transxvideo.cyou Open in urlscan Pro
172.67.158.160 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://witalfieldt.com/redirect?tid=698580&&ref=[URI_ENCODED_REFERER]%20http://www.nowlive1.me/300x250.html
Effective URL:
https://transxvideo.cyou/click.php
Submission: On September 09 via manual (September 9th 2024, 1:40:04 am UTC) from BR — Scanned from US

Summary HTTP 12 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 8 domains to perform 12 HTTP transactions. The main IP is 172.67.158.160, located in United States and belongs to CLOUDFLARENET, US. The main domain is transxvideo.cyou.
TLS certificate: Issued by WE1 on July 13th 2024. Valid for: 3 months.

This is the only time transxvideo.cyou was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.32.151.73 13.32.151.73	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:510... 2600:1f18:510:802:59cb:90ad:1c1a:77fa	14618 (AMAZON-AES) (AMAZON-AES)
2	109.206.175.73 109.206.175.73	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	172.67.200.33 172.67.200.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.147.92 172.67.147.92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.212.139 172.67.212.139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.21.234.34 104.21.234.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	172.67.158.160 172.67.158.160	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	3

1 13.32.151.73 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-151-73.iad66.r.cloudfront.net

witalfieldt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:510:802:59cb:90ad:1c1a:77fa (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

c.srvpcn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.206.175.73 (Amsterdam, Netherlands)

ASN50245 (SERVEREL-AS, US)
PTR: 109.206.175.73.serverel.net

realpush.realsh.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.200.33 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

u-10425.trovare.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.147.92 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ngc40k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.212.139 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

datingusa.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.234.34 (None, )

ASN13335 (CLOUDFLARENET, US)

sawmtraffic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.158.160 (United States)

ASN13335 (CLOUDFLARENET, US)

transxvideo.cyou	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	transxvideo.cyou transxvideo.cyou	15 KB
2	sawmtraffic.com sawmtraffic.com — Cisco Umbrella Rank: 661271	1 KB
2	realsh.xyz realpush.realsh.xyz	1 KB
1	datingusa.site 1 redirects datingusa.site — Cisco Umbrella Rank: 599680	1 KB
1	ngc40k.com 1 redirects ngc40k.com — Cisco Umbrella Rank: 572980	576 B
1	trovare.info 1 redirects u-10425.trovare.info	978 B
1	srvpcn.com 1 redirects c.srvpcn.com — Cisco Umbrella Rank: 37802	2 KB
1	witalfieldt.com 1 redirects witalfieldt.com	549 B
12	8

	Domain	Requested by
8	transxvideo.cyou	sawmtraffic.com transxvideo.cyou
2	sawmtraffic.com
2	realpush.realsh.xyz
1	datingusa.site	1 redirects
1	ngc40k.com	1 redirects
1	u-10425.trovare.info	1 redirects
1	c.srvpcn.com	1 redirects
1	witalfieldt.com	1 redirects
12	8

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
realpush.realsh.xyz R11	`2024-07-30` - `2024-10-28`	3 months	crt.sh
sawmtraffic.com WE1	`2024-08-17` - `2024-11-15`	3 months	crt.sh
transxvideo.cyou WE1	`2024-07-13` - `2024-10-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://transxvideo.cyou/click.php
Frame ID: B342F40D23E083F52C8DF19665786A00
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

transxvideo.cyou | 502: Bad gateway

Page URL History Show full URLs

http://witalfieldt.com/redirect?tid=698580&&ref=[URI_ENCODED_REFERER]%20http://www.nowlive1.me/300x... HTTP 307
https://witalfieldt.com/redirect?tid=698580&&ref=[URI_ENCODED_REFERER]%20http://www.nowlive1.me/300x... HTTP 302
http://c.srvpcn.com/click?id=crf53rf2ld3c73ca3jcg&e=910c1860-b3db-4e71-afa0-4f0097617241&px=715&z=1 HTTP 307
https://c.srvpcn.com/click?id=crf53rf2ld3c73ca3jcg&e=910c1860-b3db-4e71-afa0-4f0097617241&px=715&z=1 HTTP 303
https://realpush.realsh.xyz/b2/l/c/redir?asid=3274153703gILxoMmm&cid=5&did=cWRJZG0&eid=14977&n=030eceae5... Page URL
https://u-10425.trovare.info/api/rtb-pops/go?id=309361723292913&sig=93c9b49d7349d2be53ee5fedffe093&u=aHR0... HTTP 302
https://ngc40k.com/track/?source=45649&category=adult&quality=low&sub_id=3437363431393130375f34... HTTP 302
https://datingusa.site/HdJWdj?cost=0.101&currency=usd&external_id=7c0737d87a1b909b11f3bd8400273ab5&... HTTP 302
https://sawmtraffic.com/go.php Page URL
https://transxvideo.cyou/click.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

