urlscan.io logo urlscan.io
SecurityTrails logo

t.aff.su Open in urlscan Pro
89.223.67.32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://aff.su/
Effective URL: https://t.aff.su/
Submission Tags: su ru l4ing mass Search All
Submission: On January 09 via manual from UA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 29 HTTP transactions. The main IP is 89.223.67.32, located in Russian Federation and belongs to TIMEWEB-AS, RU. The main domain is t.aff.su.
TLS certificate: Issued by R3 on January 5th 2023. Valid for: 3 months.
This is the only time t.aff.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 89.223.67.32 9123 (TIMEWEB-AS)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 116.203.167.72 24940 (HETZNER-AS)
5 10 2a02:6b8::1:119 208722 (GLOBAL_DC)
29 7
17    89.223.67.32 (Russian Federation)

ASN9123 (TIMEWEB-AS, RU)
PTR: 1084917-cg19811.tmweb.ru
aff.su
t.aff.su
3    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
maxcdn.bootstrapcdn.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    116.203.167.72 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.72.167.203.116.clients.your-server.de
ttttt.me
10    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
Apex Domain
Subdomains		 Transfer
17 aff.su
aff.su
t.aff.su
127 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 7498
2 KB
4 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3022
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1204
124 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 1851
73 KB
2 ttttt.me
ttttt.me
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 488
8 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 520
31 KB
29 7
Domain Requested by
16 t.aff.su t.aff.su
7 mc.yandex.com 3 redirects t.aff.su
3 mc.yandex.ru 2 redirects t.aff.su
2 ttttt.me t.aff.su
2 maxcdn.bootstrapcdn.com t.aff.su
maxcdn.bootstrapcdn.com
2 stackpath.bootstrapcdn.com t.aff.su
1 cdn.jsdelivr.net t.aff.su
1 ajax.googleapis.com t.aff.su
1 aff.su 1 redirects
29 9

This site contains links to these domains. Also see Links.

Domain
aff.su
tgstat.ru
Subject Issuer Validity Valid
t.aff.su
R3		 2023-01-05 -
2023-04-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
a.elegram.ru
R3		 2022-12-02 -
2023-03-02		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-03-30		 5 months crt.sh

This page contains 1 frames:

Primary Page: https://t.aff.su/
Frame ID: E58C9F4F3D6C8FA3FECED6DFBC324B63
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Окно в Telegram

Page URL History Show full URLs

  1. http://aff.su/ HTTP 301
    https://t.aff.su/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

29
Requests

90 %
HTTPS

71 %
IPv6

7
Domains

9
Subdomains

7
IPs

3
Countries

364 kB
Transfer

802 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://aff.su/ HTTP 301
    https://t.aff.su/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9878.yQEQTNZcVETQXTZk0Mym0xXtumdVdtxvkwSF6ZsazGk-f32C74ahgRFUWVE_S82C.-FED5CdiPbY8m9SDdXwFAsqsvjQ%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9878.n5tbKCf8DSqzH8QMJH9El-L-jpFR8uJxNnJWIs567J0RgXXfg6jw4Fqmo7IlG59ndCceZ8hkRvZv9kESexoDUsLmIcTCitAa6hMSMu_V4aQ%2C.D4fvFX5h4OWEA_cDzJ-LQNdy8pE%2C
Request Chain 26
  • https://mc.yandex.com/watch/62933818?wmode=7&page-url=https%3A%2F%2Ft.aff.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A1162%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A752941512642%3Ahid%3A874894768%3Az%3A0%3Ai%3A20230109231405%3Aet%3A1673306046%3Ac%3A1%3Arn%3A388409088%3Arqn%3A1%3Au%3A167330604662432066%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A209%2C103%2C56%2C2%2C679%2C0%2C%2C389%2C1%2C%2C%2C%2C1438%3Aco%3A0%3Acpf%3A1%3Ans%3A1673306043930%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1673306046%3At%3A%D0%9E%D0%BA%D0%BD%D0%BE%20%D0%B2%20Telegram&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/62933818/1?wmode=7&page-url=https%3A%2F%2Ft.aff.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A1162%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A752941512642%3Ahid%3A874894768%3Az%3A0%3Ai%3A20230109231405%3Aet%3A1673306046%3Ac%3A1%3Arn%3A388409088%3Arqn%3A1%3Au%3A167330604662432066%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A209%2C103%2C56%2C2%2C679%2C0%2C%2C389%2C1%2C%2C%2C%2C1438%3Aco%3A0%3Acpf%3A1%3Ans%3A1673306043930%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1673306046%3At%3A%D0%9E%D0%BA%D0%BD%D0%BE%20%D0%B2%20Telegram&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 27
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9878.NZm5mMQwUWQqPXiEuIzxbxAAS3en6qEF-ljlkJqz0Nxg8yCb8HJko6bYi66WYOnY._os2qjrkJJWGZkAI5G3tZj6gAy0%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9878.AuC3rS6sZ2iHnC0OdGO65k4HDNSIfEi_c-Kb14g7WeUocVCWIZscsv7GvLTKlJ3uJpq6yActBjD8QrbLljA-iUzXxNwHd9gym5m-Uc--I0k%2C.L9420jItzL_vPdzQvDlYxXDjV5Q%2C

