seventy.04pu.pjafe.xyz Open in urlscan Pro
149.28.211.105 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://seventy.04pu.pjafe.xyz/
Effective URL:
https://seventy.04pu.pjafe.xyz/
Submission: On March 13 via manual (March 13th 2020, 3:54:10 am UTC) from US

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 149.28.211.105, located in San Jose, United States and belongs to AS-CHOOPA, US. The main domain is seventy.04pu.pjafe.xyz.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 5th 2020. Valid for: 3 months.

This is the only time seventy.04pu.pjafe.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	149.28.211.105 149.28.211.105	20473 (AS-CHOOPA) (AS-CHOOPA)
8 8	212.7.209.75 212.7.209.75	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
8	2606:4700:e4:... 2606:4700:e4::ac40:ae23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	3

2 149.28.211.105 (San Jose, United States) 1 redirects

ASN20473 (AS-CHOOPA, US)
PTR: 149.28.211.105.vultr.com

seventy.04pu.pjafe.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 212.7.209.75 (Netherlands) 8 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

q-mobi.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:e4::ac40:ae23 (United States)

ASN13335 (CLOUDFLARENET, US)

perftraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	perftraff.com perftraff.com
8	go2affise.com q-mobi.go2affise.com Failed	2 KB
2	pjafe.xyz 1 redirects seventy.04pu.pjafe.xyz	2 KB
0	mobtv.club Failed free.mobtv.club Failed
12	4

	Domain	Requested by
8	perftraff.com	seventy.04pu.pjafe.xyz
8	q-mobi.go2affise.com	seventy.04pu.pjafe.xyz
2	seventy.04pu.pjafe.xyz	1 redirects
0	free.mobtv.club Failed	seventy.04pu.pjafe.xyz
12	4

This site contains no links.

Subject Issuer	Validity	Valid
seventy.04pu.pjafe.xyz Let's Encrypt Authority X3	`2020-03-05` - `2020-06-03`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-12-31` - `2020-10-09`	9 months	crt.sh

This page contains 11 frames:

Primary Page: https://seventy.04pu.pjafe.xyz/
Frame ID: 1F0577EE82BB61FEEC6033AAC5365D0D
Requests: 2 HTTP requests in this frame

Frame: https://q-mobi.go2affise.com/click?pid=113&offer_id=2429527
Frame ID: 9BBE73E65BD583458B75D334A3F875AD
Requests: 1 HTTP requests in this frame

Frame: https://q-mobi.go2affise.com/click?pid=113&offer_id=2429528
Frame ID: E657B00D422C012CBFB430424F228EFB
Requests: 1 HTTP requests in this frame

Frame: https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2af7c0a0001eb8871&source=113&sub2=
Frame ID: 6BE50034F62E4EE2F475DB136CA53CEB
Requests: 1 HTTP requests in this frame

Frame: https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2d8e10500014e6c0c&source=113&sub2=
Frame ID: 98D04E2845A045539BCB83730A11D0A9
Requests: 1 HTTP requests in this frame

Frame: https://perftraff.com/l/26422915e0d4f6f88646?sub=5e6b03d2283c68000199c90d&source=113&sub2=
Frame ID: 1E003EB2C582E19966CD571E2290A519
Requests: 1 HTTP requests in this frame

Frame: https://perftraff.com/l/26422915e0d4f6f88646?sub=5e6b03d2af7c0a0001fcc1e5&source=113&sub2=
Frame ID: 2C20D14E13D7A55D6D9CD5E9F2D70A2D
Requests: 1 HTTP requests in this frame

Frame: https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2af7c0a000178eb15&source=113&sub2=
Frame ID: 07696EC5F211955B6C84022ACC9181FB
Requests: 1 HTTP requests in this frame

Frame: https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2d8e1050001861a5e&source=113&sub2=
Frame ID: 3839A271B0F156FA42EA53AEFA05F4F4
Requests: 1 HTTP requests in this frame

Frame: https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2283c680001eba388&source=113&sub2=
Frame ID: A7BA5E70F8A2B5711633BBDC66500685
Requests: 1 HTTP requests in this frame

Frame: https://perftraff.com/l/26422915e0d4f6f88646?sub=5e6b03d2283c6800017bf962&source=113&sub2=
Frame ID: CC4DD0DF61F8E4F9DD84F43035B04024
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://seventy.04pu.pjafe.xyz/ HTTP 301
https://seventy.04pu.pjafe.xyz/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

