.72.161 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com
c.securepaths.com
1    2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700:3033::681b:9d0b (United States)

ASN13335 (CLOUDFLARENET, US)
ptp.party
1    95.179.157.240 (Amsterdam, Netherlands)

ASN20473 (AS-CHOOPA, US)
neon.today
4    193.124.186.132 (Russian Federation)

ASN35196 (IHOR-AS, RU)
PTR: ih1217915.vds.myihor.ru
test.numerca.ru
pautyna.ru
49    2606:4700:20::681a:1c9 (United States)

ASN13335 (CLOUDFLARENET, US)
linkslot.ru
4    2606:4700:3035::ac43:9961 (United States)

ASN13335 (CLOUDFLARENET, US)
trafadsense.ru
14    37.139.1.242 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
multibux.org
7    185.235.128.238 (Dronten, Netherlands)

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
cuys.ru
4    88.198.46.180 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
a.contextbar.ru
nolix.ru
4    77.221.144.31 (Russian Federation)

ASN30968 (INFOBOX-AS Infobox.ru Autonomous System, RU)
advear.ru
4    92.38.192.253 (Moscow, Russian Federation)

ASN12695 (DINET-AS, RU)
best-viewer.ru
mixerparanas.ru
2    2606:4700:3037::681b:ab50 (United States)

ASN13335 (CLOUDFLARENET, US)
qwertypay.com
2    62.249.138.216 (Komsomolsk-on-Amur, Russian Federation)

ASN20485 (TRANSTELECOM Moscow, Russia, RU)
PTR: host.216.dynamic1.l2tp.subnets.svg.ttkdv.ru
bit-bux.ru
2    88.212.201.210 (Russian Federation)

ASN39134 (UNITEDNET, RU)
counter.yadro.ru
Domain Requested by
49 linkslot.ru pautyna.ru
speedflow.io
14 multibux.org pautyna.ru
speedflow.io
7 cuys.ru pautyna.ru
7 traffdaq.com 2 redirects speedflow.io
traffdaq.com
4 advear.ru pautyna.ru
4 trafadsense.ru pautyna.ru
2 nolix.ru pautyna.ru
2 counter.yadro.ru pautyna.ru
2 bit-bux.ru pautyna.ru
2 qwertypay.com pautyna.ru
2 mixerparanas.ru pautyna.ru
2 best-viewer.ru 2 redirects
2 a.contextbar.ru pautyna.ru
2 pautyna.ru
2 test.numerca.ru 1 redirects traffdaq.com
2 cors-anywhere.herokuapp.com speedflow.io
2 poweredby.jads.co 1 redirects poweredby.jads.co
1 neon.today 1 redirects
1 ptp.party 1 redirects
1 cdn.jsdelivr.net traffdaq.com
1 c.securepaths.com traffdaq.com
1 acceptable.a-ads.com speedflow.io
1 speedflow.io
0 cizyix.gxxcbj.com Failed pautyna.ru
119 24

This site contains no links.

Subject Issuer Validity Valid
traffdaq.com
Let's Encrypt Authority X3		 2020-10-31 -
2021-01-29		 3 months crt.sh
*.jads.co
Sectigo RSA Domain Validation Secure Server CA		 2019-12-01 -
2020-11-30		 a year crt.sh
*.herokuapp.com
DigiCert SHA2 High Assurance Server CA		 2020-06-15 -
2021-07-07		 a year crt.sh
*.securepaths.com
Let's Encrypt Authority X3		 2020-09-22 -
2020-12-21		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh
test.numerca.ru
Let's Encrypt Authority X3		 2020-09-06 -
2020-12-05		 3 months crt.sh
pautyna.ru
Let's Encrypt Authority X3		 2020-09-03 -
2020-12-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-05-24 -
2021-05-24		 a year crt.sh
*.multibux.org
GoGetSSL RSA DV CA		 2020-09-05 -
2021-09-05		 a year crt.sh
cuys.ru
Let's Encrypt Authority X3		 2020-09-26 -
2020-12-25		 3 months crt.sh
a.contextbar.ru
Let's Encrypt Authority X3		 2020-10-19 -
2021-01-17		 3 months crt.sh
advear.ru
Let's Encrypt Authority X3		 2020-10-14 -
2021-01-12		 3 months crt.sh
mixersolo.ru
Let's Encrypt Authority X3		 2020-10-05 -
2021-01-03		 3 months crt.sh
bit-bux.ru
Let's Encrypt Authority X3		 2020-11-04 -
2021-02-02		 3 months crt.sh
counter.yadro.ru
Let's Encrypt Authority X3		 2020-10-29 -
2021-01-27		 3 months crt.sh
nolix.ru
Let's Encrypt Authority X3		 2020-11-13 -
2021-02-11		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://pautyna.ru/page2.php
Frame ID: 66C9C1063A9819DF948474FE989A2CA0
Requests: 110 HTTP requests in this frame

Frame: http://acceptable.a-ads.com/1508167
Frame ID: 711AEB1602A1EC666EDA287B27A68E50
Requests: 1 HTTP requests in this frame

Frame: https://traffdaq.com/delivery/dl/47382?category=general
Frame ID: B956D55D6F65C193674FD904806FD3D5
Requests: 1 HTTP requests in this frame

Frame: http://poweredby.jads.co/adshow.php?adzone=880307
Frame ID: DFD6FA02A9AB8BC8BA46076B85676DEF
Requests: 1 HTTP requests in this frame

Frame: http://poweredby.jads.co/adshow.php?adzone=880307
Frame ID: 870934E962163AEF934483681BD10F0F
Requests: 1 HTTP requests in this frame

Frame: https://mixerparanas.ru/?bind-key=fdaa9de3-7a03-4c44-9f96-ab474d8f2fea&sid9=home&templates_show_id=39&utm_campaign=710&utm_medium=333&utm_source=%5BSID%5D
Frame ID: 64E698FE08A9E0BD4BF0020742EDC6D1
Requests: 1 HTTP requests in this frame

Frame: https://qwertypay.com/any/shop_tovar/iframe/?aff=263716&line&color=000000&blocks=4&width=240
Frame ID: CFDA60DE447BB2AF0F8417545C8AE236
Requests: 1 HTTP requests in this frame

Frame: https://mixerparanas.ru/?bind-key=30686b1e-834f-4efb-9d43-913460c68542&sid9=home&templates_show_id=39&utm_campaign=710&utm_medium=333&utm_source=%5BSID%5D
Frame ID: C75FB487498AF28A329709B58FA9E297
Requests: 1 HTTP requests in this frame

Frame: https://qwertypay.com/any/shop_tovar/iframe/?aff=263716&line&color=000000&blocks=4&width=240
Frame ID: E6E9B42DC4D858B886C7F554FB171730
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://speedflow.io/adult/?a=rr Page URL
  2. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik9NdVhcL1ordkxFdTVieDNHSkgzTUFnPT0iL... Page URL
  3. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlhTUnN3b2V1Qko5V0c3RWxQblRvcUE9PSIsI... Page URL
  4. https://ptp.party/13039 HTTP 301
    https://neon.today/ptp/i/13039 HTTP 302
    http://test.numerca.ru/rand1.php HTTP 301
    https://test.numerca.ru/rand1.php Page URL
  5. https://pautyna.ru/page1.php Page URL
  6. https://pautyna.ru/page2.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

119
Requests

85 %
HTTPS

25 %
IPv6

24
Domains

24
Subdomains

19
IPs

5
Countries

1514 kB
Transfer

1717 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://speedflow.io/adult/?a=rr Page URL
  2. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik9NdVhcL1ordkxFdTVieDNHSkgzTUFnPT0iLCJ2YWx1ZSI6IituWERoZmJWckJ0RnFTRitLZWREVGM2blh5elM0ZFZQamR5TkczRHlVeHFlSHBIVUlnTmJaQjdZVUdGNWhZY3Y1MWhocmZtTnhFWWtRSU4wTTlcL05aZXlGemY0SjBYQUY1U1hvXC9IYk1tekhSREtqaDlrZDhSWkxyTjdvcFR5RUtuTTRHY3I5ZHJjbDNqUFVIZWtNVFwvcTlSd0xiWFFJOTVqQnJQNnFVcFlVWHpPMVwvOCthZzVwUDRRVFhzdjJHOW95OVBMZFRzU1VPS1wvdWxncGFNd2xxUT09IiwibWFjIjoiMDFiNGZiNTUxY2Q1ODcyMWQzNzVmYTg0YmFjYjcyNDM0NDUxN2E3ZGJkZmUxY2ZiY2VkN2MzNmE3MTFjYjIzNiJ9 Page URL
  3. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlhTUnN3b2V1Qko5V0c3RWxQblRvcUE9PSIsInZhbHVlIjoiYjdhdmcyVFVGVzlOMTFTUDhMc3FnN3ZJWGd4d0tTZ200TFJ3V29WOThKQmUzbDVKZHVPXC8wa21QU3l4cGNiRUM0ODhtUkxoVWRVSjZGZTRGTzYwK3pYdUFjN0Q4aU9HUmwxeWxvNUNEMjhoaGsxTjN5aWdNc0grRHVvTzh1TFYzcTVYMnlpVkdZcDNoWHpZOFRhQjJpQkVyZE8yXC9pb0JsSEhHUTdtb1A5MVVKNUxFQkdTcnRubU5TVEhSN1dPZ1prdW5KZmZyQm5SNjJvWGYrNGtTd09hXC9ZaExUMmZhbFdISjFrZ1A2YitkYW9oVmMxWCtodzBQZXRUOEhRbDNTelZBbDFxXC93RHFNYnI0NlBCamFIMm9YY2tXZVh4ZE9DRE9sYW53NWFYMkZhMnFcL1NPazdhZE5sRUc4OUZQMm1xYiIsIm1hYyI6IjFkODFkZGExMjIwMTI2YWU3YzllMjZkZmE1ODA5MDJmMDVkOTIzZmY0M2E0NDQ5YWE5NzI4ODM0MDI1Y2U0OWQifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8 Page URL
  4. https://ptp.party/13039 HTTP 301
    https://neon.today/ptp/i/13039 HTTP 302
    http://test.numerca.ru/rand1.php HTTP 301
    https://test.numerca.ru/rand1.php Page URL
  5. https://pautyna.ru/page1.php Page URL
  6. https://pautyna.ru/page2.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://traffdaq.com/delivery/pu/47382?category=ebony HTTP 301
  • https://traffdaq.com/delivery/pu/47382?category=ebony
Request Chain 2
  • https://poweredby.jads.co/js/jads.js HTTP 301
  • https://poweredby.jads.co/js/jads2.js
Request Chain 4
  • http://traffdaq.com/delivery/dl/47382?category=general HTTP 301
  • https://traffdaq.com/delivery/dl/47382?category=general
Request Chain 14
  • https://ptp.party/13039 HTTP 301
  • https://neon.today/ptp/i/13039 HTTP 302
  • http://test.numerca.ru/rand1.php HTTP 301
  • https://test.numerca.ru/rand1.php
Request Chain 34
  • https://best-viewer.ru/new?utm_campaign=710&utm_source=[SID]&utm_medium=333 HTTP 307
  • https://mixerparanas.ru/?bind-key=fdaa9de3-7a03-4c44-9f96-ab474d8f2fea&sid9=home&templates_show_id=39&utm_campaign=710&utm_medium=333&utm_source=%5BSID%5D
Request Chain 82
  • https://best-viewer.ru/new?utm_campaign=710&utm_source=[SID]&utm_medium=333 HTTP 307
  • https://mixerparanas.ru/?bind-key=30686b1e-834f-4efb-9d43-913460c68542&sid9=home&templates_show_id=39&utm_campaign=710&utm_medium=333&utm_source=%5BSID%5D

119 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
speedflow.io/adult/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Server
198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server193-5.web-hosting.com
Software
Apache / PHP/7.1.33
Resource Hash
bdbdcc6be63abb605d56212766a74a600021f5b29f0211677380dbfaaad2756b

Request headers

Host
speedflow.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr

Response headers

date
Sun, 15 Nov 2020 00:00:19 GMT
server
Apache
x-powered-by
PHP/7.1.33
set-cookie
visits_todaya=1; expires=Sun, 15-Nov-2020 22:59:00 GMT; Max-Age=82721; path=/ country=GB visits_todayi=0; expires=Sun, 15-Nov-2020 22:59:00 GMT; Max-Age=82721; path=/
vary
Accept-Encoding
content-encoding
gzip
content-length
858
content-type
text/html; charset=UTF-8
47382
traffdaq.com/delivery/pu/
Redirect Chain
  • http://traffdaq.com/delivery/pu/47382?category=ebony
  • https://traffdaq.com/delivery/pu/47382?category=ebony
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://traffdaq.com/delivery/pu/47382?category=ebony
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash
899c87d2b25831f6cffe4b04764f56a756339fcdb282a1d5f7bc070fff09d8c6

