urlscan.io logo urlscan.io
SecurityTrails logo

ptemingofl.fun Open in urlscan Pro
193.149.176.195  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://paulownia.best/
Effective URL: https://ptemingofl.fun/?s1=wds1&s3=CLS
Submission: On May 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 7 domains to perform 30 HTTP transactions. The main IP is 193.149.176.195, located in Chicago, United States and belongs to BLNWX, US. The main domain is ptemingofl.fun. The Cisco Umbrella rank of the primary domain is 136105.
TLS certificate: Issued by R3 on April 3rd 2022. Valid for: 3 months.
This is the only time ptemingofl.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 185.50.25.11 198610 (BEGET-AS)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
19 193.149.176.195 399629 (BLNWX)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 8 2a02:6b8::1:119 208722 (YNDX)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
30 6
1    185.50.25.11 (Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: m2.free13.beget.com
paulownia.best
1    2606:4700:3031::6815:1e7e (United States)

ASN13335 (CLOUDFLARENET, US)
bluekingnd.fun
19    193.149.176.195 (Chicago, United States)

ASN399629 (BLNWX, US)
ptemingofl.fun
1    2a06:98c1:3121::11 (United States)

ASN13335 (CLOUDFLARENET, US)
svntrk.com
8    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
3    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
chytrack.com
Apex Domain
Subdomains		 Transfer
19 ptemingofl.fun
ptemingofl.fun — Cisco Umbrella Rank: 136105
566 KB
6 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8750
2 KB
3 chytrack.com
chytrack.com — Cisco Umbrella Rank: 126551
25 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2327
70 KB
1 svntrk.com
svntrk.com — Cisco Umbrella Rank: 65164
602 B
1 bluekingnd.fun
bluekingnd.fun — Cisco Umbrella Rank: 216688
938 B
1 paulownia.best
paulownia.best
3 KB
30 7
Domain Requested by
19 ptemingofl.fun ptemingofl.fun
6 mc.yandex.com 2 redirects ptemingofl.fun
mc.yandex.ru
3 chytrack.com ptemingofl.fun
chytrack.com
2 mc.yandex.ru 1 redirects ptemingofl.fun
1 svntrk.com ptemingofl.fun
1 bluekingnd.fun 1 redirects
1 paulownia.best
30 7

This site contains no links.

Subject Issuer Validity Valid
ptemingofl.fun
R3		 2022-04-03 -
2022-07-02		 3 months crt.sh
*.svntrk.com
E1		 2022-04-07 -
2022-07-06		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-11-16 -
2022-11-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ptemingofl.fun/?s1=wds1&s3=CLS
Frame ID: C5260329169C5F1DEA51E6EF09BF571F
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Better than dating

Page URL History Show full URLs

  1. http://paulownia.best/ Page URL
  2. https://bluekingnd.fun/r1bwhZ HTTP 302
    https://ptemingofl.fun/?s1=wds1&s3=CLS Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

30
Requests

87 %
HTTPS

67 %
IPv6

7
Domains

7
Subdomains

6
IPs

2
Countries

665 kB
Transfer

838 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://paulownia.best/ Page URL
  2. https://bluekingnd.fun/r1bwhZ HTTP 302
    https://ptemingofl.fun/?s1=wds1&s3=CLS Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9627.F-bPw_95l9eXEMCKWjcWronRQglhTsb7MyeicP5LXvPk29ekvzDV2RomTf8Qquu-.U48iVtKFlICpJ3FR-lL3hrmMDfk%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9627.wUfvvs8lA8nxiq-FuEXffe81nDTwZLjCGaHZbVRBOwfCU-FA-2B1I842HXkrfAm5cjMOMe7bKpYSrV9OD3zsMw%2C%2C.0nM23L3GcpgpoQuImIkqTwy3V7Q%2C
Request Chain 23
  • https://mc.yandex.com/watch/54939280?wmode=7&page-url=https%3A%2F%2Fptemingofl.fun%2F%3Fs1%3Dwds1%26s3%3DCLS&page-ref=http%3A%2F%2Fpaulownia.best%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1296%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A309259669225%3Ahid%3A135567462%3Az%3A0%3Ai%3A20220503140124%3Aet%3A1651586484%3Ac%3A1%3Arn%3A541354183%3Arqn%3A1%3Au%3A1651586484130353888%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1651586482711%3Ads%3A12%2C216%2C182%2C2%2C90%2C0%2C%2C785%2C0%2C%2C%2C%2C1288%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1651586484%3At%3ABetter%20than%20dating&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/54939280/1?wmode=7&page-url=https%3A%2F%2Fptemingofl.fun%2F%3Fs1%3Dwds1%26s3%3DCLS&page-ref=http%3A%2F%2Fpaulownia.best%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1296%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A309259669225%3Ahid%3A135567462%3Az%3A0%3Ai%3A20220503140124%3Aet%3A1651586484%3Ac%3A1%3Arn%3A541354183%3Arqn%3A1%3Au%3A1651586484130353888%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1651586482711%3Ads%3A12%2C216%2C182%2C2%2C90%2C0%2C%2C785%2C0%2C%2C%2C%2C1288%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1651586484%3At%3ABetter%20than%20dating&t=gdpr%2814%29aw%281%29ti%282%29