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
t.aff.su/
Redirect Chain
  • http://aff.su/
  • https://t.aff.su/
39 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.aff.su/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.223.67.32 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
1084917-cg19811.tmweb.ru
Software
nginx/1.22.1 /
Resource Hash
96c85ffd7b6e68ec2f6d3b8cc84a1cb2c21007409e6e274f482dc7e24c6627ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
9240
Content-Type
text/html; charset=UTF-8
Date
Mon, 09 Jan 2023 23:14:04 GMT
Server
nginx/1.22.1
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Mon, 09 Jan 2023 23:14:04 GMT
Location
https://t.aff.su/
Server
nginx/1.22.1
Transfer-Encoding
chunked
X-Powered-By
PHP/5.6.40
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ 		156 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://t.aff.su/
Origin
https://t.aff.su
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 23:14:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
845
age
47517
cdn-cachedat
12/15/2022 07:48:39
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"7cc40c199d128af6b01e74a28c5900b0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
5ca2b4ead620380dca243fd39e702c2f
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7870ddfd4d012c01-FRA
cdn-requestpullsuccess
True
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.aff.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 23:14:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
723
age
30531718
cdn-cachedat
11/15/2021 21:49:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
8b677d48aa464c28c0815c97adbbe174
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7870ddfd4a7b6919-FRA
cdn-requestpullsuccess
True
panel.css
t.aff.su/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://t.aff.su/panel.css
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.223.67.32 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
1084917-cg19811.tmweb.ru
Software
nginx/1.22.1 /
Resource Hash
2e92a43abfcc815df7776efc74f3960bbc33a6f95694a0eec836ee9ae03cc3f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.aff.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 23:14:05 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 May 2020 22:18:35 GMT
Server
nginx/1.22.1
ETag
W/"5ec9a13b-2aff"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
tgstat.png
t.aff.su/i/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.aff.su/i/tgstat.png
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.223.67.32 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
1084917-cg19811.tmweb.ru
Software
nginx/1.22.1 /
Resource Hash
acf05b25f04974dbf75cda02d019a6fb683c93537cc96d2ef9e243926b8bdb4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.aff.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 23:14:05 GMT
Last-Modified
Fri, 22 May 2020 12:17:58 GMT
Server
nginx/1.22.1
ETag
"5ec7c2f6-b05"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2821
100wmz.png
t.aff.su/i/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.aff.su/i/100wmz.png
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.223.67.32 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
1084917-cg19811.tmweb.ru
Software
nginx/1.22.1 /
Resource Hash
c189c0c98711b2634ac907b550a177d94b127b94ff0d4789754e4e4a77cfda27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.aff.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 23:14:05 GMT
Last-Modified
Fri, 22 May 2020 14:53:26 GMT
Server
nginx/1.22.1
ETag
"5ec7e766-10b6"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4278
ru247.png
t.aff.su/i/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.aff.su/i/ru247.png
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.223.67.32 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
1084917-cg19811.tmweb.ru
Software
nginx/1.22.1 /
Resource Hash
129a60206cef8ca6c9314a78a7286754162a69741ceb379953f982028ba56e89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.aff.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 23:14:05 GMT
Last-Modified
Fri, 22 May 2020 21:36:52 GMT
Server
nginx/1.22.1
ETag
"5ec845f4-300d"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12301
channels_tg.png
t.aff.su/i/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.aff.su/i/channels_tg.png
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.223.67.32 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
1084917-cg19811.tmweb.ru
Software
nginx/1.22.1 /
Resource Hash
5c393e1b9ad61553a4271d6e9ad4629f1293e98490a9307c70f31d1d74095199