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:20 GMT
Content-Encoding
gzip
Server
nginx/1.16.1 (Ubuntu)
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Location
https://traffdaq.com/delivery/pu/47382?category=ebony
Connection
close
Content-length
0
jads2.js
poweredby.jads.co/js/
Redirect Chain
  • https://poweredby.jads.co/js/jads.js
  • https://poweredby.jads.co/js/jads2.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/js/jads2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.21 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Dec 2019 19:07:38 GMT
Server
nginx
ETag
W/"5e0261fa-eae"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
close

Redirect headers

Location
jads2.js
Date
Sun, 15 Nov 2020 00:00:21 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
1508167
acceptable.a-ads.com/ Frame 711A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://acceptable.a-ads.com/1508167
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
acceptable.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 15 Nov 2020 00:00:20 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger
X-Original-Referer
http://speedflow.io/
Content-Encoding
gzip
47382
traffdaq.com/delivery/dl/ Frame B956
Redirect Chain
  • http://traffdaq.com/delivery/dl/47382?category=general
  • https://traffdaq.com/delivery/dl/47382?category=general
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://traffdaq.com/delivery/dl/47382?category=general
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Host
traffdaq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/

Response headers

Server
nginx/1.16.1 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Cache-Control
no-cache
Date
Sun, 15 Nov 2020 00:00:21 GMT
Content-Encoding
gzip

Redirect headers

Content-length
0
Location
https://traffdaq.com/delivery/dl/47382?category=general
Connection
close
47382
cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/47382?category=ebony
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.12.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-12-80.compute-1.amazonaws.com
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With
XMLHttpRequest

Response headers

Date
Sun, 15 Nov 2020 00:00:21 GMT
Content-Encoding
gzip
Server
nginx/1.16.1 (Ubuntu)
X-Request-Url
http://traffdaq.com/delivery/pu/47382?category=ebony
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
server,date,content-type,transfer-encoding,connection,content-encoding,x-final-url,access-control-allow-origin
Connection
keep-alive
X-Cors-Redirect-1
301 https://traffdaq.com/delivery/pu/47382?category=ebony
X-Final-Url
https://traffdaq.com/delivery/pu/47382?category=ebony
Via
1.1 vegur
47382
cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/47382?category=ebony
Protocol
HTTP/1.1
Server
52.86.12.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-12-80.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-requested-with
Origin
http://speedflow.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
Cowboy
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Access-Control-Allow-Headers
x-requested-with
Access-Control-Expose-Headers
access-control-allow-origin,access-control-allow-methods,access-control-allow-headers
Date
Sun, 15 Nov 2020 00:00:20 GMT
Transfer-Encoding
chunked
Via
1.1 vegur
47382
traffdaq.com/delivery/directlink/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik9NdVhcL1ordkxFdTVieDNHSkgzTUFnPT0iLCJ2YWx1ZSI6IituWERoZmJWckJ0RnFTRitLZWREVGM2blh5elM0ZFZQamR5TkczRHlVeHFlSHBIVUlnTmJaQjdZVUdGNWhZY3Y1MWhocmZtTnhFWWtRSU4wTTlcL05aZXlGemY0SjBYQUY1U1hvXC9IYk1tekhSREtqaDlrZDhSWkxyTjdvcFR5RUtuTTRHY3I5ZHJjbDNqUFVIZWtNVFwvcTlSd0xiWFFJOTVqQnJQNnFVcFlVWHpPMVwvOCthZzVwUDRRVFhzdjJHOW95OVBMZFRzU1VPS1wvdWxncGFNd2xxUT09IiwibWFjIjoiMDFiNGZiNTUxY2Q1ODcyMWQzNzVmYTg0YmFjYjcyNDM0NDUxN2E3ZGJkZmUxY2ZiY2VkN2MzNmE3MTFjYjIzNiJ9
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash
dc072f381d26bc4a7bfa01df89c2b4bf5f8c8bd6c9919c9fb2aa03067bcc0d3e

Request headers

Host
traffdaq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/

Response headers

Server
nginx/1.16.1 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Cache-Control
no-cache
Date
Sun, 15 Nov 2020 00:00:21 GMT
Content-Encoding
gzip
adshow.php
poweredby.jads.co/ Frame DFD6 		0
0
adshow.php
poweredby.jads.co/ Frame 8709 		0
0
eyJpdiI6IlwvVXZabk15am54aE5TY00rS041U0RRPT0iLCJ2YWx1ZSI6IjkycnZPb05nXC9qVUdFVzB0Sk5sXC9XeUcyQ3ExTFwvNmdHeGg4TU41QzEzT2hkZEdsWWtYNW0rQkI0bmRBUzN6ZGw5TU5oZlhYYW1OcEJNbmRpUGpMQWRBPT0iLCJtYWMiOiJiMjJhN...
traffdaq.com/users/track/ 		0
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://traffdaq.com/users/track/eyJpdiI6IlwvVXZabk15am54aE5TY00rS041U0RRPT0iLCJ2YWx1ZSI6IjkycnZPb05nXC9qVUdFVzB0Sk5sXC9XeUcyQ3ExTFwvNmdHeGg4TU41QzEzT2hkZEdsWWtYNW0rQkI0bmRBUzN6ZGw5TU5oZlhYYW1OcEJNbmRpUGpMQWRBPT0iLCJtYWMiOiJiMjJhNTdkOGU1OTlmY2M1MTA5ODk2NjcwMmNlZjcwYjViYjE5ZWE2YjYwMzFlNjg0NDBhYTU2YmVlNjdjMmY4In0%3D
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik9NdVhcL1ordkxFdTVieDNHSkgzTUFnPT0iLCJ2YWx1ZSI6IituWERoZmJWckJ0RnFTRitLZWREVGM2blh5elM0ZFZQamR5TkczRHlVeHFlSHBIVUlnTmJaQjdZVUdGNWhZY3Y1MWhocmZtTnhFWWtRSU4wTTlcL05aZXlGemY0SjBYQUY1U1hvXC9IYk1tekhSREtqaDlrZDhSWkxyTjdvcFR5RUtuTTRHY3I5ZHJjbDNqUFVIZWtNVFwvcTlSd0xiWFFJOTVqQnJQNnFVcFlVWHpPMVwvOCthZzVwUDRRVFhzdjJHOW95OVBMZFRzU1VPS1wvdWxncGFNd2xxUT09IiwibWFjIjoiMDFiNGZiNTUxY2Q1ODcyMWQzNzVmYTg0YmFjYjcyNDM0NDUxN2E3ZGJkZmUxY2ZiY2VkN2MzNmE3MTFjYjIzNiJ9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:22 GMT
Cache-Control
no-cache
Server
nginx/1.16.1 (Ubuntu)
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
implement.js
c.securepaths.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://c.securepaths.com/js/implement.js?org=FziBhN0qA1aE5tBQrQLl&s=5fb06f952d408&p=TDQ47382&a=47382&cmp=47382&rd=http%3A%2F%2Fspeedflow.io%2F&rt=click&sl=0&stId=0&ty=l
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik9NdVhcL1ordkxFdTVieDNHSkgzTUFnPT0iLCJ2YWx1ZSI6IituWERoZmJWckJ0RnFTRitLZWREVGM2blh5elM0ZFZQamR5TkczRHlVeHFlSHBIVUlnTmJaQjdZVUdGNWhZY3Y1MWhocmZtTnhFWWtRSU4wTTlcL05aZXlGemY0SjBYQUY1U1hvXC9IYk1tekhSREtqaDlrZDhSWkxyTjdvcFR5RUtuTTRHY3I5ZHJjbDNqUFVIZWtNVFwvcTlSd0xiWFFJOTVqQnJQNnFVcFlVWHpPMVwvOCthZzVwUDRRVFhzdjJHOW95OVBMZFRzU1VPS1wvdWxncGFNd2xxUT09IiwibWFjIjoiMDFiNGZiNTUxY2Q1ODcyMWQzNzVmYTg0YmFjYjcyNDM0NDUxN2E3ZGJkZmUxY2ZiY2VkN2MzNmE3MTFjYjIzNiJ9
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Nov 2020 00:00:22 GMT
via
1.1 google
status
401
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
x-xss-protection
0
expires
0
fingerprint2.min.js
cdn.jsdelivr.net/fingerprintjs2/1.4.0/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/fingerprintjs2/1.4.0/fingerprint2.min.js
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik9NdVhcL1ordkxFdTVieDNHSkgzTUFnPT0iLCJ2YWx1ZSI6IituWERoZmJWckJ0RnFTRitLZWREVGM2blh5elM0ZFZQamR5TkczRHlVeHFlSHBIVUlnTmJaQjdZVUdGNWhZY3Y1MWhocmZtTnhFWWtRSU4wTTlcL05aZXlGemY0SjBYQUY1U1hvXC9IYk1tekhSREtqaDlrZDhSWkxyTjdvcFR5RUtuTTRHY3I5ZHJjbDNqUFVIZWtNVFwvcTlSd0xiWFFJOTVqQnJQNnFVcFlVWHpPMVwvOCthZzVwUDRRVFhzdjJHOW95OVBMZFRzU1VPS1wvdWxncGFNd2xxUT09IiwibWFjIjoiMDFiNGZiNTUxY2Q1ODcyMWQzNzVmYTg0YmFjYjcyNDM0NDUxN2E3ZGJkZmUxY2ZiY2VkN2MzNmE3MTFjYjIzNiJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1482411
x-cache
HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
10191
etag
W/"83f3-ijg3WuTgKQH1Hch06eHdIajrA24"
x-served-by
cache-fra19179-FRA
date
Sun, 15 Nov 2020 00:00:22 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
47382
traffdaq.com/delivery/directlink/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlhTUnN3b2V1Qko5V0c3RWxQblRvcUE9PSIsInZhbHVlIjoiYjdhdmcyVFVGVzlOMTFTUDhMc3FnN3ZJWGd4d0tTZ200TFJ3V29WOThKQmUzbDVKZHVPXC8wa21QU3l4cGNiRUM0ODhtUkxoVWRVSjZGZTRGTzYwK3pYdUFjN0Q4aU9HUmwxeWxvNUNEMjhoaGsxTjN5aWdNc0grRHVvTzh1TFYzcTVYMnlpVkdZcDNoWHpZOFRhQjJpQkVyZE8yXC9pb0JsSEhHUTdtb1A5MVVKNUxFQkdTcnRubU5TVEhSN1dPZ1prdW5KZmZyQm5SNjJvWGYrNGtTd09hXC9ZaExUMmZhbFdISjFrZ1A2YitkYW9oVmMxWCtodzBQZXRUOEhRbDNTelZBbDFxXC93RHFNYnI0NlBCamFIMm9YY2tXZVh4ZE9DRE9sYW53NWFYMkZhMnFcL1NPazdhZE5sRUc4OUZQMm1xYiIsIm1hYyI6IjFkODFkZGExMjIwMTI2YWU3YzllMjZkZmE1ODA5MDJmMDVkOTIzZmY0M2E0NDQ5YWE5NzI4ODM0MDI1Y2U0OWQifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik9NdVhcL1ordkxFdTVieDNHSkgzTUFnPT0iLCJ2YWx1ZSI6IituWERoZmJWckJ0RnFTRitLZWREVGM2blh5elM0ZFZQamR5TkczRHlVeHFlSHBIVUlnTmJaQjdZVUdGNWhZY3Y1MWhocmZtTnhFWWtRSU4wTTlcL05aZXlGemY0SjBYQUY1U1hvXC9IYk1tekhSREtqaDlrZDhSWkxyTjdvcFR5RUtuTTRHY3I5ZHJjbDNqUFVIZWtNVFwvcTlSd0xiWFFJOTVqQnJQNnFVcFlVWHpPMVwvOCthZzVwUDRRVFhzdjJHOW95OVBMZFRzU1VPS1wvdWxncGFNd2xxUT09IiwibWFjIjoiMDFiNGZiNTUxY2Q1ODcyMWQzNzVmYTg0YmFjYjcyNDM0NDUxN2E3ZGJkZmUxY2ZiY2VkN2MzNmE3MTFjYjIzNiJ9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Host
traffdaq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik9NdVhcL1ordkxFdTVieDNHSkgzTUFnPT0iLCJ2YWx1ZSI6IituWERoZmJWckJ0RnFTRitLZWREVGM2blh5elM0ZFZQamR5TkczRHlVeHFlSHBIVUlnTmJaQjdZVUdGNWhZY3Y1MWhocmZtTnhFWWtRSU4wTTlcL05aZXlGemY0SjBYQUY1U1hvXC9IYk1tekhSREtqaDlrZDhSWkxyTjdvcFR5RUtuTTRHY3I5ZHJjbDNqUFVIZWtNVFwvcTlSd0xiWFFJOTVqQnJQNnFVcFlVWHpPMVwvOCthZzVwUDRRVFhzdjJHOW95OVBMZFRzU1VPS1wvdWxncGFNd2xxUT09IiwibWFjIjoiMDFiNGZiNTUxY2Q1ODcyMWQzNzVmYTg0YmFjYjcyNDM0NDUxN2E3ZGJkZmUxY2ZiY2VkN2MzNmE3MTFjYjIzNiJ9
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
tdqct=1; laravel_session=eyJpdiI6ImJGVGxJUzRjMXJFYnhaTDl3NTI5Q1E9PSIsInZhbHVlIjoicWVMVHI2SDZvUmVrdzd1MGNjN0pKUDBZelY1ZUJmQmJESGlzU292OTJLeVRRcnIzU09uOFBQZ0NWYUhaYldKNlFKN0N2aFRsWk9jQjBtNUdNUlZjQUE9PSIsIm1hYyI6ImIzMTI0NDNiYzJiM2M5ZmEwNGM0OWUyZTI3Yjg0NjlmZGQ0ODhhMGIwMGVhMWYwMjFhZDc2ZWZiNGZiNmNmNDEifQ%3D%3D; referrer=eyJpdiI6InlRejNHWG1IazhsXC9QYTR3c3BncGJBPT0iLCJ2YWx1ZSI6Ik9mcVVNTGl0bk9sejRnR0lUSk5XWkZYV0hVWTdadVwvRG4xS3NHOHdXcDJvSFwvRUFFYnpFb1wvempOS0tYbkZhNVgiLCJtYWMiOiIzMTU0MjQ5NDJmYmU3M2RiZDBkMGFjMmE5M2I4MDFmZDg2YzFiNWUzOGNmZGQzZGFhYTk0ZDZjYzIxMjRhZjZmIn0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik9NdVhcL1ordkxFdTVieDNHSkgzTUFnPT0iLCJ2YWx1ZSI6IituWERoZmJWckJ0RnFTRitLZWREVGM2blh5elM0ZFZQamR5TkczRHlVeHFlSHBIVUlnTmJaQjdZVUdGNWhZY3Y1MWhocmZtTnhFWWtRSU4wTTlcL05aZXlGemY0SjBYQUY1U1hvXC9IYk1tekhSREtqaDlrZDhSWkxyTjdvcFR5RUtuTTRHY3I5ZHJjbDNqUFVIZWtNVFwvcTlSd0xiWFFJOTVqQnJQNnFVcFlVWHpPMVwvOCthZzVwUDRRVFhzdjJHOW95OVBMZFRzU1VPS1wvdWxncGFNd2xxUT09IiwibWFjIjoiMDFiNGZiNTUxY2Q1ODcyMWQzNzVmYTg0YmFjYjcyNDM0NDUxN2E3ZGJkZmUxY2ZiY2VkN2MzNmE3MTFjYjIzNiJ9