12
Requests

75 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

1 kB
Transfer

2 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://seventy.04pu.pjafe.xyz/ HTTP 301
https://seventy.04pu.pjafe.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://q-mobi.go2affise.com/click?pid=113&offer_id=2429529 HTTP 302
https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2af7c0a0001eb8871&source=113&sub2=

Request Chain 4

https://q-mobi.go2affise.com/click?pid=113&offer_id=2429530 HTTP 302
https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2d8e10500014e6c0c&source=113&sub2=

Request Chain 5

https://q-mobi.go2affise.com/click?pid=113&offer_id=2429531 HTTP 302
https://perftraff.com/l/26422915e0d4f6f88646?sub=5e6b03d2283c68000199c90d&source=113&sub2=

Request Chain 6

https://q-mobi.go2affise.com/click?pid=113&offer_id=2429527 HTTP 302
https://perftraff.com/l/26422915e0d4f6f88646?sub=5e6b03d2af7c0a0001fcc1e5&source=113&sub2=

Request Chain 7

https://q-mobi.go2affise.com/click?pid=113&offer_id=2429528 HTTP 302
https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2af7c0a000178eb15&source=113&sub2=

Request Chain 8

https://q-mobi.go2affise.com/click?pid=113&offer_id=2429529 HTTP 302
https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2d8e1050001861a5e&source=113&sub2=

Request Chain 9

https://q-mobi.go2affise.com/click?pid=113&offer_id=2429530 HTTP 302
https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2283c680001eba388&source=113&sub2=

Request Chain 10

https://q-mobi.go2affise.com/click?pid=113&offer_id=2429531 HTTP 302
https://perftraff.com/l/26422915e0d4f6f88646?sub=5e6b03d2283c6800017bf962&source=113&sub2=

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response seventy.04pu.pjafe.xyz/ Redirect Chain http://seventy.04pu.pjafe.xyz/ https://seventy.04pu.pjafe.xyz/	2 KB 1 KB	491ms 164ms	Document text/html	149.28.211.105 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://seventy.04pu.pjafe.xyz/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 149.28.211.105 San Jose, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 149.28.211.105.vultr.com Software nginx / Resource Hash `d61837edf813d39c80ab294ef15d595e2b6f9a7420025795221fa761219387ec` Request headers Host seventy.04pu.pjafe.xyz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx Date Fri, 13 Mar 2020 03:53:53 GMT Content-Type text/html Last-Modified Thu, 05 Mar 2020 14:25:49 GMT Transfer-Encoding chunked Connection keep-alive ETag W/"5e610bed-7eb" Expires Sun, 12 Apr 2020 03:53:53 GMT Cache-Control max-age=2592000 Content-Encoding gzip Redirect headers Server nginx Date Fri, 13 Mar 2020 03:53:53 GMT Content-Type text/html Content-Length 162 Connection keep-alive Location https://seventy.04pu.pjafe.xyz/
GET		pub.min.js free.mobtv.club/js/	0 0