12
Requests

100 %
HTTPS

13 %
IPv6

8
Domains

8
Subdomains

3
IPs

3
Countries

18 kB
Transfer

21 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/5xx-error-landing?utm_source=errorcode_502&utm_campaign=transxvideo.cyou
Title: cloudflare.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://witalfieldt.com/redirect?tid=698580&&ref=[URI_ENCODED_REFERER]%20http://www.nowlive1.me/300x250.html HTTP 307
https://witalfieldt.com/redirect?tid=698580&&ref=[URI_ENCODED_REFERER]%20http://www.nowlive1.me/300x250.html HTTP 302
http://c.srvpcn.com/click?id=crf53rf2ld3c73ca3jcg&e=910c1860-b3db-4e71-afa0-4f0097617241&px=715&z=1 HTTP 307
https://c.srvpcn.com/click?id=crf53rf2ld3c73ca3jcg&e=910c1860-b3db-4e71-afa0-4f0097617241&px=715&z=1 HTTP 303
https://realpush.realsh.xyz/b2/l/c/redir?asid=3274153703gILxoMmm&cid=5&did=cWRJZG0&eid=14977&n=030eceae516be0bea4e8e913&nid=10004&sid=LIGy83AyxDB4jnEkcbQ2jyMc4qjQl0GyF1bBEekgyfhmAYOdeN9tnBRGgYJ5GfCCw98g2h2IMz6HEhMG4FMOXclB4WRDf1FQbj0W%2F3k9X6R%2FvnmEYKyhuIBRiALNKMOlKO2pYjZPLoA7nbAZ%2FG4EquGtknq7ZqQXMeli%2F4Ue3%2Bnbyqs7CGaBtzG4j71pwjwHOK3p6oycqD7DO9XRTDaHHXZ7cvkK7dv0aZHxRlE%2FLJjHasOXLR7Mkc%2Fd5OIoaLNd%2Fck4K6xp9yHnbZbl%2BRzKWg0po2PoMBZL3esvvcvQg83gujTxPI38ibkkbaxrGWVV0%2BzxgRPz4XjhMfnOL%2F5XU1IHlp3H0N5K75fAc9CVgrMstrchc0nWoYOv0JyYHLzK81vk9CPW5x%2B5pSYhUvQAeQwNj25GfZMwdyJvgxOKWq0pwJ5CUgeDzu8BRpOLNVJ1RmIjokXXVp5Bc7fap57pzUNBexJLwe0tG3tN25n2U8ueaZ64pPYX8CzwlJmw8iR1hmvOZUhqcoV3mXUJGYHia0j%2FU5iuhQrIUZKMUoHhQzXHgXDYrZl%2Fbp6UqMVlLj0XRRL2GswskslI2O0ea4p8uSdwPWbeAJZZMnhZD7YBNeyyN4TGoMoIj4H%2B2B5z8HsvWJ3u5TElvZJ91%2BBmf2Ndo%2FS4YXmI76YfHhqjDzlEKcInOziix3WDFPDTdF00yHQdWfjQNjp1t0WSqKvRFkXYL8IQh5wV5xa0lIxp9t%2FP1nHl%2B85aa4epUoHVVXYLCxbfQ6cE6JQD2RxPjyp52gdokYizBDDA4uqUGa1ljBFrbuQU40f7UzRoemgZ3lzag32eDmgYB%2F1SkELPpr0m%2BXwXJ1VfNp8CP4Ntb9o8V3VmEntStQEzkIGocdFNH0O9hLvYu3CLAtHJf2Ocn5SL2ToqDHDzO6V6hGRfDA%2BA%2FyhhZUsRjVktJxmDDhAJtuu1Cwiy9qWm9EtHe%2B%2FPL60GThXb4Mh4w3y%2BMAkPqXA4BAI8MqL%2FM3X45Kb9R6TnroZgdu2gHDvL1Wiuy6ty4DNIJMIwOY5OrgJ5JQj8aK%2BNvp8%2BAtvt8gxN9OAPvNyau6CWkGGBpnr9cv%2F7M4gOPG6rjr2C%2F1IXzSB5sWcmqFx4pqPseIwrbQdgL1Pb2pSMS75nOd1%2FG%2B1GX9y1F7saz4I0HB3tO9UKUzo6rXEOerMqCcsOKzGkfOWQO5iyR3J%2Fw%2FmQ4W03zfM3tILOVTgWGbiVZGKFiGB4ppj1E0zk8%2BBz%2FsVsBqbBV4%2BOvN0ixwEInEe9knU2yEGe9w12tvNEz7atBc7Er2XIOoRqUv0w8ATTc8PRPc3S2%2BlMsP7sTsIAYww88rVNswLdwtVcDR7MKjGLwkovHphrjBlTT55u2zZKzpt1HT%2Fl%2Bz4YiVhMqmeA3opQ8ClSqEriit1%2F0PCBvvUBjezPUwvS9scCi0oFHTAhvNND%2F%2FPCj9lEsGLl%2BmoCz9Zi7hZyMo%2FhxFioWbiDx9yrj%2FwrPxZbEC7%2Ba2ub7%2BjTLWTlIyMpoK8wGuvkdawbiWEa5BKcpuBUN%2FP1ofs1tt4XtWSTGJPEtTzjUb4HguO4kOgGD00N5WHmUoDa2IyxYlEGgMZXFMU2rN5sTyoFEsmuGp5F38237RwoEPykuTPH9eSMCLWH6teTwkVeu1zwFiQ6KMF21X99XLhCNocu6Sd93bB7Hr1tfViq6%2BAhL%2Fy8eRKgUhGxl0O7sqXKKLFkefwA9wPPcgMHrhUK3he0Oc3463T2G2kymf%2FhGbbBWboE455TNtoYelROQO%2BcWnXZdB7GrJUqlG1BTeRtj7T%2FmAnBTqiCYOfpDpdtMdEOlHqlRn32VTOujr%2FqYboOQJ8GtP5JZZrhALaRqCIF7SLh5%2FBsghMgdb42YhEciN0CjTKojaTLdRc4hnxqepLEgVE3pA858qAMdH7hpOmr1etNc8bCSFKZ4WxWRguk2gGWngwgglOdtau%2FxvwfPFoptsRmHJnLq2BHf4GlCMQJF6s%2B%2BRaIUMV2Na9rq%2BxeVZWAiwTpvGzWUyTy5JZy0G%2BIFvlz4TXyChZCsFFHUMUGOo%2FovThc4j0GNXTRzlW9t%2BX33Z3l4vstj6xlXmAtKCaL0id9wn8JxRjyVEdA9VfbbOolKsxbqsh%2FRD0aIYcv2TO%2BfiZdvDcBVuCv4d6DAHcpVN1YBZLUk2nolM6BP8gxAQe4H3Gcr1I4AF90XHjupzWTPF%2BFJT0Mn64fJnzDNZa7xd0&ssid=3274153703gILxoMmm&ts=1725845997&ttl=300&v=v5.11.31 Page URL
https://u-10425.trovare.info/api/rtb-pops/go?id=309361723292913&sig=93c9b49d7349d2be53ee5fedffe093&u=aHR0cHM6Ly9uZ2M0MGsuY29tL3RyYWNrLz9zb3VyY2U9e3NvdXJjZV9pZH0mY2F0ZWdvcnk9e2NhdGVnb3J5fSZxdWFsaXR5PXtxdWFsaXR5fSZzdWJfaWQ9e3N1Yl9pZH0mY2FtcGFpZ25faWQ9e2NhbXBhaWduX2lkfSZleHRlcm5hbF9pZD17Y2xpY2tfaWR9JnNvdXJjZV9pZD17c291cmNlX2lkfSZhZF9jYW1wYWlnbl9pZD17Y2FtcGFpZ25faWR9JmNvc3Q9e2NwY30mY3BtPXtjcG19 HTTP 302