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
paulownia.best/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://paulownia.best/
Protocol
HTTP/1.1
Server
185.50.25.11 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
m2.free13.beget.com
Software
nginx-reuseport/1.21.1 / PHP/7.2.30
Resource Hash
01aeb2aa117b0acb958f7c108f1e27d2e2076a3c4f46a6610c012734a46ebd5b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 03 May 2022 14:01:23 GMT
Keep-Alive
timeout=30
Server
nginx-reuseport/1.21.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/7.2.30
Primary Request /
ptemingofl.fun/
Redirect Chain
  • https://bluekingnd.fun/r1bwhZ
  • https://ptemingofl.fun/?s1=wds1&s3=CLS
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ptemingofl.fun/?s1=wds1&s3=CLS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.149.176.195 Chicago, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f9fef19a1d56bd6835c84ba9bbc3ecb15f09b8ade01f8adcd2669c43b2a51916

Request headers

Referer
http://paulownia.best/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 03 May 2022 14:01:23 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
cache-control
private, must-revalidate
expires
-1
pragma
no-cache

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
cf-cache-status
DYNAMIC
cf-ray
70598741dd58915f-FRA
content-type
text/html; charset=UTF-8
date
Tue, 03 May 2022 14:01:23 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
last-modified
Tue, 03 May 2022 14:01:23 GMT
location
https://ptemingofl.fun/?s1=wds1&s3=CLS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzMf1LK5ybg0mY77E6Ba1Rq18wNgNUDp1MpwmxQ62%2Bb%2B3JYaEVlJlnJxedScTjLzBJ5knuDPPdbpBBARiXP0DOmbk7U9qV6V8Noi3dkvWMvkyTgJKF418yBHZkIk69v8jj7Ih4MP%2Bpg63mFkqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
wds1_627135b3d94c9.js
svntrk.com/assets/ 		0
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://svntrk.com/assets/wds1_627135b3d94c9.js
Requested by
Host: ptemingofl.fun
URL: https://ptemingofl.fun/?s1=wds1&s3=CLS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 14:01:24 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMuNaUYx4F7CG1ZKeAj0Ii2JX7nbLKB84fQmCfWEeVdymR9a5y05lrmVKaLzjyqI2GGLa36Zo7cQOGdUx8Fav7nDz%2BrStKIppxHQs9ffb9Evpc3%2Flzkp3CSyyMi4h%2B48gDxEsv7E2TmH"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, private
cf-ray
705987455acb6931-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vendor.css
ptemingofl.fun/landings/11/fonts/ 		9 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ptemingofl.fun/landings/11/fonts/vendor.css
Requested by
Host: ptemingofl.fun
URL: https://ptemingofl.fun/?s1=wds1&s3=CLS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.149.176.195 Chicago, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4ac43d000e4f697614de3960ef70b931f5be891d40d51c552de015a0e21b97de