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.aff.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 23:14:05 GMT
Last-Modified
Fri, 22 May 2020 12:17:31 GMT
Server
nginx/1.22.1
ETag
"5ec7c2db-ca2"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3234
bots_tg.png
t.aff.su/i/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.aff.su/i/bots_tg.png
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.223.67.32 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
1084917-cg19811.tmweb.ru
Software
nginx/1.22.1 /
Resource Hash
47ef068f7e728bcc2b362c2ce303e4732ac1084f0eb447a77a16d38fa456ca44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.aff.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 23:14:05 GMT
Last-Modified
Fri, 22 May 2020 21:36:35 GMT
Server
nginx/1.22.1
ETag
"5ec845e3-32c3"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12995
chat_tg.png
t.aff.su/i/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.aff.su/i/chat_tg.png
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.223.67.32 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
1084917-cg19811.tmweb.ru
Software
nginx/1.22.1 /
Resource Hash
9ae108f22d44b9d6a8ba755ccd257e0e319d3e314bfbf55873f092d107b03709

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.aff.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 23:14:05 GMT
Last-Modified
Fri, 22 May 2020 21:36:42 GMT
Server
nginx/1.22.1
ETag
"5ec845ea-29eb"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10731
telemetr.png
t.aff.su/i/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.aff.su/i/telemetr.png
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.223.67.32 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
1084917-cg19811.tmweb.ru
Software
nginx/1.22.1 /
Resource Hash
bfe00e85ab9b2c70bd04373a3782e06b9b08fb886abc8b3f265aad1f832e7bea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.aff.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 23:14:05 GMT
Last-Modified
Fri, 22 May 2020 18:36:42 GMT
Server
nginx/1.22.1
ETag
"5ec81bba-c53"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3155
15wmz.png
t.aff.su/i/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.aff.su/i/15wmz.png
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.223.67.32 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
1084917-cg19811.tmweb.ru
Software
nginx/1.22.1 /
Resource Hash
f0652d07dc0720d25d773710f32048111b334ce1f1923fa29634692f89764e30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.aff.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 23:14:05 GMT
Last-Modified
Fri, 22 May 2020 12:16:31 GMT
Server
nginx/1.22.1
ETag
"5ec7c29f-1688"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5768
prodaga.png
t.aff.su/i/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.aff.su/i/prodaga.png
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.223.67.32 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
1084917-cg19811.tmweb.ru
Software
nginx/1.22.1 /
Resource Hash
3f17f9cdc06f5e9f240f73db75aca68677420b14503e1f9e2a84e106155a87f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.aff.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 23:14:05 GMT
Last-Modified
Fri, 22 May 2020 12:17:46 GMT
Server
nginx/1.22.1
ETag
"5ec7c2ea-2f5a"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12122
zdelo.png
t.aff.su/i/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.aff.su/i/zdelo.png
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.223.67.32 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
1084917-cg19811.tmweb.ru
Software
nginx/1.22.1 /
Resource Hash
15a1644648b11def93320959060b7c68e2cf8c008242a75172d26898c091686a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.aff.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 23:14:05 GMT
Last-Modified
Fri, 22 May 2020 18:50:13 GMT
Server
nginx/1.22.1
ETag
"5ec81ee5-1fee"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8174
addinfo.png
t.aff.su/i/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.aff.su/i/addinfo.png
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.223.67.32 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
1084917-cg19811.tmweb.ru
Software
nginx/1.22.1 /
Resource Hash
0b0eb9324bb187caea6f5fd7e50edf9cdf713698b4a7d441abb9a1e9812a3752

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.aff.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 23:14:05 GMT
Last-Modified
Fri, 22 May 2020 12:17:07 GMT
Server
nginx/1.22.1
ETag
"5ec7c2c3-2371"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9073
megapc.png
t.aff.su/i/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.aff.su/i/megapc.png
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.223.67.32 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
1084917-cg19811.tmweb.ru
Software
nginx/1.22.1 /
Resource Hash
a3ec318812e31eada7309e10d724438570c75f50e47a4b9aa145c137f6b7790e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.aff.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 23:14:05 GMT
Last-Modified
Fri, 22 May 2020 21:48:22 GMT
Server
nginx/1.22.1
ETag
"5ec848a6-21c8"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8648
adv960x143-min.png
t.aff.su/i/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.aff.su/i/adv960x143-min.png
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.223.67.32 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
1084917-cg19811.tmweb.ru
Software
nginx/1.22.1 /
Resource Hash
39f9b9dda9b17a0d6396631ef35f3e087b1e0282c1cedb9cbf648efa07430849

