wallpaper.downloads.moscow Open in urlscan Pro
80.85.159.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://speedflow.io/adult/?a=rr
Effective URL:
http://wallpaper.downloads.moscow/
Submission Tags: demotag1 demotag2 Search All
Submission: On November 10 via api (November 10th 2020, 12:46:55 am UTC) from US

Summary HTTP 54 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 8 countries across 33 domains to perform 54 HTTP transactions. The main IP is 80.85.159.3, located in Russian Federation and belongs to CHELYABINSK-SIGNAL-AS, RU. The main domain is wallpaper.downloads.moscow.

This is the only time wallpaper.downloads.moscow was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	198.54.116.135 198.54.116.135	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2 6	107.170.39.103 107.170.39.103	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	162.213.255.36 162.213.255.36	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	54.204.118.255 54.204.118.255	14618 (AMAZON-AES) (AMAZON-AES)
1	35.190.72.161 35.190.72.161	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1 1	2606:4700:303... 2606:4700:3033::681b:9c0b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	95.179.157.240 95.179.157.240	20473 (AS-CHOOPA) (AS-CHOOPA)
3	80.85.159.3 80.85.159.3	44493 (CHELYABIN...) (CHELYABINSK-SIGNAL-AS)
1	88.198.46.158 88.198.46.158	24940 (HETZNER-AS) (HETZNER-AS)
1	64.251.25.253 64.251.25.253	15083 (INFOLINK-...) (INFOLINK-MIA-)
3 4	88.208.59.102 88.208.59.102	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	184.164.136.210 184.164.136.210	20454 (SSASN2) (SSASN2)
1	185.15.208.118 185.15.208.118	52000 (MIRHOSTING) (MIRHOSTING)
1	213.159.212.90 213.159.212.90	29182 (THEFIRST-AS) (THEFIRST-AS)
1	95.211.212.72 95.211.212.72	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
1	213.159.210.250 213.159.210.250	29182 (THEFIRST-AS) (THEFIRST-AS)
1	62.149.0.249 62.149.0.249	15497 (COLOCALL ...) (COLOCALL Internet Data Center _ColoCALL_)
1	94.23.40.196 94.23.40.196	16276 (OVH) (OVH)
1	147.135.220.104 147.135.220.104	16276 (OVH) (OVH)
1	2a02:128:7:52... 2a02:128:7:5242::3	50245 (SERVEREL-AS) (SERVEREL-AS)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
54	23

1 198.54.116.135 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server193-5.web-hosting.com

speedflow.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 107.170.39.103 (New York, United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

traffdaq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.213.255.36 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server145-4.web-hosting.com

manyhit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.204.118.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-118-255.compute-1.amazonaws.com

cors-anywhere.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.161 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com

c.securepaths.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::681b:9c0b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ptp.party	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.179.157.240 (Amsterdam, Netherlands) 1 redirects

ASN20473 (AS-CHOOPA, US)
PTR: neon.today

neon.today	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 80.85.159.3 (Russian Federation)

ASN44493 (CHELYABINSK-SIGNAL-AS, RU)
PTR: host.profitserver.ru

wallpaper.downloads.moscow	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.46.158 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: texto.click

texto.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.251.25.253 (Miami Beach, United States)

ASN15083 (INFOLINK-MIA-, US)
PTR: 253-25-251-64.serverpronto.com

tracksitetraffic1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.208.59.102 (Netherlands) 3 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

api.clickaine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
13235.mimilcnf.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.164.136.210 (Phoenix, United States)

ASN20454 (SSASN2, US)
PTR: server.prosperitymarketingsystem.com

www.viralnugget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.15.208.118 (Krasnodar, Russian Federation)

ASN52000 (MIRHOSTING, RU)
PTR: wmlink.ru

r1.wmlink.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.159.212.90 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: novon.ru

v.tzbox3.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.212.72 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: mhqp001.gnomograd.com

flirtymania.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.159.210.250 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: my.webserver

statok.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.149.0.249 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: get.mycounter.ua

get.mycounter.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.40.196 (France)

ASN16276 (OVH, FR)
PTR: s1.hubu-interactive.de

show.adorion.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.220.104 (Beaurevoir, France)

ASN16276 (OVH, FR)
PTR: ns3074226.ip-147-135-220.eu

g.cash-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:5242::3 (Czech Republic)

ASN50245 (SERVEREL-AS, NL)

in.tubecorporate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	traffdaq.com 2 redirects traffdaq.com	6 KB
3	mimilcnf.pro 3 redirects 13235.mimilcnf.pro	2 KB
3	downloads.moscow wallpaper.downloads.moscow	157 KB
2	yastatic.net yastatic.net	39 KB
2	herokuapp.com cors-anywhere.herokuapp.com	2 KB
1	gstatic.com fonts.gstatic.com	9 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	tubecorporate.com in.tubecorporate.com
1	cash-ads.com g.cash-ads.com	510 B
1	adorion.net show.adorion.net	284 B
1	mycounter.ua get.mycounter.ua	4 KB
1	statok.net statok.net	1 KB
1	flirtymania.com flirtymania.com	5 KB
1	tzbox3.xyz v.tzbox3.xyz	9 KB
1	wmlink.ru r1.wmlink.ru	1 KB
1	viralnugget.com www.viralnugget.com	691 B
1	clickaine.com api.clickaine.com	697 B
1	tracksitetraffic1.com tracksitetraffic1.com	3 KB
1	texto.click texto.click	803 B
1	neon.today 1 redirects neon.today	202 B
1	ptp.party 1 redirects ptp.party	595 B
1	jsdelivr.net cdn.jsdelivr.net	10 KB
1	securepaths.com c.securepaths.com
1	manyhit.com manyhit.com
1	speedflow.io speedflow.io	1 KB
0	flirtymania.plus Failed flirtymania.plus Failed
0	adclerks.com Failed cdn.adclerks.com Failed
0	cusok.ru Failed cusok.ru Failed
0	mail.ru Failed top-fwz1.mail.ru Failed
0	flagcounter.com Failed s04.flagcounter.com Failed
0	3kd.ru Failed 3kd.ru Failed
0	livetrafficfeed.com Failed cdn.livetrafficfeed.com Failed
0	playsports88.com Failed playsports88.com Failed
54	33