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 03 May 2022 14:01:24 GMT
last-modified
Thu, 28 Apr 2022 16:55:28 GMT
Server
nginx/1.18.0 (Ubuntu)
etag
"626ac700-25e1"
Content-Type
text/css
Connection
keep-alive
accept-ranges
bytes
Content-Length
9697
vendor.js
ptemingofl.fun/landings/11/js/ 		110 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ptemingofl.fun/landings/11/js/vendor.js
Requested by
Host: ptemingofl.fun
URL: https://ptemingofl.fun/?s1=wds1&s3=CLS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.149.176.195 Chicago, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8a7d0dc649694f4a52af2ccea776980ab44bd7900f403ee56fe3a45b9d7dc27a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 03 May 2022 14:01:24 GMT
last-modified
Thu, 28 Apr 2022 16:55:28 GMT
Server
nginx/1.18.0 (Ubuntu)
etag
"626ac700-1b98b"
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
accept-ranges
bytes
Content-Length
113035
1.jpg
ptemingofl.fun/landings/11/image/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ptemingofl.fun/landings/11/image/1.jpg
Requested by
Host: ptemingofl.fun
URL: https://ptemingofl.fun/?s1=wds1&s3=CLS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.149.176.195 Chicago, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3d6afbd85ba3b3302404338162697aed4b36a86e4f80cd997d1b6adce0880c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 03 May 2022 14:01:24 GMT
last-modified
Thu, 28 Apr 2022 16:55:28 GMT
Server
nginx/1.18.0 (Ubuntu)
etag
"626ac700-7a68"
Content-Type
image/jpeg
Connection
keep-alive
accept-ranges
bytes
Content-Length
31336
2.jpg
ptemingofl.fun/landings/11/image/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ptemingofl.fun/landings/11/image/2.jpg
Requested by
Host: ptemingofl.fun
URL: https://ptemingofl.fun/?s1=wds1&s3=CLS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.149.176.195 Chicago, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3bdef4010f862f6fcb33d7e4582e5064fa275a00a98ddb099348f07f2bfcca3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 03 May 2022 14:01:24 GMT
last-modified
Thu, 28 Apr 2022 16:55:28 GMT
Server
nginx/1.18.0 (Ubuntu)
etag
"626ac700-9caa"
Content-Type
image/jpeg
Connection
keep-alive
accept-ranges
bytes
Content-Length
40106
4.jpg
ptemingofl.fun/landings/11/image/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ptemingofl.fun/landings/11/image/4.jpg
Requested by
Host: ptemingofl.fun
URL: https://ptemingofl.fun/?s1=wds1&s3=CLS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.149.176.195 Chicago, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
51ec6ffec529151551abfcddbad6b87ed2c51d82844d40c8dbb6e8860d1311d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 03 May 2022 14:01:24 GMT
last-modified
Thu, 28 Apr 2022 16:55:28 GMT
Server
nginx/1.18.0 (Ubuntu)
etag
"626ac700-27d8"
Content-Type
image/jpeg
Connection
keep-alive
accept-ranges
bytes
Content-Length
10200
5.jpg
ptemingofl.fun/landings/11/image/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ptemingofl.fun/landings/11/image/5.jpg
Requested by
Host: ptemingofl.fun
URL: https://ptemingofl.fun/?s1=wds1&s3=CLS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.149.176.195 Chicago, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
41f4306d3759f0472566900bec7af4538e73d41f76320a6ea4845bb3662cbe28

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 03 May 2022 14:01:24 GMT
last-modified
Thu, 28 Apr 2022 16:55:28 GMT
Server
nginx/1.18.0 (Ubuntu)
etag
"626ac700-ae9e"
Content-Type
image/jpeg
Connection
keep-alive
accept-ranges
bytes
Content-Length
44702
6.jpg
ptemingofl.fun/landings/11/image/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ptemingofl.fun/landings/11/image/6.jpg
Requested by
Host: ptemingofl.fun
URL: https://ptemingofl.fun/?s1=wds1&s3=CLS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.149.176.195 Chicago, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
031a403d9aa3a7632809d7bf10d050ebebc4fa32fca55fd123cf79a2fd827a31

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 03 May 2022 14:01:25 GMT
last-modified
Thu, 28 Apr 2022 16:55:28 GMT
Server
nginx/1.18.0 (Ubuntu)
etag
"626ac700-b444"
Content-Type
image/jpeg
Connection
keep-alive
accept-ranges
bytes
Content-Length
46148
7.jpg
ptemingofl.fun/landings/11/image/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ptemingofl.fun/landings/11/image/7.jpg
Requested by
Host: ptemingofl.fun
URL: https://ptemingofl.fun/?s1=wds1&s3=CLS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.149.176.195 Chicago, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1432cf5fa8ba183c8a4ed09ab8def857de760677b0a1daba3446e52b731a428b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 03 May 2022 14:01:25 GMT
last-modified
Thu, 28 Apr 2022 16:55:28 GMT
Server
nginx/1.18.0 (Ubuntu)
etag
"626ac700-69e7"
Content-Type
image/jpeg
Connection
keep-alive
accept-ranges
bytes
Content-Length
27111
8.jpg
ptemingofl.fun/landings/11/image/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ptemingofl.fun/landings/11/image/8.jpg
Requested by
Host: ptemingofl.fun
URL: https://ptemingofl.fun/?s1=wds1&s3=CLS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.149.176.195 Chicago, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ea6a25c506adc4639ac0cc47e38015ff415d32b2a2a5df086be9ec5eecb3dea9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 03 May 2022 14:01:25 GMT
last-modified
Thu, 28 Apr 2022 16:55:28 GMT
Server
nginx/1.18.0 (Ubuntu)
etag
"626ac700-8292"
Content-Type
image/jpeg
Connection
keep-alive
accept-ranges
bytes
Content-Length
33426
9.jpg
ptemingofl.fun/landings/11/image/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ptemingofl.fun/landings/11/image/9.jpg
Requested by
Host: ptemingofl.fun
URL: https://ptemingofl.fun/?s1=wds1&s3=CLS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.149.176.195 Chicago, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7f5678365987aae65521e76d403848344e4f1733c45faa0b66d7aa96d34abade