GET		click q-mobi.go2affise.com/ Frame 9BBE	0 0

GET		click q-mobi.go2affise.com/ Frame E657	0 0

GET H2	200	26454955e159be916cad perftraff.com/l/ Frame 6BE5 Redirect Chain https://q-mobi.go2affise.com/click?pid=113&offer_id=2429529 https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2af7c0a0001eb8871&source=113&sub2=	0 0	89ms 28ms	Document text/html	2606:4700:e4::ac40:ae23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2af7c0a0001eb8871&source=113&sub2= Requested by Host: seventy.04pu.pjafe.xyz URL: https://seventy.04pu.pjafe.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ae23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority perftraff.com :scheme https :path /l/26454955e159be916cad?sub=5e6b03d2af7c0a0001eb8871&source=113&sub2= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://seventy.04pu.pjafe.xyz/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://seventy.04pu.pjafe.xyz/ Response headers status 200 date Fri, 13 Mar 2020 03:53:54 GMT content-type text/html set-cookie __cfduid=d82967cbefee519deae47ceb5bb5ca0631584071634; expires=Sun, 12-Apr-20 03:53:54 GMT; path=/; domain=.perftraff.com; HttpOnly; SameSite=Lax __cf_bm=bd50a030475de95056e282994a9553f7bdc283e8-1584071634-1800-AerQsXrLLAJ2EWHs/0ehOG402ujuMxyzGeK9rDL/bfwMucJTNlYuVIHp7BR5OulrMXJYwTjwx/qU1VxDe6HHi3M=; path=/; expires=Fri, 13-Mar-20 04:23:54 GMT; domain=.perftraff.com; HttpOnly; Secure; SameSite=None last-modified Tue, 20 Aug 2019 14:25:20 GMT expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5732cf82ef8696e6-FRA content-encoding br Redirect headers status 302 server nginx date Fri, 13 Mar 2020 03:53:54 GMT content-type text/html; charset=utf-8 content-length 121 location https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2af7c0a0001eb8871&source=113&sub2= set-cookie afclick=5e6b03d2af7c0a0001eb8871; Expires=Sat, 13 Mar 2021 03:53:54 GMT; Secure; SameSite=None
GET H2	200	26454955e159be916cad perftraff.com/l/ Frame 98D0 Redirect Chain https://q-mobi.go2affise.com/click?pid=113&offer_id=2429530 https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2d8e10500014e6c0c&source=113&sub2=	0 0	96ms 45ms	Document text/html	2606:4700:e4::ac40:ae23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2d8e10500014e6c0c&source=113&sub2= Requested by Host: seventy.04pu.pjafe.xyz URL: https://seventy.04pu.pjafe.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ae23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority perftraff.com :scheme https :path /l/26454955e159be916cad?sub=5e6b03d2d8e10500014e6c0c&source=113&sub2= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://seventy.04pu.pjafe.xyz/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://seventy.04pu.pjafe.xyz/ Response headers status 200 date Fri, 13 Mar 2020 03:53:54 GMT content-type text/html set-cookie __cfduid=d82967cbefee519deae47ceb5bb5ca0631584071634; expires=Sun, 12-Apr-20 03:53:54 GMT; path=/; domain=.perftraff.com; HttpOnly; SameSite=Lax __cf_bm=9f94322dd8e7c51e0bdba49c44c4990bc61f489f-1584071634-1800-AXEzAxVqFyxojTeKw6nfO8dA/rjJOPgTN8ig4pJVPTQgItVLmcBERdJYGxsRM0hZbVGh0Mq2yolOd7SIH0nOIGo=; path=/; expires=Fri, 13-Mar-20 04:23:54 GMT; domain=.perftraff.com; HttpOnly; Secure; SameSite=None last-modified Tue, 20 Aug 2019 14:25:18 GMT expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5732cf82ef8796e6-FRA content-encoding br Redirect headers status 302 server nginx date Fri, 13 Mar 2020 03:53:54 GMT content-type text/html; charset=utf-8 content-length 121 location https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2d8e10500014e6c0c&source=113&sub2= set-cookie afclick=5e6b03d2d8e10500014e6c0c; Expires=Sat, 13 Mar 2021 03:53:54 GMT; Secure; SameSite=None