	Domain	Requested by
6	traffdaq.com	2 redirects speedflow.io traffdaq.com
3	13235.mimilcnf.pro	3 redirects
3	wallpaper.downloads.moscow	traffdaq.com wallpaper.downloads.moscow
2	yastatic.net	wallpaper.downloads.moscow
2	cors-anywhere.herokuapp.com	speedflow.io
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	wallpaper.downloads.moscow
1	in.tubecorporate.com	wallpaper.downloads.moscow
1	g.cash-ads.com	wallpaper.downloads.moscow
1	show.adorion.net	wallpaper.downloads.moscow
1	get.mycounter.ua	wallpaper.downloads.moscow
1	statok.net	wallpaper.downloads.moscow
1	flirtymania.com	wallpaper.downloads.moscow
1	v.tzbox3.xyz	wallpaper.downloads.moscow
1	r1.wmlink.ru	wallpaper.downloads.moscow
1	www.viralnugget.com	wallpaper.downloads.moscow www.viralnugget.com
1	api.clickaine.com	wallpaper.downloads.moscow
1	tracksitetraffic1.com	wallpaper.downloads.moscow
1	texto.click	wallpaper.downloads.moscow
1	neon.today	1 redirects
1	ptp.party	1 redirects
1	cdn.jsdelivr.net	traffdaq.com
1	c.securepaths.com	traffdaq.com
1	manyhit.com	speedflow.io
1	speedflow.io
0	flirtymania.plus Failed	flirtymania.com
0	cdn.adclerks.com Failed	wallpaper.downloads.moscow
0	cusok.ru Failed	texto.click
0	top-fwz1.mail.ru Failed	wallpaper.downloads.moscow
0	s04.flagcounter.com Failed	wallpaper.downloads.moscow
0	3kd.ru Failed	wallpaper.downloads.moscow
0	cdn.livetrafficfeed.com Failed	wallpaper.downloads.moscow
0	playsports88.com Failed	wallpaper.downloads.moscow
54	33

This site contains no links.

Subject Issuer	Validity	Valid
traffdaq.com Let's Encrypt Authority X3	`2020-10-31` - `2021-01-29`	3 months	crt.sh
*.herokuapp.com DigiCert SHA2 High Assurance Server CA	`2020-06-15` - `2021-07-07`	a year	crt.sh
*.securepaths.com Let's Encrypt Authority X3	`2020-09-22` - `2020-12-21`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
*.clickaine.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-17` - `2021-08-15`	a year	crt.sh
flirtymania.com AlphaSSL CA - SHA256 - G2	`2020-05-20` - `2021-05-21`	a year	crt.sh
get.mycounter.ua Let's Encrypt Authority X3	`2020-09-12` - `2020-12-11`	3 months	crt.sh
show.adorion.net Let's Encrypt Authority X3	`2020-09-02` - `2020-12-01`	3 months	crt.sh
g.cash-ads.com Let's Encrypt Authority X3	`2020-09-26` - `2020-12-25`	3 months	crt.sh
in.tubecorporate.com Let's Encrypt Authority X3	`2020-10-30` - `2021-01-28`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://wallpaper.downloads.moscow/
Frame ID: 7E31A9651DAD9FF23A0DA0DFA54790AB
Requests: 49 HTTP requests in this frame

Frame: http://manyhit.com/autosurf_if.php?user=speedflow
Frame ID: CF1656E7D409EDD65C00F5A396E579F6
Requests: 1 HTTP requests in this frame

Frame: https://in.tubecorporate.com/in/tcc/?promo=12191&mc=547347933&dc=2097937879&tc=1230563086
Frame ID: D2B101FF209F8286AE17CCFD95A9F042
Requests: 1 HTTP requests in this frame

Frame: http://www.viralnugget.com/members//display.block.php?member_id=34468&block=1860&type=2&categories=119,120,121,122,123&ref_domain=wallpaper.downloads.moscow
Frame ID: 41C486F81CFB20E042C121941966EE3A
Requests: 1 HTTP requests in this frame

Frame: http://flirtymania.plus/new-chat/?rid=ed303d089575d49725c429258034b678&ageRating=14&subject=wallpapers
Frame ID: 4EBC5440419829FC73566FD429F2C3F5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://speedflow.io/adult/?a=rr Page URL
http://traffdaq.com/delivery/dl/47382?category=gay HTTP 301
https://traffdaq.com/delivery/dl/47382?category=gay Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlYrckk2S0luYXdySU95NDY3ZHJiaUE9PSIsI... Page URL
https://ptp.party/13039 HTTP 301
https://neon.today/ptp/i/13039 HTTP 302
http://wallpaper.downloads.moscow/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

54
Requests

26 %
HTTPS

25 %
IPv6

33
Domains

33
Subdomains

23
IPs

8
Countries

253 kB
Transfer

406 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://speedflow.io/adult/?a=rr Page URL
http://traffdaq.com/delivery/dl/47382?category=gay HTTP 301
https://traffdaq.com/delivery/dl/47382?category=gay Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlYrckk2S0luYXdySU95NDY3ZHJiaUE9PSIsInZhbHVlIjoiMVBpN1pjUWdncjZmVXlqMUFmdXBcL0dCa3ZoNXgwQkJWQngrWFBRT2JhN1BMWVRSQ1ByRWVhTE1pRXF4WHlMa3JTWWliQnFaYW9UUnlHaHVUSlpUanRiNHZES3M5Nnc0aVNRUVZ3bUtqSjJLOXBTemZQemRUUDFpYnBhcURyUWJCNWNTRXcwcm51dDhFOTZJRlo3bUtKNUlyVXNzXC9BcFlLQUJqem84VlJxRjJlMUpyYVkzUEdDOVhDd0FoaVdnd29qcDZ4dHpXa2p1OEhnVU4zTThXdjNESGlVT2ZxazM5Nzd3WGlqVndvZzc2MkpHeXdXRnl3VnNwcGxodFk2NDZRM3NXcEl0em9rZUR3T01JRUxINEY5TDNGRDJ2ZTBIdTdVR3lQcERLeFRVOD0iLCJtYWMiOiI1NTAxNGFhYTIzNTI0ZjI4ZDQxYmZiYWMxOGU5Y2IyYWVkNDQ2ZjgwYThiYWNjOWZhYjhkYWE4NGZkNjUzYmVjIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8 Page URL
https://ptp.party/13039 HTTP 301
https://neon.today/ptp/i/13039 HTTP 302
http://wallpaper.downloads.moscow/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://traffdaq.com/delivery/pu/47382?category=gay HTTP 301
https://traffdaq.com/delivery/pu/47382?category=gay

Request Chain 6

http://traffdaq.com/delivery/dl/47382?category=gay HTTP 301
https://traffdaq.com/delivery/dl/47382?category=gay

