urlscan.io logo urlscan.io
SecurityTrails logo

www.trafyield.com Open in urlscan Pro
35.201.127.73  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://linkexp84.space/go.php?a_aid=58f75a3807b91&chan=code6&fn=Kon-Boot%20Crack%20%2B%20Latest%20Version%20Download%20...
Effective URL: http://www.trafyield.com/jump/next.php?r=2521587&pub_clickid=2367471960351972296&sub1=769663
Submission Tags: falconsandbox
Submission: On October 30 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 11 domains to perform 9 HTTP transactions. The main IP is 35.201.127.73, located in Ascension Island and belongs to GOOGLE, US. The main domain is www.trafyield.com.
This is the only time www.trafyield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 69.61.56.66 22653 (GLOBALCOM...)
1 192.0.78.26 2635 (AUTOMATTIC)
1 1 167.71.163.136 14061 (DIGITALOC...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 104.27.169.184 13335 (CLOUDFLAR...)
2 2 18.202.12.61 16509 (AMAZON-02)
2 2 99.86.2.74 16509 (AMAZON-02)
2 52.206.71.220 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 35.201.127.73 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 8
1    69.61.56.66 (Atlanta, United States)

ASN22653 (GLOBALCOMPASS, US)
linkexp84.space
1    192.0.78.26 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
href.li
1    167.71.163.136 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
lady3jane.cyou
1    2606:4700:3033::681c:7eb (United States)

ASN13335 (CLOUDFLARENET, US)
trk.verseneed.icu
1    104.27.169.184 (United States)

ASN13335 (CLOUDFLARENET, US)
impress.polar-track.com
2    18.202.12.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-12-61.eu-west-1.compute.amazonaws.com
trk.rockwound.site
2    99.86.2.74 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-74.fra6.r.cloudfront.net
reroplittrewheck.pro
2    52.206.71.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-71-220.compute-1.amazonaws.com
cusbf.soldinger.work
1    2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    35.201.127.73 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 73.127.201.35.bc.googleusercontent.com
www.trafyield.com
1    2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
3 www.trafyield.com 1 redirects cusbf.soldinger.work
www.trafyield.com
2 cusbf.soldinger.work trk.verseneed.icu
cusbf.soldinger.work
2 reroplittrewheck.pro 2 redirects
2 trk.rockwound.site 2 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com cusbf.soldinger.work
1 impress.polar-track.com trk.verseneed.icu
1 trk.verseneed.icu href.li
1 lady3jane.cyou 1 redirects
1 href.li
1 linkexp84.space 1 redirects
9 11

This site contains no links.

Subject Issuer Validity Valid
tls.automattic.com
Let's Encrypt Authority X3		 2020-10-12 -
2021-01-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-17 -
2021-07-17		 a year crt.sh
soldinger.work
Let's Encrypt Authority X3		 2020-10-07 -
2021-01-05		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh

This page contains 1 frames:

