urlscan.io logo urlscan.io
SecurityTrails logo

adultfriendfinder.com Open in urlscan Pro
69.165.107.69  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://speedflow.io/adult/?a=rr
Effective URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=ADyqqF-x...
Submission Tags: demotag1 demotag2 Search All
Submission: On November 09 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 14 domains to perform 28 HTTP transactions. The main IP is 69.165.107.69, located in United States and belongs to VARIO, US. The main domain is adultfriendfinder.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 12th 2019. Valid for: 2 years.
This is the only time adultfriendfinder.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 198.54.116.135 22612 (NAMECHEAP...)
1 5 107.170.39.103 14061 (DIGITALOC...)
1 162.213.255.36 22612 (NAMECHEAP...)
2 52.201.119.187 14618 (AMAZON-AES)
1 35.190.72.161 15169 (GOOGLE)
1 2a04:4e42:1b:... 54113 (FASTLY)
2 144.76.40.130 24940 (HETZNER-AS)
1 1 88.212.232.188 7979 (SERVERS-COM)
1 188.72.236.136 35415 (WEBZILLA)
2 4 69.165.107.69 25875 (VARIO)
1 2a00:1450:400... 15169 (GOOGLE)
9 192.229.233.220 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:219... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
28 14
1    198.54.116.135 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server193-5.web-hosting.com
speedflow.io
5    107.170.39.103 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
traffdaq.com
1    162.213.255.36 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server145-4.web-hosting.com
manyhit.com
2    52.201.119.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-119-187.compute-1.amazonaws.com
cors-anywhere.herokuapp.com
1    35.190.72.161 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com
c.securepaths.com
1    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    144.76.40.130 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.130.40.76.144.clients.your-server.de
all.obozrevatelcom.info
1    88.212.232.188 (Russian Federation)

ASN7979 (SERVERS-COM, US)
PTR: da1.d.fozzy.com
btcxxx.ru
1    188.72.236.136 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: 1f2-12-d2456-136.webazilla.com
expert2020software.com
4    69.165.107.69 (United States)

ASN25875 (VARIO, US)
adultfriendfinder.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    192.229.233.220 (Los Angeles, United States)

ASN15133 (EDGECAST, US)
secureimage.securedataimages.com
1    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2600:9000:2190:b000:1c:e067:200:93a1 (United States)

ASN16509 (AMAZON-02, US)
aff.trackinglibrary.prodperfect.com
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
9 secureimage.securedataimages.com adultfriendfinder.com
5 traffdaq.com 1 redirects speedflow.io
traffdaq.com
4 adultfriendfinder.com 2 redirects expert2020software.com
adultfriendfinder.com
2 all.obozrevatelcom.info traffdaq.com
speedflow.io
2 cors-anywhere.herokuapp.com speedflow.io
1 fonts.gstatic.com fonts.googleapis.com
1 aff.trackinglibrary.prodperfect.com adultfriendfinder.com
1 ajax.googleapis.com adultfriendfinder.com
1 fonts.googleapis.com adultfriendfinder.com
1 expert2020software.com speedflow.io
1 btcxxx.ru 1 redirects
1 cdn.jsdelivr.net traffdaq.com
1 c.securepaths.com traffdaq.com
1 manyhit.com speedflow.io
1 speedflow.io
28 15

This site contains no links.

Subject Issuer Validity Valid
traffdaq.com
Let's Encrypt Authority X3		 2020-10-31 -
2021-01-29		 3 months crt.sh
*.herokuapp.com
DigiCert SHA2 High Assurance Server CA		 2020-06-15 -
2021-07-07		 a year crt.sh
*.securepaths.com
Let's Encrypt Authority X3		 2020-09-22 -
2020-12-21		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh
obozrevatelcom.info
Let's Encrypt Authority X3		 2020-09-27 -
2020-12-26		 3 months crt.sh
*.adultfriendfinder.com
DigiCert SHA2 Secure Server CA		 2019-03-12 -
2021-05-06		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
www.securedataimages.com
DigiCert SHA2 Secure Server CA		 2020-10-27 -
2021-11-01		 a year crt.sh
*.trackinglibrary.prodperfect.com
Amazon		 2020-03-14 -
2021-04-14		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=ADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA
Frame ID: 80E2FC4492F734F73713A2B2CE1798CE
Requests: 26 HTTP requests in this frame

Frame: http://manyhit.com/autosurf_if.php?user=speedflow
Frame ID: C879B1D407B1E8695021A426AF03DFFD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://speedflow.io/adult/?a=rr Page URL
  2. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Im9VZ1hDTWV0VUtQc3drTnpsak1cL2NRPT0iL... Page URL
  3. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InZvQk5aa2xiMGFPTFlreERpY0ZyclE9PSIsI... Page URL
  4. https://all.obozrevatelcom.info/?p=N2NhMDdmZGEyY2ZiMWIyYTNiMjZhZjgwYmQ2OTVmOWR8Mzg5MTk3fEdlbkxpbmt8fDEwMDB8N... Page URL
  5. https://btcxxx.ru/searchsatfir/search.php?Q=KEYWORD&utm_source=traffstock.net&utm_medium=strea... HTTP 302
    http://expert2020software.com/Qdas14UADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA Page URL
  6. http://adultfriendfinder.com/go/p2082988.sub[Sub_ID]?&sub_id=282033&tpa=ADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA HTTP 302
    https://adultfriendfinder.com/go/p2082988.sub[Sub_ID]?&sub_id=282033&tpa=ADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA HTTP 302
    https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redi... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