Request Chain 39

https://13235.mimilcnf.pro/v2/a/skm/108882 HTTP 307
https://13235.mimilcnf.pro/v2/a/skm/108882?_d=385438d0-22ee-11eb-a0cd-4b2f2721834d%26194.99.105.99%26Mozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_14_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F83.0.4103.61%2BSafari%252F537.36%26http%253A%252F%252Fwallpaper.downloads.moscow%252F%26 HTTP 307
https://13235.mimilcnf.pro/v2/a/skm/imp?d=BQ5qQHPefpRGqDnhKh88L5cOlPnToM-CRmb_ecpypIJ4j_OpjLRiNW-BLnQFbX8fYdCFstCUb1lNBIkO8cYNF7vcNzshoV1dOY5M1bV3-fVlXes9Km9Htrd5YZcM3-7Hmf0BD2Lavu7Ks7JePvyzpPJ7amrKFnitQIe-g1EhlP9S9K1puRiAXIMs_t6L3JO32-H4u40pJ_cAu2IdfMpcP8YLL6KEJeQbym2GeFQ6zQpGlBV1OFExFAkkC6WmfddoaSvOwzigfJ9UrbZkKLDDiY9ifVlaayFzra4-M522F_sBhMQIkaJVzOvS3nBKGP5g_JHjMBmtnOfPW-ghl2Z3IX4pt6kO3Dynk2zeFj-dTVvh2m18SXQbxXnY3O1JitVNGLl3PdwwYRYlo2ZQXj5_H3qBUfYdZuDEe6NbE1LqovKst5DsAdspnphfmf-XCBlAYg30_-ovcci-Dczc-ByvW8ZCiloFJyQ8G4oi06k-f9OayzeoEI0DoC0dAV5_yoXNTNIbAB-HuKLXcN0hP7UsY1Oh9DMNMJtzUfRxnzw75qvodNvIdOUK1Qhc2MmevwQOsnDr_qlgGI9SQmGuNHA3oIcVcAIQsYfp4GcvEzqkzj6CYKwDU91LR311N80D5KIv6sxa7Oc1MIsFvjNRtLLEbSdW8fTwInlyHF2zbfBWwLbD8NZRa0_5uFSjHUU6RG889rJKSOa2XZqovO37jxtS8klxqzr0suZ8sOs4V_UeymoMfsduh7TCePehnEnleawg-XiDVM0VdMsSLOiZs34sZlrZ5u7Zdf-UhRDDEunF1QMWYa0Ui_LoLi8X1SMGmZPNPElogUwjWBqLC3CsZdH5xDCGP8lfjMm7-gQ1Ft1X4s9u3_5gwaw-TRp4fyPgc4XMaVTP1DVT1gk2FH1mFHy-kU4DcR3K1dhOObu6yuZJ-vAgnjpvYHZCcGIgBqxf9khM_Id3CqyEVsyfvDdHt_7B1cFXA45GXFqi_wpKTuO8XTDY_iPyHXhwymhx0Pqw_aFiKKF_KV7hGnRULKrr9Aqy5VXjCzSTbdK1vZhEf2j9kA0h2Xz7l6FGP_9j0FsM0u0KJiX598KHAVWAr2B5_A32XLekyKy-9rRpjRfxidRgqIuOsbS9L-AV4-7yJ2YpIXjV7juMls4f_n5gBuGmes7Z808-4yZiRIAwMU9ZZ9rqFF20em2LZyD5zvavL-QXmfG4Un1-mWLky-vrLPyMBUdZ4Mopx5wU3LUV61S3RU8JRRMFpYsk8rQ4EH8FdAqQEkGwtjhSGLel5I5DEF7rfOix-8ohvumwOZ35O3ridg4 HTTP 307
https://in.tubecorporate.com/in/tcc/?promo=12191&mc=547347933&dc=2097937879&tc=1230563086

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
speedflow.io/adult/ 1 KB
1 KB 396ms
370ms Document
text/html 198.54.116.135
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Server: 198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server193-5.web-hosting.com
Software: Apache / PHP/7.1.33
Resource Hash: 866ca35a5e22389043c289deddf8905d279e2bcf4310ff05be62fba0315f054e

Request headers

Host: speedflow.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr

Response headers

date: Tue, 10 Nov 2020 00:46:21 GMT
server: Apache
x-powered-by: PHP/7.1.33
set-cookie: visits_todaya=1; expires=Tue, 10-Nov-2020 22:59:00 GMT; Max-Age=79959; path=/ time_start=1604969181.1604; expires=Tue, 10-Nov-2020 22:59:00 GMT; Max-Age=79959; path=/ ip=194.99.105.99 mobile=0 country=DE visits_todayi=0; expires=Tue, 10-Nov-2020 22:59:00 GMT; Max-Age=79959; path=/
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
content-length: 648
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

47382 Show response
traffdaq.com/delivery/pu/
Redirect Chain

http://traffdaq.com/delivery/pu/47382?category=gay
https://traffdaq.com/delivery/pu/47382?category=gay

5 KB
2 KB

530ms
151ms

Script
text/html

107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/pu/47382?category=gay
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: f09c6783c822fe6023fc86eb13111e946f1ec90185b2d95cfc0d5c13bae1a713

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 00:46:21 GMT
Content-Encoding: gzip
Server: nginx/1.16.1 (Ubuntu)
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Location: https://traffdaq.com/delivery/pu/47382?category=gay
Connection: close
Content-length: 0

GET
H/1.1 200
OK autosurf_if.php
manyhit.com/ Frame CF16 0
0 408ms
382ms Document
text/html 162.213.255.36
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://manyhit.com/autosurf_if.php?user=speedflow
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Server: 162.213.255.36 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server145-4.web-hosting.com
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Host: manyhit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

date: Tue, 10 Nov 2020 00:46:22 GMT
server: Apache
x-powered-by: PHP/5.4.45
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=9ed4c779bbefa914a5d4e034131eba6e; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 1265
content-type: text/html

OPTIONS
H/1.1 200
OK 47382
cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/ Frame 0
0 551ms
142ms Other 54.204.118.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/47382?category=gay
Protocol: HTTP/1.1
Server: 54.204.118.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-118-255.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Origin: http://speedflow.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Cowboy
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: x-requested-with
Access-Control-Expose-Headers: access-control-allow-origin,access-control-allow-methods,access-control-allow-headers
Date: Tue, 10 Nov 2020 00:46:22 GMT
Transfer-Encoding: chunked
Via: 1.1 vegur

GET
H/1.1 200
OK 47382 Show response
cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/ 5 KB
2 KB 256ms
255ms XHR
text/html 54.204.118.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/47382?category=gay
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.118.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-118-255.compute-1.amazonaws.com
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: 773d9794f5fa6c360a14fb86bcf1a991a5c47814c57323a461f2a81528b08fd9

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

Date: Tue, 10 Nov 2020 00:46:22 GMT
Content-Encoding: gzip
Server: nginx/1.16.1 (Ubuntu)
X-Request-Url: http://traffdaq.com/delivery/pu/47382?category=gay
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: server,date,content-type,transfer-encoding,connection,content-encoding,x-final-url,access-control-allow-origin
Connection: keep-alive
X-Cors-Redirect-1: 301 https://traffdaq.com/delivery/pu/47382?category=gay
X-Final-Url: https://traffdaq.com/delivery/pu/47382?category=gay
Via: 1.1 vegur

GET 47382
traffdaq.com/delivery/directlink/ 0
0

GET
H/1.1

200
OK

47382 Show response
traffdaq.com/delivery/dl/
Redirect Chain

http://traffdaq.com/delivery/dl/47382?category=gay
https://traffdaq.com/delivery/dl/47382?category=gay