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 03 May 2022 14:01:25 GMT
last-modified
Thu, 28 Apr 2022 16:55:28 GMT
Server
nginx/1.18.0 (Ubuntu)
etag
"626ac700-77b8"
Content-Type
image/jpeg
Connection
keep-alive
accept-ranges
bytes
Content-Length
30648
10.jpg
ptemingofl.fun/landings/11/image/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ptemingofl.fun/landings/11/image/10.jpg
Requested by
Host: ptemingofl.fun
URL: https://ptemingofl.fun/?s1=wds1&s3=CLS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.149.176.195 Chicago, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f95717eb85c21ef40729e451027cfd7e02a8b219b5e1a2f4e90e6b74dd59d881

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 03 May 2022 14:01:25 GMT
last-modified
Thu, 28 Apr 2022 16:55:28 GMT
Server
nginx/1.18.0 (Ubuntu)
etag
"626ac700-b4c6"
Content-Type
image/jpeg
Connection
keep-alive
accept-ranges
bytes
Content-Length
46278
13.png
ptemingofl.fun/landings/11/image/ 		131 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ptemingofl.fun/landings/11/image/13.png
Requested by
Host: ptemingofl.fun
URL: https://ptemingofl.fun/?s1=wds1&s3=CLS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.149.176.195 Chicago, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
df64636d8b9d417e700aec5afdd661573c2ba554112fe3eaebdbd8542cd78b95

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 03 May 2022 14:01:25 GMT
last-modified
Thu, 28 Apr 2022 16:55:28 GMT
Server
nginx/1.18.0 (Ubuntu)
etag
"626ac700-20a2b"
Content-Type
image/png
Connection
keep-alive
accept-ranges
bytes
Content-Length
133675
tag.js
mc.yandex.ru/metrika/ 		202 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: ptemingofl.fun
URL: https://ptemingofl.fun/?s1=wds1&s3=CLS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
75f3bd16ca645709f15708862b8523f5a5072725d1c945db54f58c343c7d21cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 14:01:24 GMT
content-encoding
br
last-modified
Mon, 18 Apr 2022 12:16:58 GMT
etag
"625d2c8a-113e7"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
70631
expires
Tue, 03 May 2022 15:01:24 GMT
ico-1.png
ptemingofl.fun/landings/11/img/ 		710 B
957 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ptemingofl.fun/landings/11/img/ico-1.png
Requested by
Host: ptemingofl.fun
URL: https://ptemingofl.fun/landings/11/fonts/vendor.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.149.176.195 Chicago, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
09426ed21b1c6d595b2ea58b8d1b8d250679b11e628badf6e07ba5eacc0f7055