https://ngc40k.com/track/?source=45649&category=adult&quality=low&sub_id=3437363431393130375f3435363439&campaign_id=323636&external_id=Nnhwd3x6ODF8N3ZuYmMzfG92WE85UT09fDMwOTM2MTcyMzI5MjkxM3ww&source_id=45649&ad_campaign_id=323636&cost=0.000101&cpm={cpm} HTTP 302
https://datingusa.site/HdJWdj?cost=0.101&currency=usd&external_id=7c0737d87a1b909b11f3bd8400273ab5&creative_id=default&ad_campaign_id=323636&source=45649&model_price=cpm&price=0.101 HTTP 302
https://sawmtraffic.com/go.php Page URL
https://transxvideo.cyou/click.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://witalfieldt.com/redirect?tid=698580&&ref=[URI_ENCODED_REFERER]%20http://www.nowlive1.me/300x250.html HTTP 307
https://witalfieldt.com/redirect?tid=698580&&ref=[URI_ENCODED_REFERER]%20http://www.nowlive1.me/300x250.html HTTP 302
http://c.srvpcn.com/click?id=crf53rf2ld3c73ca3jcg&e=910c1860-b3db-4e71-afa0-4f0097617241&px=715&z=1 HTTP 307
https://c.srvpcn.com/click?id=crf53rf2ld3c73ca3jcg&e=910c1860-b3db-4e71-afa0-4f0097617241&px=715&z=1 HTTP 303
https://realpush.realsh.xyz/b2/l/c/redir?asid=3274153703gILxoMmm&cid=5&did=cWRJZG0&eid=14977&n=030eceae516be0bea4e8e913&nid=10004&sid=LIGy83AyxDB4jnEkcbQ2jyMc4qjQl0GyF1bBEekgyfhmAYOdeN9tnBRGgYJ5GfCCw98g2h2IMz6HEhMG4FMOXclB4WRDf1FQbj0W%2F3k9X6R%2FvnmEYKyhuIBRiALNKMOlKO2pYjZPLoA7nbAZ%2FG4EquGtknq7ZqQXMeli%2F4Ue3%2Bnbyqs7CGaBtzG4j71pwjwHOK3p6oycqD7DO9XRTDaHHXZ7cvkK7dv0aZHxRlE%2FLJjHasOXLR7Mkc%2Fd5OIoaLNd%2Fck4K6xp9yHnbZbl%2BRzKWg0po2PoMBZL3esvvcvQg83gujTxPI38ibkkbaxrGWVV0%2BzxgRPz4XjhMfnOL%2F5XU1IHlp3H0N5K75fAc9CVgrMstrchc0nWoYOv0JyYHLzK81vk9CPW5x%2B5pSYhUvQAeQwNj25GfZMwdyJvgxOKWq0pwJ5CUgeDzu8BRpOLNVJ1RmIjokXXVp5Bc7fap57pzUNBexJLwe0tG3tN25n2U8ueaZ64pPYX8CzwlJmw8iR1hmvOZUhqcoV3mXUJGYHia0j%2FU5iuhQrIUZKMUoHhQzXHgXDYrZl%2Fbp6UqMVlLj0XRRL2GswskslI2O0ea4p8uSdwPWbeAJZZMnhZD7YBNeyyN4TGoMoIj4H%2B2B5z8HsvWJ3u5TElvZJ91%2BBmf2Ndo%2FS4YXmI76YfHhqjDzlEKcInOziix3WDFPDTdF00yHQdWfjQNjp1t0WSqKvRFkXYL8IQh5wV5xa0lIxp9t%2FP1nHl%2B85aa4epUoHVVXYLCxbfQ6cE6JQD2RxPjyp52gdokYizBDDA4uqUGa1ljBFrbuQU40f7UzRoemgZ3lzag32eDmgYB%2F1SkELPpr0m%2BXwXJ1VfNp8CP4Ntb9o8V3VmEntStQEzkIGocdFNH0O9hLvYu3CLAtHJf2Ocn5SL2ToqDHDzO6V6hGRfDA%2BA%2FyhhZUsRjVktJxmDDhAJtuu1Cwiy9qWm9EtHe%2B%2FPL60GThXb4Mh4w3y%2BMAkPqXA4BAI8MqL%2FM3X45Kb9R6TnroZgdu2gHDvL1Wiuy6ty4DNIJMIwOY5OrgJ5JQj8aK%2BNvp8%2BAtvt8gxN9OAPvNyau6CWkGGBpnr9cv%2F7M4gOPG6rjr2C%2F1IXzSB5sWcmqFx4pqPseIwrbQdgL1Pb2pSMS75nOd1%2FG%2B1GX9y1F7saz4I0HB3tO9UKUzo6rXEOerMqCcsOKzGkfOWQO5iyR3J%2Fw%2FmQ4W03zfM3tILOVTgWGbiVZGKFiGB4ppj1E0zk8%2BBz%2FsVsBqbBV4%2BOvN0ixwEInEe9knU2yEGe9w12tvNEz7atBc7Er2XIOoRqUv0w8ATTc8PRPc3S2%2BlMsP7sTsIAYww88rVNswLdwtVcDR7MKjGLwkovHphrjBlTT55u2zZKzpt1HT%2Fl%2Bz4YiVhMqmeA3opQ8ClSqEriit1%2F0PCBvvUBjezPUwvS9scCi0oFHTAhvNND%2F%2FPCj9lEsGLl%2BmoCz9Zi7hZyMo%2FhxFioWbiDx9yrj%2FwrPxZbEC7%2Ba2ub7%2BjTLWTlIyMpoK8wGuvkdawbiWEa5BKcpuBUN%2FP1ofs1tt4XtWSTGJPEtTzjUb4HguO4kOgGD00N5WHmUoDa2IyxYlEGgMZXFMU2rN5sTyoFEsmuGp5F38237RwoEPykuTPH9eSMCLWH6teTwkVeu1zwFiQ6KMF21X99XLhCNocu6Sd93bB7Hr1tfViq6%2BAhL%2Fy8eRKgUhGxl0O7sqXKKLFkefwA9wPPcgMHrhUK3he0Oc3463T2G2kymf%2FhGbbBWboE455TNtoYelROQO%2BcWnXZdB7GrJUqlG1BTeRtj7T%2FmAnBTqiCYOfpDpdtMdEOlHqlRn32VTOujr%2FqYboOQJ8GtP5JZZrhALaRqCIF7SLh5%2FBsghMgdb42YhEciN0CjTKojaTLdRc4hnxqepLEgVE3pA858qAMdH7hpOmr1etNc8bCSFKZ4WxWRguk2gGWngwgglOdtau%2FxvwfPFoptsRmHJnLq2BHf4GlCMQJF6s%2B%2BRaIUMV2Na9rq%2BxeVZWAiwTpvGzWUyTy5JZy0G%2BIFvlz4TXyChZCsFFHUMUGOo%2FovThc4j0GNXTRzlW9t%2BX33Z3l4vstj6xlXmAtKCaL0id9wn8JxRjyVEdA9VfbbOolKsxbqsh%2FRD0aIYcv2TO%2BfiZdvDcBVuCv4d6DAHcpVN1YBZLUk2nolM6BP8gxAQe4H3Gcr1I4AF90XHjupzWTPF%2BFJT0Mn64fJnzDNZa7xd0&ssid=3274153703gILxoMmm&ts=1725845997&ttl=300&v=v5.11.31