3 KB
2 KB

4590ms
4339ms

Document
text/html

107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/dl/47382?category=gay
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: ee57c282f935100a808a0e0d2290aed0994e15759d5afd693f2be06ef50457c3

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/adult/?a=rr

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Tue, 10 Nov 2020 00:46:29 GMT
Content-Encoding: gzip

Redirect headers

Content-length: 0
Location: https://traffdaq.com/delivery/dl/47382?category=gay
Connection: close

GET
H/1.1 200
OK eyJpdiI6IjV5Tm5MYXNsNnpOMUJqYU1oUFlqSHc9PSIsInZhbHVlIjoiaXNydW83R3lJZXJNK3E2dFJ2VzB1ZVI5UlM2ZFwvSGZObTdDaUtmTGdGSWJLNGhFMXVLMEloSTFoS0N4eTN0cjg1WG93bHRja2pFVEFDdE1DeGVwZEpnPT0iLCJtYWMiOiI3ZTNmZTY5M...
traffdaq.com/users/track/ 0
856 B 6555ms
6311ms Image
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffdaq.com/users/track/eyJpdiI6IjV5Tm5MYXNsNnpOMUJqYU1oUFlqSHc9PSIsInZhbHVlIjoiaXNydW83R3lJZXJNK3E2dFJ2VzB1ZVI5UlM2ZFwvSGZObTdDaUtmTGdGSWJLNGhFMXVLMEloSTFoS0N4eTN0cjg1WG93bHRja2pFVEFDdE1DeGVwZEpnPT0iLCJtYWMiOiI3ZTNmZTY5MzNmNzM0MjU4OTA1NzU1MmY0YjUxOTFkZDY4YzZjODcxMjg4Nzg3MjYzMWQzOGE0YjRjN2U4YmJmIn0%3D
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=gay
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 00:46:36 GMT
Cache-Control: no-cache
Server: nginx/1.16.1 (Ubuntu)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 401 implement.js
c.securepaths.com/js/ 0
0 137ms
51ms Script
application/javascript 35.190.72.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c.securepaths.com/js/implement.js?org=FziBhN0qA1aE5tBQrQLl&s=5fa9e2e19c204&p=TDQ47382&a=47382&cmp=47382&rd=http%3A%2F%2Fspeedflow.io%2F&rt=click&sl=0&stId=0&ty=l

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=gay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

161.72.190.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Nov 2020 00:46:30 GMT
via: 1.1 google
status: 401
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
x-xss-protection: 0
expires: 0

GET
H2 200 fingerprint2.min.js Show response
cdn.jsdelivr.net/fingerprintjs2/1.4.0/ 33 KB
10 KB 19ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/fingerprintjs2/1.4.0/fingerprint2.min.js

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=gay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1053178
x-cache: HIT, HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 10191
etag: W/"83f3-ijg3WuTgKQH1Hch06eHdIajrA24"
x-served-by: cache-fra19149-FRA, cache-hhn4064-HHN
date: Tue, 10 Nov 2020 00:46:29 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 47382
traffdaq.com/delivery/directlink/ 2 KB
1 KB 19501ms
19250ms Document
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlYrckk2S0luYXdySU95NDY3ZHJiaUE9PSIsInZhbHVlIjoiMVBpN1pjUWdncjZmVXlqMUFmdXBcL0dCa3ZoNXgwQkJWQngrWFBRT2JhN1BMWVRSQ1ByRWVhTE1pRXF4WHlMa3JTWWliQnFaYW9UUnlHaHVUSlpUanRiNHZES3M5Nnc0aVNRUVZ3bUtqSjJLOXBTemZQemRUUDFpYnBhcURyUWJCNWNTRXcwcm51dDhFOTZJRlo3bUtKNUlyVXNzXC9BcFlLQUJqem84VlJxRjJlMUpyYVkzUEdDOVhDd0FoaVdnd29qcDZ4dHpXa2p1OEhnVU4zTThXdjNESGlVT2ZxazM5Nzd3WGlqVndvZzc2MkpHeXdXRnl3VnNwcGxodFk2NDZRM3NXcEl0em9rZUR3T01JRUxINEY5TDNGRDJ2ZTBIdTdVR3lQcERLeFRVOD0iLCJtYWMiOiI1NTAxNGFhYTIzNTI0ZjI4ZDQxYmZiYWMxOGU5Y2IyYWVkNDQ2ZjgwYThiYWNjOWZhYjhkYWE4NGZkNjUzYmVjIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=gay
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://traffdaq.com/delivery/dl/47382?category=gay
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tdqct=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://traffdaq.com/delivery/dl/47382?category=gay

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Tue, 10 Nov 2020 00:46:49 GMT
Content-Encoding: gzip

GET
H/1.1

200
OK

Primary Request / Show response
wallpaper.downloads.moscow/
Redirect Chain

https://ptp.party/13039
https://neon.today/ptp/i/13039
http://wallpaper.downloads.moscow/

25 KB
25 KB

313ms
211ms

Document
text/html

80.85.159.3
CHELYABINSK-SIGNA...

General

Check archive.org

Show headers Download Go to

Full URL: http://wallpaper.downloads.moscow/
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlYrckk2S0luYXdySU95NDY3ZHJiaUE9PSIsInZhbHVlIjoiMVBpN1pjUWdncjZmVXlqMUFmdXBcL0dCa3ZoNXgwQkJWQngrWFBRT2JhN1BMWVRSQ1ByRWVhTE1pRXF4WHlMa3JTWWliQnFaYW9UUnlHaHVUSlpUanRiNHZES3M5Nnc0aVNRUVZ3bUtqSjJLOXBTemZQemRUUDFpYnBhcURyUWJCNWNTRXcwcm51dDhFOTZJRlo3bUtKNUlyVXNzXC9BcFlLQUJqem84VlJxRjJlMUpyYVkzUEdDOVhDd0FoaVdnd29qcDZ4dHpXa2p1OEhnVU4zTThXdjNESGlVT2ZxazM5Nzd3WGlqVndvZzc2MkpHeXdXRnl3VnNwcGxodFk2NDZRM3NXcEl0em9rZUR3T01JRUxINEY5TDNGRDJ2ZTBIdTdVR3lQcERLeFRVOD0iLCJtYWMiOiI1NTAxNGFhYTIzNTI0ZjI4ZDQxYmZiYWMxOGU5Y2IyYWVkNDQ2ZjgwYThiYWNjOWZhYjhkYWE4NGZkNjUzYmVjIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Protocol: HTTP/1.1
Server: 80.85.159.3 , Russian Federation, ASN44493 (CHELYABINSK-SIGNAL-AS, RU),
Reverse DNS: host.profitserver.ru
Software: nginx/1.16.1 /
Resource Hash: aa1a424802f09f0c7d0754e2a434f76f450d1deb071a521f45856f76abb1c257