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ptemingofl.fun/landings/11/fonts/vendor.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 03 May 2022 14:01:24 GMT
last-modified
Thu, 28 Apr 2022 16:55:28 GMT
Server
nginx/1.18.0 (Ubuntu)
etag
"626ac700-2c6"
Content-Type
image/png
Connection
keep-alive
accept-ranges
bytes
Content-Length
710
ico-2.png
ptemingofl.fun/landings/11/img/ 		703 B
950 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ptemingofl.fun/landings/11/img/ico-2.png
Requested by
Host: ptemingofl.fun
URL: https://ptemingofl.fun/landings/11/fonts/vendor.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.149.176.195 Chicago, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bbaf8192cc38e0d0fb6e6856c37bcd54e9168e58f3a15e1894caf42c7694bbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ptemingofl.fun/landings/11/fonts/vendor.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 03 May 2022 14:01:25 GMT
last-modified
Thu, 28 Apr 2022 16:55:28 GMT
Server
nginx/1.18.0 (Ubuntu)
etag
"626ac700-2bf"
Content-Type
image/png
Connection
keep-alive
accept-ranges
bytes
Content-Length
703
ico-3.png
ptemingofl.fun/landings/11/img/ 		644 B
891 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ptemingofl.fun/landings/11/img/ico-3.png
Requested by
Host: ptemingofl.fun
URL: https://ptemingofl.fun/landings/11/fonts/vendor.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.149.176.195 Chicago, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2e66d14323ae9588e910cd053ee67f11cdfd3c3320214d5bb32515fa54a775f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ptemingofl.fun/landings/11/fonts/vendor.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 03 May 2022 14:01:25 GMT
last-modified
Thu, 28 Apr 2022 16:55:28 GMT
Server
nginx/1.18.0 (Ubuntu)
etag
"626ac700-284"
Content-Type
image/png
Connection
keep-alive
accept-ranges
bytes
Content-Length
644
like.png
ptemingofl.fun/landings/11/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ptemingofl.fun/landings/11/img/like.png
Requested by
Host: ptemingofl.fun
URL: https://ptemingofl.fun/landings/11/fonts/vendor.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.149.176.195 Chicago, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ff536b308859cf9b3406bb43a04f1f14785d5ad6579a705efdb4e33edb34b9ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ptemingofl.fun/landings/11/fonts/vendor.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 03 May 2022 14:01:25 GMT
last-modified
Thu, 28 Apr 2022 16:55:28 GMT
Server
nginx/1.18.0 (Ubuntu)
etag
"626ac700-405"
Content-Type
image/png
Connection
keep-alive
accept-ranges
bytes
Content-Length
1029
dislike.png
ptemingofl.fun/landings/11/img/ 		1021 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ptemingofl.fun/landings/11/img/dislike.png
Requested by
Host: ptemingofl.fun
URL: https://ptemingofl.fun/landings/11/fonts/vendor.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.149.176.195 Chicago, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0a02018222b7c96da64f58f9e690b69f0a46ef507f798c1708764acbe5160895

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ptemingofl.fun/landings/11/fonts/vendor.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 03 May 2022 14:01:24 GMT
last-modified
Thu, 28 Apr 2022 16:55:28 GMT
Server
nginx/1.18.0 (Ubuntu)
etag
"626ac700-3fd"
Content-Type
image/png
Connection
keep-alive
accept-ranges
bytes
Content-Length
1021
next.png
ptemingofl.fun/landings/11/img/ 		977 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ptemingofl.fun/landings/11/img/next.png
Requested by
Host: ptemingofl.fun
URL: https://ptemingofl.fun/landings/11/fonts/vendor.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.149.176.195 Chicago, United States, ASN399629 (BLNWX, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d14bb862d6afc17d01f02b3a80313024eddbe72ed8df02882eeee20312278fd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ptemingofl.fun/landings/11/fonts/vendor.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 03 May 2022 14:01:25 GMT
last-modified
Thu, 28 Apr 2022 16:55:28 GMT
Server
nginx/1.18.0 (Ubuntu)
etag
"626ac700-3d1"
Content-Type
image/png
Connection
keep-alive
accept-ranges
bytes
Content-Length
977
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9627.F-bPw_95l9eXEMCKWjcWronRQglhTsb7MyeicP5LXvPk29ekvzDV2RomTf8Qquu-.U48iVtKFlICpJ3FR-lL3hrmMDfk%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9627.wUfvvs8lA8nxiq-FuEXffe81nDTwZLjCGaHZbVRBOwfCU-FA-2B1I842HXkrfAm5cjMOMe7bKpYSrV9OD3zsMw%2C%2C.0nM23L3GcpgpoQuImIkqTwy3V7Q%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9627.wUfvvs8lA8nxiq-FuEXffe81nDTwZLjCGaHZbVRBOwfCU-FA-2B1I842HXkrfAm5cjMOMe7bKpYSrV9OD3zsMw%2C%2C.0nM23L3GcpgpoQuImIkqTwy3V7Q%2C
Requested by
Host: ptemingofl.fun
URL: https://ptemingofl.fun/?s1=wds1&s3=CLS
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 14:01:25 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9627.wUfvvs8lA8nxiq-FuEXffe81nDTwZLjCGaHZbVRBOwfCU-FA-2B1I842HXkrfAm5cjMOMe7bKpYSrV9OD3zsMw%2C%2C.0nM23L3GcpgpoQuImIkqTwy3V7Q%2C
date
Tue, 03 May 2022 14:01:25 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: ptemingofl.fun
URL: https://ptemingofl.fun/?s1=wds1&s3=CLS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 14:01:25 GMT
last-modified
Mon, 18 Apr 2022 12:16:58 GMT
etag
"625d2c8a-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 03 May 2022 15:01:25 GMT
1
mc.yandex.com/watch/54939280/
Redirect Chain
  • https://mc.yandex.com/watch/54939280?wmode=7&page-url=https%3A%2F%2Fptemingofl.fun%2F%3Fs1%3Dwds1%26s3%3DCLS&page-ref=http%3A%2F%2Fpaulownia.best%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3A...
  • https://mc.yandex.com/watch/54939280/1?wmode=7&page-url=https%3A%2F%2Fptemingofl.fun%2F%3Fs1%3Dwds1%26s3%3DCLS&page-ref=http%3A%2F%2Fpaulownia.best%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%...
357 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/54939280/1?wmode=7&page-url=https%3A%2F%2Fptemingofl.fun%2F%3Fs1%3Dwds1%26s3%3DCLS&page-ref=http%3A%2F%2Fpaulownia.best%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1296%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A309259669225%3Ahid%3A135567462%3Az%3A0%3Ai%3A20220503140124%3Aet%3A1651586484%3Ac%3A1%3Arn%3A541354183%3Arqn%3A1%3Au%3A1651586484130353888%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1651586482711%3Ads%3A12%2C216%2C182%2C2%2C90%2C0%2C%2C785%2C0%2C%2C%2C%2C1288%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1651586484%3At%3ABetter%20than%20dating&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: ptemingofl.fun
URL: https://ptemingofl.fun/?s1=wds1&s3=CLS
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
7aa536d3dc63621f2242017ad6f29f54ef1b5002cc3421a2f3618a27d6332a70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 May 2022 14:01:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 03-May-2022 14:01:25 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ptemingofl.fun
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
357
x-xss-protection
1; mode=block
expires
Tue, 03-May-2022 14:01:25 GMT