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.aff.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 23:14:05 GMT
Last-Modified
Wed, 20 May 2020 10:33:18 GMT
Server
nginx/1.22.1
ETag
"5ec5076e-4f79"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20345
loading.gif
t.aff.su/i/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.aff.su/i/loading.gif
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.223.67.32 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
1084917-cg19811.tmweb.ru
Software
nginx/1.22.1 /
Resource Hash
cfb365099ae602f8e7994580e16d7cdc2349275b0b7e70fd283bf21905813b00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.aff.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 23:14:05 GMT
Last-Modified
Sat, 23 May 2020 22:35:33 GMT
Server
nginx/1.22.1
ETag
"5ec9a535-618"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1560
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.aff.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 06:16:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
320273
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Jan 2024 06:16:12 GMT
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://t.aff.su/
Origin
https://t.aff.su
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 23:14:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
503630
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19144-FRA, cache-yyz4571-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ry0ayliv4lw9lbbyEMu5G%2BJicN7XfLAOVUyiU0Y4SPh41spzEGUfyciI76pYBb%2BcDlid5yuWaHc4CwEx35ZrLM4Gtvjc3%2BLMBO0jicUn8lTP6XbFrWfZXE96dVr%2F%2BWuCgfk1I7hIQagxM2U4ZyY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7870ddfdac8a2c39-FRA
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://t.aff.su/
Origin
https://t.aff.su
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 23:14:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
845
age
47517
cdn-cachedat
11/24/2022 02:27:52
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"61f338f870fcd0ff46362ef109d28533"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
4acdc5eea3a37d2e3426f372d0e656a9
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7870ddfd7d242c01-FRA
cdn-requestpullsuccess
True
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://t.aff.su
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 23:14:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
1029
cdn-cachedat
01/02/2023 00:17:33
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
59a4f7412edb8175028003c722372639
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7870ddfd985b2c46-FRA
cdn-requestpullsuccess
True
tag.js
ttttt.me/js/ 		923 B
827 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ttttt.me/js/tag.js?v06324207571613294
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.203.167.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.72.167.203.116.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
a1b591863067bd75548a0fedb5e352e81afff3a5f26a84d4742a0d10da73d88b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.aff.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 23:14:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Apr 2020 20:20:56 GMT
Server
nginx/1.10.3
ETag
W/"5e84f7a8-39b"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache, no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
Mon, 09 Jan 2023 23:14:04 GMT
tag.js
mc.yandex.ru/metrika/ 		211 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
a84c7cc39305302875b9bbc7a62ebe486241cce1e3a3ee3b9e4521e6acf90ad7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.aff.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 23:14:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 30 Dec 2022 07:53:53 GMT
etag
"63ae6ee1-12019"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73753
expires
Tue, 10 Jan 2023 00:14:05 GMT
tag.php
ttttt.me/ 		43 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ttttt.me/tag.php?rec=1&r=201341&ts=1673306045&h=t.aff.su&u=%2F&ur=&si=1
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.203.167.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.72.167.203.116.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.aff.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 23:14:05 GMT
Server
nginx/1.10.3
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9878.yQEQTNZcVETQXTZk0Mym0xXtumdVdtxvkwSF6ZsazGk-f32C74ahgRFUWVE_S82C.-FED5CdiPbY8m9SDdXwFAsqsvjQ%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9878.n5tbKCf8DSqzH8QMJH9El-L-jpFR8uJxNnJWIs567J0RgXXfg6jw4Fqmo7IlG59ndCceZ8hkRvZv9kESexoDUsLmIcTCitAa6hMSMu_V4aQ%2C.D4fvFX5h4OWEA_cDzJ-LQNdy8pE%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9878.n5tbKCf8DSqzH8QMJH9El-L-jpFR8uJxNnJWIs567J0RgXXfg6jw4Fqmo7IlG59ndCceZ8hkRvZv9kESexoDUsLmIcTCitAa6hMSMu_V4aQ%2C.D4fvFX5h4OWEA_cDzJ-LQNdy8pE%2C