Request headers

Host: wallpaper.downloads.moscow
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlYrckk2S0luYXdySU95NDY3ZHJiaUE9PSIsInZhbHVlIjoiMVBpN1pjUWdncjZmVXlqMUFmdXBcL0dCa3ZoNXgwQkJWQngrWFBRT2JhN1BMWVRSQ1ByRWVhTE1pRXF4WHlMa3JTWWliQnFaYW9UUnlHaHVUSlpUanRiNHZES3M5Nnc0aVNRUVZ3bUtqSjJLOXBTemZQemRUUDFpYnBhcURyUWJCNWNTRXcwcm51dDhFOTZJRlo3bUtKNUlyVXNzXC9BcFlLQUJqem84VlJxRjJlMUpyYVkzUEdDOVhDd0FoaVdnd29qcDZ4dHpXa2p1OEhnVU4zTThXdjNESGlVT2ZxazM5Nzd3WGlqVndvZzc2MkpHeXdXRnl3VnNwcGxodFk2NDZRM3NXcEl0em9rZUR3T01JRUxINEY5TDNGRDJ2ZTBIdTdVR3lQcERLeFRVOD0iLCJtYWMiOiI1NTAxNGFhYTIzNTI0ZjI4ZDQxYmZiYWMxOGU5Y2IyYWVkNDQ2ZjgwYThiYWNjOWZhYjhkYWE4NGZkNjUzYmVjIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Response headers

Server: nginx/1.16.1
Date: Tue, 10 Nov 2020 00:46:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive

Redirect headers

Server: nginx
Date: Tue, 10 Nov 2020 00:46:50 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: http://wallpaper.downloads.moscow

GET
H/1.1 200
OK wallpaper.js Show response
wallpaper.downloads.moscow/ 120 B
370 B 229ms
203ms Script
application/javascript 80.85.159.3
CHELYABINSK-SIGNA...

General

Check archive.org

Show headers Download Go to

Full URL: http://wallpaper.downloads.moscow/wallpaper.js
Requested by: Host: wallpaper.downloads.moscow
URL: http://wallpaper.downloads.moscow/
Protocol: HTTP/1.1
Server: 80.85.159.3 , Russian Federation, ASN44493 (CHELYABINSK-SIGNAL-AS, RU),
Reverse DNS: host.profitserver.ru
Software: nginx/1.16.1 /
Resource Hash: e8b2003452a9488f909115326314d05e9911b8a77fc1bb2ed0be739524b1e65a

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 00:46:50 GMT
Last-Modified: Thu, 05 Nov 2020 19:03:20 GMT
Server: nginx/1.16.1
ETag: "5fa44c78-78"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 120

GET
H/1.1 200
OK naked.css
wallpaper.downloads.moscow/ 132 KB
132 KB 218ms
192ms Stylesheet
text/css 80.85.159.3
CHELYABINSK-SIGNA...

General

Check archive.org

Show headers Download Go to

Full URL: http://wallpaper.downloads.moscow/naked.css
Requested by: Host: wallpaper.downloads.moscow
URL: http://wallpaper.downloads.moscow/
Protocol: HTTP/1.1
Server: 80.85.159.3 , Russian Federation, ASN44493 (CHELYABINSK-SIGNAL-AS, RU),
Reverse DNS: host.profitserver.ru
Software: nginx/1.16.1 /
Resource Hash: e0f5f40b991cdcc44db337b88d1878b327f28d0ef89adf0587b9fc00307ff935

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 00:46:50 GMT
Last-Modified: Sat, 06 Jun 2020 19:06:18 GMT
Server: nginx/1.16.1
ETag: "5edbe92a-20e47"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 134727

GET
H/1.1 200
OK nx.js Show response
texto.click/ 507 B
803 B 98ms
67ms Script
application/javascript 88.198.46.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://texto.click/nx.js

Requested by

Host: wallpaper.downloads.moscow
URL: http://wallpaper.downloads.moscow/

Protocol

HTTP/1.1

Server

88.198.46.158 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

texto.click

Software

nginx/1.12.1 /

Resource Hash

80cd69c9d9190b156246346218ba82f4639d9f0d4583a86184285b5af06659a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 00:46:50 GMT
Last-Modified: Sun, 24 Sep 2017 17:21:25 GMT
Server: nginx/1.12.1
ETag: "59c7e995-1fb"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 507

GET
H/1.1 200
OK eryt.js Show response
tracksitetraffic1.com/stats/publishers/ 3 KB
3 KB 336ms
297ms Script
application/javascript 64.251.25.253
INFOLINK-MIA-

General

Check archive.org

Show headers Download Go to

Full URL: http://tracksitetraffic1.com/stats/publishers/eryt.js
Requested by: Host: wallpaper.downloads.moscow
URL: http://wallpaper.downloads.moscow/
Protocol: HTTP/1.1
Server: 64.251.25.253 Miami Beach, United States, ASN15083 (INFOLINK-MIA-, US),
Reverse DNS: 253-25-251-64.serverpronto.com
Software: nginx /
Resource Hash: c92c0b6c5a0971b8ce7f08de46b8ca82ea6562aca431ef5010517b18a66d01b6

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 00:46:47 GMT
Last-Modified: Sat, 24 Oct 2020 17:24:53 GMT
Server: nginx
ETag: "5f946365-c3f"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 3135
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pixel.js Show response
api.clickaine.com/v1/ 1 KB
697 B 149ms
48ms Script
text/plain 88.208.59.102
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.clickaine.com/v1/pixel.js
Requested by: Host: wallpaper.downloads.moscow
URL: http://wallpaper.downloads.moscow/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.208.59.102 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 940310a1112acc00ad5248d807cfdd39cefd8b310ec734f14fa3a488caae36d4

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 00:46:50 GMT
content-encoding: gzip
referrer-policy: unsafe-url
server: nginx
status: 200
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true

GET
H/1.1 200
OK block.js
www.viralnugget.com/members/ 429 B
691 B 590ms
418ms Script
application/javascript 184.164.136.210
SSASN2

General

Check archive.org

Show headers Download Go to

Full URL: http://www.viralnugget.com/members/block.js
Requested by: Host: wallpaper.downloads.moscow
URL: http://wallpaper.downloads.moscow/
Protocol: HTTP/1.1
Server: 184.164.136.210 Phoenix, United States, ASN20454 (SSASN2, US),
Reverse DNS: server.prosperitymarketingsystem.com
Software: Apache /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 00:46:48 GMT
Last-Modified: Thu, 08 Jun 2017 07:32:23 GMT
Server: Apache
P3P: CP="NOI DSP COR CUR ADMi OUR STP CNT"
Connection: close
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 429