Redirect headers

pragma
no-cache
date
Tue, 03 May 2022 14:01:25 GMT
last-modified
Tue, 03-May-2022 14:01:25 GMT
location
/watch/54939280/1?wmode=7&page-url=https%3A%2F%2Fptemingofl.fun%2F%3Fs1%3Dwds1%26s3%3DCLS&page-ref=http%3A%2F%2Fpaulownia.best%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1296%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A309259669225%3Ahid%3A135567462%3Az%3A0%3Ai%3A20220503140124%3Aet%3A1651586484%3Ac%3A1%3Arn%3A541354183%3Arqn%3A1%3Au%3A1651586484130353888%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1651586482711%3Ads%3A12%2C216%2C182%2C2%2C90%2C0%2C%2C785%2C0%2C%2C%2C%2C1288%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1651586484%3At%3ABetter%20than%20dating&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ptemingofl.fun
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 03-May-2022 14:01:25 GMT
1
mc.yandex.com/watch/54939280/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/54939280/1?page-url=https%3A%2F%2Fptemingofl.fun%2F%3Fs1%3Dwds1%26s3%3DCLS&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A1%3Als%3A309259669225%3Ahid%3A135567462%3Az%3A0%3Ai%3A20220503140124%3Aet%3A1651586485%3Ac%3A1%3Arn%3A436410588%3Arqn%3A2%3Au%3A1651586484130353888%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1651586482711%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1651586485&t=gdpr(14)mc(p-1)aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 03 May 2022 14:01:25 GMT
last-modified
Tue, 03-May-2022 14:01:25 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ptemingofl.fun
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 03-May-2022 14:01:25 GMT
assetsv2.min.js
chytrack.com/ 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chytrack.com/assetsv2.min.js
Requested by
Host: ptemingofl.fun
URL: https://ptemingofl.fun/?s1=wds1&s3=CLS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60124e45c456badbd2b70dd302fa4edf237cd39addfb215602cf7cdc753027a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 May 2022 14:01:25 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e50BxOwLHLvJqQOZtrHxNzteywo5pF2GPhwppccdQcghhrlb4Ltszi%2FG3CWmHLByJT3bsf3pbVZd2%2FB9IyN9bxpjDUD3JmPHWP198AVsRgVz7X7Tt64f5DoS2jjFDNj8tnw79besWjlscAE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
post-check=0, pre-check=0, private
cf-ray
7059874e49ae9060-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
t
chytrack.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://chytrack.com/t
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-xsrf-token
Access-Control-Request-Method
POST
Origin
https://ptemingofl.fun
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers
x-xsrf-token
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
70598750ce989191-FRA
content-type
text/html; charset=UTF-8
date
Tue, 03 May 2022 14:01:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fsl299HygIADspHMGG0LuRsRDg3oswa80CmBikgsE1zabZXM9hczWKAls5F8oSHm5zN16TntDMWZgiyv3jAbBaDkuLN%2FmA5kZce71OA9Zp1fAsNDUsCkOsPYxjB6wZaLA4lTG1ZHTHGpKV0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Access-Control-Request-Method, Access-Control-Request-Headers
t
chytrack.com/ 		75 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://chytrack.com/t
Requested by
Host: chytrack.com
URL: https://chytrack.com/assetsv2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d104e107de802b25815e5c32f73a687adf4fed89bbdad855e19d8e11041f490f