Response headers

Server
nginx/1.16.1 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Cache-Control
no-cache
Date
Sun, 15 Nov 2020 00:00:24 GMT
Content-Encoding
gzip
rand1.php
test.numerca.ru/
Redirect Chain
  • https://ptp.party/13039
  • https://neon.today/ptp/i/13039
  • http://test.numerca.ru/rand1.php
  • https://test.numerca.ru/rand1.php
76 B
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://test.numerca.ru/rand1.php
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlhTUnN3b2V1Qko5V0c3RWxQblRvcUE9PSIsInZhbHVlIjoiYjdhdmcyVFVGVzlOMTFTUDhMc3FnN3ZJWGd4d0tTZ200TFJ3V29WOThKQmUzbDVKZHVPXC8wa21QU3l4cGNiRUM0ODhtUkxoVWRVSjZGZTRGTzYwK3pYdUFjN0Q4aU9HUmwxeWxvNUNEMjhoaGsxTjN5aWdNc0grRHVvTzh1TFYzcTVYMnlpVkdZcDNoWHpZOFRhQjJpQkVyZE8yXC9pb0JsSEhHUTdtb1A5MVVKNUxFQkdTcnRubU5TVEhSN1dPZ1prdW5KZmZyQm5SNjJvWGYrNGtTd09hXC9ZaExUMmZhbFdISjFrZ1A2YitkYW9oVmMxWCtodzBQZXRUOEhRbDNTelZBbDFxXC93RHFNYnI0NlBCamFIMm9YY2tXZVh4ZE9DRE9sYW53NWFYMkZhMnFcL1NPazdhZE5sRUc4OUZQMm1xYiIsIm1hYyI6IjFkODFkZGExMjIwMTI2YWU3YzllMjZkZmE1ODA5MDJmMDVkOTIzZmY0M2E0NDQ5YWE5NzI4ODM0MDI1Y2U0OWQifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
193.124.186.132 , Russian Federation, ASN35196 (IHOR-AS, RU),
Reverse DNS
ih1217915.vds.myihor.ru
Software
nginx/1.16.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Host
test.numerca.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlhTUnN3b2V1Qko5V0c3RWxQblRvcUE9PSIsInZhbHVlIjoiYjdhdmcyVFVGVzlOMTFTUDhMc3FnN3ZJWGd4d0tTZ200TFJ3V29WOThKQmUzbDVKZHVPXC8wa21QU3l4cGNiRUM0ODhtUkxoVWRVSjZGZTRGTzYwK3pYdUFjN0Q4aU9HUmwxeWxvNUNEMjhoaGsxTjN5aWdNc0grRHVvTzh1TFYzcTVYMnlpVkdZcDNoWHpZOFRhQjJpQkVyZE8yXC9pb0JsSEhHUTdtb1A5MVVKNUxFQkdTcnRubU5TVEhSN1dPZ1prdW5KZmZyQm5SNjJvWGYrNGtTd09hXC9ZaExUMmZhbFdISjFrZ1A2YitkYW9oVmMxWCtodzBQZXRUOEhRbDNTelZBbDFxXC93RHFNYnI0NlBCamFIMm9YY2tXZVh4ZE9DRE9sYW53NWFYMkZhMnFcL1NPazdhZE5sRUc4OUZQMm1xYiIsIm1hYyI6IjFkODFkZGExMjIwMTI2YWU3YzllMjZkZmE1ODA5MDJmMDVkOTIzZmY0M2E0NDQ5YWE5NzI4ODM0MDI1Y2U0OWQifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Response headers

Server
nginx/1.16.1
Date
Sun, 15 Nov 2020 00:00:26 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Location
Strict-Transport-Security
max-age=31536000;

Redirect headers

Server
nginx/1.16.1
Date
Sun, 15 Nov 2020 00:00:26 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://test.numerca.ru:443/rand1.php
page1.php
pautyna.ru/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pautyna.ru/page1.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
193.124.186.132 , Russian Federation, ASN35196 (IHOR-AS, RU),
Reverse DNS
ih1217915.vds.myihor.ru
Software
nginx/1.16.1 /
Resource Hash
7907f60bbbec62423cc6240e3c06a75543cf04c667e9c162b8d9fe71a4651218
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Host
pautyna.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://test.numerca.ru/rand1.php
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://test.numerca.ru/rand1.php

Response headers

Server
nginx/1.16.1
Date
Sun, 15 Nov 2020 00:00:26 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000;
bancode.php
linkslot.ru/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=263777
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61de670e58deadcf64b93c61d84b93a5056f1b25eb96f3b15f752dc9917a4cc0

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KEM6dTxfaXHpxIfhCODHAIU5xLU0IkFsnlGoHFjntJkTNYG9WM%2BqF3M%2FQ7wtopoCvSwntqELIvLvcG43zfCtcAEVkxbYIjQph%2BFz12Uk7AYYNgsxCV%2F24w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
status
200
cf-ray
5f24b129eaaa0609-FRA
cf-request-id
066acd0e2d0000060997b5c000000001
bancode.php
linkslot.ru/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=263778
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14b1c321bf81f61c64fa5373f3046f189f2ebd20dc971b22fb96ae83d3bd6af8

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FhfJIo%2BELHWpKz44zuE5NlR30TIGYxjgmVTVAng3bECBJLaEW5StYHDpSbTNC9oqohFsah6IuUqtxM%2BHTutePYm0bzsgeGnZHzJOMpoCplp4IqHXcbBAEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
status
200
cf-ray
5f24b129eaab0609-FRA
cf-request-id
066acd0e2d00000609e61bc000000001
bancode.php
linkslot.ru/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=263785
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f63c47995b6d0a72fafa27bedc00f7fb0d395efa33d6d754f15fc172a455b7eb

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a4zub3KDLM4BHqvMVVaD6ZgKjJ8JjNrAMvocpQ6doiwf3PMpp2wFw7nlQj7MCDSWlV8jHIg2AiVbfqyo6tukaHI9d%2Fa83OUlx61SUziUvqjolFnnIF%2BTtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
status
200
cf-ray
5f24b129eaac0609-FRA
cf-request-id
066acd0e2d00000609b28c2000000001
bancode.php
linkslot.ru/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=263787
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34cca472b2177f5ab082732f4ac0469296fcf57f0b0982bba9bebd5e0676c39b

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=05g9Mnxjb905xLOW%2Bf5umcoAdm%2BKG4Ka%2F0gi6Y757DbPZ%2BRsHJUgVueYKrPifcziP6LVAtQwhvdIkBcx1xVn6t55VbZTiYb4PZEVg%2FweK0FPFx4uZpolZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
status
200
cf-ray
5f24b129eaae0609-FRA
cf-request-id
066acd0e2d00000609a80d3000000001
4108
trafadsense.ru/adsview/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trafadsense.ru/adsview/js/4108
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9961 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
8e5a45c54d4480467f032957f1a7a02b2183007643d75d6d90f44dae78f4619b

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.8
status
200
cf-request-id
066acd0e3c0000c2d6612ae000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I4cG97dC5ivh%2FAwVXBQs4sVSchD6IbBciESvPqu%2FgrTPDAxwS9EezFaMGPWu6oeubU8OzAiLnIErZAkkrxsrbx8opKUvf%2FUK7p8MvLsQlzzlpFPTHzuBetLP4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
5f24b129fb4ec2d6-FRA
x-beget-proxy
install.beget.ru, amper2.beget.ru
expires
Thu, 19 Nov 1981 08:52:00 GMT
bancode.php
linkslot.ru/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=263788
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9b32ade29a0bfa642729b42e28acabdee8b7f2831633cd770f735bb02065c78

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F1kMnKMFc7VHwat7LS%2FGLMB8XUK1p0E8z86jHo57mdVk6XiQVaycxpQg8O0poqpKDu54g0v7wWJH3ynQlWN5ukeY5FxRRq9c8WQq%2FuwiNmv%2BtjdTz0LVVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
status
200
cf-ray
5f24b129eab00609-FRA
cf-request-id
066acd0e2d00000609a02b4000000001
bancode.php
multibux.org/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://multibux.org/bancode.php?id=337
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / PHP/5.5.9-1ubuntu4.26
Resource Hash
2afc64ca2b45fb01989356b925b170ab2e0532c264c3b432d0a6119d2562595e

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Nov 2020 00:00:24 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.5.9-1ubuntu4.26
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 19 Nov 1981 08:52:00 GMT
bancode.php
linkslot.ru/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=263790
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e9b02641ec30f7ad66c7b89037b526f3adcf0243855d19fc8d65d760f0dddda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IS8SLvpMvG%2B0mIFi2rQKn1BYQfU1xlbPC60xx%2FMLkfXFz8KF98d0CYeHfFGG6xyOGWkMmbJ%2Bd4%2BZkvyR%2BHB%2Bs0qtyZaCW3LrbVBvjwn5bOJB9zpahzDh6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
status
200
cf-ray
5f24b129eab20609-FRA
cf-request-id
066acd0e2e000006099e1ea000000001
bancode.php
linkslot.ru/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=265527
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13b329bdb501a8ace2365ae00d62cec073e236dfb6835a039ede91ab8c68dd46

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gMeTUjGKjPhwKHcl9Z5gpAWVJsexiXctQDBsiwfkfJQKTmB%2BijtiiP1yiBNiREZIA3hKKvESnXJA%2F3xjhw4RxT4ZpOwpDcElE4isSh5DAEOKPr%2FJaNAVaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
status
200
cf-ray
5f24b12aec180609-FRA
cf-request-id
066acd0ed30000060916984000000001
bancode.php
cuys.ru/ 		892 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cuys.ru/bancode.php?id=3683
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.235.128.238 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
Software
Apache/2.2.22 (@RELEASE@) / PHP/5.4.45
Resource Hash
c5894e9258c3a21fc248a032194c3a58ce3b44837a0f62cd6484f48cb5054927
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Nov 2020 00:00:27 GMT
Server
Apache/2.2.22 (@RELEASE@)
X-Powered-By
PHP/5.4.45
Strict-Transport-Security
max-age=31536000; preload
Content-Type
text/html; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
close
Expires
Thu, 19 Nov 1981 08:52:00 GMT
bancode.php
cuys.ru/ 		288 B
753 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cuys.ru/bancode.php?id=3684
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.235.128.238 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
Software
Apache/2.2.22 (@RELEASE@) / PHP/5.4.45
Resource Hash
b2b7acbaa83b8deb03f55625ec190a014206267757ec315b4a5149e2dba3f436
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Nov 2020 00:00:27 GMT
Server
Apache/2.2.22 (@RELEASE@)
X-Powered-By
PHP/5.4.45
Strict-Transport-Security
max-age=31536000; preload
Content-Type
text/html; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
close
Expires
Thu, 19 Nov 1981 08:52:00 GMT
bar.php
a.contextbar.ru/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.contextbar.ru/bar.php?url=5496
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.46.180 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
ce27ded42d088499823bd4950bf2a2e426f213726a35f24675563b73dc44ad75