Frame: http://www.trafyield.com/script/i.php?stamat=m%7C%2C%2Cg2E6NhMqoGU3Bf9GH0dEdHP3xP.1ed%2C0kQj2ZBFbFQ4mTjVP6XvEW4Hq6SdbyBSz1_Wi7DsdBb-WIoYzT3cG6bHYvUF4oQjjrrLhvakIwr0HT9J01XkHkg9fjLs8BpPls2gBsymJH7508x5Y-x-3B-2xdT4xRdhHEPTaCC7kMbe6Mb4XcjjkTV2SqjShpDi5H02Ku2bCEM_GIY00QB4NT3_-ZELh2Hx7J1Zy9YLMloJQ-DM09lLIuUvO5tfGzVHLWejxlna1KDOg2KGSLhY14M32Cai9uoBp8DmPQ1fMeVeSWOtk5jUwM6m4Cylem8LuMyjJMIbkc_P-m_nUQHJiDu4NbZspe56v3apOdAQMwiI9iqV4a4MyBcU4HnPRu6R9OMihXg7FO-RikUw_0WKjlz5sQ78PFMgc568xWStqZXp5sobS0ev7sCb7Ej9ObkDncD3XZcA4HOrqUGI-GahZf7qoF9--bOu
Frame ID: 4502517E21F48C841BBA70C7F1A03D1C
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://linkexp84.space/go.php?a_aid=58f75a3807b91&chan=code6&fn=Kon-Boot%20Crack%20%2B%20Latest%20V... HTTP 302
    https://href.li/?https://lady3jane.cyou/3cjkNM?keyword=Kon-Boot%20Crack%20+%20Latest%20Versi... Page URL
  2. https://lady3jane.cyou/3cjkNM?keyword=Kon-Boot%20Crack%20+%20Latest%20Version%20Download%202020%20[... HTTP 302
    https://trk.verseneed.icu/3ez7bx?click_id=2m7gn57q5o&title=Kon-Boot+Crack+++Latest+Version+Download+20... Page URL
  3. http://trk.rockwound.site/aff_c?source=2076&offer_id=174&aff_click_id=2m7gn57q5o&aff_id=2076&aff_sub=5... HTTP 302
    http://trk.rockwound.site/aff_r?offer_id=174&aff_id=2076&url=https%3A%2F%2Freroplittrewheck.pro%2Fredi... HTTP 302
    https://reroplittrewheck.pro/redirect?tid=808181&subid=2076&puid=10210a76de39edc431a8d90b8236bb HTTP 302
    https://cusbf.soldinger.work/GIH?tag_id=808181&sub_id1=2076&sub_id2=1062416450299670037&cookie_id=aecf5b3... Page URL
  4. https://reroplittrewheck.pro/?tid=769663&noocp=1&subid=2076 HTTP 302
    http://www.trafyield.com/jump/next.php?r=2521587&pub_clickid=2367471960351972296&sub1=769663 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