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.aff.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 23:14:05 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9878.n5tbKCf8DSqzH8QMJH9El-L-jpFR8uJxNnJWIs567J0RgXXfg6jw4Fqmo7IlG59ndCceZ8hkRvZv9kESexoDUsLmIcTCitAa6hMSMu_V4aQ%2C.D4fvFX5h4OWEA_cDzJ-LQNdy8pE%2C
date
Mon, 09 Jan 2023 23:14:05 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: t.aff.su
URL: https://t.aff.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.aff.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 23:14:05 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30 Dec 2022 07:53:53 GMT
etag
"63ae6ee1-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 10 Jan 2023 00:14:05 GMT
1
mc.yandex.com/watch/62933818/
Redirect Chain
  • https://mc.yandex.com/watch/62933818?wmode=7&page-url=https%3A%2F%2Ft.aff.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A1162%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A9...
  • https://mc.yandex.com/watch/62933818/1?wmode=7&page-url=https%3A%2F%2Ft.aff.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A1162%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3...
454 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/62933818/1?wmode=7&page-url=https%3A%2F%2Ft.aff.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A1162%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A752941512642%3Ahid%3A874894768%3Az%3A0%3Ai%3A20230109231405%3Aet%3A1673306046%3Ac%3A1%3Arn%3A388409088%3Arqn%3A1%3Au%3A167330604662432066%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A209%2C103%2C56%2C2%2C679%2C0%2C%2C389%2C1%2C%2C%2C%2C1438%3Aco%3A0%3Acpf%3A1%3Ans%3A1673306043930%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1673306046%3At%3A%D0%9E%D0%BA%D0%BD%D0%BE%20%D0%B2%20Telegram&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
02623e41519ff8389aa638bc9b3903e52f2c26808caa9ebe685e50105a314979
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.aff.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Jan 2023 23:14:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 09-Jan-2023 23:14:05 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://t.aff.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
454
x-xss-protection
1; mode=block
expires
Mon, 09-Jan-2023 23:14:05 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Jan 2023 23:14:05 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 09-Jan-2023 23:14:05 GMT
location
/watch/62933818/1?wmode=7&page-url=https%3A%2F%2Ft.aff.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A1162%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A752941512642%3Ahid%3A874894768%3Az%3A0%3Ai%3A20230109231405%3Aet%3A1673306046%3Ac%3A1%3Arn%3A388409088%3Arqn%3A1%3Au%3A167330604662432066%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A209%2C103%2C56%2C2%2C679%2C0%2C%2C389%2C1%2C%2C%2C%2C1438%3Aco%3A0%3Acpf%3A1%3Ans%3A1673306043930%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1673306046%3At%3A%D0%9E%D0%BA%D0%BD%D0%BE%20%D0%B2%20Telegram&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://t.aff.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 09-Jan-2023 23:14:05 GMT
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9878.NZm5mMQwUWQqPXiEuIzxbxAAS3en6qEF-ljlkJqz0Nxg8yCb8HJko6bYi66WYOnY._os2qjrkJJWGZkAI5G3tZj6gAy0%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9878.AuC3rS6sZ2iHnC0OdGO65k4HDNSIfEi_c-Kb14g7WeUocVCWIZscsv7GvLTKlJ3uJpq6yActBjD8QrbLljA-iUzXxNwHd9gym5m-Uc--I0k%2C.L9420jItzL_vPdzQvD...
43 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9878.AuC3rS6sZ2iHnC0OdGO65k4HDNSIfEi_c-Kb14g7WeUocVCWIZscsv7GvLTKlJ3uJpq6yActBjD8QrbLljA-iUzXxNwHd9gym5m-Uc--I0k%2C.L9420jItzL_vPdzQvDlYxXDjV5Q%2C
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.aff.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 23:14:06 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9878.AuC3rS6sZ2iHnC0OdGO65k4HDNSIfEi_c-Kb14g7WeUocVCWIZscsv7GvLTKlJ3uJpq6yActBjD8QrbLljA-iUzXxNwHd9gym5m-Uc--I0k%2C.L9420jItzL_vPdzQvDlYxXDjV5Q%2C
date
Mon, 09 Jan 2023 23:14:05 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| handleUrl function| getLocation function| forward string| pageUrl object| urlContents boolean| isIndex string| blockId object| block object| not_found boolean| haveBanners number| timeout function| $ function| jQuery function| Popper object| bootstrap object| _paq function| ym function| getCurrentUrl function| getCurrentHost function| getReferrer function| getRequest function| getImage object| windowAlias object| Ya object| yaCounter62933818