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:27 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
Connection
keep-alive
Content-Length
816
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF8
partner
advear.ru/click/ 		1 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advear.ru/click/partner?id=29887&type=3&code=1577086808
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.221.144.31 , Russian Federation, ASN30968 (INFOBOX-AS Infobox.ru Autonomous System, RU),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Nov 2020 00:00:27 GMT
Server
Apache/2.4.29 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1
Expires
Thu, 19 Nov 1981 08:52:00 GMT
partner
advear.ru/click/ 		1 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advear.ru/click/partner?id=29887&type=1&code=1577086808
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.221.144.31 , Russian Federation, ASN30968 (INFOBOX-AS Infobox.ru Autonomous System, RU),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Nov 2020 00:00:27 GMT
Server
Apache/2.4.29 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1
Expires
Thu, 19 Nov 1981 08:52:00 GMT
lincode.php
linkslot.ru/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/lincode.php?id=263792
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c1fcc03048460423c6aebcb1744cbe6176c5c054c7f80e790b304164f40bf78

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kw8pNC4Bz6RubgvDW7MpuXOiojlwF%2BtB6GHMbt6FJHuT5b5NtQu7bD%2FSPTb%2FwuIx6NGzJaWNZjLiya66plxdPB2Jq8FOFdGvk6sorltZUCwLPVRXfomzVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
status
200
cf-ray
5f24b12aec190609-FRA
cf-request-id
066acd0ed3000006098c966000000001
bancode.php
multibux.org/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://multibux.org/bancode.php?id=239
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / PHP/5.5.9-1ubuntu4.26
Resource Hash
d6f5dbb14e0e849e06383407c7ac15525b395a3aaaa95a6c9ae1336badbc5ade

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Nov 2020 00:00:24 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.5.9-1ubuntu4.26
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 19 Nov 1981 08:52:00 GMT
bancode.php
linkslot.ru/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=271129
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
992f0044a288ed42e9f96d7896b63fa1e8cae2f52c234d55e5db091c510dbf88

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3wHtKGvsHBd6ey3G14VOibgiqhVFs%2Bz9iMmD0mX%2FVSpVexE1Mtl0MXM4hMDpE5CqiuenIajYZcZR2gBc2CdA0ORgRScJGdV3%2BQc%2BPBrAL22sm7g1Dd%2Fe9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
status
200
cf-ray
5f24b12aec1a0609-FRA
cf-request-id
066acd0ed300000609b28cc000000001
bancode.php
cuys.ru/ 		894 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cuys.ru/bancode.php?id=3688
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.235.128.238 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
Software
Apache/2.2.22 (@RELEASE@) / PHP/5.4.45
Resource Hash
ac2af4fdb806e695df3960ea189776b45a1666fff55c36f750941d05ccd1c667
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Nov 2020 00:00:27 GMT
Server
Apache/2.2.22 (@RELEASE@)
X-Powered-By
PHP/5.4.45
Strict-Transport-Security
max-age=31536000; preload
Content-Type
text/html; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Length
894
Expires
Thu, 19 Nov 1981 08:52:00 GMT
/
mixerparanas.ru/ Frame 64E6
Redirect Chain
  • https://best-viewer.ru/new?utm_campaign=710&utm_source=[SID]&utm_medium=333
  • https://mixerparanas.ru/?bind-key=fdaa9de3-7a03-4c44-9f96-ab474d8f2fea&sid9=home&templates_show_id=39&utm_campaign=710&utm_medium=333&utm_source=%5BSID%5D
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mixerparanas.ru/?bind-key=fdaa9de3-7a03-4c44-9f96-ab474d8f2fea&sid9=home&templates_show_id=39&utm_campaign=710&utm_medium=333&utm_source=%5BSID%5D
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.38.192.253 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash

Request headers

Host
mixerparanas.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pautyna.ru/page1.php
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://pautyna.ru/page1.php

Response headers

Server
nginx/1.17.4
Date
Sun, 15 Nov 2020 00:00:27 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Access-Control-Allow-Headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin
*
Content-Encoding
gzip

Redirect headers

Server
nginx/1.17.4
Date
Sun, 15 Nov 2020 00:00:27 GMT
Content-Type
text/html; charset=utf-8
Content-Length
209
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Cookie, Set-Cookie
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://pautyna.ru
Cache-Control
no-cache, no-store, must-revalidate
Location
https://mixerparanas.ru?bind-key=fdaa9de3-7a03-4c44-9f96-ab474d8f2fea&sid9=home&templates_show_id=39&utm_campaign=710&utm_medium=333&utm_source=%5BSID%5D
Set-Cookie
cd=eyJzIjp7Im8iOiJNYWNPU1giLCJvdiI6IjEwIiwiZGMiOjEsImIiOiJDaHJvbWUiLCJidiI6IjgzIn0sImwiOnsiciI6IiIsIm4iOjE3MjI0fX0=; Path=/; Expires=Tue, 15 Dec 2020 00:00:27 GMT; Secure; SameSite=None cc=eyJ1aWlkIjoiIiwiZF9vZmZzZXQiOi0xfQ==; Path=/; Expires=Tue, 15 Dec 2020 00:00:27 GMT; Secure; SameSite=None sid10=0; Path=/; Expires=Tue, 15 Dec 2020 00:00:27 GMT; Secure; SameSite=None uid=; Path=/; Expires=Tue, 15 Dec 2020 00:00:27 GMT; Secure; SameSite=None utm_medium=333; Path=/; Expires=Tue, 15 Dec 2020 00:00:27 GMT; Secure; SameSite=None
DSi07lf9fj9oTCKM0KCYpVwq0wwEsg
cizyix.gxxcbj.com/v/ 		0
0
/
qwertypay.com/any/shop_tovar/iframe/ Frame CFDA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://qwertypay.com/any/shop_tovar/iframe/?aff=263716&line&color=000000&blocks=4&width=240
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:ab50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
qwertypay.com
:scheme
https
:path
/any/shop_tovar/iframe/?aff=263716&line&color=000000&blocks=4&width=240
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pautyna.ru/page1.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://pautyna.ru/page1.php

Response headers

status
200
date
Sun, 15 Nov 2020 00:00:27 GMT
content-type
text/html;charset=UTF-8
set-cookie
__cfduid=d5a882754efe9f5ba6f151e9d4aa75a2a1605398427; expires=Tue, 15-Dec-20 00:00:27 GMT; path=/; domain=.qwertypay.com; HttpOnly; SameSite=Lax PHPSESSID=0j26769euckshttk65sd9fj1n0; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
066acd0e480000d6ed21858000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FgdiEJqB8I1flmWzXst39byhBFX5IllG%2FX1gZEEgIh814kuAJMbqumco8h4tkpFpsNUnMKfufSshcL46oKKO7%2BEMDaC0FG7iGjLWRAMpJkLusPVN0SUayzKj"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5f24b12a0d37d6ed-FRA
content-encoding
br
gate.php
linkslot.ru/ 		2 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999e96a29da195989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88a9bdccda69d999a9ca0969bd59799aa91a2989798939b959aa29799aa91a298978b938ecddee6d7dcb490a1dcccdbd799d3dfdfccdbddc2a0dadc97d5ccd3cea395d9e2d195999d98989e9ea2a699a0ac99a6
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:27 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0BfhSVnwnJV%2Bq2J09v4IVmJaadK21Bc4kdlHHAuqSS9dyHzzxRXfjMduvWW4WYb28NwPtHtybr1VUDQgxpzNjwi9SJUYElDNKTvBdQVZMV94moO2XPRjNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
5f24b12aee2f2c22-FRA
content-length
2
cf-request-id
066acd0ed500002c2262852000000001
468x60.jpg
linkslot.ru/promo/dummy/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/promo/dummy/468x60.jpg
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:27 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6319
status
200
content-length
11802
cf-request-id
066acd0ed300000609f5afe000000001
last-modified
Tue, 21 Jul 2015 17:32:18 GMT
server
cloudflare
etag
"55ae8222-2e1a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FfF6%2FTtrSMUP1Y3Zh1KD%2FCAkJ1TeNrI5hMDUuZBbl0ZR%2FLtxMaCz%2BDzQHNGecHCLjKoPyln7jVCm3OWgdUCbRGRGaeGTIT%2FbRSjHCy%2ByW1HdQdmX4ygYIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5f24b12aec150609-FRA
cf-bgj
h2pri
gate.php
linkslot.ru/ 		2 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999e96a29d9f95989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88a9bdbd4ecd89ec994d59ad2d59799aa91a2989798939b959aa29799aa91a298978b938ecddee6d7dcb490a1dcccdbd799d3dfdfccdbddc2a0dadc97d5ccd3cea395d9e2d195999d98989e9ea2a699a0ad91ab
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:27 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PHDcX%2BMUfpeGozofdRjL6ZCFvnUBci0IeTb5fgbmo8NuymkFLnATl%2BAmUYhyBUwSmlMa%2Fmg0%2FodZSguroj%2FRYzj5VJYtQ4UX%2Bn%2BbLHhMrlVT1IDXqhwTqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
5f24b12afe352c22-FRA
content-length
2
cf-request-id
066acd0ed600002c224333f000000001
gate.php
linkslot.ru/ 		2 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999e96a29da295989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88a9db091e4d1e1d393ddcdd3a29799aa91a2989798939b959aa29799aa91a298978b938ecddee6d7dcb490a1dcccdbd799d3dfdfccdbddc2a0dadc97d5ccd3cea395d9e2d195999d98989e9ea2a699a0ad96ab
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:27 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bgGZ0EDjxLMk%2FGezHT2iHnLGhxKTrnAPFQrPIbviGUY9HryW0EV19i2Bq8G%2FjRcmOHqkWsbeLj%2FVXaNDodN3%2Bz665mUfjglZdzcmueJOIQQJQBzL%2FRe5Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
5f24b12b1ea72c22-FRA
content-length
2
cf-request-id
066acd0eee00002c22973f1000000001
gate.php
linkslot.ru/ 		2 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999e96a29ca195989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88a9ae1d4e2a09e9b94d4dad1a29799aa91a2989798939b959aa29799aa91a298978b938ecddee6d7dcb490a1dcccdbd799d3dfdfccdbddc2a0dadc97d5ccd3cea395d9e2d195999d98989e9ea2a699a0ad98a8
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:27 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hnITlyUjm47SwkZQe7tx7TQ%2F9TaJqouADA8e%2FVTznkg%2B9Kyj2y3RoSI7IJtCDPoBSw%2BfdIoZ7yDAeRe%2FUs9P8aaAadfgNQfJGcHZ6Rb7oJZlyLmK8AFKiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
5f24b12b6f652c22-FRA
content-length
2
cf-request-id
066acd0f2500002c229027f000000001
gate.php
linkslot.ru/ 		2 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999e96a29e9a95989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88a9de598ece0c8d795ced79ca29799aa91a2989798939b959aa29799aa91a298978b938ecddee6d7dcb490a1dcccdbd799d3dfdfccdbddc2a0dadc97d5ccd3cea395d9e2d195999d98989e9ea2a699a0ae91a5
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:27 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vSsRhLfONS400nZjVVI4YP1jpM7Pzgxt8QhXkxYXtev7BhqUw5IQ0CFK7aUHdMrrbNU9VxF8kWQtVVxlW65R6hG%2BS%2FnjxtuQrwungoRccfumOAglZfUjgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
5f24b12b6f682c22-FRA
content-length
2
cf-request-id
066acd0f2500002c2238bc9000000001
gate.php
linkslot.ru/ 		2 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999e96a29ca295989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88a9daec4da9bc8d0d0cfc6cda29799aa91a2989798939b959aa29799aa91a298978b938ecddee6d7dcb490a1dcccdbd799d3dfdfccdbddc2a0dadc97d5ccd3cea395d9e2d195999d98989e9ea2a699a0ae94a5
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:27 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nwzAVwSbzD4f8bWXKwytKUZCdECCrFujY5FLTUul3Ld0dPxEGy%2FdzQp7R%2FMbuJLzYlNgWHoy8WlCKNtMcKgnt5AYIlqeT6KvTcm%2Bmt%2F8Y9fhyQlecJW9SA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
5f24b12ba8142c22-FRA
content-length
2
cf-request-id
066acd0f4a00002c228c866000000001
8fe500e3c3a660f69c4792ee7d2679aa.gif
linkslot.ru/uploads/ 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/uploads/8fe500e3c3a660f69c4792ee7d2679aa.gif
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a47a7f018ec68360ce9240e3dce062cf4619134f05ccfb4fd85d404c9d6876a