GET
H/1.1 200
OK / Show response
r1.wmlink.ru/ 967 B
1 KB 258ms
192ms Script
text/javascript 185.15.208.118
MIRHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://r1.wmlink.ru/?id=469740
Requested by: Host: wallpaper.downloads.moscow
URL: http://wallpaper.downloads.moscow/
Protocol: HTTP/1.1
Server: 185.15.208.118 Krasnodar, Russian Federation, ASN52000 (MIRHOSTING, RU),
Reverse DNS: wmlink.ru
Software: nginx/1.12.2 / PHP/5.2.5
Resource Hash: e401e996906006f970c61fa7444f6414a3ed4d7483837d2ee0e73f81b0cd149b

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 00:46:50 GMT
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/5.2.5
Content-Length: 967
Content-Type: text/javascript; charset=UTF-8

GET
H/1.1 200
OK MzYwNDA2NDU3MTk5ODU5NA Show response
v.tzbox3.xyz/js/ 8 KB
9 KB 248ms
211ms Script
text/html 213.159.212.90
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://v.tzbox3.xyz/js/MzYwNDA2NDU3MTk5ODU5NA
Requested by: Host: wallpaper.downloads.moscow
URL: http://wallpaper.downloads.moscow/
Protocol: HTTP/1.1
Server: 213.159.212.90 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: novon.ru
Software: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16
Resource Hash: 90b8ed2a498fa9391d349b8395f94bfe9b5e8029dd558f7dd7d2d7c18cb36db7

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Nov 2020 00:45:52 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=1, max=200
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK vb Show response
flirtymania.com/mrtigrashell/js/ 14 KB
5 KB 333ms
151ms Script
application/json 95.211.212.72
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://flirtymania.com/mrtigrashell/js/vb?rid=ed303d089575d49725c429258034b678&server=vcr&ageRating=14&subject=wallpapers

Requested by

Host: wallpaper.downloads.moscow
URL: http://wallpaper.downloads.moscow/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.212.72 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

mhqp001.gnomograd.com

Software

nginx /

Resource Hash

1e8913bc9dfb7bd9eff4dff8e6283ab5a19bdd4053c7d4386e7534b81930cd07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Nov 2020 00:46:50 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/json
Cache-Control: no-cache, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15724800; includeSubDomains
Keep-Alive: timeout=15
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET Hot-Asian-Girlfriends1.jpg
playsports88.com/wp-content/uploads/2017/10/ 0
0

GET Hot-Asian-Girlfriends16.jpg
playsports88.com/wp-content/uploads/2017/10/ 0
0

GET Hot-Asian-Girlfriends13.jpg
playsports88.com/wp-content/uploads/2017/10/ 0
0

GET Hot-Asian-Chef8.jpg
playsports88.com/wp-content/uploads/2017/10/ 0
0

GET The-Submissive-Asian2.jpg
playsports88.com/wp-content/uploads/2017/11/ 0
0

GET Asian-Bikini-Babes3.jpg
playsports88.com/wp-content/uploads/2017/11/ 0
0

GET Sexy-Bathing-Asian2.jpg
playsports88.com/wp-content/uploads/2017/11/ 0
0

GET Sexy-Chelsea-Fan-2.jpg
playsports88.com/wp-content/uploads/2017/12/ 0
0

GET Hot-Asian-Blonde1.jpg
playsports88.com/wp-content/uploads/2017/12/ 0
0

GET
H/1.1 200
OK es5-shims.min.js Show response
yastatic.net/es5-shims/0.0.2/ 3 KB
2 KB 70ms
32ms Script
application/x-javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

http://yastatic.net/es5-shims/0.0.2/es5-shims.min.js

Requested by

Host: wallpaper.downloads.moscow
URL: http://wallpaper.downloads.moscow/

Protocol

HTTP/1.1

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

40f09dcdb226fb60428bfe107e02f6c50db1561694264b0144e0155f9f3e4140

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 00:46:50 GMT
Content-Encoding: gzip
NEL: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
Transfer-Encoding: chunked
Report-To: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Connection: keep-alive
X-Nginx-Request-Id: ea08bddf300d63eb
Last-Modified: Thu, 25 Oct 2018 11:27:00 GMT
Server: nginx/1.17.9
Etag: W/"32e3b4f3a8f6048da9934fec1ca08cea"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=43200000; includeSubDomains;
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=216013
Timing-Allow-Origin: *
Keep-Alive: timeout=5
Expires: Thu, 12 Nov 2020 12:43:10 GMT

GET
H/1.1 200
OK share.js Show response
yastatic.net/share2/ 142 KB
37 KB 71ms
33ms Script
application/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

http://yastatic.net/share2/share.js

Requested by

Host: wallpaper.downloads.moscow
URL: http://wallpaper.downloads.moscow/

Protocol

HTTP/1.1

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0ed30179a584291b20665fe1050b12b2cb3126e5ce2b39ffc26430553e35284a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 00:46:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
Transfer-Encoding: chunked
Report-To: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 30 Sep 2020 16:19:21 GMT
Server: nginx/1.17.9
Etag: W/"a65f8f22b3b837f4c2e2acce0c1f38ee"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=43200000; includeSubDomains;
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=216009
Timing-Allow-Origin: *
Keep-Alive: timeout=5
Expires: Thu, 12 Nov 2020 12:45:27 GMT

GET live.js
cdn.livetrafficfeed.com/static/v4/ 0
0

GET
H/1.1 200
OK 20790
statok.net/image/ 1 KB
1 KB 183ms
151ms Image
image/gif 213.159.210.250
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://statok.net/image/20790
Requested by: Host: wallpaper.downloads.moscow
URL: http://wallpaper.downloads.moscow/
Protocol: HTTP/1.1
Server: 213.159.210.250 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: my.webserver
Software: nginx/1.16.1 / PHP/5.4.16
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 00:46:50 GMT
Server: nginx/1.16.1
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Content-Length: 1142
Content-Type: image/gif

GET 233.gif
3kd.ru/big/ 0
0

GET /
s04.flagcounter.com/countxl/Cvfm/bg_FFFFFF/txt_050591/border_FFFFFF/columns_2/maxflags_20/viewers_0/labels_1/pageviews_1/flags_0/percent_0/ 0
0

GET counter
top-fwz1.mail.ru/ 0
0

GET
H/1.1 200
OK counter2.0.js Show response
get.mycounter.ua/ 4 KB
4 KB 158ms
48ms Script
application/javascript 62.149.0.249
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://get.mycounter.ua/counter2.0.js
Requested by: Host: wallpaper.downloads.moscow
URL: http://wallpaper.downloads.moscow/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.0.249 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: get.mycounter.ua
Software: nginx/1.14.2 /
Resource Hash: 73a51e9a913a1d5117e292fcccf9e3251506677b54ffd2afdaf3fd1860825e80

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 00:46:50 GMT
Last-Modified: Tue, 24 Apr 2018 09:33:35 GMT
Server: nginx/1.14.2
ETag: "5adef9ef-e44"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3652
Expires: Tue, 10 Nov 2020 01:46:50 GMT