9
Requests

78 %
HTTPS

27 %
IPv6

11
Domains

11
Subdomains

8
IPs

4
Countries

172 kB
Transfer

387 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://linkexp84.space/go.php?a_aid=58f75a3807b91&chan=code6&fn=Kon-Boot%20Crack%20%2B%20Latest%20Version%20Download%202020%20%5BUpdated%5D HTTP 302
    https://href.li/?https://lady3jane.cyou/3cjkNM?keyword=Kon-Boot%20Crack%20+%20Latest%20Version%20Download%202020%20[Updated]&sub_id_1=58f75a3807b91&sub_id_2=code6&external_id=2229231604098557960447 Page URL
  2. https://lady3jane.cyou/3cjkNM?keyword=Kon-Boot%20Crack%20+%20Latest%20Version%20Download%202020%20[Updated]&sub_id_1=58f75a3807b91&sub_id_2=code6&external_id=2229231604098557960447 HTTP 302
    https://trk.verseneed.icu/3ez7bx?click_id=2m7gn57q5o&title=Kon-Boot+Crack+++Latest+Version+Download+2020+%5BUpdated%5D&s1=58f75a3807b91&s2=code6 Page URL
  3. http://trk.rockwound.site/aff_c?source=2076&offer_id=174&aff_click_id=2m7gn57q5o&aff_id=2076&aff_sub=58f75a3807b91&aff_sub2=code6&aff_sub3=&aff_sub4=&aff_sub5=&aff_unique1=&aff_unique2=&aff_unique3=&name=Kon-Boot%20Crack%20%20%20Latest%20Version%20Download%202020%20[Updated]&url= HTTP 302
    http://trk.rockwound.site/aff_r?offer_id=174&aff_id=2076&url=https%3A%2F%2Freroplittrewheck.pro%2Fredirect%3Ftid%3D808181%26subid%3D2076%26puid%3D10210a76de39edc431a8d90b8236bb&urlauth=570880000659595337927655038531 HTTP 302
    https://reroplittrewheck.pro/redirect?tid=808181&subid=2076&puid=10210a76de39edc431a8d90b8236bb HTTP 302
    https://cusbf.soldinger.work/GIH?tag_id=808181&sub_id1=2076&sub_id2=1062416450299670037&cookie_id=aecf5b3b-5024-476b-bcce-0ff6c978ca53&lp=animateLoading&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D769663%26noocp%3D1%26subid%3D2076&geo=NL Page URL
  4. https://reroplittrewheck.pro/?tid=769663&noocp=1&subid=2076 HTTP 302
    http://www.trafyield.com/jump/next.php?r=2521587&pub_clickid=2367471960351972296&sub1=769663 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://linkexp84.space/go.php?a_aid=58f75a3807b91&chan=code6&fn=Kon-Boot%20Crack%20%2B%20Latest%20Version%20Download%202020%20%5BUpdated%5D HTTP 302
  • https://href.li/?https://lady3jane.cyou/3cjkNM?keyword=Kon-Boot%20Crack%20+%20Latest%20Version%20Download%202020%20[Updated]&sub_id_1=58f75a3807b91&sub_id_2=code6&external_id=2229231604098557960447
Request Chain 1
  • https://lady3jane.cyou/3cjkNM?keyword=Kon-Boot%20Crack%20+%20Latest%20Version%20Download%202020%20[Updated]&sub_id_1=58f75a3807b91&sub_id_2=code6&external_id=2229231604098557960447 HTTP 302
  • https://trk.verseneed.icu/3ez7bx?click_id=2m7gn57q5o&title=Kon-Boot+Crack+++Latest+Version+Download+2020+%5BUpdated%5D&s1=58f75a3807b91&s2=code6
Request Chain 3
  • http://trk.rockwound.site/aff_c?source=2076&offer_id=174&aff_click_id=2m7gn57q5o&aff_id=2076&aff_sub=58f75a3807b91&aff_sub2=code6&aff_sub3=&aff_sub4=&aff_sub5=&aff_unique1=&aff_unique2=&aff_unique3=&name=Kon-Boot%20Crack%20%20%20Latest%20Version%20Download%202020%20[Updated]&url= HTTP 302
  • http://trk.rockwound.site/aff_r?offer_id=174&aff_id=2076&url=https%3A%2F%2Freroplittrewheck.pro%2Fredirect%3Ftid%3D808181%26subid%3D2076%26puid%3D10210a76de39edc431a8d90b8236bb&urlauth=570880000659595337927655038531 HTTP 302
  • https://reroplittrewheck.pro/redirect?tid=808181&subid=2076&puid=10210a76de39edc431a8d90b8236bb HTTP 302
  • https://cusbf.soldinger.work/GIH?tag_id=808181&sub_id1=2076&sub_id2=1062416450299670037&cookie_id=aecf5b3b-5024-476b-bcce-0ff6c978ca53&lp=animateLoading&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D769663%26noocp%3D1%26subid%3D2076&geo=NL
Request Chain 8
  • http://www.trafyield.com/jump/next.php?stamat=m%7C%2CUo2a79jfrB1dAN0dEdHP3xP.1c5%2C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRqRKjk-gEmeZY-ByReVG8q-jtB3TVJjOTh6eOYnc0VbrXOCOScuGI8WJTh-9xtDABE%2C&cbrandom=0.3002521436136183&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
  • http://www.trafyield.com/script/i.php?stamat=m%7C%2C%2Cg2E6NhMqoGU3Bf9GH0dEdHP3xP.1ed%2C0kQj2ZBFbFQ4mTjVP6XvEW4Hq6SdbyBSz1_Wi7DsdBb-WIoYzT3cG6bHYvUF4oQjjrrLhvakIwr0HT9J01XkHkg9fjLs8BpPls2gBsymJH7508x5Y-x-3B-2xdT4xRdhHEPTaCC7kMbe6Mb4XcjjkTV2SqjShpDi5H02Ku2bCEM_GIY00QB4NT3_-ZELh2Hx7J1Zy9YLMloJQ-DM09lLIuUvO5tfGzVHLWejxlna1KDOg2KGSLhY14M32Cai9uoBp8DmPQ1fMeVeSWOtk5jUwM6m4Cylem8LuMyjJMIbkc_P-m_nUQHJiDu4NbZspe56v3apOdAQMwiI9iqV4a4MyBcU4HnPRu6R9OMihXg7FO-RikUw_0WKjlz5sQ78PFMgc568xWStqZXp5sobS0ev7sCb7Ej9ObkDncD3XZcA4HOrqUGI-GahZf7qoF9--bOu