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:27 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6233
status
200
content-length
108804
cf-request-id
066acd0f4d00000609eb054000000001
last-modified
Fri, 13 Nov 2020 12:10:06 GMT
server
cloudflare
etag
"5fae779e-1a904"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BNkDswVARQ226x9KARUdOd%2BkGM2MyhCK4yImSDP0ucGxFDg1RDa5%2Bf0hgEPjjpmnRDrs6acTDhbToQK91N94ivTIfj4wPgaEgOdFXuwlpp%2BZMx0oLNz4xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5f24b12bad350609-FRA
buyb.png
linkslot.ru/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/img/buyb.png
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:27 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6343
status
200
content-length
2585
cf-request-id
066acd0f4d000006091d9c9000000001
last-modified
Fri, 29 May 2015 20:03:43 GMT
server
cloudflare
etag
"5568c61f-a19"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6EYuxrZG3ZiNZo0rvTgPVtdEcrnvD6bzZb1eQxdeyTEijknq3hpRlXErbpO5DmqLFPK8ccB3Lh47U1hFQmS3%2FWObXd%2BrMfCVKYtMq1uIS7KIheRqXBA0UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5f24b12bad370609-FRA
468x60.gif
bit-bux.ru/banners/ 		199 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bit-bux.ru/banners/468x60.gif
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.249.138.216 Komsomolsk-on-Amur, Russian Federation, ASN20485 (TRANSTELECOM Moscow, Russia, RU),
Reverse DNS
host.216.dynamic1.l2tp.subnets.svg.ttkdv.ru
Software
nginx/1.16.1 /
Resource Hash
959fdec2ab485135537b64b5768664d285279112535bac76905e5bc4fa1063d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:28 GMT
Last-Modified
Sat, 17 Oct 2020 13:46:34 GMT
Server
nginx/1.16.1
ETag
"5f8af5ba-31c70"
Strict-Transport-Security
max-age=31536000;
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
203888
b_logo.png
trafadsense.ru/theme/img/ 		767 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://trafadsense.ru/theme/img/b_logo.png
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:9961 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7795b0dca780f00cb94d913c1babf72c8d1cf68e882f59559a6f3c46b5fc001

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:27 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
837728
Connection
keep-alive
Content-Length
767
cf-request-id
066acd0f5800002bd2d5a62000000001
Last-Modified
Sun, 10 Jun 2018 12:08:02 GMT
Server
cloudflare
ETag
"5b1d14a2-2ff"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6ZIENbuBM977A%2Bv07I5%2B0oARgxQRIpY9AX02Ruq5iJpNXOJwxOgjWDNkabkP8S5JMu2ONShfCd59mBJUHVTW83n7eD0mvpv878rcKUKmdC0jymJrafHajEMXyA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
CF-RAY
5f24b12bc8892bd2-FRA
X-Beget-Proxy
install.beget.ru, amper2.beget.ru
Expires
Sat, 05 Dec 2020 07:18:19 GMT
hit
counter.yadro.ru/ 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?t18.2;rhttps%3A//test.numerca.ru/rand1.php;s1600*1200*24;uhttps%3A//pautyna.ru/page1.php;hPage%201;0.7843204420827385
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:27 GMT
Transfer-Encoding
chunked
Server
nginx/1.17.9
Connection
keep-alive
Strict-Transport-Security
max-age=86400
gate.php
linkslot.ru/ 		2 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999e98a097a195989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88a9addd4a3cdd8e0d4d9cadbe19799aa91a2989798939b959aa29799aa91a298978b938ecddee6d7dcb490a1dcccdbd799d3dfdfccdbddc2a0dadc97d5ccd3cea395d9e2d195999d98989e9ea2a699a0ae9aa4
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:27 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aBDgKbCbYNjy2cNpDJGqnHwhxbOU%2BCOa%2FqMgU%2FoK8ifyYtgjs%2BUPCMncN7kXovp7dYbZO6VD%2Fs0WeiAqa%2Bwn4CuwUH%2FVnMNMRqhmuV9sL4yr%2FzMpazn7JA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
5f24b12c79bf2c22-FRA
content-length
2
cf-request-id
066acd0fcc00002c2221a9e000000001
gate.php
linkslot.ru/ 		2 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999e98a097a195989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88a9db1d5d4ca9f98c4cdc8cda29799aa91a2989798939b959aa29799aa91a298978b938ecddee6d7dcb490a1dcccdbd799d3dfdfccdbddc2a0dadc97d5ccd3cea395d9e2d195999d98989e9ea2a699a0af92ab
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:27 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HCg4CkUMy6wVF3OLXLkzBNuNPbR2W9Fujd1obLxFFUJmA%2Fd4Vo4%2F7b3lixlt5AhUm3bcvgyz%2BYrOC86pQVZnVi9721rniavR%2FGXsxM4lVfTvzFj9GTcxtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
5f24b12c79c12c22-FRA
content-length
2
cf-request-id
066acd0fcc00002c2243359000000001
gate.php
multibux.org/ 		2 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://multibux.org/gate.php?d1=d3cbe0dedfcfcda1dda8899794aa879684a49a96938d9c9c96918fe0daadcfd0cdd4939b8fa3848ed0cbced3d4d5dbe6d36e86cdcfe7c9d281e0c5c983d9de8ade819da3ca649ac3969c84c7d1e3d0cbdacfcdd5cfd59ba89e6a949797938cd1c9e7d1d28f8ad7d3d1c68cdad096d1d38a93c7ced3e2d1cb92a29e98968fa0a49b66949a9293d7c7c7d4d6cf929f9ea19494a2969c6896ddccecc9c8cbe0c99e939a9b9a96919ca39b63969491a3949691a39496869a8ed2dad5dce6a56295d8c6e6d894cfe8d1cbd5cdcc98d8d69be5cca1ca958fe3ccd684a49a96989da4a29a93a3a89d688995
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / PHP/5.5.9-1ubuntu4.26
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:25 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.5.9-1ubuntu4.26
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
22
Keep-Alive
timeout=60
5fac88b94e0b3.gif
multibux.org/uploads/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://multibux.org/uploads/5fac88b94e0b3.gif
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
b6285afe87282c37c8bdde5dd6f013caa26f1bce0e4d70cc68d579316480d604

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:25 GMT
Last-Modified
Thu, 12 Nov 2020 00:58:33 GMT
Server
nginx
ETag
"5fac88b9-1447c"
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
83068
Expires
Thu, 31 Dec 2037 23:55:55 GMT
buyb2.png
multibux.org/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://multibux.org/images/buyb2.png
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e21c873b121f9ce4577e92b944e0c5d9d11484b16bd94304616ee02af3da9870

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:25 GMT
Last-Modified
Mon, 11 Nov 2019 19:04:34 GMT
Server
nginx
ETag
"5dc9b0c2-14fe"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
5374
Expires
Thu, 31 Dec 2037 23:55:55 GMT
gate.php
linkslot.ru/ 		2 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999e96a29e9c95989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88a9ab1d1a9cad298d2a1cadfaa9799aa91a2989798939b959aa29799aa91a298978b938ecddee6d7dcb490a1dcccdbd799d3dfdfccdbddc2a0dadc97d5ccd3cea395d9e2d195999d98989e9ea2a699a0af95a3
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:27 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cNuxQ%2BLCLZtEyUv6GQxN%2F2LMTz1sKfpE584XvKPrKneALl04UW%2Fdp1dd4oCdMjWCJrabJ6w6wqyIKKJfDvzn2HXjKwa8cc4RQw5zWJcck7q%2Fx%2FBi83nFQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
5f24b12c79c32c22-FRA
content-length
2
cf-request-id
066acd0fcf00002c2273853000000001
gate.php
linkslot.ru/ 		2 B
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999f949c97a395989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88a9edf96abe0dfccc7a4dbe1a29799aa91a2989798939b959aa29799aa91a298978b938ecddee6d7dcb490a1dcccdbd799d3dfdfccdbddc2a0dadc97d5ccd3cea395d9e2d195999d98989e9ea2a699a0af96aa
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:27 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mui7pmfzICJ%2BFrJ3%2BygrMLhClv2u9wxlRtca2ywhuNxWuAxffZjBj1EmM2zsTasP3w5T2I3F5cs04aM7is6e%2BJs%2FkpnUkMZdorps7kJHNt5PezGVLLbO4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
5f24b12c79c42c22-FRA
content-length
2
cf-request-id
066acd0fce00002c2276aee000000001
e5aa88527c1ae9428773127dd19c6399.gif
linkslot.ru/uploads/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/uploads/e5aa88527c1ae9428773127dd19c6399.gif
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d024ddf8dada67e9fb7d5c85db331a751cfba0bb78d0ebca86cb2f15dc8a8930

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:27 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2496
status
200
content-length
197065
cf-request-id
066acd0fce000006090cba6000000001
last-modified
Sun, 08 Nov 2020 16:45:46 GMT
server
cloudflare
etag
"5fa820ba-301c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EXqySoaAFGuTOq5J63keuWKziG1k0i4fzkJgu%2BlrWcZYkyAKSxWtPypj27BOay1iwcUQTpxBYESRCdT1fa7L8k3YRIELOlOUZh2wUYV3MyNiViVnV2Xqug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5f24b12c7e820609-FRA
gate.php
multibux.org/ 		2 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://multibux.org/gate.php?d1=d3cbe0dedfcfcda1dda8899694ac879684a49a96938d9c9c96918fe0daadcfd0cdd4939b8fa3848ed0cbced3d4d5dbe6d36e86cdcfe7c9d281e0c5c983d9de8ade819da3ca649ac3969c84c7d1e3d0cbdacfcdd5cfd59ba89e6a949797938cd1c9e7d1d28f8ad7d3d1c68cdad096d1d38a93c7ced3e2d1cb92a29e98968fa0a49b66949a9293d7c7c7d4d6cf929f9ea19494a2969cadd0d691dc9dd791d89dd9939a9b9a96919ca39b63969491a3949691a39496869a8ed2dad5dce6a56295d8c6e6d894cfe8d1cbd5cdcc98d8d69be5cca1ca958fe3ccd684a49a96989da4a29a93a3a9a4688995
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / PHP/5.5.9-1ubuntu4.26
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:25 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.5.9-1ubuntu4.26
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
22
Keep-Alive
timeout=60
200x300.jpg
multibux.org/images/i/banners/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://multibux.org/images/i/banners/200x300.jpg
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
606f4d8ec42c12d2f3a8eaef8cca627fa48836f33a47124d6a2147090e1c98f6

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:25 GMT
Last-Modified
Fri, 11 Nov 2016 06:31:36 GMT
Server
nginx
ETag
"582565c8-2d71"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
11633
Expires
Thu, 31 Dec 2037 23:55:55 GMT
q.png
nolix.ru/a/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nolix.ru/a/q.png
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.46.180 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
671430be568ee959896ef48afc2abb8bb0906415a89b77ce2c4abec7adafca43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:28 GMT
Last-Modified
Mon, 05 Feb 2018 14:58:02 GMT
Server
nginx/1.12.1
ETag
"5a7870fa-4d3"
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1235
f110574ae24cea9059b02aa91505ba76.png
cuys.ru/uploads/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cuys.ru/uploads/f110574ae24cea9059b02aa91505ba76.png
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.235.128.238 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
Software
Apache/2.2.22 (@RELEASE@) /
Resource Hash
006ca5b1ae5e03c76a80ca114febe9090d56b34871fa673c01743c3d8e5d34fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:27 GMT
Last-Modified
Sat, 14 Nov 2020 17:09:40 GMT
Server
Apache/2.2.22 (@RELEASE@)
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive, close
Accept-Ranges
bytes
Content-Length
38149
Expires
max-age=2592000, public
buyb.gif
cuys.ru/img/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cuys.ru/img/buyb.gif
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.235.128.238 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
Software
Apache/2.2.22 (@RELEASE@) /
Resource Hash
e094e52d87e073cb686aa5e695fbc062fe79b21789d7947d549b4a16dfefd3e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:27 GMT
Last-Modified
Sat, 09 Dec 2017 14:58:11 GMT
Server
Apache/2.2.22 (@RELEASE@)
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive, close
Accept-Ranges
bytes
Content-Length
9708
Expires
max-age=2592000, public
468x60.png
cuys.ru/promo/dummy/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cuys.ru/promo/dummy/468x60.png
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.235.128.238 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
Software
Apache/2.2.22 (@RELEASE@) /
Resource Hash
149605aadd2653c4147508c696463aaf3f1bbc5b217fba33b36fe45ed2765892
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:27 GMT
Last-Modified
Sat, 09 Dec 2017 15:02:41 GMT
Server
Apache/2.2.22 (@RELEASE@)
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive, close
Accept-Ranges
bytes
Content-Length
51830
Expires
max-age=2592000, public
f4492de8362a2d0ab5ca704b5ca28222.jpg
cuys.ru/uploads/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cuys.ru/uploads/f4492de8362a2d0ab5ca704b5ca28222.jpg
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page1.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.235.128.238 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
Software
Apache/2.2.22 (@RELEASE@) /
Resource Hash
844b97439e863b61b881161d88d8840c39eaeaf45cb2c47b141f1e47360393c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:27 GMT
Last-Modified
Fri, 13 Nov 2020 17:49:33 GMT
Server
Apache/2.2.22 (@RELEASE@)
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive, close
Accept-Ranges
bytes
Content-Length
32766
Expires
max-age=2592000, public
Primary Request page2.php
pautyna.ru/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pautyna.ru/page2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
193.124.186.132 , Russian Federation, ASN35196 (IHOR-AS, RU),
Reverse DNS
ih1217915.vds.myihor.ru
Software
nginx/1.16.1 /
Resource Hash
9df4293a294104b3416abcf5db47c84a7ca13025e312897619213c0b0f467ecc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Host
pautyna.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://pautyna.ru/page1.php
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://pautyna.ru/page1.php