Request Chain 1

https://u-10425.trovare.info/api/rtb-pops/go?id=309361723292913&sig=93c9b49d7349d2be53ee5fedffe093&u=aHR0cHM6Ly9uZ2M0MGsuY29tL3RyYWNrLz9zb3VyY2U9e3NvdXJjZV9pZH0mY2F0ZWdvcnk9e2NhdGVnb3J5fSZxdWFsaXR5PXtxdWFsaXR5fSZzdWJfaWQ9e3N1Yl9pZH0mY2FtcGFpZ25faWQ9e2NhbXBhaWduX2lkfSZleHRlcm5hbF9pZD17Y2xpY2tfaWR9JnNvdXJjZV9pZD17c291cmNlX2lkfSZhZF9jYW1wYWlnbl9pZD17Y2FtcGFpZ25faWR9JmNvc3Q9e2NwY30mY3BtPXtjcG19 HTTP 302
https://ngc40k.com/track/?source=45649&category=adult&quality=low&sub_id=3437363431393130375f3435363439&campaign_id=323636&external_id=Nnhwd3x6ODF8N3ZuYmMzfG92WE85UT09fDMwOTM2MTcyMzI5MjkxM3ww&source_id=45649&ad_campaign_id=323636&cost=0.000101&cpm={cpm} HTTP 302
https://datingusa.site/HdJWdj?cost=0.101&currency=usd&external_id=7c0737d87a1b909b11f3bd8400273ab5&creative_id=default&ad_campaign_id=323636&source=45649&model_price=cpm&price=0.101 HTTP 302
https://sawmtraffic.com/go.php

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

redir Show response
realpush.realsh.xyz/b2/l/c/
Redirect Chain

http://witalfieldt.com/redirect?tid=698580&&ref=[URI_ENCODED_REFERER]%20http://www.nowlive1.me/300x250.html
https://witalfieldt.com/redirect?tid=698580&&ref=[URI_ENCODED_REFERER]%20http://www.nowlive1.me/300x250.html
http://c.srvpcn.com/click?id=crf53rf2ld3c73ca3jcg&e=910c1860-b3db-4e71-afa0-4f0097617241&px=715&z=1
https://c.srvpcn.com/click?id=crf53rf2ld3c73ca3jcg&e=910c1860-b3db-4e71-afa0-4f0097617241&px=715&z=1
https://realpush.realsh.xyz/b2/l/c/redir?asid=3274153703gILxoMmm&cid=5&did=cWRJZG0&eid=14977&n=030eceae516be0bea4e8e913&nid=10004&sid=LIGy83AyxDB4jnEkcbQ2jyMc4qjQl0GyF1bBEekgyfhmAYOdeN9tnBRGgYJ5GfC...

754 B
973 B

768ms
212ms

Document
text/html

109.206.175.73
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://realpush.realsh.xyz/b2/l/c/redir?asid=3274153703gILxoMmm&cid=5&did=cWRJZG0&eid=14977&n=030eceae516be0bea4e8e913&nid=10004&sid=LIGy83AyxDB4jnEkcbQ2jyMc4qjQl0GyF1bBEekgyfhmAYOdeN9tnBRGgYJ5GfCCw98g2h2IMz6HEhMG4FMOXclB4WRDf1FQbj0W%2F3k9X6R%2FvnmEYKyhuIBRiALNKMOlKO2pYjZPLoA7nbAZ%2FG4EquGtknq7ZqQXMeli%2F4Ue3%2Bnbyqs7CGaBtzG4j71pwjwHOK3p6oycqD7DO9XRTDaHHXZ7cvkK7dv0aZHxRlE%2FLJjHasOXLR7Mkc%2Fd5OIoaLNd%2Fck4K6xp9yHnbZbl%2BRzKWg0po2PoMBZL3esvvcvQg83gujTxPI38ibkkbaxrGWVV0%2BzxgRPz4XjhMfnOL%2F5XU1IHlp3H0N5K75fAc9CVgrMstrchc0nWoYOv0JyYHLzK81vk9CPW5x%2B5pSYhUvQAeQwNj25GfZMwdyJvgxOKWq0pwJ5CUgeDzu8BRpOLNVJ1RmIjokXXVp5Bc7fap57pzUNBexJLwe0tG3tN25n2U8ueaZ64pPYX8CzwlJmw8iR1hmvOZUhqcoV3mXUJGYHia0j%2FU5iuhQrIUZKMUoHhQzXHgXDYrZl%2Fbp6UqMVlLj0XRRL2GswskslI2O0ea4p8uSdwPWbeAJZZMnhZD7YBNeyyN4TGoMoIj4H%2B2B5z8HsvWJ3u5TElvZJ91%2BBmf2Ndo%2FS4YXmI76YfHhqjDzlEKcInOziix3WDFPDTdF00yHQdWfjQNjp1t0WSqKvRFkXYL8IQh5wV5xa0lIxp9t%2FP1nHl%2B85aa4epUoHVVXYLCxbfQ6cE6JQD2RxPjyp52gdokYizBDDA4uqUGa1ljBFrbuQU40f7UzRoemgZ3lzag32eDmgYB%2F1SkELPpr0m%2BXwXJ1VfNp8CP4Ntb9o8V3VmEntStQEzkIGocdFNH0O9hLvYu3CLAtHJf2Ocn5SL2ToqDHDzO6V6hGRfDA%2BA%2FyhhZUsRjVktJxmDDhAJtuu1Cwiy9qWm9EtHe%2B%2FPL60GThXb4Mh4w3y%2BMAkPqXA4BAI8MqL%2FM3X45Kb9R6TnroZgdu2gHDvL1Wiuy6ty4DNIJMIwOY5OrgJ5JQj8aK%2BNvp8%2BAtvt8gxN9OAPvNyau6CWkGGBpnr9cv%2F7M4gOPG6rjr2C%2F1IXzSB5sWcmqFx4pqPseIwrbQdgL1Pb2pSMS75nOd1%2FG%2B1GX9y1F7saz4I0HB3tO9UKUzo6rXEOerMqCcsOKzGkfOWQO5iyR3J%2Fw%2FmQ4W03zfM3tILOVTgWGbiVZGKFiGB4ppj1E0zk8%2BBz%2FsVsBqbBV4%2BOvN0ixwEInEe9knU2yEGe9w12tvNEz7atBc7Er2XIOoRqUv0w8ATTc8PRPc3S2%2BlMsP7sTsIAYww88rVNswLdwtVcDR7MKjGLwkovHphrjBlTT55u2zZKzpt1HT%2Fl%2Bz4YiVhMqmeA3opQ8ClSqEriit1%2F0PCBvvUBjezPUwvS9scCi0oFHTAhvNND%2F%2FPCj9lEsGLl%2BmoCz9Zi7hZyMo%2FhxFioWbiDx9yrj%2FwrPxZbEC7%2Ba2ub7%2BjTLWTlIyMpoK8wGuvkdawbiWEa5BKcpuBUN%2FP1ofs1tt4XtWSTGJPEtTzjUb4HguO4kOgGD00N5WHmUoDa2IyxYlEGgMZXFMU2rN5sTyoFEsmuGp5F38237RwoEPykuTPH9eSMCLWH6teTwkVeu1zwFiQ6KMF21X99XLhCNocu6Sd93bB7Hr1tfViq6%2BAhL%2Fy8eRKgUhGxl0O7sqXKKLFkefwA9wPPcgMHrhUK3he0Oc3463T2G2kymf%2FhGbbBWboE455TNtoYelROQO%2BcWnXZdB7GrJUqlG1BTeRtj7T%2FmAnBTqiCYOfpDpdtMdEOlHqlRn32VTOujr%2FqYboOQJ8GtP5JZZrhALaRqCIF7SLh5%2FBsghMgdb42YhEciN0CjTKojaTLdRc4hnxqepLEgVE3pA858qAMdH7hpOmr1etNc8bCSFKZ4WxWRguk2gGWngwgglOdtau%2FxvwfPFoptsRmHJnLq2BHf4GlCMQJF6s%2B%2BRaIUMV2Na9rq%2BxeVZWAiwTpvGzWUyTy5JZy0G%2BIFvlz4TXyChZCsFFHUMUGOo%2FovThc4j0GNXTRzlW9t%2BX33Z3l4vstj6xlXmAtKCaL0id9wn8JxRjyVEdA9VfbbOolKsxbqsh%2FRD0aIYcv2TO%2BfiZdvDcBVuCv4d6DAHcpVN1YBZLUk2nolM6BP8gxAQe4H3Gcr1I4AF90XHjupzWTPF%2BFJT0Mn64fJnzDNZa7xd0&ssid=3274153703gILxoMmm&ts=1725845997&ttl=300&v=v5.11.31
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 109.206.175.73 Amsterdam, Netherlands, ASN50245 (SERVEREL-AS, US),
Reverse DNS: 109.206.175.73.serverel.net
Software: dspclick-v3.12.17 /
Resource Hash: 603002beb3f4a018f0b301f97bd9ea86f7c2a4ead22658f16dd11824a48545e5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-length: 754
content-type: text/html
date: Mon, 09 Sep 2024 01:39:58 GMT
server: dspclick-v3.12.17

Redirect headers

content-length: 0
date: Mon, 09 Sep 2024 01:39:58 GMT
location: https://realpush.realsh.xyz/b2/l/c/redir?asid=3274153703gILxoMmm&cid=5&did=cWRJZG0&eid=14977&n=030eceae516be0bea4e8e913&nid=10004&sid=LIGy83AyxDB4jnEkcbQ2jyMc4qjQl0GyF1bBEekgyfhmAYOdeN9tnBRGgYJ5GfCCw98g2h2IMz6HEhMG4FMOXclB4WRDf1FQbj0W%2F3k9X6R%2FvnmEYKyhuIBRiALNKMOlKO2pYjZPLoA7nbAZ%2FG4EquGtknq7ZqQXMeli%2F4Ue3%2Bnbyqs7CGaBtzG4j71pwjwHOK3p6oycqD7DO9XRTDaHHXZ7cvkK7dv0aZHxRlE%2FLJjHasOXLR7Mkc%2Fd5OIoaLNd%2Fck4K6xp9yHnbZbl%2BRzKWg0po2PoMBZL3esvvcvQg83gujTxPI38ibkkbaxrGWVV0%2BzxgRPz4XjhMfnOL%2F5XU1IHlp3H0N5K75fAc9CVgrMstrchc0nWoYOv0JyYHLzK81vk9CPW5x%2B5pSYhUvQAeQwNj25GfZMwdyJvgxOKWq0pwJ5CUgeDzu8BRpOLNVJ1RmIjokXXVp5Bc7fap57pzUNBexJLwe0tG3tN25n2U8ueaZ64pPYX8CzwlJmw8iR1hmvOZUhqcoV3mXUJGYHia0j%2FU5iuhQrIUZKMUoHhQzXHgXDYrZl%2Fbp6UqMVlLj0XRRL2GswskslI2O0ea4p8uSdwPWbeAJZZMnhZD7YBNeyyN4TGoMoIj4H%2B2B5z8HsvWJ3u5TElvZJ91%2BBmf2Ndo%2FS4YXmI76YfHhqjDzlEKcInOziix3WDFPDTdF00yHQdWfjQNjp1t0WSqKvRFkXYL8IQh5wV5xa0lIxp9t%2FP1nHl%2B85aa4epUoHVVXYLCxbfQ6cE6JQD2RxPjyp52gdokYizBDDA4uqUGa1ljBFrbuQU40f7UzRoemgZ3lzag32eDmgYB%2F1SkELPpr0m%2BXwXJ1VfNp8CP4Ntb9o8V3VmEntStQEzkIGocdFNH0O9hLvYu3CLAtHJf2Ocn5SL2ToqDHDzO6V6hGRfDA%2BA%2FyhhZUsRjVktJxmDDhAJtuu1Cwiy9qWm9EtHe%2B%2FPL60GThXb4Mh4w3y%2BMAkPqXA4BAI8MqL%2FM3X45Kb9R6TnroZgdu2gHDvL1Wiuy6ty4DNIJMIwOY5OrgJ5JQj8aK%2BNvp8%2BAtvt8gxN9OAPvNyau6CWkGGBpnr9cv%2F7M4gOPG6rjr2C%2F1IXzSB5sWcmqFx4pqPseIwrbQdgL1Pb2pSMS75nOd1%2FG%2B1GX9y1F7saz4I0HB3tO9UKUzo6rXEOerMqCcsOKzGkfOWQO5iyR3J%2Fw%2FmQ4W03zfM3tILOVTgWGbiVZGKFiGB4ppj1E0zk8%2BBz%2FsVsBqbBV4%2BOvN0ixwEInEe9knU2yEGe9w12tvNEz7atBc7Er2XIOoRqUv0w8ATTc8PRPc3S2%2BlMsP7sTsIAYww88rVNswLdwtVcDR7MKjGLwkovHphrjBlTT55u2zZKzpt1HT%2Fl%2Bz4YiVhMqmeA3opQ8ClSqEriit1%2F0PCBvvUBjezPUwvS9scCi0oFHTAhvNND%2F%2FPCj9lEsGLl%2BmoCz9Zi7hZyMo%2FhxFioWbiDx9yrj%2FwrPxZbEC7%2Ba2ub7%2BjTLWTlIyMpoK8wGuvkdawbiWEa5BKcpuBUN%2FP1ofs1tt4XtWSTGJPEtTzjUb4HguO4kOgGD00N5WHmUoDa2IyxYlEGgMZXFMU2rN5sTyoFEsmuGp5F38237RwoEPykuTPH9eSMCLWH6teTwkVeu1zwFiQ6KMF21X99XLhCNocu6Sd93bB7Hr1tfViq6%2BAhL%2Fy8eRKgUhGxl0O7sqXKKLFkefwA9wPPcgMHrhUK3he0Oc3463T2G2kymf%2FhGbbBWboE455TNtoYelROQO%2BcWnXZdB7GrJUqlG1BTeRtj7T%2FmAnBTqiCYOfpDpdtMdEOlHqlRn32VTOujr%2FqYboOQJ8GtP5JZZrhALaRqCIF7SLh5%2FBsghMgdb42YhEciN0CjTKojaTLdRc4hnxqepLEgVE3pA858qAMdH7hpOmr1etNc8bCSFKZ4WxWRguk2gGWngwgglOdtau%2FxvwfPFoptsRmHJnLq2BHf4GlCMQJF6s%2B%2BRaIUMV2Na9rq%2BxeVZWAiwTpvGzWUyTy5JZy0G%2BIFvlz4TXyChZCsFFHUMUGOo%2FovThc4j0GNXTRzlW9t%2BX33Z3l4vstj6xlXmAtKCaL0id9wn8JxRjyVEdA9VfbbOolKsxbqsh%2FRD0aIYcv2TO%2BfiZdvDcBVuCv4d6DAHcpVN1YBZLUk2nolM6BP8gxAQe4H3Gcr1I4AF90XHjupzWTPF%2BFJT0Mn64fJnzDNZa7xd0&ssid=3274153703gILxoMmm&ts=1725845997&ttl=300&v=v5.11.31