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
href.li/
Redirect Chain
  • http://linkexp84.space/go.php?a_aid=58f75a3807b91&chan=code6&fn=Kon-Boot%20Crack%20%2B%20Latest%20Version%20Download%202020%20%5BUpdated%5D
  • https://href.li/?https://lady3jane.cyou/3cjkNM?keyword=Kon-Boot%20Crack%20+%20Latest%20Version%20Download%202020%20[Updated]&sub_id_1=58f75a3807b91&sub_id_2=code6&external_id=2229231604098557960447
1 KB
541 B 		Document
General
Check archive.org
Download Go to
Full URL
https://href.li/?https://lady3jane.cyou/3cjkNM?keyword=Kon-Boot%20Crack%20+%20Latest%20Version%20Download%202020%20[Updated]&sub_id_1=58f75a3807b91&sub_id_2=code6&external_id=2229231604098557960447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.26 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
659b5dd62643e42fe35e72e4eb2cc3bcc56c113c6d345d18cfe7ba076dc2008f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
href.li
:scheme
https
:path
/?https://lady3jane.cyou/3cjkNM?keyword=Kon-Boot%20Crack%20+%20Latest%20Version%20Download%202020%20[Updated]&sub_id_1=58f75a3807b91&sub_id_2=code6&external_id=2229231604098557960447
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx
date
Fri, 30 Oct 2020 14:28:55 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-encoding
gzip
x-ac
3.ams _dfw

Redirect headers

Date
Fri, 30 Oct 2020 22:55:57 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://href.li/?https://lady3jane.cyou/3cjkNM?keyword=Kon-Boot Crack + Latest Version Download 2020 [Updated]&sub_id_1=58f75a3807b91&sub_id_2=code6&external_id=2229231604098557960447
Content-Length
46
Connection
close
Content-Type
text/html; charset=UTF-8
3ez7bx
trk.verseneed.icu/
Redirect Chain
  • https://lady3jane.cyou/3cjkNM?keyword=Kon-Boot%20Crack%20+%20Latest%20Version%20Download%202020%20[Updated]&sub_id_1=58f75a3807b91&sub_id_2=code6&external_id=2229231604098557960447
  • https://trk.verseneed.icu/3ez7bx?click_id=2m7gn57q5o&title=Kon-Boot+Crack+++Latest+Version+Download+2020+%5BUpdated%5D&s1=58f75a3807b91&s2=code6
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trk.verseneed.icu/3ez7bx?click_id=2m7gn57q5o&title=Kon-Boot+Crack+++Latest+Version+Download+2020+%5BUpdated%5D&s1=58f75a3807b91&s2=code6
Requested by
Host: href.li
URL: https://href.li/?https://lady3jane.cyou/3cjkNM?keyword=Kon-Boot%20Crack%20+%20Latest%20Version%20Download%202020%20[Updated]&sub_id_1=58f75a3807b91&sub_id_2=code6&external_id=2229231604098557960447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:7eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.27
Resource Hash
8f9849dae3aeed3288501c3541ec143aa6239edeec27ee45d50b5566e98a64a9

Request headers

:method
GET
:authority
trk.verseneed.icu
:scheme
https
:path
/3ez7bx?click_id=2m7gn57q5o&title=Kon-Boot+Crack+++Latest+Version+Download+2020+%5BUpdated%5D&s1=58f75a3807b91&s2=code6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://href.li/?https://lady3jane.cyou/3cjkNM?keyword=Kon-Boot%20Crack%20+%20Latest%20Version%20Download%202020%20[Updated]&sub_id_1=58f75a3807b91&sub_id_2=code6&external_id=2229231604098557960447