28
Requests

89 %
HTTPS

33 %
IPv6

14
Domains

15
Subdomains

14
IPs

5
Countries

1152 kB
Transfer

1522 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://speedflow.io/adult/?a=rr Page URL
  2. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Im9VZ1hDTWV0VUtQc3drTnpsak1cL2NRPT0iLCJ2YWx1ZSI6InFGNWR2VktvXC9ia0xYWmhYVVU2bWNoekxIY3dTd1wvenBNaVI0UkxqaVdqeXFBNzZkY3l4cFJnSzdLTmhLSFQ1VDdSZFViSTR4bWJGeUFndExCbVJDV3BvVXJaSTB5aXROdU5SNk9Xa0xXZGFFejdrZVwvVDMwVWRHeVp4SGd0ZXFSWEZRNkRneGdjcFM0cERoY1U2NWRqV1RMZ1R5RTdKRlByaU1RQ05DVTh4OGhkYitBQnVTUjVVbmgxS2lGdEVcL3hESkRkSEZIbWp5dVhaR3RBWUYzZVNRPT0iLCJtYWMiOiIyN2JjZjA5ZmUwN2UzYjA5MDdhOGFkNGE2NDI2Zjg3YmM2YmViNGQxMTc5NWNmMzBmNmNhOWU1NzdiYTkyNzU3In0%3D Page URL
  3. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InZvQk5aa2xiMGFPTFlreERpY0ZyclE9PSIsInZhbHVlIjoiWk5UYlJVQ24xblk0ZU5qVERyZDRkdU9YaTFKRUs4NjBaSEs3bW5FbUVjUWxvQkh2OWUwYkppU2xMT2M2cFZTTVlEYzRjd1U1aHR6RzNJME9iOHc4Y2JORFJEZENST3NvQ3BEU0dTUFFib3l6Tm04NjZISXUzSjlwMkU5ekpScVlVOXRQY0FzNSs3bTVxM2FhajAxZXJFYkx0cmNOYXN2QTdUbWdEellyK21HSll5eFZXd0ZvZzhtXC90M0x6bU1SVFZocnRcL3BJTUwzcHdLRk1kSmx0emE1VURzK3VCNnZ2TlE1eWRybndzb0s5eWNJNWxFaFVlZloyYU1sUEk1TGtqSXg5T2x5UFlMY2x3TElyQWRSQ2h4VlJ5XC95WVp2YWcrdktWUVBnUG1KbSs5NlRsSmRwUlwvRFpzdkJyNmx6Z1BSIiwibWFjIjoiZmEwMDYyMWNlZWYxNWFlOTFkOGQ5M2Q2YzIzOGRlMjExNGNkYzcxMjJjYTE5YTMyNGZjODgwYzc4YjQzNTE2ZSJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8 Page URL
  4. https://all.obozrevatelcom.info/?p=N2NhMDdmZGEyY2ZiMWIyYTNiMjZhZjgwYmQ2OTVmOWR8Mzg5MTk3fEdlbkxpbmt8fDEwMDB8NTE2Nzg3MjA=&v=2&poid=0&coid=0 Page URL
  5. https://btcxxx.ru/searchsatfir/search.php?Q=KEYWORD&utm_source=traffstock.net&utm_medium=stream&utm_campaign=0&utm_content=source_V1yiifwjdwDJJ7VwmSB5xOmLiyS2FXKQ2Qb6QWS6BOTLiL_B0Lk@ HTTP 302
    http://expert2020software.com/Qdas14UADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA Page URL
  6. http://adultfriendfinder.com/go/p2082988.sub[Sub_ID]?&sub_id=282033&tpa=ADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA HTTP 302
    https://adultfriendfinder.com/go/p2082988.sub[Sub_ID]?&sub_id=282033&tpa=ADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA HTTP 302
    https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=ADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://traffdaq.com/delivery/pu/47382?category=women_dating HTTP 301
  • https://traffdaq.com/delivery/pu/47382?category=women_dating
Request Chain 12
  • https://btcxxx.ru/searchsatfir/search.php?Q=KEYWORD&utm_source=traffstock.net&utm_medium=stream&utm_campaign=0&utm_content=source_V1yiifwjdwDJJ7VwmSB5xOmLiyS2FXKQ2Qb6QWS6BOTLiL_B0Lk@ HTTP 302
  • http://expert2020software.com/Qdas14UADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
speedflow.io/adult/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Server
198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server193-5.web-hosting.com
Software
Apache / PHP/7.1.33
Resource Hash
1d2f3007330f214dacf7390ca4a76f643684d5bdbd494fd03ae5fedaf4fd9d9b

Request headers

Host
speedflow.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr

Response headers

date
Mon, 09 Nov 2020 02:32:24 GMT
server
Apache
x-powered-by
PHP/7.1.33
set-cookie
visits_todaya=1; expires=Mon, 09-Nov-2020 22:59:00 GMT; Max-Age=73596; path=/ time_start=1604889144.4379; expires=Mon, 09-Nov-2020 22:59:00 GMT; Max-Age=73596; path=/ ip=82.102.19.136 mobile=0 country=PT visits_todayi=0; expires=Mon, 09-Nov-2020 22:59:00 GMT; Max-Age=73596; path=/
accept-ranges
none
vary
Accept-Encoding
content-encoding
gzip
content-length
616
content-type
text/html; charset=UTF-8
47382
traffdaq.com/delivery/pu/
Redirect Chain
  • http://traffdaq.com/delivery/pu/47382?category=women_dating
  • https://traffdaq.com/delivery/pu/47382?category=women_dating
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://traffdaq.com/delivery/pu/47382?category=women_dating
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash
e3f8d5b93e787c87ebba815eebc24d5008120405e05be68f615eac44b6eafcef

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 09 Nov 2020 02:32:25 GMT
Content-Encoding
gzip
Server
nginx/1.16.1 (Ubuntu)
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Location
https://traffdaq.com/delivery/pu/47382?category=women_dating
Connection
close
Content-length
0
autosurf_if.php
manyhit.com/ Frame C879 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://manyhit.com/autosurf_if.php?user=speedflow
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Server
162.213.255.36 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server145-4.web-hosting.com
Software
Apache / PHP/5.4.45
Resource Hash

Request headers

Host
manyhit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/

Response headers

date
Mon, 09 Nov 2020 02:32:25 GMT
server
Apache
x-powered-by
PHP/5.4.45
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
set-cookie
PHPSESSID=acdc514f473f0a977a46c6b4a2f2e672; path=/
vary
Accept-Encoding
content-encoding
gzip
content-length
1232
content-type
text/html
47382
cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/47382?category=women_dating
Protocol
HTTP/1.1
Server
52.201.119.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-119-187.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-requested-with
Origin
http://speedflow.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
Cowboy
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Access-Control-Allow-Headers
x-requested-with
Access-Control-Expose-Headers
access-control-allow-origin,access-control-allow-methods,access-control-allow-headers
Date
Mon, 09 Nov 2020 02:32:25 GMT
Transfer-Encoding
chunked
Via
1.1 vegur
47382
cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/47382?category=women_dating
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.119.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-119-187.compute-1.amazonaws.com
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With
XMLHttpRequest

Response headers

Date
Mon, 09 Nov 2020 02:32:25 GMT
Content-Encoding
gzip
Server
nginx/1.16.1 (Ubuntu)
X-Request-Url
http://traffdaq.com/delivery/pu/47382?category=women_dating
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
server,date,content-type,transfer-encoding,connection,content-encoding,x-final-url,access-control-allow-origin
Connection
keep-alive
X-Cors-Redirect-1
301 https://traffdaq.com/delivery/pu/47382?category=women_dating
X-Final-Url
https://traffdaq.com/delivery/pu/47382?category=women_dating
Via
1.1 vegur
47382
traffdaq.com/delivery/directlink/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Im9VZ1hDTWV0VUtQc3drTnpsak1cL2NRPT0iLCJ2YWx1ZSI6InFGNWR2VktvXC9ia0xYWmhYVVU2bWNoekxIY3dTd1wvenBNaVI0UkxqaVdqeXFBNzZkY3l4cFJnSzdLTmhLSFQ1VDdSZFViSTR4bWJGeUFndExCbVJDV3BvVXJaSTB5aXROdU5SNk9Xa0xXZGFFejdrZVwvVDMwVWRHeVp4SGd0ZXFSWEZRNkRneGdjcFM0cERoY1U2NWRqV1RMZ1R5RTdKRlByaU1RQ05DVTh4OGhkYitBQnVTUjVVbmgxS2lGdEVcL3hESkRkSEZIbWp5dVhaR3RBWUYzZVNRPT0iLCJtYWMiOiIyN2JjZjA5ZmUwN2UzYjA5MDdhOGFkNGE2NDI2Zjg3YmM2YmViNGQxMTc5NWNmMzBmNmNhOWU1NzdiYTkyNzU3In0%3D
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash
674bb16bd388470cb14b1512f547e242a2de3ddd36362497a76a293ec26413fa

Request headers

Host
traffdaq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/

Response headers

Server
nginx/1.16.1 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Cache-Control
no-cache
Date
Mon, 09 Nov 2020 02:32:26 GMT
Content-Encoding
gzip
eyJpdiI6IkhaQmpaZWg1NFwvYk9GT1J0ek45dzJRPT0iLCJ2YWx1ZSI6IkJaWGZOTjU5YU44NnVNcFF4QUhHMmtkd0VKMm5FXC9tXC9BT0wxQllwR0l3NmtIb0ZpeHg5eWJmV2h5YTZxcE9lNmdqalpLbHFqRHJqRHdaeVwvSCtrRDlBPT0iLCJtYWMiOiI4YjVmY...
traffdaq.com/users/track/ 		0
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://traffdaq.com/users/track/eyJpdiI6IkhaQmpaZWg1NFwvYk9GT1J0ek45dzJRPT0iLCJ2YWx1ZSI6IkJaWGZOTjU5YU44NnVNcFF4QUhHMmtkd0VKMm5FXC9tXC9BT0wxQllwR0l3NmtIb0ZpeHg5eWJmV2h5YTZxcE9lNmdqalpLbHFqRHJqRHdaeVwvSCtrRDlBPT0iLCJtYWMiOiI4YjVmYzk1NTdmOTc1OTczYjNiNDFiOTJhYTEzOTU0ZjQ1MmI4YTJmZDgxNzRhZWIxZDlkMjUxMzY3YWNjNDFmIn0%3D
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Im9VZ1hDTWV0VUtQc3drTnpsak1cL2NRPT0iLCJ2YWx1ZSI6InFGNWR2VktvXC9ia0xYWmhYVVU2bWNoekxIY3dTd1wvenBNaVI0UkxqaVdqeXFBNzZkY3l4cFJnSzdLTmhLSFQ1VDdSZFViSTR4bWJGeUFndExCbVJDV3BvVXJaSTB5aXROdU5SNk9Xa0xXZGFFejdrZVwvVDMwVWRHeVp4SGd0ZXFSWEZRNkRneGdjcFM0cERoY1U2NWRqV1RMZ1R5RTdKRlByaU1RQ05DVTh4OGhkYitBQnVTUjVVbmgxS2lGdEVcL3hESkRkSEZIbWp5dVhaR3RBWUYzZVNRPT0iLCJtYWMiOiIyN2JjZjA5ZmUwN2UzYjA5MDdhOGFkNGE2NDI2Zjg3YmM2YmViNGQxMTc5NWNmMzBmNmNhOWU1NzdiYTkyNzU3In0%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 09 Nov 2020 02:32:26 GMT
Cache-Control
no-cache
Server
nginx/1.16.1 (Ubuntu)
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
implement.js
c.securepaths.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://c.securepaths.com/js/implement.js?org=FziBhN0qA1aE5tBQrQLl&s=5fa8aa39b0e8e&p=TDQ47382&a=47382&cmp=47382&rd=http%3A%2F%2Fspeedflow.io%2F&rt=click&sl=0&stId=0&ty=l
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Im9VZ1hDTWV0VUtQc3drTnpsak1cL2NRPT0iLCJ2YWx1ZSI6InFGNWR2VktvXC9ia0xYWmhYVVU2bWNoekxIY3dTd1wvenBNaVI0UkxqaVdqeXFBNzZkY3l4cFJnSzdLTmhLSFQ1VDdSZFViSTR4bWJGeUFndExCbVJDV3BvVXJaSTB5aXROdU5SNk9Xa0xXZGFFejdrZVwvVDMwVWRHeVp4SGd0ZXFSWEZRNkRneGdjcFM0cERoY1U2NWRqV1RMZ1R5RTdKRlByaU1RQ05DVTh4OGhkYitBQnVTUjVVbmgxS2lGdEVcL3hESkRkSEZIbWp5dVhaR3RBWUYzZVNRPT0iLCJtYWMiOiIyN2JjZjA5ZmUwN2UzYjA5MDdhOGFkNGE2NDI2Zjg3YmM2YmViNGQxMTc5NWNmMzBmNmNhOWU1NzdiYTkyNzU3In0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Nov 2020 02:32:26 GMT
via
1.1 google
status
401
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
x-xss-protection
0
expires
0
fingerprint2.min.js
cdn.jsdelivr.net/fingerprintjs2/1.4.0/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/fingerprintjs2/1.4.0/fingerprint2.min.js
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Im9VZ1hDTWV0VUtQc3drTnpsak1cL2NRPT0iLCJ2YWx1ZSI6InFGNWR2VktvXC9ia0xYWmhYVVU2bWNoekxIY3dTd1wvenBNaVI0UkxqaVdqeXFBNzZkY3l4cFJnSzdLTmhLSFQ1VDdSZFViSTR4bWJGeUFndExCbVJDV3BvVXJaSTB5aXROdU5SNk9Xa0xXZGFFejdrZVwvVDMwVWRHeVp4SGd0ZXFSWEZRNkRneGdjcFM0cERoY1U2NWRqV1RMZ1R5RTdKRlByaU1RQ05DVTh4OGhkYitBQnVTUjVVbmgxS2lGdEVcL3hESkRkSEZIbWp5dVhaR3RBWUYzZVNRPT0iLCJtYWMiOiIyN2JjZjA5ZmUwN2UzYjA5MDdhOGFkNGE2NDI2Zjg3YmM2YmViNGQxMTc5NWNmMzBmNmNhOWU1NzdiYTkyNzU3In0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
973134
x-cache
HIT, HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
10191
etag
W/"83f3-ijg3WuTgKQH1Hch06eHdIajrA24"
x-served-by
cache-fra19149-FRA, cache-hhn4021-HHN
date
Mon, 09 Nov 2020 02:32:26 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
47382
traffdaq.com/delivery/directlink/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InZvQk5aa2xiMGFPTFlreERpY0ZyclE9PSIsInZhbHVlIjoiWk5UYlJVQ24xblk0ZU5qVERyZDRkdU9YaTFKRUs4NjBaSEs3bW5FbUVjUWxvQkh2OWUwYkppU2xMT2M2cFZTTVlEYzRjd1U1aHR6RzNJME9iOHc4Y2JORFJEZENST3NvQ3BEU0dTUFFib3l6Tm04NjZISXUzSjlwMkU5ekpScVlVOXRQY0FzNSs3bTVxM2FhajAxZXJFYkx0cmNOYXN2QTdUbWdEellyK21HSll5eFZXd0ZvZzhtXC90M0x6bU1SVFZocnRcL3BJTUwzcHdLRk1kSmx0emE1VURzK3VCNnZ2TlE1eWRybndzb0s5eWNJNWxFaFVlZloyYU1sUEk1TGtqSXg5T2x5UFlMY2x3TElyQWRSQ2h4VlJ5XC95WVp2YWcrdktWUVBnUG1KbSs5NlRsSmRwUlwvRFpzdkJyNmx6Z1BSIiwibWFjIjoiZmEwMDYyMWNlZWYxNWFlOTFkOGQ5M2Q2YzIzOGRlMjExNGNkYzcxMjJjYTE5YTMyNGZjODgwYzc4YjQzNTE2ZSJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Im9VZ1hDTWV0VUtQc3drTnpsak1cL2NRPT0iLCJ2YWx1ZSI6InFGNWR2VktvXC9ia0xYWmhYVVU2bWNoekxIY3dTd1wvenBNaVI0UkxqaVdqeXFBNzZkY3l4cFJnSzdLTmhLSFQ1VDdSZFViSTR4bWJGeUFndExCbVJDV3BvVXJaSTB5aXROdU5SNk9Xa0xXZGFFejdrZVwvVDMwVWRHeVp4SGd0ZXFSWEZRNkRneGdjcFM0cERoY1U2NWRqV1RMZ1R5RTdKRlByaU1RQ05DVTh4OGhkYitBQnVTUjVVbmgxS2lGdEVcL3hESkRkSEZIbWp5dVhaR3RBWUYzZVNRPT0iLCJtYWMiOiIyN2JjZjA5ZmUwN2UzYjA5MDdhOGFkNGE2NDI2Zjg3YmM2YmViNGQxMTc5NWNmMzBmNmNhOWU1NzdiYTkyNzU3In0%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash
2827ef9da2eb54a488d06e408b2a65e5de148af85722d4b4995c1eef7c813e22

Request headers

Host
traffdaq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Im9VZ1hDTWV0VUtQc3drTnpsak1cL2NRPT0iLCJ2YWx1ZSI6InFGNWR2VktvXC9ia0xYWmhYVVU2bWNoekxIY3dTd1wvenBNaVI0UkxqaVdqeXFBNzZkY3l4cFJnSzdLTmhLSFQ1VDdSZFViSTR4bWJGeUFndExCbVJDV3BvVXJaSTB5aXROdU5SNk9Xa0xXZGFFejdrZVwvVDMwVWRHeVp4SGd0ZXFSWEZRNkRneGdjcFM0cERoY1U2NWRqV1RMZ1R5RTdKRlByaU1RQ05DVTh4OGhkYitBQnVTUjVVbmgxS2lGdEVcL3hESkRkSEZIbWp5dVhaR3RBWUYzZVNRPT0iLCJtYWMiOiIyN2JjZjA5ZmUwN2UzYjA5MDdhOGFkNGE2NDI2Zjg3YmM2YmViNGQxMTc5NWNmMzBmNmNhOWU1NzdiYTkyNzU3In0%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
tdqct=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Im9VZ1hDTWV0VUtQc3drTnpsak1cL2NRPT0iLCJ2YWx1ZSI6InFGNWR2VktvXC9ia0xYWmhYVVU2bWNoekxIY3dTd1wvenBNaVI0UkxqaVdqeXFBNzZkY3l4cFJnSzdLTmhLSFQ1VDdSZFViSTR4bWJGeUFndExCbVJDV3BvVXJaSTB5aXROdU5SNk9Xa0xXZGFFejdrZVwvVDMwVWRHeVp4SGd0ZXFSWEZRNkRneGdjcFM0cERoY1U2NWRqV1RMZ1R5RTdKRlByaU1RQ05DVTh4OGhkYitBQnVTUjVVbmgxS2lGdEVcL3hESkRkSEZIbWp5dVhaR3RBWUYzZVNRPT0iLCJtYWMiOiIyN2JjZjA5ZmUwN2UzYjA5MDdhOGFkNGE2NDI2Zjg3YmM2YmViNGQxMTc5NWNmMzBmNmNhOWU1NzdiYTkyNzU3In0%3D

Response headers

Server
nginx/1.16.1 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Cache-Control
no-cache
Date
Mon, 09 Nov 2020 02:32:27 GMT
Content-Encoding
gzip
/
all.obozrevatelcom.info/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://all.obozrevatelcom.info/?p=N2NhMDdmZGEyY2ZiMWIyYTNiMjZhZjgwYmQ2OTVmOWR8Mzg5MTk3fEdlbkxpbmt8fDEwMDB8NTE2Nzg3MjA=&v=2&poid=0&coid=0
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InZvQk5aa2xiMGFPTFlreERpY0ZyclE9PSIsInZhbHVlIjoiWk5UYlJVQ24xblk0ZU5qVERyZDRkdU9YaTFKRUs4NjBaSEs3bW5FbUVjUWxvQkh2OWUwYkppU2xMT2M2cFZTTVlEYzRjd1U1aHR6RzNJME9iOHc4Y2JORFJEZENST3NvQ3BEU0dTUFFib3l6Tm04NjZISXUzSjlwMkU5ekpScVlVOXRQY0FzNSs3bTVxM2FhajAxZXJFYkx0cmNOYXN2QTdUbWdEellyK21HSll5eFZXd0ZvZzhtXC90M0x6bU1SVFZocnRcL3BJTUwzcHdLRk1kSmx0emE1VURzK3VCNnZ2TlE1eWRybndzb0s5eWNJNWxFaFVlZloyYU1sUEk1TGtqSXg5T2x5UFlMY2x3TElyQWRSQ2h4VlJ5XC95WVp2YWcrdktWUVBnUG1KbSs5NlRsSmRwUlwvRFpzdkJyNmx6Z1BSIiwibWFjIjoiZmEwMDYyMWNlZWYxNWFlOTFkOGQ5M2Q2YzIzOGRlMjExNGNkYzcxMjJjYTE5YTMyNGZjODgwYzc4YjQzNTE2ZSJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.40.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.130.40.76.144.clients.your-server.de
Software
nginx /
Resource Hash
8c732e7c0cad620b77b42ded15a97b785e61a0e7de9bbc7c694f4345525f9174
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
all.obozrevatelcom.info
:scheme
https
:path
/?p=N2NhMDdmZGEyY2ZiMWIyYTNiMjZhZjgwYmQ2OTVmOWR8Mzg5MTk3fEdlbkxpbmt8fDEwMDB8NTE2Nzg3MjA=&v=2&poid=0&coid=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InZvQk5aa2xiMGFPTFlreERpY0ZyclE9PSIsInZhbHVlIjoiWk5UYlJVQ24xblk0ZU5qVERyZDRkdU9YaTFKRUs4NjBaSEs3bW5FbUVjUWxvQkh2OWUwYkppU2xMT2M2cFZTTVlEYzRjd1U1aHR6RzNJME9iOHc4Y2JORFJEZENST3NvQ3BEU0dTUFFib3l6Tm04NjZISXUzSjlwMkU5ekpScVlVOXRQY0FzNSs3bTVxM2FhajAxZXJFYkx0cmNOYXN2QTdUbWdEellyK21HSll5eFZXd0ZvZzhtXC90M0x6bU1SVFZocnRcL3BJTUwzcHdLRk1kSmx0emE1VURzK3VCNnZ2TlE1eWRybndzb0s5eWNJNWxFaFVlZloyYU1sUEk1TGtqSXg5T2x5UFlMY2x3TElyQWRSQ2h4VlJ5XC95WVp2YWcrdktWUVBnUG1KbSs5NlRsSmRwUlwvRFpzdkJyNmx6Z1BSIiwibWFjIjoiZmEwMDYyMWNlZWYxNWFlOTFkOGQ5M2Q2YzIzOGRlMjExNGNkYzcxMjJjYTE5YTMyNGZjODgwYzc4YjQzNTE2ZSJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InZvQk5aa2xiMGFPTFlreERpY0ZyclE9PSIsInZhbHVlIjoiWk5UYlJVQ24xblk0ZU5qVERyZDRkdU9YaTFKRUs4NjBaSEs3bW5FbUVjUWxvQkh2OWUwYkppU2xMT2M2cFZTTVlEYzRjd1U1aHR6RzNJME9iOHc4Y2JORFJEZENST3NvQ3BEU0dTUFFib3l6Tm04NjZISXUzSjlwMkU5ekpScVlVOXRQY0FzNSs3bTVxM2FhajAxZXJFYkx0cmNOYXN2QTdUbWdEellyK21HSll5eFZXd0ZvZzhtXC90M0x6bU1SVFZocnRcL3BJTUwzcHdLRk1kSmx0emE1VURzK3VCNnZ2TlE1eWRybndzb0s5eWNJNWxFaFVlZloyYU1sUEk1TGtqSXg5T2x5UFlMY2x3TElyQWRSQ2h4VlJ5XC95WVp2YWcrdktWUVBnUG1KbSs5NlRsSmRwUlwvRFpzdkJyNmx6Z1BSIiwibWFjIjoiZmEwMDYyMWNlZWYxNWFlOTFkOGQ5M2Q2YzIzOGRlMjExNGNkYzcxMjJjYTE5YTMyNGZjODgwYzc4YjQzNTE2ZSJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Response headers

status
200
server
nginx
date
Mon, 09 Nov 2020 02:32:27 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding
x-frame-options
DENY
expires
Mon, 09 Nov 2020 02:32:27 +0000
cache-control
no-cache, must-revalidate
pragma
no-cache
x-robots-tag
noindex
referer
strict-transport-security
max-age=31536000
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
public-key-pins-report-only
pin-sha256="7lBfQKfoMCy39EXTFdxjoUvP87rYEbuya2kzN6/f4wE="; pin-sha256="efRXWfSs2jsGspReg4wM6BZec+gy29/uyIFXlD2sg2c="; max-age=31536000; includeSubDomains; report-uri="https://traffstock.net/?mod=ticket_system&do=ticket_create"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-encoding
gzip
/
all.obozrevatelcom.info/ 		227 B
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://all.obozrevatelcom.info/?p=Y2U4MTE0ODE0MDBiOTFjM2Q0NzhiNDA3YmZhODNlYTJ8Mzg5MTk3fEdlbkxpbmt8fDEwMDB8NzAzNzc2MQ==&v=2&poid=0&r=https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InZvQk5aa2xiMGFPTFlreERpY0ZyclE9PSIsInZhbHVlIjoiWk5UYlJVQ24xblk0ZU5qVERyZDRkdU9YaTFKRUs4NjBaSEs3bW5FbUVjUWxvQkh2OWUwYkppU2xMT2M2cFZTTVlEYzRjd1U1aHR6RzNJME9iOHc4Y2JORFJEZENST3NvQ3BEU0dTUFFib3l6Tm04NjZISXUzSjlwMkU5ekpScVlVOXRQY0FzNSs3bTVxM2FhajAxZXJFYkx0cmNOYXN2QTdUbWdEellyK21HSll5eFZXd0ZvZzhtXC90M0x6bU1SVFZocnRcL3BJTUwzcHdLRk1kSmx0emE1VURzK3VCNnZ2TlE1eWRybndzb0s5eWNJNWxFaFVlZloyYU1sUEk1TGtqSXg5T2x5UFlMY2x3TElyQWRSQ2h4VlJ5XC95WVp2YWcrdktWUVBnUG1KbSs5NlRsSmRwUlwvRFpzdkJyNmx6Z1BSIiwibWFjIjoiZmEwMDYyMWNlZWYxNWFlOTFkOGQ5M2Q2YzIzOGRlMjExNGNkYzcxMjJjYTE5YTMyNGZjODgwYzc4YjQzNTE2ZSJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8&poid=0&coid=0&icn_directlink=1&alin=0&callback=jsonp_dg4qtq0w3arrpia
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.40.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.130.40.76.144.clients.your-server.de
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 02:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
status
200
vary
Accept-Encoding, Accept-Encoding
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
x-frame-options
DENY
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
cache-control
no-cache, must-revalidate
referer
x-robots-tag
noindex
public-key-pins-report-only
pin-sha256="7lBfQKfoMCy39EXTFdxjoUvP87rYEbuya2kzN6/f4wE="; pin-sha256="efRXWfSs2jsGspReg4wM6BZec+gy29/uyIFXlD2sg2c="; max-age=31536000; includeSubDomains; report-uri="https://traffstock.net/?mod=ticket_system&do=ticket_create"
expires
Mon, 09 Nov 2020 02:32:28 +0000
Cookie set Qdas14UADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA
expert2020software.com/
Redirect Chain
  • https://btcxxx.ru/searchsatfir/search.php?Q=KEYWORD&utm_source=traffstock.net&utm_medium=stream&utm_campaign=0&utm_content=source_V1yiifwjdwDJJ7VwmSB5xOmLiyS2FXKQ2Qb6QWS6BOTLiL_B0Lk@
  • http://expert2020software.com/Qdas14UADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA
7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://expert2020software.com/Qdas14UADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Server
188.72.236.136 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
1f2-12-d2456-136.webazilla.com
Software
nginx/1.18.0 /
Resource Hash
3767237380c9d433de55e13e2e96ddcefd297d9cdc46baca27e188ec522570fb

Request headers

Host
expert2020software.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://all.obozrevatelcom.info/?p=N2NhMDdmZGEyY2ZiMWIyYTNiMjZhZjgwYmQ2OTVmOWR8Mzg5MTk3fEdlbkxpbmt8fDEwMDB8NTE2Nzg3MjA=&v=2&poid=0&coid=0

Response headers

Server
nginx/1.18.0
Date
Mon, 09 Nov 2020 02:32:28 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
bd_context=DQikXO6qytIHGHcEp5uew1z4F+ga139SoV89fzW5yJ+DOa0inJO0gNWu0Dxte4SEI5uWhy1JopEORQtPJnbtsfXHYtaHxM89V+KI/0ZwvSzlEJSUziaAdaFE/YToc97GcFk7Q6xuBXlyCdyQKwlG/pjrt18WNe+WYSlKcGAzftbDmB++UhCOpuGN6xt9MbDiloBZkOgE36BPHWOzkjkcLXNPn2erdfMlk2LQ9YMH+yxewkKNe8azudpLQ2oQ1/yN0tQfNJpd9dtly7dwnLD/zCMig0h7FyHkuS6objB0YSA8+zT9Wx0Wdn0ocgeC; Expires=Tue, 09 Nov 2021 02:32:28 GMT

Redirect headers

status
302
expires
Tue, 03 Jul 2001 06:00:00 GMT
last-modified
Mon, 09 Nov 2020 02:32:28 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma
no-cache
location
http://expert2020software.com/Qdas14UADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA
content-type
text/html; charset=UTF-8
content-length
7
content-encoding
br
vary
Accept-Encoding,User-Agent
date
Mon, 09 Nov 2020 02:32:28 GMT
server
LiteSpeed
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
Primary Request Cookie set landing_page_272
adultfriendfinder.com/go/page/
Redirect Chain
  • http://adultfriendfinder.com/go/p2082988.sub[Sub_ID]?&sub_id=282033&tpa=ADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA
  • https://adultfriendfinder.com/go/p2082988.sub[Sub_ID]?&sub_id=282033&tpa=ADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA
  • https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=ADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA
30 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=ADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA
Requested by
Host: expert2020software.com
URL: http://expert2020software.com/Qdas14UADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.165.107.69 , United States, ASN25875 (VARIO, US),
Reverse DNS
Software
Apache /
Resource Hash
ec73111d3bc2282411b7a33b96694aef742b2fbef6d41e3b53608b1a60da39dd
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Host
adultfriendfinder.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://expert2020software.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ALPO=198973601; click_id_time=294343216_2020-11-08 18:32:29; AB_TRACKING=jOVBQakd7CXiQ9l0FTD4Ge
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://expert2020software.com/Qdas14UADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA

Response headers

Date
Mon, 09 Nov 2020 02:32:29 GMT
Server
Apache
Set-Cookie
ffadult_who=r_PmejN7h3_hRgU/Z1lqcZYp3VgEjfzkmzfphnvHEWKfZTKZTPtszeGHfhOTXKlZA9C1qRG0oIxUfUCYFcBIfshk_ilnXNFXc8ehV1cOEnOzrDbpvXE885D6n5iErpdYtaJzAZZi2e4jElQuQq3O_vjM4HAIATeAEa2_IdUhPgDqH_HEBOi9WqysbebFGhoPhfLska/USDuMe3usdHZukosw--; path=/; domain=.adultfriendfinder.com; expires=Wed, 09-Nov-2022 02:32:29 GMT v_hash=_dutch_0; path=/; domain=.adultfriendfinder.com; expires=Wed, 09-Dec-2020 02:32:29 GMT IP_COUNTRY=Belgium; path=/; domain=.adultfriendfinder.com; expires=Wed, 09-Dec-2020 02:32:29 GMT ffadult_tr=r_HUmBGiRpoa3qVqNePNiPWZEheBXlN1Hh3H3wyvMouK0B/g0YPEUF41IY6Qo7pPcn; path=/; domain=.adultfriendfinder.com; expires=Wed, 09-Dec-2020 02:32:29 GMT LOCATION_FROM_IP=country&Belgium&area_code&0&longitude&4.5049&country_name&Belgium&lat&50.8847&region_name&Brussels+Hoofdstedelijk+Gewest&country_code&BE&region&11&state&&city&Brussels&postal_code&1930&latitude&50.8847&lon&4.5049&dma_code&0&country_code3&BEL; path=/; domain=.adultfriendfinder.com; expires=Wed, 09-Dec-2020 02:32:29 GMT HISTORY=20201108-1-Dc; path=/; domain=.adultfriendfinder.com; expires=Wed, 09-Dec-2020 02:32:29 GMT throttling={"time":1604889149,"GTM":0,"AppD":1}; path=/; domain=.adultfriendfinder.com; expires=Wed, 09-Dec-2020 02:32:29 GMT
X-PERF
0.117028,0.050853,TS_2_0.0009230,TM_18_0.0108250,DB_4_0.0051180,CD_22_0.0182010,FS_13_0.0029520,PK_1_0.0000420,CE_16_0.0281140
Strict-Transport-Security
max-age=300; includeSubDomains
set-cookie
SC0=py8vVrZVlhLEGdzpm4pSh6Q2wyeEbAdZHy6SbuDnJd4ABbOjX7AopgAFs6NfsCimAAAAAAAAAAAAAAAAAAAAAHv8ydcBlECwjFFkpzQpPygwLjAA; max-age=864000; path=/; domain=.adultfriendfinder.com
X-Frame-Options
SAMEORIGIN
ETag
TESTBED
P3P
CP="DSP LAW"
X-ApacheServer
ki210-284.friendfinderinc.com
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
6796
Keep-Alive
timeout=5
Connection
Keep-Alive
Content-Type
text/html;charset=UTF-8

Redirect headers

Date
Mon, 09 Nov 2020 02:32:29 GMT
Server
Apache
Strict-Transport-Security
max-age=300; includeSubDomains
X-PERF
0.250020,0.153819,DB_21_0.0361910,CD_19_0.0146840,PK_2_0.0000920,CE_24_0.0452340
Location
https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=ADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA
Set-Cookie
ALPO=198973601; path=/; domain=.adultfriendfinder.com; expires=Wed, 09-Dec-2020 02:32:29 GMT click_id_time=294343216_2020-11-08 18:32:29; path=/; domain=.adultfriendfinder.com; expires=Wed, 09-Dec-2020 02:32:29 GMT AB_TRACKING=jOVBQakd7CXiQ9l0FTD4Ge; path=/; domain=.adultfriendfinder.com; expires=Wed, 09-Dec-2020 02:32:29 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
293
Keep-Alive
timeout=5
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
header.css
adultfriendfinder.com/images/ffadult/css/ 		1 B
467 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adultfriendfinder.com/images/ffadult/css/header.css
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=ADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.165.107.69 , United States, ASN25875 (VARIO, US),
Reverse DNS
Software
Apache /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ApacheServer
ki106-351.friendfinderinc.com
Date
Mon, 09 Nov 2020 02:32:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Mon, 13 Jul 2020 08:07:21 GMT
Server
Apache
ETag
"fbdc450-1-5aa4e2e252ccb"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubDomains
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
21
css
fonts.googleapis.com/ 		3 KB
641 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:300,400
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=ADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f6e43907a75f2d7ad44d2646b7023dba3d630617ae7470a188dfdc1f9833f075
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 09 Nov 2020 00:35:51 GMT
server
ESF
date
Mon, 09 Nov 2020 02:32:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 09 Nov 2020 02:32:30 GMT
bootstrap.min.css
secureimage.securedataimages.com/images/ffadult/landing_pages/212/css/ 		138 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secureimage.securedataimages.com/images/ffadult/landing_pages/212/css/bootstrap.min.css
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=ADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.220 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB3) /
Resource Hash
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 02:32:30 GMT
content-encoding
gzip
last-modified
Thu, 31 May 2018 10:35:27 GMT
server
ECS (amb/6BB3)
age
2274727
etag
"fbe28ab-22682-56d7e06947c1e"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
expires
Wed, 09 Dec 2020 02:32:30 GMT
cache-control
max-age=2592000
accept-ranges
bytes
content-length
21086
x-cache-hits
23
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=ADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 22:10:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15723
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 08 Nov 2021 22:10:27 GMT
ffadult-dutch-confirm_alert-1535586440.js
secureimage.securedataimages.com/javascript/live_cd/secure/ 		316 B
354 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secureimage.securedataimages.com/javascript/live_cd/secure/ffadult-dutch-confirm_alert-1535586440.js
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=ADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.220 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA9) /
Resource Hash
397eb1c0aac253e26a31ab73a8d105eeee0d5356366b418d44bcaa82d6f0b995

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-perf
0.030140,0.030111,CD_1_0.0000290
date
Mon, 09 Nov 2020 02:32:30 GMT
content-encoding
gzip
last-modified
Sun, 11 Oct 2020 20:35:43 GMT
server
ECS (amb/6BA9)
age
2440607
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
expires
Wed, 09 Dec 2020 02:32:30 GMT
cache-control
max-age=2592000
accept-ranges
bytes
content-length
229
x-cache-hits
2
bootstrap.min.js
secureimage.securedataimages.com/images/ffadult/landing_pages/212/js/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureimage.securedataimages.com/images/ffadult/landing_pages/212/js/bootstrap.min.js
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=ADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.220 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B78) /
Resource Hash
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 02:32:30 GMT
content-encoding
gzip
last-modified
Thu, 31 May 2018 10:35:12 GMT
server
ECS (amb/6B78)
age
2447749
etag
"fbe28ba-c62b-56d7e05b43eab"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
expires
Wed, 09 Dec 2020 02:32:30 GMT
cache-control
max-age=2592000
accept-ranges
bytes
content-length
14048
x-cache-hits
7
logo_red_wht.png
secureimage.securedataimages.com/images/ffadult/logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secureimage.securedataimages.com/images/ffadult/logos/logo_red_wht.png
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=ADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.220 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B9D) /
Resource Hash
b95bb2845a1ea6f282b49bcfb3844b7e494a549ab17d14ff8bd160cbdc1fe691

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 02:32:30 GMT
last-modified
Thu, 06 Feb 2014 22:46:37 GMT
server
ECS (amb/6B9D)
age
506116
etag
"fbe6443-1410-4f1c4a56a7bb9"
x-cache
HIT
content-type
image/png
status
200
expires
Wed, 09 Dec 2020 02:32:30 GMT
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5136
x-cache-hits
9
jquery-1.11.0.min.js
secureimage.securedataimages.com/images/common/js/jquery/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureimage.securedataimages.com/images/common/js/jquery/jquery-1.11.0.min.js
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=ADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.220 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B94) /
Resource Hash
af2419dd15e09ea913cfe94d130f9870486732e57764e0f02ea3846f204146ee

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 02:32:30 GMT
content-encoding
gzip
last-modified
Wed, 23 Apr 2014 21:00:54 GMT
server
ECS (amb/6B94)
age
2453073
etag
"fbcaa73-1787f-4f7bc073a0d80"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
expires
Wed, 09 Dec 2020 02:32:30 GMT
cache-control
max-age=2592000
accept-ranges
bytes
content-length
33375
x-cache-hits
6
keen-tracking.min.js
aff.trackinglibrary.prodperfect.com/ 		70 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aff.trackinglibrary.prodperfect.com/keen-tracking.min.js
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=ADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:b000:1c:e067:200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5970265baad138586a80f10ae2a655c08596685c297ebb841f45b4234d0c8bca

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
wQTnDvuB2vZJBU577gxabMnUN0.BGo5Z
content-encoding
gzip
last-modified
Fri, 17 Apr 2020 19:43:36 GMT
server
AmazonS3
age
4819
etag
"44a5974f23726792e0e2b7553540eb8c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
date
Mon, 09 Nov 2020 01:12:12 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
9SbKwHw4GiP81VHhs-3e--Ms9oQhWrNgAU_rnOGFv-GaO4-yRmbYvg==
via
1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
bg_1.jpg
secureimage.securedataimages.com/images/ffadult/landing_pages/272/image/Desktop/ 		232 KB
232 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secureimage.securedataimages.com/images/ffadult/landing_pages/272/image/Desktop/bg_1.jpg
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=ADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.220 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B9B) /
Resource Hash
f4d43ef3d82f98eb2a0831e67b318daaf5e84e7c31eca81e21c10dcd846a5d19

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 02:32:30 GMT
last-modified
Mon, 05 Nov 2018 03:54:07 GMT
server
ECS (amb/6B9B)
age
483952
etag
"fbe3697-3a0cc-579e2d636a202"
x-cache
HIT
content-type
image/jpeg
status
200
expires
Wed, 09 Dec 2020 02:32:30 GMT
cache-control
max-age=2592000
accept-ranges
bytes
content-length
237772
x-cache-hits
3
TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
fonts.gstatic.com/s/oswald/v35/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v35/TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:300,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://adultfriendfinder.com
Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 11:20:36 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Jul 2020 19:17:26 GMT
server
sffe
age
54714
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25376
x-xss-protection
0
expires
Mon, 08 Nov 2021 11:20:36 GMT
bg_2.jpg
secureimage.securedataimages.com/images/ffadult/landing_pages/272/image/Desktop/ 		280 KB
280 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secureimage.securedataimages.com/images/ffadult/landing_pages/272/image/Desktop/bg_2.jpg
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=ADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.220 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B89) /
Resource Hash
55ba92fbf4d0c1cab9bb1a1567edf6e3599a2ed17630270b70cd1370f2c4f7aa

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 02:32:35 GMT
last-modified
Mon, 18 Mar 2019 07:54:53 GMT
server
ECS (amb/6B89)
age
470496
etag
"fbe36ad-46019-58459b43055df"
x-cache
HIT
content-type
image/jpeg
status
200
expires
Wed, 09 Dec 2020 02:32:35 GMT
cache-control
max-age=2592000
accept-ranges
bytes
content-length
286745
x-cache-hits
0
bg_3.jpg
secureimage.securedataimages.com/images/ffadult/landing_pages/272/image/Desktop/ 		276 KB
276 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secureimage.securedataimages.com/images/ffadult/landing_pages/272/image/Desktop/bg_3.jpg
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=ADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.220 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B97) /
Resource Hash
9636b99bef2ae06bd2e79a4dbe90143db6dec3eeb8070e603745ca569a9b957c

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 02:32:40 GMT
last-modified
Mon, 05 Nov 2018 03:54:07 GMT
server
ECS (amb/6B97)
age
195883
etag
"fbe36b4-44fa3-579e2d63e2bd8"
x-cache
HIT
content-type
image/jpeg
status
200
expires
Wed, 09 Dec 2020 02:32:40 GMT
cache-control
max-age=2592000
accept-ranges
bytes
content-length
282531
x-cache-hits
2
bg_4.jpg
secureimage.securedataimages.com/images/ffadult/landing_pages/272/image/Desktop/ 		174 KB
174 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secureimage.securedataimages.com/images/ffadult/landing_pages/272/image/Desktop/bg_4.jpg
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=ADyqqF-xTQQA8j4CAEJFNAASAOBnw5YA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.220 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B85) /
Resource Hash
e1ad8c9a3e9e9bdb2f64ee5c541238e068003ef9d0a1eaa839ee81b26fc66f76

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 02:32:45 GMT
last-modified
Mon, 05 Nov 2018 03:54:07 GMT
server
ECS (amb/6B85)
age
285854
etag
"fbe36ba-2b651-579e2d641a298"
x-cache
HIT
content-type
image/jpeg
status
200
expires
Wed, 09 Dec 2020 02:32:45 GMT
cache-control
max-age=2592000
accept-ranges
bytes
content-length
177745
x-cache-hits
0

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| ProdPerfectKeen function| $ function| jQuery object| FFN_MC_confirmAlert object| bootstrap string| hash_string object| hash_array number| last_hash_element function| jump function| Keen function| setImmediate function| clearImmediate

12 Cookies

Domain/Path Name / Value
adultfriendfinder.com/ Name: prodperfect_session
Value: {%22session_uuid%22:%22b6a4c492-3466-495f-aa68-953664e19a87%22}
.adultfriendfinder.com/ Name: throttling
Value: {"time":1604889149,"GTM":0,"AppD":1}
.adultfriendfinder.com/ Name: ALPO
Value: 198973601
.adultfriendfinder.com/ Name: HISTORY
Value: 20201108-1-Dc
.adultfriendfinder.com/ Name: AB_TRACKING
Value: jOVBQakd7CXiQ9l0FTD4Ge
.adultfriendfinder.com/ Name: LOCATION_FROM_IP
Value: country&Belgium&area_code&0&longitude&4.5049&country_name&Belgium&lat&50.8847&region_name&Brussels+Hoofdstedelijk+Gewest&country_code&BE&region&11&state&&city&Brussels&postal_code&1930&latitude&50.8847&lon&4.5049&dma_code&0&country_code3&BEL
.adultfriendfinder.com/ Name: ffadult_tr
Value: r_HUmBGiRpoa3qVqNePNiPWZEheBXlN1Hh3H3wyvMouK0B/g0YPEUF41IY6Qo7pPcn
.adultfriendfinder.com/ Name: IP_COUNTRY
Value: Belgium
.adultfriendfinder.com/ Name: v_hash
Value: _dutch_0
.adultfriendfinder.com/ Name: ffadult_who
Value: r_PmejN7h3_hRgU/Z1lqcZYp3VgEjfzkmzfphnvHEWKfZTKZTPtszeGHfhOTXKlZA9C1qRG0oIxUfUCYFcBIfshk_ilnXNFXc8ehV1cOEnOzrDbpvXE885D6n5iErpdYtaJzAZZi2e4jElQuQq3O_vjM4HAIATeAEa2_IdUhPgDqH_HEBOi9WqysbebFGhoPhfLska/USDuMe3usdHZukosw--
.adultfriendfinder.com/ Name: SC0
Value: py8vVrZVlhLEGdzpm4pSh6Q2wyeEbAdZHy6SbuDnJd4ABbOjX7AopgAFs6NfsCimAAAAAAAAAAAAAAAAAAAAAHv8ydcBlECwjFFkpzQpPygwLjAA
.adultfriendfinder.com/ Name: click_id_time
Value: 294343216_2020-11-08 18:32:29

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adultfriendfinder.com
aff.trackinglibrary.prodperfect.com
ajax.googleapis.com
all.obozrevatelcom.info
btcxxx.ru
c.securepaths.com
cdn.jsdelivr.net
cors-anywhere.herokuapp.com
expert2020software.com
fonts.googleapis.com
fonts.gstatic.com
manyhit.com
secureimage.securedataimages.com
speedflow.io
traffdaq.com
107.170.39.103
144.76.40.130
162.213.255.36
188.72.236.136
192.229.233.220
198.54.116.135
2600:9000:2190:b000:1c:e067:200:93a1
2a00:1450:4001:80b::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:820::200a
2a04:4e42:1b::621
35.190.72.161
52.201.119.187
69.165.107.69
88.212.232.188
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1d2f3007330f214dacf7390ca4a76f643684d5bdbd494fd03ae5fedaf4fd9d9b
2827ef9da2eb54a488d06e408b2a65e5de148af85722d4b4995c1eef7c813e22
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
3767237380c9d433de55e13e2e96ddcefd297d9cdc46baca27e188ec522570fb
397eb1c0aac253e26a31ab73a8d105eeee0d5356366b418d44bcaa82d6f0b995
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
55ba92fbf4d0c1cab9bb1a1567edf6e3599a2ed17630270b70cd1370f2c4f7aa
5970265baad138586a80f10ae2a655c08596685c297ebb841f45b4234d0c8bca
674bb16bd388470cb14b1512f547e242a2de3ddd36362497a76a293ec26413fa
8c732e7c0cad620b77b42ded15a97b785e61a0e7de9bbc7c694f4345525f9174
9636b99bef2ae06bd2e79a4dbe90143db6dec3eeb8070e603745ca569a9b957c
af2419dd15e09ea913cfe94d130f9870486732e57764e0f02ea3846f204146ee
b95bb2845a1ea6f282b49bcfb3844b7e494a549ab17d14ff8bd160cbdc1fe691
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
e1ad8c9a3e9e9bdb2f64ee5c541238e068003ef9d0a1eaa839ee81b26fc66f76
e3f8d5b93e787c87ebba815eebc24d5008120405e05be68f615eac44b6eafcef
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
ec73111d3bc2282411b7a33b96694aef742b2fbef6d41e3b53608b1a60da39dd
f4d43ef3d82f98eb2a0831e67b318daaf5e84e7c31eca81e21c10dcd846a5d19
f6e43907a75f2d7ad44d2646b7023dba3d630617ae7470a188dfdc1f9833f075