GET
H3

200

go.php
sawmtraffic.com/
Redirect Chain

https://u-10425.trovare.info/api/rtb-pops/go?id=309361723292913&sig=93c9b49d7349d2be53ee5fedffe093&u=aHR0cHM6Ly9uZ2M0MGsuY29tL3RyYWNrLz9zb3VyY2U9e3NvdXJjZV9pZH0mY2F0ZWdvcnk9e2NhdGVnb3J5fSZxdWFsaXR5...
https://ngc40k.com/track/?source=45649&category=adult&quality=low&sub_id=3437363431393130375f3435363439&campaign_id=323636&external_id=Nnhwd3x6ODF8N3ZuYmMzfG92WE85UT09fDMwOTM2MTcyMzI5MjkxM3ww&sourc...
https://datingusa.site/HdJWdj?cost=0.101&currency=usd&external_id=7c0737d87a1b909b11f3bd8400273ab5&creative_id=default&ad_campaign_id=323636&source=45649&model_price=cpm&price=0.101
https://sawmtraffic.com/go.php

159 B
592 B

491ms
388ms

Document
text/html

104.21.234.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sawmtraffic.com/go.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.16
Resource Hash

Request headers

Referer: https://realpush.realsh.xyz/b2/l/c/redir?asid=3274153703gILxoMmm&cid=5&did=cWRJZG0&eid=14977&n=030eceae516be0bea4e8e913&nid=10004&sid=LIGy83AyxDB4jnEkcbQ2jyMc4qjQl0GyF1bBEekgyfhmAYOdeN9tnBRGgYJ5GfCCw98g2h2IMz6HEhMG4FMOXclB4WRDf1FQbj0W%2F3k9X6R%2FvnmEYKyhuIBRiALNKMOlKO2pYjZPLoA7nbAZ%2FG4EquGtknq7ZqQXMeli%2F4Ue3%2Bnbyqs7CGaBtzG4j71pwjwHOK3p6oycqD7DO9XRTDaHHXZ7cvkK7dv0aZHxRlE%2FLJjHasOXLR7Mkc%2Fd5OIoaLNd%2Fck4K6xp9yHnbZbl%2BRzKWg0po2PoMBZL3esvvcvQg83gujTxPI38ibkkbaxrGWVV0%2BzxgRPz4XjhMfnOL%2F5XU1IHlp3H0N5K75fAc9CVgrMstrchc0nWoYOv0JyYHLzK81vk9CPW5x%2B5pSYhUvQAeQwNj25GfZMwdyJvgxOKWq0pwJ5CUgeDzu8BRpOLNVJ1RmIjokXXVp5Bc7fap57pzUNBexJLwe0tG3tN25n2U8ueaZ64pPYX8CzwlJmw8iR1hmvOZUhqcoV3mXUJGYHia0j%2FU5iuhQrIUZKMUoHhQzXHgXDYrZl%2Fbp6UqMVlLj0XRRL2GswskslI2O0ea4p8uSdwPWbeAJZZMnhZD7YBNeyyN4TGoMoIj4H%2B2B5z8HsvWJ3u5TElvZJ91%2BBmf2Ndo%2FS4YXmI76YfHhqjDzlEKcInOziix3WDFPDTdF00yHQdWfjQNjp1t0WSqKvRFkXYL8IQh5wV5xa0lIxp9t%2FP1nHl%2B85aa4epUoHVVXYLCxbfQ6cE6JQD2RxPjyp52gdokYizBDDA4uqUGa1ljBFrbuQU40f7UzRoemgZ3lzag32eDmgYB%2F1SkELPpr0m%2BXwXJ1VfNp8CP4Ntb9o8V3VmEntStQEzkIGocdFNH0O9hLvYu3CLAtHJf2Ocn5SL2ToqDHDzO6V6hGRfDA%2BA%2FyhhZUsRjVktJxmDDhAJtuu1Cwiy9qWm9EtHe%2B%2FPL60GThXb4Mh4w3y%2BMAkPqXA4BAI8MqL%2FM3X45Kb9R6TnroZgdu2gHDvL1Wiuy6ty4DNIJMIwOY5OrgJ5JQj8aK%2BNvp8%2BAtvt8gxN9OAPvNyau6CWkGGBpnr9cv%2F7M4gOPG6rjr2C%2F1IXzSB5sWcmqFx4pqPseIwrbQdgL1Pb2pSMS75nOd1%2FG%2B1GX9y1F7saz4I0HB3tO9UKUzo6rXEOerMqCcsOKzGkfOWQO5iyR3J%2Fw%2FmQ4W03zfM3tILOVTgWGbiVZGKFiGB4ppj1E0zk8%2BBz%2FsVsBqbBV4%2BOvN0ixwEInEe9knU2yEGe9w12tvNEz7atBc7Er2XIOoRqUv0w8ATTc8PRPc3S2%2BlMsP7sTsIAYww88rVNswLdwtVcDR7MKjGLwkovHphrjBlTT55u2zZKzpt1HT%2Fl%2Bz4YiVhMqmeA3opQ8ClSqEriit1%2F0PCBvvUBjezPUwvS9scCi0oFHTAhvNND%2F%2FPCj9lEsGLl%2BmoCz9Zi7hZyMo%2FhxFioWbiDx9yrj%2FwrPxZbEC7%2Ba2ub7%2BjTLWTlIyMpoK8wGuvkdawbiWEa5BKcpuBUN%2FP1ofs1tt4XtWSTGJPEtTzjUb4HguO4kOgGD00N5WHmUoDa2IyxYlEGgMZXFMU2rN5sTyoFEsmuGp5F38237RwoEPykuTPH9eSMCLWH6teTwkVeu1zwFiQ6KMF21X99XLhCNocu6Sd93bB7Hr1tfViq6%2BAhL%2Fy8eRKgUhGxl0O7sqXKKLFkefwA9wPPcgMHrhUK3he0Oc3463T2G2kymf%2FhGbbBWboE455TNtoYelROQO%2BcWnXZdB7GrJUqlG1BTeRtj7T%2FmAnBTqiCYOfpDpdtMdEOlHqlRn32VTOujr%2FqYboOQJ8GtP5JZZrhALaRqCIF7SLh5%2FBsghMgdb42YhEciN0CjTKojaTLdRc4hnxqepLEgVE3pA858qAMdH7hpOmr1etNc8bCSFKZ4WxWRguk2gGWngwgglOdtau%2FxvwfPFoptsRmHJnLq2BHf4GlCMQJF6s%2B%2BRaIUMV2Na9rq%2BxeVZWAiwTpvGzWUyTy5JZy0G%2BIFvlz4TXyChZCsFFHUMUGOo%2FovThc4j0GNXTRzlW9t%2BX33Z3l4vstj6xlXmAtKCaL0id9wn8JxRjyVEdA9VfbbOolKsxbqsh%2FRD0aIYcv2TO%2BfiZdvDcBVuCv4d6DAHcpVN1YBZLUk2nolM6BP8gxAQe4H3Gcr1I4AF90XHjupzWTPF%2BFJT0Mn64fJnzDNZa7xd0&ssid=3274153703gILxoMmm&ts=1725845997&ttl=300&v=v5.11.31
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8c0377c2ed29ab7d-SJC-PIG
content-encoding: br
content-type: text/html
date: Mon, 09 Sep 2024 01:40:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dq1d2Xu5KeF0Ndw1UDwXYwT3PAEeemRgqdh79ev%2FpemTZ4SnNiKuF7R73GsJweXDvhWXXTIosqxi7quGuO4Qnb2lOwQogyDEHaMO5AATO%2F5SXt%2BKrWeplAuhWWzKnj%2Fn7U4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-powered-by: PHP/5.4.16

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8c0377bf9e36103c-LAX
content-type: text/html; charset=utf-8
date: Mon, 09 Sep 2024 01:40:00 GMT
expires: Mon, 09 Sep 2024 01:40:00 GMT
location: https://sawmtraffic.com/go.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jvboIYEQ%2BPvshXFOfgyruaaurO0HVXq59RRUNtw9yxkTSSs3fgSPTC6RGJ2hRG8TBFsPWpgbZMX0C4B6THAqV0SjtFIIM%2FXpJ1olks7gYZMgKSiK1HOWYF2f%2FaYR9QTxCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 404
Not Found favicon.ico
realpush.realsh.xyz/ 0
109 B 213ms
212ms Other
text/plain 109.206.175.73
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://realpush.realsh.xyz/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 109.206.175.73 Amsterdam, Netherlands, ASN50245 (SERVEREL-AS, US),
Reverse DNS: 109.206.175.73.serverel.net
Software: dspclick-v3.12.17 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 01:39:58 GMT
content-length: 0
server: dspclick-v3.12.17

GET
H3 200 speculation
sawmtraffic.com/cdn-cgi/ 128 B
560 B 87ms
87ms Other
application/speculationrules+json 104.21.234.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sawmtraffic.com/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://sawmtraffic.com/go.php
Origin: https://sawmtraffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 01:40:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B9q3dNv0n3pASy06NolUlISb%2FgiTgoFguvrwsx7VhdEIFOeCQEeHK13VkHO9Lv%2BpimSVpHdtPZr6PSNtEa5UaGpuHhoRC1H4%2FYU203S87zuAKi3gpwuxC6IeMsNysSwHjdI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/speculationrules+json
access-control-allow-origin: https://sawmtraffic.com
cf-ray: 8c0377c57d78ab7d-SJC-PIG
alt-svc: h3=":443"; ma=86400
content-length: 128

GET
H3 502 Primary Request click.php Show response
transxvideo.cyou/ 6 KB
7 KB 554ms
456ms Document
text/html 172.67.158.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transxvideo.cyou/click.php

Requested by

Host: sawmtraffic.com
URL: https://sawmtraffic.com/go.php

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.158.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b2859d2c18fa164e127f563a4d5a6abba24dd49562447fc0d65a387feb3b9ee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sawmtraffic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8c0377c63c3783f7-LAX
content-length: 6342
content-type: text/html; charset=UTF-8
date: Mon, 09 Sep 2024 01:40:02 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1zbXKuhltD0rcpOn4pfUz0dEfaaYJfdlv29VWNlfv1GD5cqKoO0koneeYP4uBtOG0OLLkVSjQOdfFsRdDgfAa278FFlJnv5sC55qiYzyt7gsRIuLpFofxL%2BYm8f%2FtCiKrfJi"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3 200 main.css
transxvideo.cyou/cdn-cgi/styles/ 8 KB
2 KB 76ms
75ms Stylesheet
text/css 172.67.158.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transxvideo.cyou/cdn-cgi/styles/main.css

Requested by

Host: transxvideo.cyou
URL: https://transxvideo.cyou/click.php

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.158.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d30b4ea6f68456672f5abb35e9dcf7d54226372b66e9d60a7ee26b7a52568e74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://transxvideo.cyou/click.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 01:40:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Sep 2024 18:14:57 GMT
server: cloudflare
etag: W/"66d8a3a1-1f4d"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 8c0377c92f7a83f7-LAX
expires: Mon, 09 Sep 2024 03:40:02 GMT

GET
H3 200 cf-icon-browser.png
transxvideo.cyou/cdn-cgi/images/ 484 B
666 B 78ms
77ms Image
image/png 172.67.158.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://transxvideo.cyou/cdn-cgi/images/cf-icon-browser.png

Requested by

Host: transxvideo.cyou
URL: https://transxvideo.cyou/cdn-cgi/styles/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.158.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78a7d8b29cabf16831417dba1b9bbe36fae0d060a35a495e8f10e9663b3c9e65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://transxvideo.cyou/cdn-cgi/styles/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 01:40:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Sep 2024 18:14:57 GMT
server: cloudflare
etag: "66d8a3a1-1e4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 8c0377c9a84c83f7-LAX
content-length: 484
expires: Mon, 09 Sep 2024 03:40:02 GMT

GET
H3 200 cf-icon-ok.png
transxvideo.cyou/cdn-cgi/images/ 946 B
1 KB 77ms
75ms Image
image/png 172.67.158.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://transxvideo.cyou/cdn-cgi/images/cf-icon-ok.png

Requested by

Host: transxvideo.cyou
URL: https://transxvideo.cyou/cdn-cgi/styles/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.158.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed732380ee3ff0f2d841784da213c8c05d2b5ae187a5217b419d21cae5cedb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://transxvideo.cyou/cdn-cgi/styles/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 01:40:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Sep 2024 18:14:57 GMT
server: cloudflare
etag: "66d8a3a1-3b2"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 8c0377c9a84e83f7-LAX
content-length: 946
expires: Mon, 09 Sep 2024 03:40:02 GMT

GET
H3 200 cf-icon-cloud.png
transxvideo.cyou/cdn-cgi/images/ 1 KB
2 KB 80ms
78ms Image
image/png 172.67.158.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://transxvideo.cyou/cdn-cgi/images/cf-icon-cloud.png

Requested by

Host: transxvideo.cyou
URL: https://transxvideo.cyou/cdn-cgi/styles/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.158.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a223426c67a0a33ff57af68a57fb589fea36af2a6e8f9dae7798c77471e0e58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://transxvideo.cyou/cdn-cgi/styles/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 01:40:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Sep 2024 18:14:57 GMT
server: cloudflare
etag: "66d8a3a1-5cc"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 8c0377c9a84f83f7-LAX
content-length: 1484
expires: Mon, 09 Sep 2024 03:40:02 GMT

GET
H3 200 cf-icon-server.png
transxvideo.cyou/cdn-cgi/images/ 1 KB
2 KB 82ms
80ms Image
image/png 172.67.158.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://transxvideo.cyou/cdn-cgi/images/cf-icon-server.png

Requested by

Host: transxvideo.cyou
URL: https://transxvideo.cyou/cdn-cgi/styles/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.158.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41553a537f85839927155af093b7bfa1987215f474ed038714609cc48812ea3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://transxvideo.cyou/cdn-cgi/styles/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 01:40:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Sep 2024 18:14:57 GMT
server: cloudflare
etag: "66d8a3a1-568"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 8c0377c9a85083f7-LAX
content-length: 1384
expires: Mon, 09 Sep 2024 03:40:02 GMT

GET
H3 200 cf-icon-error.png
transxvideo.cyou/cdn-cgi/images/ 854 B
1 KB 77ms
76ms Image
image/png 172.67.158.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://transxvideo.cyou/cdn-cgi/images/cf-icon-error.png

Requested by

Host: transxvideo.cyou
URL: https://transxvideo.cyou/cdn-cgi/styles/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.158.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67f70597a183fbca7fac55d609fbaac5c34bb4d4d32a0530bbbbb42591f2de2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://transxvideo.cyou/cdn-cgi/styles/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 01:40:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Sep 2024 18:14:57 GMT
server: cloudflare
etag: "66d8a3a1-356"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 8c0377c9a85383f7-LAX
content-length: 854
expires: Mon, 09 Sep 2024 03:40:02 GMT

GET
H3 404 favicon.ico
transxvideo.cyou/ 548 B
556 B 434ms
434ms Other
text/html 172.67.158.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://transxvideo.cyou/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.158.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://transxvideo.cyou/click.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 09 Sep 2024 01:40:02 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GpYbYfc5Qb3PquVQ8r1vS%2BDPJpHfllaL8pPkF%2Bzba1KAGDu1U91KjatrFHKpsqf7sJvjVx60W0J0TuGhN%2Bp%2Fr%2B3nDJss1UWR3chiIIinzB3ZQ6jheZKFI8hzGGMfeVbFA5E0"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8c0377ca28e283f7-LAX
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
witalfieldt.com/	1969-12-31 23:59:59	Name: csu Value: 175862e5-a474-464f-a7d0-5d4ba620364b
realpush.realsh.xyz/	1970-01-20 23:25:32	Name: adcsid-c-3274153703gILxoMmm Value: 1
datingusa.site/	1970-01-21 00:08:44	Name: _subid Value: pn1h8s1a1h1t
datingusa.site/	1970-01-21 09:00:06	Name: d8381 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzI1ODQ2MDAwfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzI1ODQ2MDAwfSxcInRpbWVcIjoxNzI1ODQ2MDAwfSJ9.KA4_qt4MxaNM4o3hsoNYC_nHAZ8hQXHBVB3d2xSusjg
datingusa.site/	1969-12-31 23:59:59	Name: 818c0f61s1 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoiMSJ9.t5R637H3NrRdDByq99gk25akxtRW_JrBLBMGuukQtR0
datingusa.site/	1969-12-31 23:59:59	Name: 818c0f61s1ip Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoiXCIxNjIuMjQ1LjIwNi4yNDVcIiJ9.CVXp7gkFoK5v8A68Qjg_J0Oh51M_8__hrAZMcQXBZ7Y
datingusa.site/	1970-01-21 00:08:44	Name: _token Value: uuid_pn1h8s1a1h1t_pn1h8s1a1h1t66de51f0ceefc9.25466684

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://realpush.realsh.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://transxvideo.cyou/click.php Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://transxvideo.cyou/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.srvpcn.com
datingusa.site
ngc40k.com
realpush.realsh.xyz
sawmtraffic.com
transxvideo.cyou
u-10425.trovare.info
witalfieldt.com
104.21.234.34
109.206.175.73
13.32.151.73
172.67.147.92
172.67.158.160
172.67.200.33
172.67.212.139
2600:1f18:510:802:59cb:90ad:1c1a:77fa
0b2859d2c18fa164e127f563a4d5a6abba24dd49562447fc0d65a387feb3b9ee
3a223426c67a0a33ff57af68a57fb589fea36af2a6e8f9dae7798c77471e0e58
41553a537f85839927155af093b7bfa1987215f474ed038714609cc48812ea3b
603002beb3f4a018f0b301f97bd9ea86f7c2a4ead22658f16dd11824a48545e5
67f70597a183fbca7fac55d609fbaac5c34bb4d4d32a0530bbbbb42591f2de2f
78a7d8b29cabf16831417dba1b9bbe36fae0d060a35a495e8f10e9663b3c9e65
d30b4ea6f68456672f5abb35e9dcf7d54226372b66e9d60a7ee26b7a52568e74
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
ed732380ee3ff0f2d841784da213c8c05d2b5ae187a5217b419d21cae5cedb1b

transxvideo.cyou Open in urlscan Pro 172.67.158.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

13 %IPv6

8 Domains

8 Subdomains

3 IPs

3 Countries

18 kBTransfer

21 kBSize

7 Cookies

1 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

7 Cookies

3 Console Messages

Indicators

transxvideo.cyou Open in urlscan Pro
172.67.158.160 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

13 %
IPv6

8
Domains

8
Subdomains

3
IPs

3
Countries

18 kB
Transfer

21 kB
Size

7
Cookies

12 HTTP transactions
0 data transactions