Response headers

Server
nginx/1.16.1
Date
Sun, 15 Nov 2020 00:00:29 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000;
bancode.php
linkslot.ru/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=263777
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61de670e58deadcf64b93c61d84b93a5056f1b25eb96f3b15f752dc9917a4cc0

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sNBw6EJYb%2FUNv0%2FCJiuKnKPXERGwHUsWyz6EwIAlnKz4b2IeIuv8Ai1c8PpV3eQr9Qyy6BOFJnQNYwJ0nwvg%2BNnh3KZeZZM6MnXRFgE9%2BVXSrML68SM3uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
status
200
cf-ray
5f24b13b68360609-FRA
cf-request-id
066acd1920000006099f9f4000000001
bancode.php
linkslot.ru/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=263778
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14b1c321bf81f61c64fa5373f3046f189f2ebd20dc971b22fb96ae83d3bd6af8

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e39zn86Jhzp0hz6%2BN4hj9mhRsL7TmuhueiqKTlIvK%2BxvANDg9E0E1NJ91zELCm3IGV3Rbq32dvX%2B2LHV%2BSk9zGKnhjGF17jVKq4Yl6Iz3mCLf9bXL%2FZjug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
status
200
cf-ray
5f24b13b683d0609-FRA
cf-request-id
066acd1922000006091da73000000001
bancode.php
linkslot.ru/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=263785
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f63c47995b6d0a72fafa27bedc00f7fb0d395efa33d6d754f15fc172a455b7eb

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jE43NzTr7B%2BTZjrSR79M6AlyuYSUx63YPTRWv%2FjiQHbuDzyXzdlXz2Q%2F7DmJJaGdJJTqcp68aJNs3%2FH2QBhSkzLCjqr6J0VweJkwIpq3Ti3k6bAflw9ajg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
status
200
cf-ray
5f24b13b78490609-FRA
cf-request-id
066acd19290000060916a39000000001
bancode.php
linkslot.ru/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=263787
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34cca472b2177f5ab082732f4ac0469296fcf57f0b0982bba9bebd5e0676c39b

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tw8%2F9nH7Bi%2B1VSJHQmvwmrD7gxSP3VycH6pqlNELSxncVBa7nbG9fQdWqfXZeNNRJuHjs3MoaUPjdeLwKRCs9e2xZppAhPMRYfYSw48yLEXTHd6OheZLgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
status
200
cf-ray
5f24b13b784f0609-FRA
cf-request-id
066acd192a00000609ff10d000000001
4108
trafadsense.ru/adsview/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trafadsense.ru/adsview/js/4108
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9961 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
8e5a45c54d4480467f032957f1a7a02b2183007643d75d6d90f44dae78f4619b

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.8
status
200
cf-request-id
066acd19770000c2d6f3169000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5310rxBHPl99J1oXViGIoYf0MMPRDon0jZBxsUlc2Ioiek9A3%2B4bkDaNccf9KU1BSIWi1QfkW83Vj%2BlW1LmFdjS7wMTaGf%2FzpxFmEHS41V1HCVt8vEfjlq%2FnAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
5f24b13bfe02c2d6-FRA
x-beget-proxy
install.beget.ru, amper2.beget.ru
expires
Thu, 19 Nov 1981 08:52:00 GMT
bancode.php
linkslot.ru/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=263788
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9b32ade29a0bfa642729b42e28acabdee8b7f2831633cd770f735bb02065c78

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pyNC%2FKKoMxEkwHCZp5FFPrfGAdydWl93q%2BrNIsge7XlFZCk5XmHDSb63DM1p7OSHaWccutHuvHLHA7ZMcREGfFiZPtxkaACet7ryw3s5dGtO7m2VfYNb0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
status
200
cf-ray
5f24b13c09260609-FRA
cf-request-id
066acd198600000609bb8b4000000001
bancode.php
multibux.org/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://multibux.org/bancode.php?id=337
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / PHP/5.5.9-1ubuntu4.26
Resource Hash
22ccdf0f6067570063584322cf9cb2149c4722eeb8479a3ec0ce8012e9b5680f

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Nov 2020 00:00:27 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.5.9-1ubuntu4.26
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 19 Nov 1981 08:52:00 GMT
bancode.php
linkslot.ru/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=263790
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e9b02641ec30f7ad66c7b89037b526f3adcf0243855d19fc8d65d760f0dddda

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8oM745G137XTSvZML96qUveQEFcfDGdDaB9tBFMEF%2FqbQ9SLUR4ghGnpkhJLqoqBpYwCmoyvfjLv2B7q%2BOn4hnInIxtiXq%2Fi73jcE9NYUtIV0KwMpK0sow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
status
200
cf-ray
5f24b13c09270609-FRA
cf-request-id
066acd198600000609158fc000000001
bancode.php
linkslot.ru/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=265527
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13b329bdb501a8ace2365ae00d62cec073e236dfb6835a039ede91ab8c68dd46

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BTphGAnR8dAxDodVfztPm0TrfdRV6Q7aJNfPuzuUYbAdiaxU4HwX9FZ582V7TxnDycu%2FOWO2GO%2Fg3yX43T7b7%2BPYf%2Fomjb0S3I09kEPbezZOFc0wr7pGSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
status
200
cf-ray
5f24b13c09290609-FRA
cf-request-id
066acd198600000609c3340000000001
bancode.php
cuys.ru/ 		0
0
bancode.php
cuys.ru/ 		0
0
bar.php
a.contextbar.ru/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.contextbar.ru/bar.php?url=5496
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.46.180 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
ce27ded42d088499823bd4950bf2a2e426f213726a35f24675563b73dc44ad75

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:30 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
Connection
keep-alive
Content-Length
816
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF8
partner
advear.ru/click/ 		1 B
428 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advear.ru/click/partner?id=29887&type=3&code=1577086808
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.221.144.31 , Russian Federation, ASN30968 (INFOBOX-AS Infobox.ru Autonomous System, RU),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Nov 2020 00:00:30 GMT
Server
Apache/2.4.29 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
1
Expires
Thu, 19 Nov 1981 08:52:00 GMT
partner
advear.ru/click/ 		1 B
428 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advear.ru/click/partner?id=29887&type=1&code=1577086808
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.221.144.31 , Russian Federation, ASN30968 (INFOBOX-AS Infobox.ru Autonomous System, RU),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Nov 2020 00:00:30 GMT
Server
Apache/2.4.29 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
1
Expires
Thu, 19 Nov 1981 08:52:00 GMT
lincode.php
linkslot.ru/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/lincode.php?id=263792
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c1fcc03048460423c6aebcb1744cbe6176c5c054c7f80e790b304164f40bf78

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Z1WoZTrZuvwzHyEruirN3WGVy51YxJu2VbFlqqjryG%2B4mj%2B87dSLxv3F9fDg4SKcvJzQ4Zxn%2BsnW0KcQ7pN6nwP8XeyQNiBWMtUU4HdbJGtgakiijBPaWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
status
200
cf-ray
5f24b13c092a0609-FRA
cf-request-id
066acd198600000609d4030000000001
bancode.php
multibux.org/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://multibux.org/bancode.php?id=239
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / PHP/5.5.9-1ubuntu4.26
Resource Hash
b9bc8b93bf81bca0b8d2440f12d27440899ba9803c348d7ad4e045a73887a918

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Nov 2020 00:00:27 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.5.9-1ubuntu4.26
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 19 Nov 1981 08:52:00 GMT
bancode.php
linkslot.ru/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode.php?id=271129
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
992f0044a288ed42e9f96d7896b63fa1e8cae2f52c234d55e5db091c510dbf88

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MvQG3ArJC9nHl39FMiZUuYclHpXz85%2FkvvvYE4Jn8wNbmej0BAu3SOM8us%2BM7xFSvAxYtUHhT4nVVuM6VF588rt8XxnzBiA%2BIyCJlmPYPxv6zLTYvmSViw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=windows-1251
status
200
cf-ray
5f24b13c092c0609-FRA
cf-request-id
066acd198600000609a037a000000001
bancode.php
cuys.ru/ 		0
0
/
mixerparanas.ru/ Frame C75F
Redirect Chain
  • https://best-viewer.ru/new?utm_campaign=710&utm_source=[SID]&utm_medium=333
  • https://mixerparanas.ru/?bind-key=30686b1e-834f-4efb-9d43-913460c68542&sid9=home&templates_show_id=39&utm_campaign=710&utm_medium=333&utm_source=%5BSID%5D
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mixerparanas.ru/?bind-key=30686b1e-834f-4efb-9d43-913460c68542&sid9=home&templates_show_id=39&utm_campaign=710&utm_medium=333&utm_source=%5BSID%5D
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.38.192.253 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash

Request headers

Host
mixerparanas.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pautyna.ru/page2.php
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
_ym_uid=1605398429890753157; _ym_d=1605398429; _ym_visorc_51842675=b; _ym_isad=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://pautyna.ru/page2.php

Response headers

Server
nginx/1.17.4
Date
Sun, 15 Nov 2020 00:00:30 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Access-Control-Allow-Headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Requested-With
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin
*
Content-Encoding
gzip

Redirect headers

Server
nginx/1.17.4
Date
Sun, 15 Nov 2020 00:00:30 GMT
Content-Type
text/html; charset=utf-8
Content-Length
209
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Cookie, Set-Cookie
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://pautyna.ru
Cache-Control
no-cache, no-store, must-revalidate
Location
https://mixerparanas.ru?bind-key=30686b1e-834f-4efb-9d43-913460c68542&sid9=home&templates_show_id=39&utm_campaign=710&utm_medium=333&utm_source=%5BSID%5D
Set-Cookie
cd=eyJzIjp7Im8iOiJNYWNPU1giLCJvdiI6IjEwIiwiZGMiOjEsImIiOiJDaHJvbWUiLCJidiI6IjgzIn0sImwiOnsiciI6IiIsIm4iOjE3MjI0fX0=; Path=/; Expires=Tue, 15 Dec 2020 00:00:30 GMT; Secure; SameSite=None cc=eyJ1aWlkIjoiIiwiZF9vZmZzZXQiOi0xfQ==; Path=/; Expires=Tue, 15 Dec 2020 00:00:30 GMT; Secure; SameSite=None sid10=0; Path=/; Expires=Tue, 15 Dec 2020 00:00:30 GMT; Secure; SameSite=None uid=; Path=/; Expires=Tue, 15 Dec 2020 00:00:30 GMT; Secure; SameSite=None utm_medium=333; Path=/; Expires=Tue, 15 Dec 2020 00:00:30 GMT; Secure; SameSite=None
DSi07lf9fj9oTCKM0KCYpVwq0wwEsg
cizyix.gxxcbj.com/v/ 		0
0
/
qwertypay.com/any/shop_tovar/iframe/ Frame E6E9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://qwertypay.com/any/shop_tovar/iframe/?aff=263716&line&color=000000&blocks=4&width=240
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:ab50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
qwertypay.com
:scheme
https
:path
/any/shop_tovar/iframe/?aff=263716&line&color=000000&blocks=4&width=240
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pautyna.ru/page2.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://pautyna.ru/page2.php

