stream.slimtraf.com
Open in
urlscan Pro
167.114.247.184
Public Scan
Effective URL: https://stream.slimtraf.com/directclick/?pid=UYdclLi3iJ0lpYVSMg4uV9IBomc1&wsid=83c719da-d765-4fab-8e5e-ef8ec5395588&subid=%7...
Submission: On February 23 via manual from TR
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on January 28th 2020. Valid for: 3 months.
This is the only time stream.slimtraf.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 198.54.114.239 198.54.114.239 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 | 2600:3c01::f0... 2600:3c01::f03c:91ff:fe98:8283 | 63949 (LINODE-AP...) (LINODE-AP Linode) | |
1 1 | 88.214.197.144 88.214.197.144 | 46636 (NATCOWEB) (NATCOWEB) | |
2 | 167.114.247.184 167.114.247.184 | 16276 (OVH) (OVH) | |
5 | 2a00:1450:400... 2a00:1450:4001:809::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:81c::2003 | 15169 (GOOGLE) (GOOGLE) | |
9 | 4 |
ASN22612 (NAMECHEAP-NET, US)
PTR: server227-1.web-hosting.com
lagu123.website |
ASN63949 (LINODE-AP Linode, LLC, US)
maryjane-cams.info |
ASN46636 (NATCOWEB, US)
PTR: dns11.parkpage.foundationapi.com
oxoclick.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
google.com
www.google.com |
570 B |
2 |
slimtraf.com
stream.slimtraf.com |
165 KB |
1 |
gstatic.com
www.gstatic.com |
93 KB |
1 |
oxoclick.com
1 redirects
oxoclick.com |
394 B |
1 |
maryjane-cams.info
maryjane-cams.info |
767 B |
1 |
lagu123.website
1 redirects
lagu123.website |
217 B |
9 | 6 |
Domain | Requested by | |
---|---|---|
5 | www.google.com |
stream.slimtraf.com
www.gstatic.com |
2 | stream.slimtraf.com |
stream.slimtraf.com
|
1 | www.gstatic.com |
www.google.com
|
1 | oxoclick.com | 1 redirects |
1 | maryjane-cams.info | |
1 | lagu123.website | 1 redirects |
9 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
stream.slimtraf.com Let's Encrypt Authority X3 |
2020-01-28 - 2020-04-27 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
This page contains 5 frames:
Primary Page:
https://stream.slimtraf.com/directclick/?pid=UYdclLi3iJ0lpYVSMg4uV9IBomc1&wsid=83c719da-d765-4fab-8e5e-ef8ec5395588&subid=%7Bsource%7D
Frame ID: 84895A594578664E1A385D777E1DE5DA
Requests: 5 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKIzEUAAAAAF1tHxBnrTQs2RxowWqa3i1tSieZ&co=aHR0cHM6Ly9zdHJlYW0uc2xpbXRyYWYuY29tOjQ0Mw..&hl=en&v=n1ZaVsRK4TYyiKxYab0h8MUD&size=invisible&cb=3p052d8fwla5
Frame ID: 4A41202BC3DEC661AEF3FE03691C6D4F
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKIzEUAAAAAF1tHxBnrTQs2RxowWqa3i1tSieZ&co=aHR0cHM6Ly9zdHJlYW0uc2xpbXRyYWYuY29tOjQ0Mw..&hl=en&v=n1ZaVsRK4TYyiKxYab0h8MUD&size=normal&cb=cjtgthkfo6xh
Frame ID: F13AF6891CF41C31088ED2F52427BE34
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/bframe?hl=en&v=n1ZaVsRK4TYyiKxYab0h8MUD&k=6LfKIzEUAAAAAF1tHxBnrTQs2RxowWqa3i1tSieZ&cb=u8reyj9ast91
Frame ID: 107CE1F252D31A5CB888C94692EF1BCB
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/bframe?hl=en&v=n1ZaVsRK4TYyiKxYab0h8MUD&k=6LfKIzEUAAAAAF1tHxBnrTQs2RxowWqa3i1tSieZ&cb=jhh49qohhtgh
Frame ID: 6F62BF271E6E3EEE81BBA13BA9DC38C3
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://lagu123.website/download/vI2TFR0AUBA/ethiopia-------.html
HTTP 302
http://maryjane-cams.info/r2d2/r2d2.php?r=lagu123.website&s=NC01 Page URL
-
http://oxoclick.com/aff_c?offer_id=23378&aff_id=30990&aff_sub=prollyIN
HTTP 302
https://stream.slimtraf.com/directclick/?pid=UYdclLi3iJ0lpYVSMg4uV9IBomc1&wsid=83c719da-d765-4fab-8e5e-e... Page URL
Detected technologies
Debian (Operating Systems) ExpandDetected patterns
- headers server /Debian/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
reCAPTCHA (Captchas) Expand
Detected patterns
- script /\/recaptcha\/api\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://lagu123.website/download/vI2TFR0AUBA/ethiopia-------.html
HTTP 302
http://maryjane-cams.info/r2d2/r2d2.php?r=lagu123.website&s=NC01 Page URL
-
http://oxoclick.com/aff_c?offer_id=23378&aff_id=30990&aff_sub=prollyIN
HTTP 302
https://stream.slimtraf.com/directclick/?pid=UYdclLi3iJ0lpYVSMg4uV9IBomc1&wsid=83c719da-d765-4fab-8e5e-ef8ec5395588&subid=%7Bsource%7D Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://lagu123.website/download/vI2TFR0AUBA/ethiopia-------.html HTTP 302
- http://maryjane-cams.info/r2d2/r2d2.php?r=lagu123.website&s=NC01
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
r2d2.php
maryjane-cams.info/r2d2/ Redirect Chain
|
1 KB 767 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
/
stream.slimtraf.com/directclick/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
surprise.jpg
stream.slimtraf.com/ |
175 KB 163 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
733 B 570 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/n1ZaVsRK4TYyiKxYab0h8MUD/ |
259 KB 93 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame 4A41 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame F13A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bframe
www.google.com/recaptcha/api2/ Frame 107C |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bframe
www.google.com/recaptcha/api2/ Frame 6F62 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate boolean| redirectStarted function| nextLevel function| reCaptchaVerify function| reCaptchaExpired function| onloadCallback object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| recaptcha object| closure_lm_7572912 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.slimtraf.com/ | Name: u_current_ads_view Value: ---- |
|
.slimtraf.com/ | Name: checkkeks Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
lagu123.website
maryjane-cams.info
oxoclick.com
stream.slimtraf.com
www.google.com
www.gstatic.com
167.114.247.184
198.54.114.239
2600:3c01::f03c:91ff:fe98:8283
2a00:1450:4001:809::2004
2a00:1450:4001:81c::2003
88.214.197.144
327358936ae1faca746b38258cde21f2574d062dc6f939a8b9fcfa8e2adfc9ee
5b144e0d5a602d4c6a2c681a59a0fdd0187766215714652a16aa94ff36349644
c497f89d2eb621076dc3aed3c7c06acc659e11c26e2b8c66bbd1afc1c5191342
edd75697266d75b11d552c87da3bfda4ef89662d29ae1bff66df632641183e62
f0bf732a0c70e82956d841dbff0c9e0f8b7875aaab528e7c2af9b9d04bb1a0b3