10 Cookies

Domain/Path Name / Value
.aff.su/ Name: _ym_uid
Value: 167330604662432066
.aff.su/ Name: _ym_d
Value: 1673306046
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 590811866fake
.aff.su/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2895250495fake
mc.yandex.com/ Name: yabs-sid
Value: 2466841791673306045
.yandex.com/ Name: i
Value: 5CPyFGL+ITYLjQpuG4O0KGKfatVQRZfqBV0ADxMu2oRHkUz3H5VeEZ/UnunnmY70vmdZJDslMo96b3kmkdcWdXvyOUM=
.yandex.com/ Name: yandexuid
Value: 4497675591673306045
.yandex.com/ Name: yuidss
Value: 4497675591673306045
.yandex.com/ Name: ymex
Value: 1704842045.yc.1673306045#1704842045.yrts.1673306045#1704842045.yrtsi.1673306045

3 Console Messages

Source Level URL
Text
security warning URL: https://t.aff.su/
Message:
Mixed Content: The page at 'https://t.aff.su/' was loaded over HTTPS, but requested an insecure element 'http://t.aff.su/i/adv960x143-min.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://t.aff.su/(Line 538)
Message:
Mixed Content: The page at 'https://t.aff.su/' was loaded over HTTPS, but requested an insecure element 'http://t.aff.su/i/adv960x143-min.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9878.n5tbKCf8DSqzH8QMJH9El-L-jpFR8uJxNnJWIs567J0RgXXfg6jw4Fqmo7IlG59ndCceZ8hkRvZv9kESexoDUsLmIcTCitAa6hMSMu_V4aQ%2C.D4fvFX5h4OWEA_cDzJ-LQNdy8pE%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aff.su
ajax.googleapis.com
cdn.jsdelivr.net
maxcdn.bootstrapcdn.com
mc.yandex.com
mc.yandex.ru
stackpath.bootstrapcdn.com
t.aff.su
ttttt.me
116.203.167.72
2606:4700::6810:5714
2606:4700::6812:acf
2606:4700::6812:bcf
2a00:1450:4001:827::200a
2a02:6b8::1:119
89.223.67.32
02623e41519ff8389aa638bc9b3903e52f2c26808caa9ebe685e50105a314979
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b0eb9324bb187caea6f5fd7e50edf9cdf713698b4a7d441abb9a1e9812a3752
129a60206cef8ca6c9314a78a7286754162a69741ceb379953f982028ba56e89
15a1644648b11def93320959060b7c68e2cf8c008242a75172d26898c091686a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e92a43abfcc815df7776efc74f3960bbc33a6f95694a0eec836ee9ae03cc3f7
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
39f9b9dda9b17a0d6396631ef35f3e087b1e0282c1cedb9cbf648efa07430849
3f17f9cdc06f5e9f240f73db75aca68677420b14503e1f9e2a84e106155a87f4
47ef068f7e728bcc2b362c2ce303e4732ac1084f0eb447a77a16d38fa456ca44
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5c393e1b9ad61553a4271d6e9ad4629f1293e98490a9307c70f31d1d74095199
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
96c85ffd7b6e68ec2f6d3b8cc84a1cb2c21007409e6e274f482dc7e24c6627ab
9ae108f22d44b9d6a8ba755ccd257e0e319d3e314bfbf55873f092d107b03709
a1b591863067bd75548a0fedb5e352e81afff3a5f26a84d4742a0d10da73d88b
a3ec318812e31eada7309e10d724438570c75f50e47a4b9aa145c137f6b7790e
a84c7cc39305302875b9bbc7a62ebe486241cce1e3a3ee3b9e4521e6acf90ad7
acf05b25f04974dbf75cda02d019a6fb683c93537cc96d2ef9e243926b8bdb4f
bfe00e85ab9b2c70bd04373a3782e06b9b08fb886abc8b3f265aad1f832e7bea
c189c0c98711b2634ac907b550a177d94b127b94ff0d4789754e4e4a77cfda27
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
cfb365099ae602f8e7994580e16d7cdc2349275b0b7e70fd283bf21905813b00
f0652d07dc0720d25d773710f32048111b334ce1f1923fa29634692f89764e30