Response headers

status
200
date
Sun, 15 Nov 2020 00:00:30 GMT
content-type
text/html;charset=UTF-8
set-cookie
__cfduid=d26a01d63fd7ceb67f10c986a492c8ba41605398430; expires=Tue, 15-Dec-20 00:00:30 GMT; path=/; domain=.qwertypay.com; HttpOnly; SameSite=Lax PHPSESSID=3coks9dukbrvojrf66b95k9jh6; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
066acd19870000d6ed28b25000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xWJ10AuBAvhrRAPtD5SZFoAp0yMUtpG5C2MW%2BgBURlse6i8YOOzAjp%2B74cfr4uaBEpnMj%2ByG9LbLsvCn6MyDdBl9KN2gPtL8eVHaka9qQ9LkOh5uAV4aUgA6"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5f24b13c0ac1d6ed-FRA
content-encoding
br
gate.php
linkslot.ru/ 		2 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999e96a29ca295989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88a9af4d9a2d4cd9fc69dd3a1dd9799aa91a2989798939b959aa29799aa91a298978b938ecddee6d7dcb490a1d8c8ddd7e4d3cba0d9dea9d1d3cfcc9991dbcdda95989faa96a5a19f9c969b95a2a9
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:30 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x0KKycNYzXhcRuubvTeaD%2F8JzrnTXThspnMX8K4p6F4wXnGfZF2uHIrfQe%2FJR4jiTLC%2FBDVttGVPa6mWYPxtBMNemedYT3bJNKDkopHM4TFMEOZYRuL5QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
5f24b13c2bc22c22-FRA
content-length
2
cf-request-id
066acd199a00002c2232982000000001
8fe500e3c3a660f69c4792ee7d2679aa.gif
linkslot.ru/uploads/ 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/uploads/8fe500e3c3a660f69c4792ee7d2679aa.gif
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a47a7f018ec68360ce9240e3dce062cf4619134f05ccfb4fd85d404c9d6876a

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:30 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6236
status
200
content-length
108804
cf-request-id
066acd199a0000060916a3d000000001
last-modified
Fri, 13 Nov 2020 12:10:06 GMT
server
cloudflare
etag
"5fae779e-1a904"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KGoQpcyeXEHsSUC1KOPhlTL4si5ta%2FsXdQEE894Y93yEUXB2jCnerMOtnGf%2F8JuaVjTX3AIk%2BO0UuNB1%2Bm8el%2B4Ifv3SabbsrxrIjCCGz8%2B9acDFK%2BnN7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5f24b13c295d0609-FRA
buyb.png
linkslot.ru/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/img/buyb.png
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:30 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6346
status
200
content-length
2585
cf-request-id
066acd199a00000609cb080000000001
last-modified
Fri, 29 May 2015 20:03:43 GMT
server
cloudflare
etag
"5568c61f-a19"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CoX5fyl041MXq4buRk4I0eM%2Fm423NgR4LWAq12crQHSLojuQAetTdmFH7%2FL1Qs6paXD%2BOG0OikhC2e4vpLhYF7TbMvmRe95Q1IsRprW9o2jqWtcAcbCkKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5f24b13c295f0609-FRA
gate.php
linkslot.ru/ 		2 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999e96a29ca195989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88a9caec8a3dcc99e94e0d99ea29799aa91a2989798939b959aa29799aa91a298978b938ecddee6d7dcb490a1d8c8ddd7e4d3cba0d9dea9d1d3cfcc9991dbcdda95989faa96a5a19f9c969b95a3a6
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:30 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=on0stQd7jGxHl%2FRJEoosQCm2BBa2roHsMf%2B%2Br%2BYoIj8%2B9UbUJkGUniqvFxO8dg9H9TnoWmPRhiSieRMdrjSyEfyMODCg6egTcdkXZM3N49Xn99AWVYY4Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
5f24b13c2bc32c22-FRA
content-length
2
cf-request-id
066acd199b00002c224d814000000001
468x60.jpg
linkslot.ru/promo/dummy/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/promo/dummy/468x60.jpg
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:30 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6322
status
200
content-length
11802
cf-request-id
066acd199a000006091da7a000000001
last-modified
Tue, 21 Jul 2015 17:32:18 GMT
server
cloudflare
etag
"55ae8222-2e1a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gwI28DKtW7KJAiCqlK3N%2BxEB3WcsOscG1ZL%2BoXEVTXuTPEfqkUesndI5z6XE%2F9KnIySLGaG%2BapRX18RoYRmr9wSR17Gwa3jBT%2BLgHbcceXxggqjuGUIncw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5f24b13c29600609-FRA
cf-bgj
h2pri
hit
counter.yadro.ru/ 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?t18.2;rhttps%3A//pautyna.ru/page1.php;s1600*1200*24;uhttps%3A//pautyna.ru/page2.php;hPage%202;0.03546951542036858
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:30 GMT
Transfer-Encoding
chunked
Server
nginx/1.17.9
Connection
keep-alive
Strict-Transport-Security
max-age=86400
gate.php
linkslot.ru/ 		2 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999e96a29d9f95989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88a9caecbe2d59ad2c6e3ce9aa29799aa91a2989798939b959aa29799aa91a298978b938ecddee6d7dcb490a1d8c8ddd7e4d3cba0d9dea9d1d3cfcc9991dbcdda95989faa96a5a19f9c969b969ba7
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:30 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B6P7NlsV4P3xh6Vmu8tcR4F6xIaNIYefFZWhwfaw6tmS05f9dy0RQy%2F0%2FgyV%2FD532mAjNiowQaiZAtVjBmMbFVvcxJs0Xa2D64u2DPjkHetXMYe1l4QStg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
5f24b13c4bf92c22-FRA
content-length
2
cf-request-id
066acd19b000002c2258884000000001
gate.php
linkslot.ru/ 		2 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999e96a29da195989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88a9eabc8a2e0d29f93e3dbe1a29799aa91a2989798939b959aa29799aa91a298978b938ecddee6d7dcb490a1d8c8ddd7e4d3cba0d9dea9d1d3cfcc9991dbcdda95989faa96a5a19f9c969b969ca8
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:30 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4wkpHAnkXBCcZYmI1g3Al%2FioIfjdug8zOHLMQe1KCQ4Qxv4QoQgD8%2FtMIwFGPBA4s2zgaAzMXrsQKzVbEcI8TQcStV8IYwECXhVKskvgnGKJN6AYfn2rFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
5f24b13c5c052c22-FRA
content-length
2
cf-request-id
066acd19b400002c22318d1000000001
q.png
nolix.ru/a/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nolix.ru/a/q.png
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.46.180 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
671430be568ee959896ef48afc2abb8bb0906415a89b77ce2c4abec7adafca43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:30 GMT
Last-Modified
Mon, 05 Feb 2018 14:58:02 GMT
Server
nginx/1.12.1
ETag
"5a7870fa-4d3"
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1235
gate.php
linkslot.ru/ 		2 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999e96a29da295989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88a9be9c2e6e29cd2d9e1cbcba29799aa91a2989798939b959aa29799aa91a298978b938ecddee6d7dcb490a1d8c8ddd7e4d3cba0d9dea9d1d3cfcc9991dbcdda95989faa96a5a19f9c969b96a0a6
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:30 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X7AyAeKOJ67e%2BvRUzsuEfJDBeYvNdumkyXq4wVLfd2mUaeUzedEds2s%2FzIr5I%2FQdSC3SXdAqgfL0E%2Bjj5NiP9eaz0bmKwbmTnpBj03RJTqL5KgY1VuHCeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
5f24b13d1d262c22-FRA
content-length
2
cf-request-id
066acd1a2d00002c229686c000000001
gate.php
linkslot.ru/ 		2 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999f949c97a395989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88a9df3cfe3cfd5a0ddde97d1a29799aa91a2989798939b959aa29799aa91a298978b938ecddee6d7dcb490a1d8c8ddd7e4d3cba0d9dea9d1d3cfcc9991dbcdda95989faa96a5a19f9c969b979aab
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:30 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rmKUvabldg9tOwROEYdhLFdJGtR3%2FMxyrEWeEf3iseMD0kvPPwVAwLtATbTa2LyjHgc8UfPPYDZIuw4YUpOWEHBgBQ7PgzzyQUzNHgqvFCWzOQZzwW9KDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
5f24b13d1d292c22-FRA
content-length
2
cf-request-id
066acd1a2e00002c2232988000000001
e5aa88527c1ae9428773127dd19c6399.gif
linkslot.ru/uploads/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/uploads/e5aa88527c1ae9428773127dd19c6399.gif
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d024ddf8dada67e9fb7d5c85db331a751cfba0bb78d0ebca86cb2f15dc8a8930

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:30 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2499
status
200
content-length
197065
cf-request-id
066acd1a2f0000060992b2b000000001
last-modified
Sun, 08 Nov 2020 16:45:46 GMT
server
cloudflare
etag
"5fa820ba-301c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=07XILqjsu%2F839L%2F8VCSF5tMQDahuZD0GlndusyleFVOEYfAHwvRTouBklBYkNODpL1ZXCT6A6mRYzRR%2BWNu78QBV3jgl9FPKUMgg5rSDlWJN5x%2BYs6tpxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5f24b13d1aea0609-FRA
gate.php
linkslot.ru/ 		2 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999e96a29e9a95989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88ad1e3c5e6c997ca9ca1d49aa29799aa91a2989798939b959aa29799aa91a2988a9886d3d9dee2daa3a990e2c9dcdcdcd9c698e4dc98eac2d9cd9896d3d3d58da39d99af94aba09b9b939d9a9c
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:30 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=78%2FPzh2tDHEERWl%2FVwW%2FtImnhVlDKVvYD0AovJjmlRS9LrUwp87GzwcbH4jFT60Z58MJdiptaHnrz9fJL%2B5M1wf2PU9wdLR%2B68D%2FDSa0i0bXo%2BCXplt2gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
5f24b13d9e072c22-FRA
content-length
2
cf-request-id
066acd1a8100002c2226be9000000001
gate.php
multibux.org/ 		2 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://multibux.org/gate.php?d1=d3cbe0dedfcfcda1dda8899794aa879684a49a96938d9c9c96918fe0daadcfd0cdd4939b8fa3848ed0cbced3d4d5dbe6d36e86cdcfe7c9d281e0c5c983d9de8ade819da3ca649ac3969c84c7d1e3d0cbdacfcdd5cfd59ba89e6a949797938cd1c9e7d1d28f8ad7d3d1c68cdad096d1d38a93c7ced3e2d1cb92a29e98968fa0a49b66949a9293d7c7c7d4d6cf929f9ea19494a2969d9a9ddacae1cad196eac7cd939a9b9a96919ca39b63969491a3949691a39496869a8ed2dad5dce6a56295d4c2e8d8dfcfd492d8d899dbcbcdc69da1db9bd68792a9949b94ac9c9a969a9e9c9a849d
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / PHP/5.5.9-1ubuntu4.26
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:27 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.5.9-1ubuntu4.26
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
22
Keep-Alive
timeout=60
5fac88b94e0b3.gif
multibux.org/uploads/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://multibux.org/uploads/5fac88b94e0b3.gif
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
b6285afe87282c37c8bdde5dd6f013caa26f1bce0e4d70cc68d579316480d604

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:27 GMT
Last-Modified
Thu, 12 Nov 2020 00:58:33 GMT
Server
nginx
ETag
"5fac88b9-1447c"
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
83068
Expires
Thu, 31 Dec 2037 23:55:55 GMT
buyb2.png
multibux.org/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://multibux.org/images/buyb2.png
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e21c873b121f9ce4577e92b944e0c5d9d11484b16bd94304616ee02af3da9870

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:27 GMT
Last-Modified
Mon, 11 Nov 2019 19:04:34 GMT
Server
nginx
ETag
"5dc9b0c2-14fe"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
5374
Expires
Thu, 31 Dec 2037 23:55:55 GMT
gate.php
multibux.org/ 		2 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://multibux.org/gate.php?d1=d3cbe0dedfcfcda1dda8899694ac879684a49a96938d9c9c96918fe0daadcfd0cdd4939b8fa3848ed0cbced3d4d5dbe6d36e86cdcfe7c9d281e0c5c983d9de8ade819da3ca649ac3969c84c7d1e3d0cbdacfcdd5cfd59ba89e6a949797938cd1c9e7d1d28f8ad7d3d1c68cdad096d1d38a93c7ced3e2d1cb92a29e98968fa0a49b66949a9293d7c7c7d4d6cf929f9ea19494a2969c9acedbcda998c9d3a7ca9a939a9b9a96919ca39b63969491a3949691a39496869a8ed2dad5dce6a56295d4c2e8d8dfcfd492d8d899dbcbcdc69da1db9bd68792a9949b94ac9c9a969a9e9d9f849d
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / PHP/5.5.9-1ubuntu4.26
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:27 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.5.9-1ubuntu4.26
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
22
Keep-Alive
timeout=60
200x300.jpg
multibux.org/images/i/banners/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://multibux.org/images/i/banners/200x300.jpg
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.139.1.242 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
606f4d8ec42c12d2f3a8eaef8cca627fa48836f33a47124d6a2147090e1c98f6