Request headers

Referer
X-XSRF-TOKEN
eyJpdiI6IkxKNnRBZG44dytBSHZSTVlmZ3hWbkE9PSIsInZhbHVlIjoiTWNhY2Y3cHlLTE9LbWJWK3VmbDUwZTNXcWVIWmRNcnNLdzdhWm9UeVpQY1Uvc1J6VDhLTDNQTkU2TW5JSE9LbSIsIm1hYyI6IjYyZGE4MmY4MjVjY2FmMGUyYmYzYjM2YzIwYjY3ZTdkZThiN2E4NmM0Zjk5ZWNhNzY3ZDI0MGY0ODU4Y2JmMWMifQ==
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 03 May 2022 14:01:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9i9nRU2ScxYOzrIe0%2FXX48DDtBzV5f8igSqMsIKHs1zz8PaRW1T%2BP4yMJ4YC929uEVVKWCJaFOGKOWFnr3Ns7pvtSLAPL6ugm8Ezd2gNzu1ktFzV4xUD9dKeAiWKYCvzL1ybmj565MmcsEw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
cf-ray
70598751a8039191-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails string| thirdParty string| r string| vl string| redirectURL function| openPopup function| clickButton function| nextStep function| getTimezone function| x64Add function| x64Multiply function| x64Rotl function| x64LeftShift function| x64Xor function| x64Fmix function| x64hash128 function| picassoCanvas function| picasso function| getVideoCardInfo function| $ function| jQuery function| Siema function| ym object| yaParams string| ce function| fpResponseCallback function| fpDataCallback number| ds boolean| demo string| apiDomain object| Ya object| yaCounter54939280 string| API object| regeneratorRuntime function| getVisitorId string| fp_id

18 Cookies

Domain/Path Name / Value
bluekingnd.fun/ Name: _subid
Value: 1cdg2k111m10
bluekingnd.fun/ Name: 68d16
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNjUxNTg2NDgzfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNjUxNTg2NDgzfSxcInRpbWVcIjoxNjUxNTg2NDgzfSJ9.tnohpAdIhx76nnLUEPmreO4Tr1-KLKtPOYyRXXnRL8I
ptemingofl.fun/ Name: XSRF-TOKEN
Value: eyJpdiI6IkxKNnRBZG44dytBSHZSTVlmZ3hWbkE9PSIsInZhbHVlIjoiTWNhY2Y3cHlLTE9LbWJWK3VmbDUwZTNXcWVIWmRNcnNLdzdhWm9UeVpQY1Uvc1J6VDhLTDNQTkU2TW5JSE9LbSIsIm1hYyI6IjYyZGE4MmY4MjVjY2FmMGUyYmYzYjM2YzIwYjY3ZTdkZThiN2E4NmM0Zjk5ZWNhNzY3ZDI0MGY0ODU4Y2JmMWMifQ%3D%3D
ptemingofl.fun/ Name: laravel_session
Value: eyJpdiI6IkwyQ09SbGRmd1hMYU51RVh4ZmdUSmc9PSIsInZhbHVlIjoiUkZUSENjUWpSemhzS1hRUU1ad2hEMWhTamJKNW1HQjlSaDZOT2FrWWw1Mkp3SVVMVkFTZEo2VXFLdENOeVRTRSIsIm1hYyI6IjY1YWU2MmQ3ODJjY2JhZmIyNDY5NWZkZGIxODlhMWFmOTM3ZDEyMzY0NWUxZTc1ODI1MzI0MDgzNWZmYTMyNWIifQ%3D%3D
ptemingofl.fun/ Name: SRVNAME
Value: w1
svntrk.com/ Name: svnimp
Value: 627135b421d5f
.ptemingofl.fun/ Name: _ym_uid
Value: 1651586484130353888
.ptemingofl.fun/ Name: _ym_d
Value: 1651586484
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3098365378fake
.ptemingofl.fun/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1516773882fake
.yandex.com/ Name: yandexuid
Value: 9196982441651586485
.yandex.com/ Name: yuidss
Value: 9196982441651586485
mc.yandex.com/ Name: yabs-sid
Value: 2528841331651586485
.yandex.com/ Name: i
Value: CIWwBXq7NH2C56X9UdvgynSfDMxV3bMpOxo53nKJyy8bjmixTF40M5EEyxGmE5g/VIAApyx5EPoSHLZTImrc9CUne3c=
.yandex.com/ Name: ymex
Value: 1683122485.yrts.1651586485#1683122485.yrtsi.1651586485
.ptemingofl.fun/ Name: _ym_visorc
Value: w
.ptemingofl.fun/ Name: fp_id
Value: 627135b6198fd