GET H2	200	26422915e0d4f6f88646 perftraff.com/l/ Frame 1E00 Redirect Chain https://q-mobi.go2affise.com/click?pid=113&offer_id=2429531 https://perftraff.com/l/26422915e0d4f6f88646?sub=5e6b03d2283c68000199c90d&source=113&sub2=	0 0	49ms 38ms	Document text/html	2606:4700:e4::ac40:ae23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://perftraff.com/l/26422915e0d4f6f88646?sub=5e6b03d2283c68000199c90d&source=113&sub2= Requested by Host: seventy.04pu.pjafe.xyz URL: https://seventy.04pu.pjafe.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ae23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority perftraff.com :scheme https :path /l/26422915e0d4f6f88646?sub=5e6b03d2283c68000199c90d&source=113&sub2= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://seventy.04pu.pjafe.xyz/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://seventy.04pu.pjafe.xyz/ Response headers status 200 date Fri, 13 Mar 2020 03:53:54 GMT content-type text/html set-cookie __cfduid=d82967cbefee519deae47ceb5bb5ca0631584071634; expires=Sun, 12-Apr-20 03:53:54 GMT; path=/; domain=.perftraff.com; HttpOnly; SameSite=Lax __cf_bm=e70ea1b55116c68d00788f5857a758c6021cddab-1584071634-1800-AeV48Itdtktcj7vjXURIEXNTgQg58QnoIIqIAev30JIIKaDrREVt+TzdZ2FUL6mWoG5XkAPG73JlK0YVXFaDL14=; path=/; expires=Fri, 13-Mar-20 04:23:54 GMT; domain=.perftraff.com; HttpOnly; Secure; SameSite=None last-modified Tue, 20 Aug 2019 14:25:19 GMT expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5732cf82ef8f96e6-FRA content-encoding br Redirect headers status 302 server nginx date Fri, 13 Mar 2020 03:53:54 GMT content-type text/html; charset=utf-8 content-length 121 location https://perftraff.com/l/26422915e0d4f6f88646?sub=5e6b03d2283c68000199c90d&source=113&sub2= set-cookie afclick=5e6b03d2283c68000199c90d; Expires=Sat, 13 Mar 2021 03:53:54 GMT; Secure; SameSite=None
GET H2	200	26422915e0d4f6f88646 perftraff.com/l/ Frame 2C20 Redirect Chain https://q-mobi.go2affise.com/click?pid=113&offer_id=2429527 https://perftraff.com/l/26422915e0d4f6f88646?sub=5e6b03d2af7c0a0001fcc1e5&source=113&sub2=	0 0	83ms 35ms	Document text/html	2606:4700:e4::ac40:ae23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://perftraff.com/l/26422915e0d4f6f88646?sub=5e6b03d2af7c0a0001fcc1e5&source=113&sub2= Requested by Host: seventy.04pu.pjafe.xyz URL: https://seventy.04pu.pjafe.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ae23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority perftraff.com :scheme https :path /l/26422915e0d4f6f88646?sub=5e6b03d2af7c0a0001fcc1e5&source=113&sub2= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://seventy.04pu.pjafe.xyz/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://seventy.04pu.pjafe.xyz/ Response headers status 200 date Fri, 13 Mar 2020 03:53:54 GMT content-type text/html set-cookie __cfduid=d82967cbefee519deae47ceb5bb5ca0631584071634; expires=Sun, 12-Apr-20 03:53:54 GMT; path=/; domain=.perftraff.com; HttpOnly; SameSite=Lax __cf_bm=8c6af5c5c4654661e9fddd2eb3b52054e847083d-1584071634-1800-AZtnYRh1mWSEultNrzm+zDPGIQKWvhDXavSUck/vYOBVz1ZTvtaeS+Ojw2I6HgoEmCXXx0nTR3sqPeqLpOp9bBQ=; path=/; expires=Fri, 13-Mar-20 04:23:54 GMT; domain=.perftraff.com; HttpOnly; Secure; SameSite=None last-modified Tue, 20 Aug 2019 14:25:20 GMT expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5732cf82ef8996e6-FRA content-encoding br Redirect headers status 302 server nginx date Fri, 13 Mar 2020 03:53:54 GMT content-type text/html; charset=utf-8 content-length 121 location https://perftraff.com/l/26422915e0d4f6f88646?sub=5e6b03d2af7c0a0001fcc1e5&source=113&sub2= set-cookie afclick=5e6b03d2af7c0a0001fcc1e5; Expires=Sat, 13 Mar 2021 03:53:54 GMT; Secure; SameSite=None