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:28 GMT
Last-Modified
Fri, 11 Nov 2016 06:31:36 GMT
Server
nginx
ETag
"582565c8-2d71"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
11633
Expires
Thu, 31 Dec 2037 23:55:55 GMT
gate.php
linkslot.ru/ 		2 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999e96a29e9c95989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88a9bdecae3d8d7d898ced19bd59799aa91a2989798939b959aa29799aa91a298978b938ecddee6d7dcb490a1d8c8ddd7e4d3cba0d9dea9d1d3cfcc9991dbcdda95989faa96a5a19f9c969b989eaa
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:30 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ukp1buaUilyrHxG7qNgqiQx9Nqb02xHvbfN%2BdXnVr0dwkbi9a9D1NSzHso4iv0NS5h5xvNpptl7231EvqCYAzAtdG%2B4hwdwqvt5ukdieO8eC0b1DWdpTmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
5f24b13e3f082c22-FRA
content-length
2
cf-request-id
066acd1ae300002c222d81c000000001
gate.php
linkslot.ru/ 		2 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999e98a097a195989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88ad0dfdbddcbdaccc69c96d5a29799aa91a2989798939b959aa29799aa91a2988a9886d3d9dee2daa3a990e2c9dcdcdcd9c698e4dc98eac2d9cd9896d3d3d58da39d99af94aba09b9b939f969f
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:30 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LYW5os8n1AI8B7ZdmviUk44dlapTBnUo5cQllJnl6DMT89ce4yXVFNPfgi0l8A14eAAtDjWz19UcZ95Qzw6xCxfX%2F%2F%2B8DHaAV3Ct9s9OC%2BdLm1Byd7W5tA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
5f24b13e3f0e2c22-FRA
content-length
2
cf-request-id
066acd1ae800002c2232995000000001
gate.php
linkslot.ru/ 		2 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d3ccdadeebd5caa8d3e78b999e98a097a195989faa9195999998938ed2d9ecd0d5e6c2a19d95988393d2cbd5d0d7eed0e5d0a288ccd9d9cfde87d6dbc492d7da88db8b969ad1989dd9969b88c8d8d3d7cae1d7c9d4e3d5a19d9a9f919e9b8a9ad2d1eecede9487d4ccd6ca8ad9cccce5d09b88cad0d5dad2cfa19f9ca891a09c989896999b9b92dacae0c2e4d1969d96a2939da88a9cdf98e5d3dcdccba0d8e1a29799aa91a2989798939b959aa29799aa91a298978b938ecddee6d7dcb490a1d8c8ddd7e4d3cba0d9dea9d1d3cfcc9991dbcdda95989faa96a5a19f9c969b999da7
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:30 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=foFMiOQ%2Ba5%2Ba7ywFJ%2BiaTiFef%2FLdHO6N6SBxxskBtgHnQmp%2BYz8r2rsBDe4MmVI0kDZbSfn3Mq5bjLJ6i4xUlYySf5CedN9KhraxGso3mQoHbQCW4zZx0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
5f24b13e4f2b2c22-FRA
content-length
2
cf-request-id
066acd1aee00002c2232996000000001
468x60.gif
bit-bux.ru/banners/ 		199 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bit-bux.ru/banners/468x60.gif
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.249.138.216 Komsomolsk-on-Amur, Russian Federation, ASN20485 (TRANSTELECOM Moscow, Russia, RU),
Reverse DNS
host.216.dynamic1.l2tp.subnets.svg.ttkdv.ru
Software
nginx/1.16.1 /
Resource Hash
959fdec2ab485135537b64b5768664d285279112535bac76905e5bc4fa1063d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:30 GMT
Last-Modified
Sat, 17 Oct 2020 13:46:34 GMT
Server
nginx/1.16.1
ETag
"5f8af5ba-31c70"
Strict-Transport-Security
max-age=31536000;
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
203888
b_logo.png
trafadsense.ru/theme/img/ 		767 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://trafadsense.ru/theme/img/b_logo.png
Requested by
Host: pautyna.ru
URL: https://pautyna.ru/page2.php
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:9961 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7795b0dca780f00cb94d913c1babf72c8d1cf68e882f59559a6f3c46b5fc001

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:30 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
837731
Connection
keep-alive
Content-Length
767
cf-request-id
066acd1b3300002bd2d0379000000001
Last-Modified
Sun, 10 Jun 2018 12:08:02 GMT
Server
cloudflare
ETag
"5b1d14a2-2ff"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sVWcH5xtIgM7o5u0DXfuUWmjFw9OjyY5npgIyLJVDHuKixshs6Mfz9meZ3hbNTfoAARUr7ljiLVxgYLQ1WP%2FGzfGatnk3l3fkA9VlWP8%2FEWxBMLA86CbTxSUJA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
CF-RAY
5f24b13eb8b12bd2-FRA
X-Beget-Proxy
install.beget.ru, amper2.beget.ru
Expires
Sat, 05 Dec 2020 07:18:19 GMT
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		2 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d2=d3ccdadeebd5caa8d3e78b999e96a29da195978caa84a28b989e93a098a3aa9b9caa95a59d
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:35 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=o7epUqUym1sD81yQJeDx0kv7s3VboTEIjZzdImmFpw1lzbZtYOzMNuxqghK4DtNmac783D72K77jIO0g5nOlkj773x48uAzSHZ5U8HAi61WC4hqpOutmEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
5f24b15b9b1e2c22-FRA
content-length
2
cf-request-id
066acd2d3c00002c22900a2000000001
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		2 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d2=d3ccdadeebd5caa8d3e78b999e96a29e9a95978caa84a28b989e93a098a3aa9b9caa95a59d
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:35 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jXdj3HtX6CcgN7jC4ilOM%2FLrSBNKWuLok0eSIB1m7AzdIlx3oJicUG%2FrBCnZhfib1QOuDBGyWkIJS3JQHkS9HRZvui0e2jVYriwvmxHet4rYtdlDp%2FSynA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
5f24b15c6c1e2c22-FRA
content-length
2
cf-request-id
066acd2dbc00002c228c381000000001
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		0
0
gate.php
linkslot.ru/ 		2 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d2=d3ccdadeebd5caa8d3e78b999e98a097a195978caa84a28b989e93a098a3aa9b9caa95a59d
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 00:00:35 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=olz3wQcSRN0P8cTGures802LZc8ncuOG3xPTqu9XpWvXKLZXJjX9RyjlO6o25I3sULp62eMiUIaVQ4nRmpfs9dmJqvs3tvSeNk6HnS7gC6hvA3ZHuIpY%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=windows-1251
access-control-allow-origin
*
cf-ray
5f24b15d7df12c22-FRA
content-length
2
cf-request-id
066acd2e7000002c2222837000000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
poweredby.jads.co
URL
http://poweredby.jads.co/adshow.php?adzone=880307
Domain
poweredby.jads.co
URL
http://poweredby.jads.co/adshow.php?adzone=880307
Domain
cizyix.gxxcbj.com
URL
http://cizyix.gxxcbj.com/v/DSi07lf9fj9oTCKM0KCYpVwq0wwEsg
Domain
cuys.ru
URL
https://cuys.ru/bancode.php?id=3683
Domain
cuys.ru
URL
https://cuys.ru/bancode.php?id=3684
Domain
cuys.ru
URL
https://cuys.ru/bancode.php?id=3688
Domain
cizyix.gxxcbj.com
URL
http://cizyix.gxxcbj.com/v/DSi07lf9fj9oTCKM0KCYpVwq0wwEsg
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=d3ccdadeebd5caa8d3e78b999e96a29ca295978caa84a28b989e93a098a3aa9b9caa95a59d
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=d3ccdadeebd5caa8d3e78b999e96a29ca195978caa84a28b989e93a098a3aa9b9caa95a59d
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=d3ccdadeebd5caa8d3e78b999e96a29d9f95978caa84a28b989e93a098a3aa9b9caa95a59d
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=d3ccdadeebd5caa8d3e78b999e96a29da295978caa84a28b989e93a098a3aa9b9caa95a59d
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=d3ccdadeebd5caa8d3e78b999f949c97a395978caa84a28b989e93a098a3aa9b9caa95a59d
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=d3ccdadeebd5caa8d3e78b999e96a29e9c95978caa84a28b989e93a098a3aa9b9caa95a59d
Domain
linkslot.ru
URL
https://linkslot.ru/gate.php?d2=d3ccdadeebd5caa8d3e78b999e98a097a195978caa84a28b989e93a098a3aa9b9caa95a59d

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
.mixerparanas.ru/ Name: _ym_isad
Value: 2
.mixerparanas.ru/ Name: _ym_visorc_51842675
Value: b
.mixerparanas.ru/ Name: _ym_d
Value: 1605398429
.mixerparanas.ru/ Name: _ym_uid
Value: 1605398429890753157

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.contextbar.ru
acceptable.a-ads.com
advear.ru
best-viewer.ru
bit-bux.ru
c.securepaths.com
cdn.jsdelivr.net
cizyix.gxxcbj.com
cors-anywhere.herokuapp.com
counter.yadro.ru
cuys.ru
linkslot.ru
mixerparanas.ru
multibux.org
neon.today
nolix.ru
pautyna.ru
poweredby.jads.co
ptp.party
qwertypay.com
speedflow.io
test.numerca.ru
trafadsense.ru
traffdaq.com
cizyix.gxxcbj.com
cuys.ru
linkslot.ru
poweredby.jads.co
107.170.39.103
185.235.128.238
185.94.236.21
193.124.186.132
198.54.116.135
2606:4700:20::681a:1c9
2606:4700:3033::681b:9d0b
2606:4700:3035::ac43:9961
2606:4700:3037::681b:ab50
2a04:4e42:3::621
35.190.72.161
37.139.1.242
5.9.10.165
52.86.12.80
62.249.138.216
77.221.144.31
88.198.46.180
88.212.201.210
92.38.192.253
95.179.157.240
006ca5b1ae5e03c76a80ca114febe9090d56b34871fa673c01743c3d8e5d34fd
13b329bdb501a8ace2365ae00d62cec073e236dfb6835a039ede91ab8c68dd46
149605aadd2653c4147508c696463aaf3f1bbc5b217fba33b36fe45ed2765892
14b1c321bf81f61c64fa5373f3046f189f2ebd20dc971b22fb96ae83d3bd6af8
22ccdf0f6067570063584322cf9cb2149c4722eeb8479a3ec0ce8012e9b5680f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2afc64ca2b45fb01989356b925b170ab2e0532c264c3b432d0a6119d2562595e
34cca472b2177f5ab082732f4ac0469296fcf57f0b0982bba9bebd5e0676c39b
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3e9b02641ec30f7ad66c7b89037b526f3adcf0243855d19fc8d65d760f0dddda
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
5a47a7f018ec68360ce9240e3dce062cf4619134f05ccfb4fd85d404c9d6876a
5e9b14e8db47eb55c01f3982d1e63061c9ac23ecae71d5313e08169e9cfcce29
606f4d8ec42c12d2f3a8eaef8cca627fa48836f33a47124d6a2147090e1c98f6
61de670e58deadcf64b93c61d84b93a5056f1b25eb96f3b15f752dc9917a4cc0
671430be568ee959896ef48afc2abb8bb0906415a89b77ce2c4abec7adafca43
6c1fcc03048460423c6aebcb1744cbe6176c5c054c7f80e790b304164f40bf78
7907f60bbbec62423cc6240e3c06a75543cf04c667e9c162b8d9fe71a4651218
844b97439e863b61b881161d88d8840c39eaeaf45cb2c47b141f1e47360393c0
899c87d2b25831f6cffe4b04764f56a756339fcdb282a1d5f7bc070fff09d8c6
8e5a45c54d4480467f032957f1a7a02b2183007643d75d6d90f44dae78f4619b
959fdec2ab485135537b64b5768664d285279112535bac76905e5bc4fa1063d5
992f0044a288ed42e9f96d7896b63fa1e8cae2f52c234d55e5db091c510dbf88
9df4293a294104b3416abcf5db47c84a7ca13025e312897619213c0b0f467ecc
a7795b0dca780f00cb94d913c1babf72c8d1cf68e882f59559a6f3c46b5fc001
a9b32ade29a0bfa642729b42e28acabdee8b7f2831633cd770f735bb02065c78
ac2af4fdb806e695df3960ea189776b45a1666fff55c36f750941d05ccd1c667
b2b7acbaa83b8deb03f55625ec190a014206267757ec315b4a5149e2dba3f436
b6285afe87282c37c8bdde5dd6f013caa26f1bce0e4d70cc68d579316480d604
b9bc8b93bf81bca0b8d2440f12d27440899ba9803c348d7ad4e045a73887a918
bdbdcc6be63abb605d56212766a74a600021f5b29f0211677380dbfaaad2756b
c5894e9258c3a21fc248a032194c3a58ce3b44837a0f62cd6484f48cb5054927
ce27ded42d088499823bd4950bf2a2e426f213726a35f24675563b73dc44ad75
d024ddf8dada67e9fb7d5c85db331a751cfba0bb78d0ebca86cb2f15dc8a8930
d6f5dbb14e0e849e06383407c7ac15525b395a3aaaa95a6c9ae1336badbc5ade
dc072f381d26bc4a7bfa01df89c2b4bf5f8c8bd6c9919c9fb2aa03067bcc0d3e
e094e52d87e073cb686aa5e695fbc062fe79b21789d7947d549b4a16dfefd3e3
e21c873b121f9ce4577e92b944e0c5d9d11484b16bd94304616ee02af3da9870
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec8460fdb36dbdfcac3697426f35d73815e41889744fdb56de455df28d29d857
f63c47995b6d0a72fafa27bedc00f7fb0d395efa33d6d754f15fc172a455b7eb