Response headers

status
200
date
Fri, 30 Oct 2020 14:28:56 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d8f2bba0d9a338d3d32673af62d92dd8c1604068135; expires=Sun, 29-Nov-20 14:28:55 GMT; path=/; domain=.verseneed.icu; HttpOnly; SameSite=Lax
x-powered-by
PHP/7.1.27
cf-cache-status
DYNAMIC
cf-request-id
061b826c3600002c3e7a918000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TH12ON8UHOxl7bwsu3dyqHRR2xvD%2BWeS09%2B8TfHywEIycTcNHe1Glz88xRRuThUj6nDAetSzLSmJuS%2BTZB4bbmSwd3OM%2BheQyd8XEwrfXD2RMCk7T6SPXbP6l98zOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5ea5d359ea962c3e-FRA
content-encoding
br

Redirect headers

Server
nginx
Date
Fri, 30 Oct 2020 14:28:55 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires
0
Last-Modified
Fri, 30 Oct 2020 14:28:55 GMT
Location
https://trk.verseneed.icu/3ez7bx?click_id=2m7gn57q5o&title=Kon-Boot+Crack+++Latest+Version+Download+2020+%5BUpdated%5D&s1=58f75a3807b91&s2=code6
Pragma
no-cache
Set-Cookie
_subid=2m7gn57q5o;Expires=Monday, 30-Nov-2020 14:28:55 GMT;Max-Age=2678400;Path=/ _token=uuid_2m7gn57q5o_2m7gn57q5o5f9c2327db70a1.08200764;Expires=Monday, 30-Nov-2020 14:28:55 GMT;Max-Age=2678400;Path=/ ca6b1=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNjA0MDY4MTM1fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNjA0MDY4MTM1fSxcInRpbWVcIjoxNjA0MDY4MTM1fSJ9.tDiIt2tDCvePUsr26Q50bmE62kSWz_e0Kvn3Y5xXaAk;Expires=Monday, 30-Nov-2020 14:28:55 GMT;Max-Age=2678400;Path=/
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
aff_i
impress.polar-track.com/ 		43 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://impress.polar-track.com/aff_i?offer_id=174&aff_id=2076&aff_sub=58f75a3807b91&aff_sub2=58f75a3807b91&aff_sub3=58f75a3807b91&aff_sub4=58f75a3807b91&aff_sub5=58f75a3807b91&source=2076
Requested by
Host: trk.verseneed.icu
URL: https://trk.verseneed.icu/3ez7bx?click_id=2m7gn57q5o&title=Kon-Boot+Crack+++Latest+Version+Download+2020+%5BUpdated%5D&s1=58f75a3807b91&s2=code6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.169.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 14:28:56 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
tracking_id
1023ff3d308bff994c750312de2cc3
status
200
content-length
43
cf-request-id
061b826dfe0000331f351e1000000001
x-request-id
280fddfa78f9998ee9865065ce25ed5f
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HrnUgTuaqKuvr7Uc5CGSK5o%2FkC7sb20vK%2Fhod6NzbqIcK%2Bon%2B%2BoO1MjfDkC4ITI3oLQjP0TnoRSDHE%2BqlAV5PCsWP%2F0LZCBH5ahyI3ceLXumpyZffFrMzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
5ea5d35ccd89331f-CDG
access-control-allow-headers
Tune-SDK-Version
expires
Sat, 26 Jul 1997 05:00:00 GMT
GIH
cusbf.soldinger.work/
Redirect Chain
  • http://trk.rockwound.site/aff_c?source=2076&offer_id=174&aff_click_id=2m7gn57q5o&aff_id=2076&aff_sub=58f75a3807b91&aff_sub2=code6&aff_sub3=&aff_sub4=&aff_sub5=&aff_unique1=&aff_unique2=&aff_unique3...
  • http://trk.rockwound.site/aff_r?offer_id=174&aff_id=2076&url=https%3A%2F%2Freroplittrewheck.pro%2Fredirect%3Ftid%3D808181%26subid%3D2076%26puid%3D10210a76de39edc431a8d90b8236bb&urlauth=570880000659...
  • https://reroplittrewheck.pro/redirect?tid=808181&subid=2076&puid=10210a76de39edc431a8d90b8236bb
  • https://cusbf.soldinger.work/GIH?tag_id=808181&sub_id1=2076&sub_id2=1062416450299670037&cookie_id=aecf5b3b-5024-476b-bcce-0ff6c978ca53&lp=animateLoading&tb=redirect&allb=redirect&ob=redirect&href=h...
12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cusbf.soldinger.work/GIH?tag_id=808181&sub_id1=2076&sub_id2=1062416450299670037&cookie_id=aecf5b3b-5024-476b-bcce-0ff6c978ca53&lp=animateLoading&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D769663%26noocp%3D1%26subid%3D2076&geo=NL
Requested by
Host: trk.verseneed.icu
URL: https://trk.verseneed.icu/3ez7bx?click_id=2m7gn57q5o&title=Kon-Boot+Crack+++Latest+Version+Download+2020+%5BUpdated%5D&s1=58f75a3807b91&s2=code6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.206.71.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-71-220.compute-1.amazonaws.com
Software
/ Express
Resource Hash
0e79994527fb3f84119803ceae4be36465f4856f263a10167fc73748ecea97b1

Request headers

:method
GET
:authority
cusbf.soldinger.work
:scheme
https
:path
/GIH?tag_id=808181&sub_id1=2076&sub_id2=1062416450299670037&cookie_id=aecf5b3b-5024-476b-bcce-0ff6c978ca53&lp=animateLoading&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D769663%26noocp%3D1%26subid%3D2076&geo=NL
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://trk.verseneed.icu/3ez7bx?click_id=2m7gn57q5o&title=Kon-Boot+Crack+++Latest+Version+Download+2020+%5BUpdated%5D&s1=58f75a3807b91&s2=code6

Response headers

status
200
content-type
text/html; charset=utf-8
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET, POST
access-control-allow-headers
X-Requested-With,content-type
etag
W/"3163-kxq8tcrC8qdWiJlsEIFFQtAr5Kg"
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

status
302
content-type
text/plain
content-length
0
location
https://cusbf.soldinger.work/GIH?tag_id=808181&sub_id1=2076&sub_id2=1062416450299670037&cookie_id=aecf5b3b-5024-476b-bcce-0ff6c978ca53&lp=animateLoading&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D769663%26noocp%3D1%26subid%3D2076&geo=NL
date
Fri, 30 Oct 2020 14:28:56 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=aecf5b3b-5024-476b-bcce-0ff6c978ca53 fv=rjgEqda7pdwHqSEFqTa9rdg5rjr7vdw=; Expires=Sat, 30 Oct 2021 14:28:56 GMT; Max-Age=31536000; Domain=.reroplittrewheck.pro; Path=/; Version=1
x-cache
Miss from cloudfront
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
6aafo8ODST_CA2gTjWClwqa9Ts31pJ3IYm6A15-OMR5aJl2tCuMKoQ==
dlp
cusbf.soldinger.work/ 		219 KB
150 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cusbf.soldinger.work/dlp?st=1&lp=animateLoading&geo=NL
Requested by
Host: cusbf.soldinger.work
URL: https://cusbf.soldinger.work/GIH?tag_id=808181&sub_id1=2076&sub_id2=1062416450299670037&cookie_id=aecf5b3b-5024-476b-bcce-0ff6c978ca53&lp=animateLoading&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D769663%26noocp%3D1%26subid%3D2076&geo=NL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.206.71.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-71-220.compute-1.amazonaws.com
Software
/ Express
Resource Hash
d2c17d2537374667ef6af1bc4291028665aff75ae0d489b48f8b88a5bbb6b711

Request headers

Referer
https://cusbf.soldinger.work/GIH?tag_id=808181&sub_id1=2076&sub_id2=1062416450299670037&cookie_id=aecf5b3b-5024-476b-bcce-0ff6c978ca53&lp=animateLoading&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D769663%26noocp%3D1%26subid%3D2076&geo=NL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding
gzip
etag
W/"36a92-Vdeq4ZZ0YHMeJCnKuzK6CPfdpRo"
status
200
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With,content-type
css
fonts.googleapis.com/ 		1 KB
569 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans
Requested by
Host: cusbf.soldinger.work
URL: https://cusbf.soldinger.work/GIH?tag_id=808181&sub_id1=2076&sub_id2=1062416450299670037&cookie_id=aecf5b3b-5024-476b-bcce-0ff6c978ca53&lp=animateLoading&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D769663%26noocp%3D1%26subid%3D2076&geo=NL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cusbf.soldinger.work/GIH?tag_id=808181&sub_id1=2076&sub_id2=1062416450299670037&cookie_id=aecf5b3b-5024-476b-bcce-0ff6c978ca53&lp=animateLoading&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D769663%26noocp%3D1%26subid%3D2076&geo=NL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 30 Oct 2020 13:55:50 GMT
server
ESF
date
Fri, 30 Oct 2020 14:28:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Oct 2020 14:28:57 GMT
truncated
/ 		132 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
Primary Request next.php
www.trafyield.com/jump/
Redirect Chain
  • https://reroplittrewheck.pro/?tid=769663&noocp=1&subid=2076
  • http://www.trafyield.com/jump/next.php?r=2521587&pub_clickid=2367471960351972296&sub1=769663
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.trafyield.com/jump/next.php?r=2521587&pub_clickid=2367471960351972296&sub1=769663
Requested by
Host: cusbf.soldinger.work
URL: https://cusbf.soldinger.work/GIH?tag_id=808181&sub_id1=2076&sub_id2=1062416450299670037&cookie_id=aecf5b3b-5024-476b-bcce-0ff6c978ca53&lp=animateLoading&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D769663%26noocp%3D1%26subid%3D2076&geo=NL
Protocol
HTTP/1.1
Server
35.201.127.73 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
73.127.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
f0a9162d09fe023b8a8a56d42470108f204fc46f4a8e020764a0d390387605a4

Request headers

Host
www.trafyield.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cusbf.soldinger.work/GIH?tag_id=808181&sub_id1=2076&sub_id2=1062416450299670037&cookie_id=aecf5b3b-5024-476b-bcce-0ff6c978ca53&lp=animateLoading&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freroplittrewheck.pro%2F%3Ftid%3D769663%26noocp%3D1%26subid%3D2076&geo=NL

Response headers

Server
openresty
Date
Fri, 30 Oct 2020 14:28:57 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 google