GET H2	200	26454955e159be916cad perftraff.com/l/ Frame 0769 Redirect Chain https://q-mobi.go2affise.com/click?pid=113&offer_id=2429528 https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2af7c0a000178eb15&source=113&sub2=	0 0	93ms 50ms	Document text/html	2606:4700:e4::ac40:ae23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2af7c0a000178eb15&source=113&sub2= Requested by Host: seventy.04pu.pjafe.xyz URL: https://seventy.04pu.pjafe.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ae23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority perftraff.com :scheme https :path /l/26454955e159be916cad?sub=5e6b03d2af7c0a000178eb15&source=113&sub2= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://seventy.04pu.pjafe.xyz/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://seventy.04pu.pjafe.xyz/ Response headers status 200 date Fri, 13 Mar 2020 03:53:54 GMT content-type text/html set-cookie __cfduid=d82967cbefee519deae47ceb5bb5ca0631584071634; expires=Sun, 12-Apr-20 03:53:54 GMT; path=/; domain=.perftraff.com; HttpOnly; SameSite=Lax __cf_bm=993f2d18f39a72e0093dddd1db1fafee5d7e2ac8-1584071634-1800-AWFbqSrcpcgUAq2pxCFp5Z5Ji4Z+xb8bU0nTzeFrfl1fCimv4a0/IFg10sbQdCNFj28wiszBBFtkblPYJTCgHHs=; path=/; expires=Fri, 13-Mar-20 04:23:54 GMT; domain=.perftraff.com; HttpOnly; Secure; SameSite=None last-modified Tue, 20 Aug 2019 14:25:18 GMT expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5732cf82ef8c96e6-FRA content-encoding br Redirect headers status 302 server nginx date Fri, 13 Mar 2020 03:53:54 GMT content-type text/html; charset=utf-8 content-length 121 location https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2af7c0a000178eb15&source=113&sub2= set-cookie afclick=5e6b03d2af7c0a000178eb15; Expires=Sat, 13 Mar 2021 03:53:54 GMT; Secure; SameSite=None
GET H2	200	26454955e159be916cad perftraff.com/l/ Frame 3839 Redirect Chain https://q-mobi.go2affise.com/click?pid=113&offer_id=2429529 https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2d8e1050001861a5e&source=113&sub2=	0 0	60ms 31ms	Document text/html	2606:4700:e4::ac40:ae23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2d8e1050001861a5e&source=113&sub2= Requested by Host: seventy.04pu.pjafe.xyz URL: https://seventy.04pu.pjafe.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ae23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority perftraff.com :scheme https :path /l/26454955e159be916cad?sub=5e6b03d2d8e1050001861a5e&source=113&sub2= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://seventy.04pu.pjafe.xyz/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://seventy.04pu.pjafe.xyz/ Response headers status 200 date Fri, 13 Mar 2020 03:53:54 GMT content-type text/html set-cookie __cfduid=d82967cbefee519deae47ceb5bb5ca0631584071634; expires=Sun, 12-Apr-20 03:53:54 GMT; path=/; domain=.perftraff.com; HttpOnly; SameSite=Lax __cf_bm=f866d9543fb694c29ebaf94f86717171cefa287b-1584071634-1800-AfC0r674iGFwv8MH+2+Wdl/T5owodTCBfKh5GPnwh+mQE1gQUyWyVOSgbWbC+wOpzlFxAUutm4bH5cIrnhvWujY=; path=/; expires=Fri, 13-Mar-20 04:23:54 GMT; domain=.perftraff.com; HttpOnly; Secure; SameSite=None last-modified Tue, 20 Aug 2019 14:25:16 GMT expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5732cf82ff9096e6-FRA content-encoding br Redirect headers status 302 server nginx date Fri, 13 Mar 2020 03:53:54 GMT content-type text/html; charset=utf-8 content-length 121 location https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2d8e1050001861a5e&source=113&sub2= set-cookie afclick=5e6b03d2d8e1050001861a5e; Expires=Sat, 13 Mar 2021 03:53:54 GMT; Secure; SameSite=None
GET H2	200	26454955e159be916cad perftraff.com/l/ Frame A7BA Redirect Chain https://q-mobi.go2affise.com/click?pid=113&offer_id=2429530 https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2283c680001eba388&source=113&sub2=	0 0	119ms 70ms	Document text/html	2606:4700:e4::ac40:ae23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2283c680001eba388&source=113&sub2= Requested by Host: seventy.04pu.pjafe.xyz URL: https://seventy.04pu.pjafe.