GET
H2 200 banner.php Show response
show.adorion.net/ 214 B
284 B 169ms
52ms Script
text/html 94.23.40.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://show.adorion.net/banner.php?uid=640&e=1&p=0&s=0&size=1&name=wall
Requested by: Host: wallpaper.downloads.moscow
URL: http://wallpaper.downloads.moscow/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.23.40.196 , France, ASN16276 (OVH, FR),
Reverse DNS: s1.hubu-interactive.de
Software: nginx /
Resource Hash: f335bc78c2e3969edafe18d340c82d1810da0593500eb3d9d0985c12b7fa5cc7

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 10 Nov 2020 00:46:50 GMT
server: nginx
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK / Show response
g.cash-ads.com/banner/ 217 B
510 B 151ms
54ms Script
text/html 147.135.220.104
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/banner/?code=OTJaLBjb3iUGm1ngUwOyJbfIbKjXt9442rrQkXVvArw%3D

Requested by

Host: wallpaper.downloads.moscow
URL: http://wallpaper.downloads.moscow/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.135.220.104 Beaurevoir, France, ASN16276 (OVH, FR),

Reverse DNS

ns3074226.ip-147-135-220.eu

Software

nginx /

Resource Hash

275a6d6f20b9d45a5b73461c4828c1712bccdc4be3d23b485371a29da074ed19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 00:46:50 GMT
Content-Encoding: gzip
Server: nginx
X-Frame-Options: deny
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-XSS-Protection: 1; mode=block

GET
H2

200

/
in.tubecorporate.com/in/tcc/ Frame D2B1
Redirect Chain

https://13235.mimilcnf.pro/v2/a/skm/108882
https://13235.mimilcnf.pro/v2/a/skm/108882?_d=385438d0-22ee-11eb-a0cd-4b2f2721834d%26194.99.105.99%26Mozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_14_5%2529%2BAppleWebKit%252F53...
https://13235.mimilcnf.pro/v2/a/skm/imp?d=BQ5qQHPefpRGqDnhKh88L5cOlPnToM-CRmb_ecpypIJ4j_OpjLRiNW-BLnQFbX8fYdCFstCUb1lNBIkO8cYNF7vcNzshoV1dOY5M1bV3-fVlXes9Km9Htrd5YZcM3-7Hmf0BD2Lavu7Ks7JePvyzpPJ7amr...
https://in.tubecorporate.com/in/tcc/?promo=12191&mc=547347933&dc=2097937879&tc=1230563086

0
0

51ms
20ms

Document
text/html

2a02:128:7:5242::3
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://in.tubecorporate.com/in/tcc/?promo=12191&mc=547347933&dc=2097937879&tc=1230563086
Requested by: Host: wallpaper.downloads.moscow
URL: http://wallpaper.downloads.moscow/wallpaper.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:128:7:5242::3 , Czech Republic, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
Software: nginx/1.17.2 /
Resource Hash

Request headers

:method: GET
:authority: in.tubecorporate.com
:scheme: https
:path: /in/tcc/?promo=12191&mc=547347933&dc=2097937879&tc=1230563086
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://wallpaper.downloads.moscow/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://wallpaper.downloads.moscow/

Response headers

status: 200
server: nginx/1.17.2
date: Tue, 10 Nov 2020 00:46:50 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding *
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
set-cookie: 832.0=1; expires=Wed, 11 Nov 2020 00:46:50 GMT; path=/; secure; SameSite=None
content-encoding: gzip

Redirect headers

status: 307
server: nginx
date: Tue, 10 Nov 2020 00:46:50 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
location: https://in.tubecorporate.com/in/tcc/?promo=12191&mc=547347933&dc=2097937879&tc=1230563086
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
last-modified: Tue, 10 Nov 2020 00:46:50 UTC
expires: Tue, 10 Nov 2020 00:46:50 UTC

GET
H/1.1 200
OK css
fonts.googleapis.com/ 15 KB
1 KB 24ms
19ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,400,300,700

Requested by

Host: wallpaper.downloads.moscow
URL: http://wallpaper.downloads.moscow/naked.css

Protocol

HTTP/1.1

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 00:46:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 10 Nov 2020 00:46:50 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Tue, 10 Nov 2020 00:46:50 GMT

GET code.js
top-fwz1.mail.ru/js/ 0
0

GET
H/1.1 200
OK mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 11ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,400,300,700

Protocol

HTTP/1.1

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://wallpaper.downloads.moscow
Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 07:07:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:09:28 GMT
Server: sffe
Age: 63539
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 9132
X-XSS-Protection: 0
Expires: Tue, 09 Nov 2021 07:07:51 GMT

GET /
cusok.ru/c/ 0
0

GET display.block.php
www.viralnugget.com/members// Frame 41C4 0
0

GET 7048
cdn.adclerks.com/core/ad2/32960/ 0
0

GET /
flirtymania.plus/new-chat/ Frame 4EBC 0
0

GET OneSignalSDK.js
flirtymania.plus/sdks/ 0
0

GET mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 0
0

GET glyphicons-halflings-regular.woff2
wallpaper.downloads.moscow/resources/CmsFoundation/fonts/ 0
0

GET mem5YaGs126MiZpBA-UN7rgOVuhpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v18/ 0
0

GET mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 0
0

GET mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v18/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6ImdIRkdjWWN3WlE5b1dUT3lHcWpodkE9PSIsInZhbHVlIjoiQlJSdkJLbldaNEIzenZzN3pid1lxenhFT3o2eVRjVU1sakhGRzNaZ25wREw5MWFcL2pwOEY2T0xJWXc0eUZpZXc1azJwNVNSYzUrS09lQkRRVUgwd2t6TDNvdjNrTTVBUGFDa0pISzVaNVhzQzMxOXZwQ0owVHFWVDhnYjVGcm92VGtpRU9WSVdxWCswdEdiRXV1RWg1aFZENUpySE45NitQRks3eHJmc2dOYTVPZEtJVkZtVTliU1JONDNlY2JKMHJEQUhTSVF4MTd5UlwvczJnTWxlT2JBPT0iLCJtYWMiOiIwM2QwZjE2MTEyMmU3MjkwNjZjOTI0ZWNmZDBjMGI2NmJlM2I4YWFmZDQwNDI2ZjY5Y2IxMjBiZmMzYjZmZGRkIn0%3D

Domain: playsports88.com
URL: https://playsports88.com/wp-content/uploads/2017/10/Hot-Asian-Girlfriends1.jpg

Domain: playsports88.com
URL: https://playsports88.com/wp-content/uploads/2017/10/Hot-Asian-Girlfriends16.jpg

Domain: playsports88.com
URL: https://playsports88.com/wp-content/uploads/2017/10/Hot-Asian-Girlfriends13.jpg

Domain: playsports88.com
URL: https://playsports88.com/wp-content/uploads/2017/10/Hot-Asian-Chef8.jpg

Domain: playsports88.com
URL: https://playsports88.com/wp-content/uploads/2017/11/The-Submissive-Asian2.jpg

Domain: playsports88.com
URL: https://playsports88.com/wp-content/uploads/2017/11/Asian-Bikini-Babes3.jpg

Domain: playsports88.com
URL: https://playsports88.com/wp-content/uploads/2017/11/Sexy-Bathing-Asian2.jpg

Domain: playsports88.com
URL: https://playsports88.com/wp-content/uploads/2017/12/Sexy-Chelsea-Fan-2.jpg

Domain: playsports88.com
URL: https://playsports88.com/wp-content/uploads/2017/12/Hot-Asian-Blonde1.jpg

Domain: cdn.livetrafficfeed.com
URL: http://cdn.livetrafficfeed.com/static/v4/live.js

Domain: 3kd.ru
URL: https://3kd.ru/big/233.gif

Domain: s04.flagcounter.com
URL: https://s04.flagcounter.com/countxl/Cvfm/bg_FFFFFF/txt_050591/border_FFFFFF/columns_2/maxflags_20/viewers_0/labels_1/pageviews_1/flags_0/percent_0/

Domain: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/counter?id=3160102;t=479;l=1

Domain: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Domain: cusok.ru
URL: http://cusok.ru/c/?id=43803&x=1600&y=1200&r=846921092069875&t=13706

Domain: www.viralnugget.com
URL: http://www.viralnugget.com/members//display.block.php?member_id=34468&block=1860&type=2&categories=119,120,121,122,123&ref_domain=wallpaper.downloads.moscow

Domain: cdn.adclerks.com
URL: http://cdn.adclerks.com/core/ad2/32960/7048?r=216

Domain: flirtymania.plus
URL: http://flirtymania.plus/new-chat/?rid=ed303d089575d49725c429258034b678&ageRating=14&subject=wallpapers

Domain: flirtymania.plus
URL: https://flirtymania.plus/sdks/OneSignalSDK.js

Domain: fonts.gstatic.com
URL: http://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Domain: wallpaper.downloads.moscow
URL: http://wallpaper.downloads.moscow/resources/CmsFoundation/fonts/glyphicons-halflings-regular.woff2

Domain: fonts.gstatic.com
URL: http://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOVuhpKKSTj5PW.woff2

Domain: fonts.gstatic.com
URL: http://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Domain: fonts.gstatic.com
URL: http://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| trustedTypes

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://flirtymania.com/mrtigrashell/js/vb?rid=ed303d089575d49725c429258034b678&server=vcr&ageRating=14&subject=wallpapers(Line 63) Message: _opts [object Object]
console-api	log	URL: https://flirtymania.com/mrtigrashell/js/vb?rid=ed303d089575d49725c429258034b678&server=vcr&ageRating=14&subject=wallpapers(Line 131) Message: opts [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13235.mimilcnf.pro
3kd.ru
api.clickaine.com
c.securepaths.com
cdn.adclerks.com
cdn.jsdelivr.net
cdn.livetrafficfeed.com
cors-anywhere.herokuapp.com
cusok.ru
flirtymania.com
flirtymania.plus
fonts.googleapis.com
fonts.gstatic.com
g.cash-ads.com
get.mycounter.ua
in.tubecorporate.com
manyhit.com
neon.today
playsports88.com
ptp.party
r1.wmlink.ru
s04.flagcounter.com
show.adorion.net
speedflow.io
statok.net
texto.click
top-fwz1.mail.ru
tracksitetraffic1.com
traffdaq.com
v.tzbox3.xyz
wallpaper.downloads.moscow
www.viralnugget.com
yastatic.net
3kd.ru
cdn.adclerks.com
cdn.livetrafficfeed.com
cusok.ru
flirtymania.plus
fonts.gstatic.com
playsports88.com
s04.flagcounter.com
top-fwz1.mail.ru
traffdaq.com
wallpaper.downloads.moscow
www.viralnugget.com
107.170.39.103
147.135.220.104
162.213.255.36
184.164.136.210
185.15.208.118
198.54.116.135
213.159.210.250
213.159.212.90
2606:4700:3033::681b:9c0b
2a00:1450:4001:801::2003
2a00:1450:4001:80b::200a
2a02:128:7:5242::3
2a02:6b8:20::215
2a04:4e42:1b::621
35.190.72.161
54.204.118.255
62.149.0.249
64.251.25.253
80.85.159.3
88.198.46.158
88.208.59.102
94.23.40.196
95.179.157.240
95.211.212.72
0ed30179a584291b20665fe1050b12b2cb3126e5ce2b39ffc26430553e35284a
1e8913bc9dfb7bd9eff4dff8e6283ab5a19bdd4053c7d4386e7534b81930cd07
275a6d6f20b9d45a5b73461c4828c1712bccdc4be3d23b485371a29da074ed19
40f09dcdb226fb60428bfe107e02f6c50db1561694264b0144e0155f9f3e4140
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
73a51e9a913a1d5117e292fcccf9e3251506677b54ffd2afdaf3fd1860825e80
773d9794f5fa6c360a14fb86bcf1a991a5c47814c57323a461f2a81528b08fd9
80cd69c9d9190b156246346218ba82f4639d9f0d4583a86184285b5af06659a9
866ca35a5e22389043c289deddf8905d279e2bcf4310ff05be62fba0315f054e
90b8ed2a498fa9391d349b8395f94bfe9b5e8029dd558f7dd7d2d7c18cb36db7
940310a1112acc00ad5248d807cfdd39cefd8b310ec734f14fa3a488caae36d4
aa1a424802f09f0c7d0754e2a434f76f450d1deb071a521f45856f76abb1c257
c92c0b6c5a0971b8ce7f08de46b8ca82ea6562aca431ef5010517b18a66d01b6
e0f5f40b991cdcc44db337b88d1878b327f28d0ef89adf0587b9fc00307ff935
e401e996906006f970c61fa7444f6414a3ed4d7483837d2ee0e73f81b0cd149b
e8b2003452a9488f909115326314d05e9911b8a77fc1bb2ed0be739524b1e65a
ee57c282f935100a808a0e0d2290aed0994e15759d5afd693f2be06ef50457c3
f09c6783c822fe6023fc86eb13111e946f1ec90185b2d95cfc0d5c13bae1a713
f335bc78c2e3969edafe18d340c82d1810da0593500eb3d9d0985c12b7fa5cc7

wallpaper.downloads.moscow Open in urlscan Pro 80.85.159.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

26 %HTTPS

25 %IPv6

33 Domains

33 Subdomains

23 IPs

8 Countries

253 kBTransfer

406 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

wallpaper.downloads.moscow Open in urlscan Pro
80.85.159.3 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

26 %
HTTPS

25 %
IPv6

33
Domains

33
Subdomains

23
IPs

8
Countries

253 kB
Transfer

406 kB
Size

0
Cookies

54 HTTP transactions
0 data transactions