Redirect headers

status
302
content-type
text/plain
content-length
0
location
http://www.trafyield.com/jump/next.php?r=2521587&pub_clickid=2367471960351972296&sub1=769663
date
Fri, 30 Oct 2020 14:28:57 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
fv=rjgEqda7pdwHqSEFqTa9rdg5rjr6vds=; Expires=Sat, 30 Oct 2021 14:28:57 GMT; Max-Age=31536000; Domain=.reroplittrewheck.pro; Path=/; Version=1
x-cache
Miss from cloudfront
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
zlvWDep_Wz6bQVsulMA6EYXOJseLO2tp7L3qsBB_5crqvPDeDslb4g==
jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v12/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExcOPIDU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://cusbf.soldinger.work
Referer
https://fonts.googleapis.com/css?family=PT+Sans
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 09:05:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:11 GMT
server
sffe
age
19397
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11380
x-xss-protection
0
expires
Sat, 30 Oct 2021 09:05:40 GMT
i.php
www.trafyield.com/script/
Redirect Chain
  • http://www.trafyield.com/jump/next.php?stamat=m%7C%2CUo2a79jfrB1dAN0dEdHP3xP.1c5%2C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRqRKjk-gEmeZY-ByReVG8q-jtB3TVJjOTh6eOYnc0VbrXOCOScuGI8WJTh-9xtDABE%2C&cbr...
  • http://www.trafyield.com/script/i.php?stamat=m%7C%2C%2Cg2E6NhMqoGU3Bf9GH0dEdHP3xP.1ed%2C0kQj2ZBFbFQ4mTjVP6XvEW4Hq6SdbyBSz1_Wi7DsdBb-WIoYzT3cG6bHYvUF4oQjjrrLhvakIwr0HT9J01XkHkg9fjLs8BpPls2gBsymJH750...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://www.trafyield.com/script/i.php?stamat=m%7C%2C%2Cg2E6NhMqoGU3Bf9GH0dEdHP3xP.1ed%2C0kQj2ZBFbFQ4mTjVP6XvEW4Hq6SdbyBSz1_Wi7DsdBb-WIoYzT3cG6bHYvUF4oQjjrrLhvakIwr0HT9J01XkHkg9fjLs8BpPls2gBsymJH7508x5Y-x-3B-2xdT4xRdhHEPTaCC7kMbe6Mb4XcjjkTV2SqjShpDi5H02Ku2bCEM_GIY00QB4NT3_-ZELh2Hx7J1Zy9YLMloJQ-DM09lLIuUvO5tfGzVHLWejxlna1KDOg2KGSLhY14M32Cai9uoBp8DmPQ1fMeVeSWOtk5jUwM6m4Cylem8LuMyjJMIbkc_P-m_nUQHJiDu4NbZspe56v3apOdAQMwiI9iqV4a4MyBcU4HnPRu6R9OMihXg7FO-RikUw_0WKjlz5sQ78PFMgc568xWStqZXp5sobS0ev7sCb7Ej9ObkDncD3XZcA4HOrqUGI-GahZf7qoF9--bOu
Requested by
Host: www.trafyield.com
URL: http://www.trafyield.com/jump/next.php?r=2521587&pub_clickid=2367471960351972296&sub1=769663
Protocol
HTTP/1.1
Server
35.201.127.73 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
73.127.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Host
www.trafyield.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.trafyield.com/jump/next.php?r=2521587&pub_clickid=2367471960351972296&sub1=769663

Response headers

Server
openresty
Date
Fri, 30 Oct 2020 14:28:58 GMT
Access-Control-Allow-Origin
*
Referrer-Policy
no-referrer
Via
1.1 google

Redirect headers

Server
openresty
Date
Fri, 30 Oct 2020 14:28:57 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Access-Control-Allow-Origin
*
Location
http://www.trafyield.com/script/i.php?stamat=m%7C%2C%2Cg2E6NhMqoGU3Bf9GH0dEdHP3xP.1ed%2C0kQj2ZBFbFQ4mTjVP6XvEW4Hq6SdbyBSz1_Wi7DsdBb-WIoYzT3cG6bHYvUF4oQjjrrLhvakIwr0HT9J01XkHkg9fjLs8BpPls2gBsymJH7508x5Y-x-3B-2xdT4xRdhHEPTaCC7kMbe6Mb4XcjjkTV2SqjShpDi5H02Ku2bCEM_GIY00QB4NT3_-ZELh2Hx7J1Zy9YLMloJQ-DM09lLIuUvO5tfGzVHLWejxlna1KDOg2KGSLhY14M32Cai9uoBp8DmPQ1fMeVeSWOtk5jUwM6m4Cylem8LuMyjJMIbkc_P-m_nUQHJiDu4NbZspe56v3apOdAQMwiI9iqV4a4MyBcU4HnPRu6R9OMihXg7FO-RikUw_0WKjlz5sQ78PFMgc568xWStqZXp5sobS0ev7sCb7Ej9ObkDncD3XZcA4HOrqUGI-GahZf7qoF9--bOu
Via
1.1 google

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| inIframe function| checkDocumentBody function| documentAsyncWriteElementFromHtml function| ReopenUrlBuilder object| browser function| preppopedRedirect

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000