1 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9627.wUfvvs8lA8nxiq-FuEXffe81nDTwZLjCGaHZbVRBOwfCU-FA-2B1I842HXkrfAm5cjMOMe7bKpYSrV9OD3zsMw%2C%2C.0nM23L3GcpgpoQuImIkqTwy3V7Q%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bluekingnd.fun
chytrack.com
mc.yandex.com
mc.yandex.ru
paulownia.best
ptemingofl.fun
svntrk.com
185.50.25.11
193.149.176.195
2606:4700:3031::6815:1e7e
2a02:6b8::1:119
2a06:98c1:3120::7
2a06:98c1:3121::11
01aeb2aa117b0acb958f7c108f1e27d2e2076a3c4f46a6610c012734a46ebd5b
031a403d9aa3a7632809d7bf10d050ebebc4fa32fca55fd123cf79a2fd827a31
09426ed21b1c6d595b2ea58b8d1b8d250679b11e628badf6e07ba5eacc0f7055
0a02018222b7c96da64f58f9e690b69f0a46ef507f798c1708764acbe5160895
1432cf5fa8ba183c8a4ed09ab8def857de760677b0a1daba3446e52b731a428b
2e66d14323ae9588e910cd053ee67f11cdfd3c3320214d5bb32515fa54a775f4
3bdef4010f862f6fcb33d7e4582e5064fa275a00a98ddb099348f07f2bfcca3b
41f4306d3759f0472566900bec7af4538e73d41f76320a6ea4845bb3662cbe28
4ac43d000e4f697614de3960ef70b931f5be891d40d51c552de015a0e21b97de
51ec6ffec529151551abfcddbad6b87ed2c51d82844d40c8dbb6e8860d1311d5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
60124e45c456badbd2b70dd302fa4edf237cd39addfb215602cf7cdc753027a5
75f3bd16ca645709f15708862b8523f5a5072725d1c945db54f58c343c7d21cc
7aa536d3dc63621f2242017ad6f29f54ef1b5002cc3421a2f3618a27d6332a70
7f5678365987aae65521e76d403848344e4f1733c45faa0b66d7aa96d34abade
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8a7d0dc649694f4a52af2ccea776980ab44bd7900f403ee56fe3a45b9d7dc27a
bbaf8192cc38e0d0fb6e6856c37bcd54e9168e58f3a15e1894caf42c7694bbe4
d104e107de802b25815e5c32f73a687adf4fed89bbdad855e19d8e11041f490f
d14bb862d6afc17d01f02b3a80313024eddbe72ed8df02882eeee20312278fd0
df64636d8b9d417e700aec5afdd661573c2ba554112fe3eaebdbd8542cd78b95
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d6afbd85ba3b3302404338162697aed4b36a86e4f80cd997d1b6adce0880c7
ea6a25c506adc4639ac0cc47e38015ff415d32b2a2a5df086be9ec5eecb3dea9
f95717eb85c21ef40729e451027cfd7e02a8b219b5e1a2f4e90e6b74dd59d881
f9fef19a1d56bd6835c84ba9bbc3ecb15f09b8ade01f8adcd2669c43b2a51916
ff536b308859cf9b3406bb43a04f1f14785d5ad6579a705efdb4e33edb34b9ea