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ae23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority perftraff.com :scheme https :path /l/26454955e159be916cad?sub=5e6b03d2283c680001eba388&source=113&sub2= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://seventy.04pu.pjafe.xyz/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://seventy.04pu.pjafe.xyz/ Response headers status 200 date Fri, 13 Mar 2020 03:53:54 GMT content-type text/html set-cookie __cfduid=d82967cbefee519deae47ceb5bb5ca0631584071634; expires=Sun, 12-Apr-20 03:53:54 GMT; path=/; domain=.perftraff.com; HttpOnly; SameSite=Lax __cf_bm=898d8a9550bd20cb84ee4e5906da2fbb71714b6c-1584071634-1800-AY6irbAJ1UeW7OB4SVHJsxC2mrEx0vgPCJRTkBrSpkLmb9irWcwmv6ppM5ZieOSrhnhZII1Eo4R4Jx5mPYbktZE=; path=/; expires=Fri, 13-Mar-20 04:23:54 GMT; domain=.perftraff.com; HttpOnly; Secure; SameSite=None last-modified Tue, 20 Aug 2019 14:25:14 GMT expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5732cf82ef8896e6-FRA content-encoding br Redirect headers status 302 server nginx date Fri, 13 Mar 2020 03:53:54 GMT content-type text/html; charset=utf-8 content-length 121 location https://perftraff.com/l/26454955e159be916cad?sub=5e6b03d2283c680001eba388&source=113&sub2= set-cookie afclick=5e6b03d2283c680001eba388; Expires=Sat, 13 Mar 2021 03:53:54 GMT; Secure; SameSite=None
GET H2	200	26422915e0d4f6f88646 perftraff.com/l/ Frame CC4D Redirect Chain https://q-mobi.go2affise.com/click?pid=113&offer_id=2429531 https://perftraff.com/l/26422915e0d4f6f88646?sub=5e6b03d2283c6800017bf962&source=113&sub2=	0 0	83ms 42ms	Document text/html	2606:4700:e4::ac40:ae23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://perftraff.com/l/26422915e0d4f6f88646?sub=5e6b03d2283c6800017bf962&source=113&sub2= Requested by Host: seventy.04pu.pjafe.xyz URL: https://seventy.04pu.pjafe.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ae23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority perftraff.com :scheme https :path /l/26422915e0d4f6f88646?sub=5e6b03d2283c6800017bf962&source=113&sub2= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://seventy.04pu.pjafe.xyz/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://seventy.04pu.pjafe.xyz/ Response headers status 200 date Fri, 13 Mar 2020 03:53:54 GMT content-type text/html set-cookie __cfduid=d82967cbefee519deae47ceb5bb5ca0631584071634; expires=Sun, 12-Apr-20 03:53:54 GMT; path=/; domain=.perftraff.com; HttpOnly; SameSite=Lax __cf_bm=43909d90b07ae4f00f555b353ddfcda6783400fe-1584071634-1800-AaeDuex/WyAwc0QRXART8WZOes0LEhwY/G8y1WG6HxA45mYOhcNYoCGOyepejZCjvvhNQYqka7pYdL7Oi4nX+3A=; path=/; expires=Fri, 13-Mar-20 04:23:54 GMT; domain=.perftraff.com; HttpOnly; Secure; SameSite=None last-modified Tue, 20 Aug 2019 14:25:17 GMT expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5732cf82ef8e96e6-FRA content-encoding br Redirect headers status 302 server nginx date Fri, 13 Mar 2020 03:53:54 GMT content-type text/html; charset=utf-8 content-length 121 location https://perftraff.com/l/26422915e0d4f6f88646?sub=5e6b03d2283c6800017bf962&source=113&sub2= set-cookie afclick=5e6b03d2283c6800017bf962; Expires=Sat, 13 Mar 2021 03:53:54 GMT; Secure; SameSite=None

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: free.mobtv.club
URL: https://free.mobtv.club/js/pub.min.js

Domain: q-mobi.go2affise.com
URL: https://q-mobi.go2affise.com/click?pid=113&offer_id=2429527

Domain: q-mobi.go2affise.com
URL: https://q-mobi.go2affise.com/click?pid=113&offer_id=2429528

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

free.mobtv.club
perftraff.com
q-mobi.go2affise.com
seventy.04pu.pjafe.xyz
free.mobtv.club
q-mobi.go2affise.com
149.28.211.105
212.7.209.75
2606:4700:e4::ac40:ae23
d61837edf813d39c80ab294ef15d595e2b6f9a7420025795221fa761219387ec

seventy.04pu.pjafe.xyz Open in urlscan Pro 149.28.211.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

75 %HTTPS

33 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

1 kBTransfer

2 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

Indicators

seventy.04pu.pjafe.xyz Open in urlscan Pro
149.28.211.105 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

75 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

1 kB
Transfer

2 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions