vipvoy.activeboard.com Open in urlscan Pro
64.34.33.201 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://speedflow.io/adult/?a=rr
Effective URL:
https://vipvoy.activeboard.com/?afsrc=1
Submission Tags: demotag1 demotag2 Search All
Submission: On November 09 via api (November 9th 2020, 7:29:31 am UTC) from US

Summary HTTP 49 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 17 IPs in 6 countries across 15 domains to perform 49 HTTP transactions. The main IP is 64.34.33.201, located in Canada and belongs to COGECO-PEER1, CA. The main domain is vipvoy.activeboard.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 24th 2020. Valid for: 2 years.

This is the only time vipvoy.activeboard.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	198.54.116.135 198.54.116.135	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 5	107.170.39.103 107.170.39.103	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	162.213.255.36 162.213.255.36	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	52.201.121.154 52.201.121.154	14618 (AMAZON-AES) (AMAZON-AES)
1	35.190.72.161 35.190.72.161	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
5	64.34.33.201 64.34.33.201	13768 (COGECO-PEER1) (COGECO-PEER1)
2	51.210.112.129 51.210.112.129	16276 (OVH) (OVH)
8	64.34.33.207 64.34.33.207	13768 (COGECO-PEER1) (COGECO-PEER1)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	64.34.33.210 64.34.33.210	13768 (COGECO-PEER1) (COGECO-PEER1)
5	116.202.46.88 116.202.46.88	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200d	15169 (GOOGLE) (GOOGLE)
1 5	34.246.247.152 34.246.247.152	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6810:a40d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
49	17

1 198.54.116.135 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server193-5.web-hosting.com

speedflow.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 107.170.39.103 (New York, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

traffdaq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.213.255.36 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server145-4.web-hosting.com

manyhit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.201.121.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-121-154.compute-1.amazonaws.com

cors-anywhere.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.161 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com

c.securepaths.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 64.34.33.201 (Canada)

ASN13768 (COGECO-PEER1, CA)
PTR: forum.sparklit.com

vipvoy.activeboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.210.112.129 (France)

ASN16276 (OVH, FR)
PTR: i.ibb.co

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 64.34.33.207 (Canada)

ASN13768 (COGECO-PEER1, CA)
PTR: sparklit.com

www.sparklit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.34.33.210 (Canada)

ASN13768 (COGECO-PEER1, CA)
PTR: blogbaker.com

www.activeboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 116.202.46.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.46.202.116.clients.your-server.de

servedbyadbutler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.246.247.152 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-247-152.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:a40d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	viglink.com 1 redirects api.viglink.com cdn.viglink.com	31 KB
8	sparklit.com www.sparklit.com	20 KB
7	activeboard.com vipvoy.activeboard.com www.activeboard.com	58 KB
5	google.com apis.google.com accounts.google.com	102 KB
5	servedbyadbutler.com servedbyadbutler.com	46 KB
5	traffdaq.com 1 redirects traffdaq.com	6 KB
2	facebook.net connect.facebook.net	59 KB
2	fbcdn.net static.xx.fbcdn.net	1 KB
2	ibb.co i.ibb.co	88 KB
2	herokuapp.com cors-anywhere.herokuapp.com	2 KB
1	facebook.com www.facebook.com
1	jsdelivr.net cdn.jsdelivr.net	10 KB
1	securepaths.com c.securepaths.com
1	manyhit.com manyhit.com
1	speedflow.io speedflow.io	1 KB
49	15

	Domain	Requested by
8	www.sparklit.com	vipvoy.activeboard.com
5	api.viglink.com	1 redirects api.viglink.com
5	servedbyadbutler.com	vipvoy.activeboard.com servedbyadbutler.com
5	vipvoy.activeboard.com	traffdaq.com vipvoy.activeboard.com
5	traffdaq.com	1 redirects speedflow.io traffdaq.com
4	apis.google.com	vipvoy.activeboard.com apis.google.com
3	cdn.viglink.com	vipvoy.activeboard.com
2	connect.facebook.net	vipvoy.activeboard.com connect.facebook.net
2	www.activeboard.com	vipvoy.activeboard.com www.activeboard.com
2	static.xx.fbcdn.net	vipvoy.activeboard.com
2	i.ibb.co	vipvoy.activeboard.com
2	cors-anywhere.herokuapp.com	speedflow.io
1	www.facebook.com	connect.facebook.net
1	accounts.google.com	apis.google.com
1	cdn.jsdelivr.net	traffdaq.com
1	c.securepaths.com	traffdaq.com
1	manyhit.com	speedflow.io
1	speedflow.io
49	18

This site contains links to these domains. Also see Links.

Domain
www.ledgerwallet.com
faucetpay.io
coinpayments.net
www.coinbase.com
www.jefit.com
cams.com
adultfriendfinder.com
superpay.me
mydirtyhobby.com
adultchatvipvoy.000webhostapp.com
www.hotelscombined.com
www.flickr.com
www.yelp.com
friendfinder.com
jumpshare.com
www.veoh.com
www.netspend.com
www.paypal-prepaid.com
www.reddit.com
clyp.it
pastelink.net
www.autoclickbots.com
www.youtube.com
servedbyadbutler.com
adultchatvipvoy.gotop100.com
waskucity.com
www.activeboard.com
twitter.com
digg.com
secure.del.icio.us
support.sparklit.com

Subject Issuer	Validity	Valid
traffdaq.com Let's Encrypt Authority X3	`2020-10-31` - `2021-01-29`	3 months	crt.sh
*.herokuapp.com DigiCert SHA2 High Assurance Server CA	`2020-06-15` - `2021-07-07`	a year	crt.sh
*.securepaths.com Let's Encrypt Authority X3	`2020-09-22` - `2020-12-21`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
*.activeboard.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-24` - `2022-06-24`	2 years	crt.sh
ibb.co Let's Encrypt Authority X3	`2020-10-02` - `2020-12-31`	3 months	crt.sh
sparklit.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-16` - `2022-04-10`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
activeboard.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-08` - `2021-09-08`	a year	crt.sh
adbutler.io Sectigo RSA Domain Validation Secure Server CA	`2020-10-29` - `2021-08-01`	9 months	crt.sh
*.apis.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
ssl418259.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-10-27` - `2021-05-05`	6 months	crt.sh
viglink.com Amazon	`2020-01-10` - `2021-02-10`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://vipvoy.activeboard.com/?afsrc=1
Frame ID: 50418C2E2FE3AE51C71B47F664D11A6F
Requests: 44 HTTP requests in this frame

Frame: http://manyhit.com/autosurf_if.php?user=speedflow
Frame ID: 94C2BD77EC7CCB4273ACDB6827C7D63D
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=false&origin=https%3A%2F%2Fvipvoy.activeboard.com&url=https%3A%2F%2Fvipvoy.activeboard.com%2F%3Fafsrc%3D1&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
Frame ID: B1E4DCA912DED99A536CB6D10FD4377F
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fvipvoy.activeboard.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
Frame ID: A80EE5AC798FDBB82D1CFE53B00E5A17
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1375658727608c%26domain%3Dvipvoy.activeboard.com%26origin%3Dhttps%253A%252F%252Fvipvoy.activeboard.com%252Ff3a4379341664dc%26relation%3Dparent.parent&container_width=156&href=https%3A%2F%2Fvipvoy.activeboard.com%2F%3Fafsrc%3D1&locale=en_US&sdk=joey&type=button
Frame ID: 4FD5B2CDB00B850443F27A3CD0B26601
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://speedflow.io/adult/?a=rr Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6ImVXN3NiNVdDWEZZZFdtajJvWjJGNEE9PSIsI... Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik50Z2VKeEExMlJNNkJHVVd4dnRQVlE9PSIsI... Page URL
https://vipvoy.activeboard.com/?afsrc=1 Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

49
Requests

96 %
HTTPS

35 %
IPv6

15
Domains

18
Subdomains

17
IPs

6
Countries

424 kB
Transfer

979 kB
Size

4
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ledgerwallet.com/r/6e70
Title: ledgerwallet.com

Search URL Search Domain Scan URL

URL: https://faucetpay.io/?r=86897
Title: faucetpay.io

Search URL Search Domain Scan URL

URL: https://coinpayments.net/index.php?ref=ab109649f0f31ff191e7b235e5224f1
Title: https://coinpayments.net

Search URL Search Domain Scan URL

URL: https://www.coinbase.com/join/moore_r3
Title: https://www.coinbase.com

Search URL Search Domain Scan URL

URL: https://www.jefit.com/8368201
Title: https://www.jefit.com

Search URL Search Domain Scan URL

URL: https://cams.com/go/g1035-pmob
Title: http://cams.com

Search URL Search Domain Scan URL

URL: https://adultfriendfinder.com/go/g1035-pmo
Title: https://adultfriendfinder.com

Search URL Search Domain Scan URL

URL: https://superpay.me/members/withdraw/list.php?ref=vipvoy
Title: https://superpay.me

Search URL Search Domain Scan URL

URL: https://mydirtyhobby.com/webcams?ats=eyJhIjoyNTUwNzAsImMiOjU2NjM3MzA0LCJuIjoyMSwicyI6MjQxLCJlIjo4NTksInAiOjExfQ==
Title: https://mydirtyhobby.com

Search URL Search Domain Scan URL

URL: https://adultchatvipvoy.000webhostapp.com/
Title: https://adultchatvipvoy.000webhostapp.com

Search URL Search Domain Scan URL

URL: https://www.hotelscombined.com/?a_aid=41101
Title: https://www.hotelscombined.com

Search URL Search Domain Scan URL

URL: https://www.flickr.com/photos/144024500@N08
Title: https://www.flickr.com

Search URL Search Domain Scan URL

URL: https://www.yelp.com/user_details?userid=VXtxx_dTS5dlsVukgY9rag
Title: https://www.yelp.com

Search URL Search Domain Scan URL

URL: https://friendfinder.com/go/g1035
Title: https://friendfinder.com

Search URL Search Domain Scan URL

URL: https://jumpshare.com/v/sCTX9yzvEjP7osj7gV26
Title: Dance video 8 minutes into it

Search URL Search Domain Scan URL

URL: https://www.veoh.com/watch/v141982259g77y6Nx2
Title: Watch Big Boss of Shanghai

Search URL Search Domain Scan URL

URL: https://www.netspend.com/get-a-prepaid-card/?aid=RAF_1&site_id=RAF_OAC_URL&uref=1651289010
Title: https://www.netspend.com

Search URL Search Domain Scan URL

URL: https://www.paypal-prepaid.com/prepaid-debit-card/applyNow.m?AID=Refer2PayPal&uref=6908759633
Title: https://www.paypal-prepaid.com

Search URL Search Domain Scan URL

URL: https://www.reddit.com/user/adultchatvipvoy/posts/
Title: https://www.reddit.com

Search URL Search Domain Scan URL

URL: https://clyp.it/user/aofeuysq
Title: https://clyp.it

Search URL Search Domain Scan URL

URL: https://pastelink.net/18ujl
Title: adult videos

Search URL Search Domain Scan URL

URL: https://www.autoclickbots.com/?ref=481
Title: https://www.autoclickbots.com

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=49Ojq0hvAc4
Title: dance video 2

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=qnIpVQHAPDA
Title: dance video 3

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=uIV9Ds9KuIE
Title: ＩＣＵ band playing

Search URL Search Domain Scan URL

URL: https://servedbyadbutler.com/redirect.spark?MID=142519&plid=769430&setID=68329&channelID=0&CID=0&banID=519574799&PID=0&textadID=0&tc=1&mt=1604906953856667&sw=1600&sh=1200&spr=1&hc=12c779974664958fbec53fb4f5c22b2d74591366&location=

Search URL Search Domain Scan URL

URL: http://jumpshare.com/v/2qih1DaGgtMyzl9SFyig
Title: Download Some Bitcoin Software

Search URL Search Domain Scan URL

URL: http://adultchatvipvoy.gotop100.com/in.php?ref=103&amp
Title: Daby Paby toplist

Search URL Search Domain Scan URL

URL: http://waskucity.com/
Title: Wasku City

Search URL Search Domain Scan URL

URL: https://www.activeboard.com/community_funding.spark?action=donate&aBID=125240
Title: contribute

Search URL Search Domain Scan URL

URL: http://twitter.com/share

Search URL Search Domain Scan URL

URL: http://digg.com/submit?url=https://vipvoy.activeboard.com/?afsrc=1

Search URL Search Domain Scan URL

URL: https://secure.del.icio.us/login?url=https://vipvoy.activeboard.com/?afsrc=1

Search URL Search Domain Scan URL

URL: https://www.activeboard.com/?ref=fForum
Title: Create your own FREE Forum

Search URL Search Domain Scan URL

URL: https://support.sparklit.com/abuse.spark?pageURL=vipvoy.activeboard.com/?afsrc=1
Title: Report Abuse

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://speedflow.io/adult/?a=rr Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6ImVXN3NiNVdDWEZZZFdtajJvWjJGNEE9PSIsInZhbHVlIjoibHUwR29hc1A3aEp4R1dLRVJHd1BTZU1JUUJYN1FTaFBVdVhqUUR6V2ZsWnI5WGxKeE9xUVwvMlNNM2owZVdaYVRcL2E5ZGNcL3JOMEtwcjI0TEJTczhVc3RSUlBlT0RSMnBJa09rVGVQcnZEb3NkN0hsazhKT3JLbWNMVUN6SytBXC9jZHhpQUVEckhVUVhWWHpIVDE2dU5JZGc2TEpHWWNPMTdLVWEyWmlDWHN1SUFVQUJaRzVzS0d0cXdQd3NoSk03dHpsRUVUU2VNWExTa2lmdFRaOUVLUlE9PSIsIm1hYyI6ImE3M2RlZWFkMDdkZjcxNDQxMTY2ZjRhZWY3OTRkOTNmODRmMTU3OWJjZTlkZjNlYWY5OWFiM2YzNTgyNzkwODAifQ%3D%3D Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik50Z2VKeEExMlJNNkJHVVd4dnRQVlE9PSIsInZhbHVlIjoiUzFhclc5REN6TFU5cHNNOUNKWEowdXVnMm1oYzU1RFBwTG9xM2xpN1wvZklPZmxXd3REaGVNS2RxMSswdVpuaGlFUUlISzhMTnJyRWMyWG05RlRNWFIwQU5mNVl6Y3BFdUJRUTF3eGdSQ0RwREtqMjhEXC82T2ZSNjNnNmVoRlgyV1pmVW52V1dDMkJGNVpEMG9NQW5FdWpRaW8rZXZvenk5OVVkcXAwMXdRRVZheEw2cXAyZTc5RE9jUkpcL2xQdzVmQkY3cEFhUGpnajBzSTA5cTZqbkZjOEY4MEdnTUNSOUVBNnk3SmlBT29CcEoxbDZzYjhqTkVwSm5OV2hJS3lxd2ozbzNGK0h6ZXR1SFdjbVE1Y1VBWmhYS083Y3F3K0pqTjlMdndTWUt5QWs4NWhVWWxNdEhqc1JmQkZ0VWRIOG8iLCJtYWMiOiI5MjFkNDFlNTZlYmU5Mjc3NGY0NmNhZjI4M2Q2NjczYWRjMGExOGVjNjA0ODI3NTBjODlmODk1YmI1ZGYzMzQ3In0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8 Page URL
https://vipvoy.activeboard.com/?afsrc=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://traffdaq.com/delivery/pu/47382?category=amateur HTTP 301
https://traffdaq.com/delivery/pu/47382?category=amateur

Request Chain 39

https://api.viglink.com/api/vglnk.js HTTP 301
https://cdn.viglink.com/api/vglnk.js

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
speedflow.io/adult/ 1 KB
1 KB 189ms
189ms Document
text/html 198.54.116.135
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Server: 198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server193-5.web-hosting.com
Software: Apache / PHP/7.1.33
Resource Hash: 44feb9bffde8d8b76b7e18c9837e4a8b6eedd91073558afd5d76734d9ebe096d

Request headers

Host: speedflow.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr

Response headers

date: Mon, 09 Nov 2020 07:29:04 GMT
server: Apache
x-powered-by: PHP/7.1.33
set-cookie: visits_todaya=1; expires=Mon, 09-Nov-2020 22:59:00 GMT; Max-Age=55796; path=/ time_start=1604906944.2246; expires=Mon, 09-Nov-2020 22:59:00 GMT; Max-Age=55796; path=/ ip=185.156.175.107 mobile=0 country=GB visits_todayi=0; expires=Mon, 09-Nov-2020 22:59:00 GMT; Max-Age=55796; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 612
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

47382 Show response
traffdaq.com/delivery/pu/
Redirect Chain

http://traffdaq.com/delivery/pu/47382?category=amateur
https://traffdaq.com/delivery/pu/47382?category=amateur

5 KB
2 KB

379ms
142ms

Script
text/html

107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/pu/47382?category=amateur
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: c0fe04a52e14753f5ee9e4ea915574be119812fee34dd5fe38033a5095991b7e

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 07:29:04 GMT
Content-Encoding: gzip
Server: nginx/1.16.1 (Ubuntu)
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Location: https://traffdaq.com/delivery/pu/47382?category=amateur
Connection: close
Content-length: 0

GET
H/1.1 200
OK autosurf_if.php
manyhit.com/ Frame 94C2 0
0 202ms
202ms Document
text/html 162.213.255.36
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://manyhit.com/autosurf_if.php?user=speedflow
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Server: 162.213.255.36 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server145-4.web-hosting.com
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Host: manyhit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

date: Mon, 09 Nov 2020 07:29:05 GMT
server: Apache
x-powered-by: PHP/5.4.45
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=79cd95592a6ba1ef97560fd1c031cd26; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 1268
content-type: text/html

OPTIONS
H/1.1 200
OK 47382
cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/ Frame 0
0 206ms
206ms Other 52.201.121.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/47382?category=amateur
Protocol: HTTP/1.1
Server: 52.201.121.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-121-154.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Origin: http://speedflow.io
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Cowboy
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: x-requested-with
Access-Control-Expose-Headers: access-control-allow-origin,access-control-allow-methods,access-control-allow-headers
Date: Mon, 09 Nov 2020 07:29:05 GMT
Transfer-Encoding: chunked
Via: 1.1 vegur

GET
H/1.1 200
OK 47382
cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/ 5 KB
2 KB 366ms
366ms XHR
text/html 52.201.121.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/47382?category=amateur
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.121.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-121-154.compute-1.amazonaws.com
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

Date: Mon, 09 Nov 2020 07:29:05 GMT
Content-Encoding: gzip
Server: nginx/1.16.1 (Ubuntu)
X-Request-Url: http://traffdaq.com/delivery/pu/47382?category=amateur
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: server,date,content-type,transfer-encoding,connection,content-encoding,x-final-url,access-control-allow-origin
Connection: keep-alive
X-Cors-Redirect-1: 301 https://traffdaq.com/delivery/pu/47382?category=amateur
X-Final-Url: https://traffdaq.com/delivery/pu/47382?category=amateur
Via: 1.1 vegur

GET
H/1.1 200
OK 47382 Show response
traffdaq.com/delivery/directlink/ 3 KB
2 KB 859ms
622ms Document
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6ImVXN3NiNVdDWEZZZFdtajJvWjJGNEE9PSIsInZhbHVlIjoibHUwR29hc1A3aEp4R1dLRVJHd1BTZU1JUUJYN1FTaFBVdVhqUUR6V2ZsWnI5WGxKeE9xUVwvMlNNM2owZVdaYVRcL2E5ZGNcL3JOMEtwcjI0TEJTczhVc3RSUlBlT0RSMnBJa09rVGVQcnZEb3NkN0hsazhKT3JLbWNMVUN6SytBXC9jZHhpQUVEckhVUVhWWHpIVDE2dU5JZGc2TEpHWWNPMTdLVWEyWmlDWHN1SUFVQUJaRzVzS0d0cXdQd3NoSk03dHpsRUVUU2VNWExTa2lmdFRaOUVLUlE9PSIsIm1hYyI6ImE3M2RlZWFkMDdkZjcxNDQxMTY2ZjRhZWY3OTRkOTNmODRmMTU3OWJjZTlkZjNlYWY5OWFiM2YzNTgyNzkwODAifQ%3D%3D
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: ec816d8701237966890fce34eaef2256ecd262a32f97a2911fd20776bdbd7fa1

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Mon, 09 Nov 2020 07:29:06 GMT
Content-Encoding: gzip

GET
H/1.1 200
OK eyJpdiI6IkdcL09OZmgxcnVlOHhCSlwvQlVFTkhQUT09IiwidmFsdWUiOiIzNEU5VDFEa0pRbWgxM1B0NmxQc2VMcldTOUdUc0RCTWxsR201UTJMdGJTQjlYMkZnYUtUaU1KUktUXC8xejdRVkR1N0o3MThwNXI0MGZKUmlqK3lPVkE9PSIsIm1hYyI6IjU0MjJhM...
traffdaq.com/users/track/ 0
858 B 610ms
372ms Image
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffdaq.com/users/track/eyJpdiI6IkdcL09OZmgxcnVlOHhCSlwvQlVFTkhQUT09IiwidmFsdWUiOiIzNEU5VDFEa0pRbWgxM1B0NmxQc2VMcldTOUdUc0RCTWxsR201UTJMdGJTQjlYMkZnYUtUaU1KUktUXC8xejdRVkR1N0o3MThwNXI0MGZKUmlqK3lPVkE9PSIsIm1hYyI6IjU0MjJhMDZmNGJjYTE4ZTkwOGRjNzE3ZWYxNDhmODEwOTdlYTM4ZGM4NTE5NmNhYTA5M2JiYjA3NWMyNzlmYmUifQ%3D%3D
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6ImVXN3NiNVdDWEZZZFdtajJvWjJGNEE9PSIsInZhbHVlIjoibHUwR29hc1A3aEp4R1dLRVJHd1BTZU1JUUJYN1FTaFBVdVhqUUR6V2ZsWnI5WGxKeE9xUVwvMlNNM2owZVdaYVRcL2E5ZGNcL3JOMEtwcjI0TEJTczhVc3RSUlBlT0RSMnBJa09rVGVQcnZEb3NkN0hsazhKT3JLbWNMVUN6SytBXC9jZHhpQUVEckhVUVhWWHpIVDE2dU5JZGc2TEpHWWNPMTdLVWEyWmlDWHN1SUFVQUJaRzVzS0d0cXdQd3NoSk03dHpsRUVUU2VNWExTa2lmdFRaOUVLUlE9PSIsIm1hYyI6ImE3M2RlZWFkMDdkZjcxNDQxMTY2ZjRhZWY3OTRkOTNmODRmMTU3OWJjZTlkZjNlYWY5OWFiM2YzNTgyNzkwODAifQ%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 09 Nov 2020 07:29:06 GMT
Cache-Control: no-cache
Server: nginx/1.16.1 (Ubuntu)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 401 implement.js
c.securepaths.com/js/ 0
0 68ms
34ms Script
application/javascript 35.190.72.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c.securepaths.com/js/implement.js?org=FziBhN0qA1aE5tBQrQLl&s=5fa8efc16a308&p=TDQ47382&a=47382&cmp=47382&rd=http%3A%2F%2Fspeedflow.io%2F&rt=click&sl=0&stId=0&ty=l

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6ImVXN3NiNVdDWEZZZFdtajJvWjJGNEE9PSIsInZhbHVlIjoibHUwR29hc1A3aEp4R1dLRVJHd1BTZU1JUUJYN1FTaFBVdVhqUUR6V2ZsWnI5WGxKeE9xUVwvMlNNM2owZVdaYVRcL2E5ZGNcL3JOMEtwcjI0TEJTczhVc3RSUlBlT0RSMnBJa09rVGVQcnZEb3NkN0hsazhKT3JLbWNMVUN6SytBXC9jZHhpQUVEckhVUVhWWHpIVDE2dU5JZGc2TEpHWWNPMTdLVWEyWmlDWHN1SUFVQUJaRzVzS0d0cXdQd3NoSk03dHpsRUVUU2VNWExTa2lmdFRaOUVLUlE9PSIsIm1hYyI6ImE3M2RlZWFkMDdkZjcxNDQxMTY2ZjRhZWY3OTRkOTNmODRmMTU3OWJjZTlkZjNlYWY5OWFiM2YzNTgyNzkwODAifQ%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

161.72.190.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Nov 2020 07:29:06 GMT
via: 1.1 google
status: 401
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
x-xss-protection: 0
expires: 0

GET
H2 200 fingerprint2.min.js Show response
cdn.jsdelivr.net/fingerprintjs2/1.4.0/ 33 KB
10 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/fingerprintjs2/1.4.0/fingerprint2.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 990935
x-cache: HIT, HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 10191
etag: W/"83f3-ijg3WuTgKQH1Hch06eHdIajrA24"
x-served-by: cache-fra19149-FRA, cache-hhn4062-HHN
date: Mon, 09 Nov 2020 07:29:06 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 47382 Show response
traffdaq.com/delivery/directlink/ 2 KB
1 KB 5361ms
5121ms Document
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik50Z2VKeEExMlJNNkJHVVd4dnRQVlE9PSIsInZhbHVlIjoiUzFhclc5REN6TFU5cHNNOUNKWEowdXVnMm1oYzU1RFBwTG9xM2xpN1wvZklPZmxXd3REaGVNS2RxMSswdVpuaGlFUUlISzhMTnJyRWMyWG05RlRNWFIwQU5mNVl6Y3BFdUJRUTF3eGdSQ0RwREtqMjhEXC82T2ZSNjNnNmVoRlgyV1pmVW52V1dDMkJGNVpEMG9NQW5FdWpRaW8rZXZvenk5OVVkcXAwMXdRRVZheEw2cXAyZTc5RE9jUkpcL2xQdzVmQkY3cEFhUGpnajBzSTA5cTZqbkZjOEY4MEdnTUNSOUVBNnk3SmlBT29CcEoxbDZzYjhqTkVwSm5OV2hJS3lxd2ozbzNGK0h6ZXR1SFdjbVE1Y1VBWmhYS083Y3F3K0pqTjlMdndTWUt5QWs4NWhVWWxNdEhqc1JmQkZ0VWRIOG8iLCJtYWMiOiI5MjFkNDFlNTZlYmU5Mjc3NGY0NmNhZjI4M2Q2NjczYWRjMGExOGVjNjA0ODI3NTBjODlmODk1YmI1ZGYzMzQ3In0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6ImVXN3NiNVdDWEZZZFdtajJvWjJGNEE9PSIsInZhbHVlIjoibHUwR29hc1A3aEp4R1dLRVJHd1BTZU1JUUJYN1FTaFBVdVhqUUR6V2ZsWnI5WGxKeE9xUVwvMlNNM2owZVdaYVRcL2E5ZGNcL3JOMEtwcjI0TEJTczhVc3RSUlBlT0RSMnBJa09rVGVQcnZEb3NkN0hsazhKT3JLbWNMVUN6SytBXC9jZHhpQUVEckhVUVhWWHpIVDE2dU5JZGc2TEpHWWNPMTdLVWEyWmlDWHN1SUFVQUJaRzVzS0d0cXdQd3NoSk03dHpsRUVUU2VNWExTa2lmdFRaOUVLUlE9PSIsIm1hYyI6ImE3M2RlZWFkMDdkZjcxNDQxMTY2ZjRhZWY3OTRkOTNmODRmMTU3OWJjZTlkZjNlYWY5OWFiM2YzNTgyNzkwODAifQ%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: 7f08d9497a20997a4a0f85d41094512a356efc1700367ab9cd9bf3fc872d6c60

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6ImVXN3NiNVdDWEZZZFdtajJvWjJGNEE9PSIsInZhbHVlIjoibHUwR29hc1A3aEp4R1dLRVJHd1BTZU1JUUJYN1FTaFBVdVhqUUR6V2ZsWnI5WGxKeE9xUVwvMlNNM2owZVdaYVRcL2E5ZGNcL3JOMEtwcjI0TEJTczhVc3RSUlBlT0RSMnBJa09rVGVQcnZEb3NkN0hsazhKT3JLbWNMVUN6SytBXC9jZHhpQUVEckhVUVhWWHpIVDE2dU5JZGc2TEpHWWNPMTdLVWEyWmlDWHN1SUFVQUJaRzVzS0d0cXdQd3NoSk03dHpsRUVUU2VNWExTa2lmdFRaOUVLUlE9PSIsIm1hYyI6ImE3M2RlZWFkMDdkZjcxNDQxMTY2ZjRhZWY3OTRkOTNmODRmMTU3OWJjZTlkZjNlYWY5OWFiM2YzNTgyNzkwODAifQ%3D%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tdqct=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6ImVXN3NiNVdDWEZZZFdtajJvWjJGNEE9PSIsInZhbHVlIjoibHUwR29hc1A3aEp4R1dLRVJHd1BTZU1JUUJYN1FTaFBVdVhqUUR6V2ZsWnI5WGxKeE9xUVwvMlNNM2owZVdaYVRcL2E5ZGNcL3JOMEtwcjI0TEJTczhVc3RSUlBlT0RSMnBJa09rVGVQcnZEb3NkN0hsazhKT3JLbWNMVUN6SytBXC9jZHhpQUVEckhVUVhWWHpIVDE2dU5JZGc2TEpHWWNPMTdLVWEyWmlDWHN1SUFVQUJaRzVzS0d0cXdQd3NoSk03dHpsRUVUU2VNWExTa2lmdFRaOUVLUlE9PSIsIm1hYyI6ImE3M2RlZWFkMDdkZjcxNDQxMTY2ZjRhZWY3OTRkOTNmODRmMTU3OWJjZTlkZjNlYWY5OWFiM2YzNTgyNzkwODAifQ%3D%3D

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Mon, 09 Nov 2020 07:29:12 GMT
Content-Encoding: gzip

GET
H2 200 Primary Request / Show response
vipvoy.activeboard.com/ 54 KB
14 KB 907ms
201ms Document
text/html 64.34.33.201
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://vipvoy.activeboard.com/?afsrc=1
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik50Z2VKeEExMlJNNkJHVVd4dnRQVlE9PSIsInZhbHVlIjoiUzFhclc5REN6TFU5cHNNOUNKWEowdXVnMm1oYzU1RFBwTG9xM2xpN1wvZklPZmxXd3REaGVNS2RxMSswdVpuaGlFUUlISzhMTnJyRWMyWG05RlRNWFIwQU5mNVl6Y3BFdUJRUTF3eGdSQ0RwREtqMjhEXC82T2ZSNjNnNmVoRlgyV1pmVW52V1dDMkJGNVpEMG9NQW5FdWpRaW8rZXZvenk5OVVkcXAwMXdRRVZheEw2cXAyZTc5RE9jUkpcL2xQdzVmQkY3cEFhUGpnajBzSTA5cTZqbkZjOEY4MEdnTUNSOUVBNnk3SmlBT29CcEoxbDZzYjhqTkVwSm5OV2hJS3lxd2ozbzNGK0h6ZXR1SFdjbVE1Y1VBWmhYS083Y3F3K0pqTjlMdndTWUt5QWs4NWhVWWxNdEhqc1JmQkZ0VWRIOG8iLCJtYWMiOiI5MjFkNDFlNTZlYmU5Mjc3NGY0NmNhZjI4M2Q2NjczYWRjMGExOGVjNjA0ODI3NTBjODlmODk1YmI1ZGYzMzQ3In0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.34.33.201 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: forum.sparklit.com
Software: nginx /
Resource Hash: 611412ee7618130c34e66d16321fc855fd54e937f2538dc969eb50a515ea2c7b

Request headers

:method: GET
:authority: vipvoy.activeboard.com
:scheme: https
:path: /?afsrc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik50Z2VKeEExMlJNNkJHVVd4dnRQVlE9PSIsInZhbHVlIjoiUzFhclc5REN6TFU5cHNNOUNKWEowdXVnMm1oYzU1RFBwTG9xM2xpN1wvZklPZmxXd3REaGVNS2RxMSswdVpuaGlFUUlISzhMTnJyRWMyWG05RlRNWFIwQU5mNVl6Y3BFdUJRUTF3eGdSQ0RwREtqMjhEXC82T2ZSNjNnNmVoRlgyV1pmVW52V1dDMkJGNVpEMG9NQW5FdWpRaW8rZXZvenk5OVVkcXAwMXdRRVZheEw2cXAyZTc5RE9jUkpcL2xQdzVmQkY3cEFhUGpnajBzSTA5cTZqbkZjOEY4MEdnTUNSOUVBNnk3SmlBT29CcEoxbDZzYjhqTkVwSm5OV2hJS3lxd2ozbzNGK0h6ZXR1SFdjbVE1Y1VBWmhYS083Y3F3K0pqTjlMdndTWUt5QWs4NWhVWWxNdEhqc1JmQkZ0VWRIOG8iLCJtYWMiOiI5MjFkNDFlNTZlYmU5Mjc3NGY0NmNhZjI4M2Q2NjczYWRjMGExOGVjNjA0ODI3NTBjODlmODk1YmI1ZGYzMzQ3In0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik50Z2VKeEExMlJNNkJHVVd4dnRQVlE9PSIsInZhbHVlIjoiUzFhclc5REN6TFU5cHNNOUNKWEowdXVnMm1oYzU1RFBwTG9xM2xpN1wvZklPZmxXd3REaGVNS2RxMSswdVpuaGlFUUlISzhMTnJyRWMyWG05RlRNWFIwQU5mNVl6Y3BFdUJRUTF3eGdSQ0RwREtqMjhEXC82T2ZSNjNnNmVoRlgyV1pmVW52V1dDMkJGNVpEMG9NQW5FdWpRaW8rZXZvenk5OVVkcXAwMXdRRVZheEw2cXAyZTc5RE9jUkpcL2xQdzVmQkY3cEFhUGpnajBzSTA5cTZqbkZjOEY4MEdnTUNSOUVBNnk3SmlBT29CcEoxbDZzYjhqTkVwSm5OV2hJS3lxd2ozbzNGK0h6ZXR1SFdjbVE1Y1VBWmhYS083Y3F3K0pqTjlMdndTWUt5QWs4NWhVWWxNdEhqc1JmQkZ0VWRIOG8iLCJtYWMiOiI5MjFkNDFlNTZlYmU5Mjc3NGY0NmNhZjI4M2Q2NjczYWRjMGExOGVjNjA0ODI3NTBjODlmODk1YmI1ZGYzMzQ3In0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Response headers

status: 200
server: nginx
date: Mon, 09 Nov 2020 07:29:12 GMT
content-type: text/html; charset=ISO-8859-1
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
set-cookie: sparkKey=9f38d1ab0a6fcfd0f21f9962dd962140a0; Expires=Tuesday, 09-Nov-2021 07:29:12 GMT+0000; Max-Age=31536000; Path=/; Domain=.activeboard.com; Secure; SameSite=Strict abCookieTest=1; expires=Mon, 16-Nov-2020 07:29:12 GMT; Max-Age=604800; path=/; domain=.activeboard.com abIC125240=1; expires=Mon, 09-Nov-2020 07:34:12 GMT; Max-Age=300; path=/; domain=.activeboard.com abCookieTest=1; expires=Mon, 16-Nov-2020 07:29:12 GMT; Max-Age=604800; path=/; domain=.activeboard.com
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 masterstyle.spark
vipvoy.activeboard.com/templates/ 4 KB
2 KB 460ms
459ms Stylesheet
text/css 64.34.33.201
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://vipvoy.activeboard.com/templates/masterstyle.spark?aBID=125240&45c48cce2e2d7fbdea1afc51c7c6ad26
Requested by: Host: vipvoy.activeboard.com
URL: https://vipvoy.activeboard.com/?afsrc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.34.33.201 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: forum.sparklit.com
Software: nginx /
Resource Hash: 687db827725b0f7a0f2d7c7d3f3001f047837cea35d949d254bdbf2d539541b5

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:29:13 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
status: 200
cache-control: max-age=31536000
content-type: text/css;charset=UTF-8

GET
H2 200 jquery-1.8.2.min.js Show response
vipvoy.activeboard.com/js.ln/jquery/js/ 91 KB
33 KB 189ms
188ms Script
application/javascript 64.34.33.201
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://vipvoy.activeboard.com/js.ln/jquery/js/jquery-1.8.2.min.js
Requested by: Host: vipvoy.activeboard.com
URL: https://vipvoy.activeboard.com/?afsrc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.34.33.201 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: forum.sparklit.com
Software: nginx /
Resource Hash: 1dae58c9f21daeef53af34972a9c20ef707c6118ebd3d5cc45106e806cc99aac

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:29:13 GMT
content-encoding: gzip
last-modified: Thu, 11 Oct 2012 20:53:25 GMT
server: nginx
etag: W/"507731c5-16cfc"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000
expires: Wed, 09 Dec 2020 07:29:13 GMT

GET
H2 200 facebook_scripts.js Show response
vipvoy.activeboard.com/js/ 12 KB
3 KB 458ms
458ms Script
application/javascript 64.34.33.201
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://vipvoy.activeboard.com/js/facebook_scripts.js?v=1340
Requested by: Host: vipvoy.activeboard.com
URL: https://vipvoy.activeboard.com/?afsrc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.34.33.201 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: forum.sparklit.com
Software: nginx /
Resource Hash: df8b6ec4796cf5ecf339f8ef8bada3dec41efcac20e2081afd7c57020d16db52

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:29:13 GMT
content-encoding: gzip
last-modified: Wed, 03 Oct 2018 16:59:03 GMT
server: nginx
etag: W/"5bb4f557-3017"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
expires: Tue, 09 Nov 2021 07:29:13 GMT

GET
H2 200 dingo.jpg
i.ibb.co/qWTZj4J/ 25 KB
25 KB 34ms
31ms Image
image/jpeg 51.210.112.129
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/qWTZj4J/dingo.jpg
Requested by: Host: vipvoy.activeboard.com
URL: https://vipvoy.activeboard.com/?afsrc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.210.112.129 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: 41a52b3a16397aa23bebbd5ef086972b1c4f006994b400922514f8425dd8e553

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:29:13 GMT
last-modified: Thu, 16 Jan 2020 22:21:42 GMT
server: nginx
status: 200
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 25470
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 forum_menu.js Show response
vipvoy.activeboard.com/js/ 4 KB
4 KB 181ms
180ms Script
application/javascript 64.34.33.201
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://vipvoy.activeboard.com/js/forum_menu.js?v=1337
Requested by: Host: vipvoy.activeboard.com
URL: https://vipvoy.activeboard.com/?afsrc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.34.33.201 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: forum.sparklit.com
Software: nginx /
Resource Hash: 7383bae6454045a5eb9b1b5c8665baa7b20c9809178ce0f7a2eea6c03b533aa9

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:29:13 GMT
last-modified: Tue, 19 Mar 2013 21:18:22 GMT
server: nginx
etag: "5148d61e-e0d"
content-type: application/javascript
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3597
expires: Tue, 09 Nov 2021 07:29:13 GMT

GET
H2 200 Classic_topic.gif
www.sparklit.com/secure/image/emoticons/ 267 B
441 B 882ms
178ms Image
image/gif 64.34.33.207
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sparklit.com/secure/image/emoticons/Classic_topic.gif
Requested by: Host: vipvoy.activeboard.com
URL: https://vipvoy.activeboard.com/?afsrc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.34.33.207 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: sparklit.com
Software: nginx /
Resource Hash: 0e3baa7a5f86a7defe23d1b298a65959f948918741e41ae11749634ff4f3ae3e

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:29:14 GMT
last-modified: Thu, 18 Aug 2005 18:16:45 GMT
server: nginx
etag: "4304d08d-10b"
content-type: image/gif
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 267
expires: Wed, 09 Dec 2020 07:29:14 GMT

GET
H2 200 1xc-kfc-bitcoins.jpg
i.ibb.co/Gs44R0k/ 62 KB
63 KB 198ms
196ms Image
image/jpeg 51.210.112.129
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/Gs44R0k/1xc-kfc-bitcoins.jpg
Requested by: Host: vipvoy.activeboard.com
URL: https://vipvoy.activeboard.com/?afsrc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.210.112.129 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: 0c6d2023f575508c2988fb02f8ae4cf6b842954e26642e0c251d88e502e69997

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:29:13 GMT
last-modified: Wed, 26 Feb 2020 21:30:32 GMT
server: nginx
status: 200
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 63836
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 twitter.png
www.sparklit.com/secure/image/forum/promoButtons/ 1 KB
1 KB 882ms
178ms Image
image/png 64.34.33.207
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sparklit.com/secure/image/forum/promoButtons/twitter.png
Requested by: Host: vipvoy.activeboard.com
URL: https://vipvoy.activeboard.com/?afsrc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.34.33.207 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: sparklit.com
Software: nginx /
Resource Hash: b78c856c883d5a65c3d90109705f763b5e58804a47148a44978f95c82881bf1e

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:29:14 GMT
last-modified: Thu, 04 Aug 2011 22:35:52 GMT
server: nginx
etag: "4e3b1ec8-4c6"
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1222
expires: Wed, 09 Dec 2020 07:29:14 GMT

GET
H2 200 digg.png
www.sparklit.com/secure/image/forum/promoButtons/ 955 B
1 KB 1042ms
338ms Image
image/png 64.34.33.207
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sparklit.com/secure/image/forum/promoButtons/digg.png
Requested by: Host: vipvoy.activeboard.com
URL: https://vipvoy.activeboard.com/?afsrc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.34.33.207 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: sparklit.com
Software: nginx /
Resource Hash: ed57e9ddc6e45d56e03857240e6cf0f8064d6488e2d116f624636ec4a1035133

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:29:14 GMT
last-modified: Thu, 04 Aug 2011 22:35:52 GMT
server: nginx
etag: "4e3b1ec8-3bb"
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 955
expires: Wed, 09 Dec 2020 07:29:14 GMT

GET
H2 200 delicious.png
www.sparklit.com/secure/image/forum/promoButtons/ 595 B
768 B 1042ms
338ms Image
image/png 64.34.33.207
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sparklit.com/secure/image/forum/promoButtons/delicious.png
Requested by: Host: vipvoy.activeboard.com
URL: https://vipvoy.activeboard.com/?afsrc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.34.33.207 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: sparklit.com
Software: nginx /
Resource Hash: e5c042325f55650b11a7c5fce30d4ee5dc1c8a28cd71a1127c6291c37f78a5b2

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:29:14 GMT
last-modified: Thu, 04 Aug 2011 22:35:52 GMT
server: nginx
etag: "4e3b1ec8-253"
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 595
expires: Wed, 09 Dec 2020 07:29:14 GMT

GET
H2 200 rsslogo.png
www.sparklit.com/secure/image/forum/ 2 KB
2 KB 1041ms
337ms Image
image/png 64.34.33.207
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sparklit.com/secure/image/forum/rsslogo.png
Requested by: Host: vipvoy.activeboard.com
URL: https://vipvoy.activeboard.com/?afsrc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.34.33.207 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: sparklit.com
Software: nginx /
Resource Hash: ba7fc09c67f4dc9260cb5027a15b2069d36bce24a94946fb9d1e428ecc2a3e73

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:29:14 GMT
last-modified: Tue, 29 Jan 2008 20:25:44 GMT
server: nginx
etag: "479f8bc8-7eb"
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2027
expires: Wed, 09 Dec 2020 07:29:14 GMT

GET
H2 200 Classic_new.gif
www.sparklit.com/secure/image/emoticons/ 346 B
519 B 882ms
178ms Image
image/gif 64.34.33.207
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sparklit.com/secure/image/emoticons/Classic_new.gif
Requested by: Host: vipvoy.activeboard.com
URL: https://vipvoy.activeboard.com/?afsrc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.34.33.207 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: sparklit.com
Software: nginx /
Resource Hash: 85e435412275fd0a2a0b32f865976a2e6109451358c50b2b43a6272b333db099

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:29:14 GMT
last-modified: Thu, 18 Aug 2005 18:16:45 GMT
server: nginx
etag: "4304d08d-15a"
content-type: image/gif
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 346
expires: Wed, 09 Dec 2020 07:29:14 GMT

GET
H2 200 vle-6xM0Vx5.png
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ 348 B
589 B 9ms
6ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/vle-6xM0Vx5.png

Requested by

Host: vipvoy.activeboard.com
URL: https://vipvoy.activeboard.com/?afsrc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

26bef37d2a52601e3a49e3803d110f79b665e0c0d9ceb70684b035495cfe8788

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: dheDR1d9myiQnJAGRsZ78/hD3486qPsGzk9ZbW+nhKc8D7mNcH2q2IABkTWiyjMUUc2SfHaSjm7eCsxpfEXp8A==
x-fb-trip-id: 664085054
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: S3H7L5pGoRPbo5I7AoZAFQ==
date: Mon, 09 Nov 2020 07:29:13 GMT
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 348
expires: Sun, 07 Nov 2021 08:12:30 GMT

GET
H2 200 indicator_big.gif
www.sparklit.com/secure/image/universal/ 7 KB
7 KB 181ms
180ms Image
image/gif 64.34.33.207
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sparklit.com/secure/image/universal/indicator_big.gif
Requested by: Host: vipvoy.activeboard.com
URL: https://vipvoy.activeboard.com/?afsrc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.34.33.207 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: sparklit.com
Software: nginx /
Resource Hash: 8f56314992a04cf69fc4eed4041ab7947451cde29ca6c3542db0164d3af14291

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:29:14 GMT
last-modified: Wed, 08 Nov 2006 03:15:13 GMT
server: nginx
etag: "45514bc1-1a5c"
content-type: image/gif
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6748
expires: Wed, 09 Dec 2020 07:29:14 GMT

GET
H2 200 AHNFF9E2KeQ.png
static.xx.fbcdn.net/rsrc.php/v3/yj/r/ 386 B
573 B 6ms
6ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/AHNFF9E2KeQ.png

Requested by

Host: vipvoy.activeboard.com
URL: https://vipvoy.activeboard.com/?afsrc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8ad20208ca746a1eb6953e85727ad4879908a355c40c3583860f6a638f0dadd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: TNfZ/DZS8wQ958oFM97O7kvqdL/HWhxwvi8t8mNScHTX18e+chCfmydTzC7hwkwbmr2oL2ekMbRMDbYoi2XoXg==
x-fb-trip-id: 664085054
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: rwISvhkp/9F3dXrD57n+Jg==
date: Mon, 09 Nov 2020 07:29:13 GMT
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 386
expires: Sun, 07 Nov 2021 06:46:03 GMT

GET
H2 200 forum_monitor.js Show response
www.activeboard.com/js/ 6 KB
2 KB 885ms
179ms Script
application/javascript 64.34.33.210
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.activeboard.com/js/forum_monitor.js?v=MTM0MA==
Requested by: Host: vipvoy.activeboard.com
URL: https://vipvoy.activeboard.com/?afsrc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.34.33.210 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: blogbaker.com
Software: nginx /
Resource Hash: e3841fcb65134b4d6334c4e61ba83ca57d59d0a37f726488a437b070aa60db1a

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:29:14 GMT
content-encoding: gzip
last-modified: Mon, 10 Jul 2017 18:30:29 GMT
server: nginx
etag: W/"5963c7c5-18d8"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
expires: Tue, 09 Nov 2021 07:29:14 GMT

GET
H2 200 activeLogo.gif
www.sparklit.com/secure/image/forum/ 7 KB
7 KB 325ms
324ms Image
image/gif 64.34.33.207
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sparklit.com/secure/image/forum/activeLogo.gif
Requested by: Host: vipvoy.activeboard.com
URL: https://vipvoy.activeboard.com/?afsrc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.34.33.207 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: sparklit.com
Software: nginx /
Resource Hash: 29902192f7770e6bb446cf7cae5ed7e3bebd07dd5842cda79a5ff9982f84807a

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:29:14 GMT
last-modified: Thu, 26 Apr 2007 21:04:45 GMT
server: nginx
etag: "463113ed-1a16"
content-type: image/gif
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6678
expires: Wed, 09 Dec 2020 07:29:14 GMT

GET
H2 200 app-costco.js Show response
servedbyadbutler.com/ 63 KB
12 KB 143ms
32ms Script
application/javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/app-costco.js
Requested by: Host: vipvoy.activeboard.com
URL: https://vipvoy.activeboard.com/?afsrc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 692c359546a70be539116dc4dd6d936d7f5e5d3fb4536c05a0bc59f496a3bb36

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:29:13 GMT
content-encoding: gzip
last-modified: Mon, 02 Nov 2020 17:25:19 GMT
server: nginx
etag: W/"5fa040ff-fb3f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
expires: Tue, 09 Nov 2021 07:29:13 GMT

GET
H2 200 ;ID=142519;size=728x90;setID=68329;type=async;domid=placement_68329_0;place=0;pid=5181550;sw=1600;sh=1200;spr=1;rnd=5181550;referrer=https%3A%2F%2Fvipvoy.activeboard.com%2F%3Fafsrc%3D1;click=CLICK_... Show response
servedbyadbutler.com/adserve-beta/ 1 KB
1 KB 166ms
37ms XHR
application/x-javascript 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve-beta/;ID=142519;size=728x90;setID=68329;type=async;domid=placement_68329_0;place=0;pid=5181550;sw=1600;sh=1200;spr=1;rnd=5181550;referrer=https%3A%2F%2Fvipvoy.activeboard.com%2F%3Fafsrc%3D1;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app-costco.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 0051a14418e54b14db26833ab3574fec47c116f1031ac44a311f488d06baa3c7

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Nov 2020 07:29:13 GMT
server: nginx
status: 200
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://vipvoy.activeboard.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/x-javascript
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: vipvoy.activeboard.com
URL: https://vipvoy.activeboard.com/?afsrc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

685d5578742091765009658f7eedfe3ef9b4fe7ee986b425d8410b0722011486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 0B5H25hoSuynQQbJLeNBbQ==
status: 200
cross-origin-resource-policy: cross-origin
content-length: 1781
etag: "ec811ab0cb148ff745bcd4bafca083d5"
x-fb-debug: 0mPbnB7KEuMJU2oxSEdCkFCAhSHyeMOz896FlItLgJm9CJZpij/CZzjme7Bx6RhcpWLLifVEUIFQDETABrV+9g==
x-fb-trip-id: 664085054
x-fb-content-md5: 37f083b7112a8e6572ac647929e04381
x-frame-options: DENY
date: Mon, 09 Nov 2020 07:29:13 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 09 Nov 2020 07:33:27 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 49 KB
20 KB 49ms
30ms Script
application/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: vipvoy.activeboard.com
URL: https://vipvoy.activeboard.com/?afsrc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f83ec4847f74e502cf7cb88387326d770877897b977619c93327fc99b244bbd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3mJaJkxoFP7Dq3aMfMqhEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:29:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "3e801f1b1d67e6ea720d7c6a799ff679"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-3mJaJkxoFP7Dq3aMfMqhEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Mon, 09 Nov 2020 07:29:13 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 188 KB
57 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=7440da09e05638147c69129e91a6c223&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbc7a8ca893d3d0bbda61e96ee3f18e76bae218c8d2c2ad2e3c54ee8a200270b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://vipvoy.activeboard.com
Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 8IltkLi957I5oroHAnWZrA==
status: 200
cross-origin-resource-policy: cross-origin
content-length: 57666
etag: "b778c3a39bacec693a4104e5c47c10bc"
x-fb-debug: UPEcnfSeHKwyZqgOpv7D9tFklg9gCil/tIb8Rjv4CqzVhVZfOzFXatJyO8VqswiWXdmVMz7jKhO17vML+p0cZg==
x-fb-trip-id: 664085054
x-fb-content-md5: 8926712d1cad207ded5794e445c5d159
x-frame-options: DENY
date: Mon, 09 Nov 2020 07:29:13 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Tue, 09 Nov 2021 06:15:19 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/ 138 KB
49 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e534be2c89e1f740aa5e337494a1c35fa2de8fa8d4d8e4748f403c167e83141

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 22:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 17:38:50 GMT
server: sffe
age: 551651
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49481
x-xss-protection: 0
expires: Tue, 02 Nov 2021 22:15:02 GMT

GET
H3-Q050 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/ 97 KB
34 KB 37ms
26ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d2a0acc80b1b085951857bfa79bb54bef1f83f05ff5c5be1cbcad59cb838f82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 22:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 17:38:50 GMT
server: sffe
age: 551631
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34293
x-xss-protection: 0
expires: Tue, 02 Nov 2021 22:15:22 GMT

GET
H3-Q050 404 fastbutton
apis.google.com/se/0/_/+1/ Frame B1E4 0
0 42ms
41ms Document
text/html 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=false&origin=https%3A%2F%2Fvipvoy.activeboard.com&url=https%3A%2F%2Fvipvoy.activeboard.com%2F%3Fafsrc%3D1&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XHuWsPdZtNStMHt1jGLdoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&count=false&origin=https%3A%2F%2Fvipvoy.activeboard.com&url=https%3A%2F%2Fvipvoy.activeboard.com%2F%3Fafsrc%3D1&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vipvoy.activeboard.com/?afsrc=1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=204=OONs_4F0H3o74Gf67HeR-EouhFdT_IuY-W-9EsayMPZI3CMNKQcA1Dws96XWR09LqwvuZwl-A_ohDtLlFmtp_gWyU8to-elSq5Soavkl98QyqH8kmLW1-UzRhVk4JL06lEU9CDW5dlMmCSuZ2j__jUXPAwtMvuJehthjQ0Ugao8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://vipvoy.activeboard.com/?afsrc=1

Response headers

status: 404
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 09 Nov 2020 07:29:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-XHuWsPdZtNStMHt1jGLdoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame A80E 0
0 35ms
16ms Document
text/html 2a00:1450:4001:800::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fvipvoy.activeboard.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qKVR5bM09UTsxDPHnsTgAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fvipvoy.activeboard.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vipvoy.activeboard.com/?afsrc=1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=204=OONs_4F0H3o74Gf67HeR-EouhFdT_IuY-W-9EsayMPZI3CMNKQcA1Dws96XWR09LqwvuZwl-A_ohDtLlFmtp_gWyU8to-elSq5Soavkl98QyqH8kmLW1-UzRhVk4JL06lEU9CDW5dlMmCSuZ2j__jUXPAwtMvuJehthjQ0Ugao8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://vipvoy.activeboard.com/?afsrc=1

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 09 Nov 2020 07:29:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-qKVR5bM09UTsxDPHnsTgAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ;MID=142519;type=eligibleimpression;placementID=769430;setID=68329;channelID=0;CID=0;BID=519574799;TAID=0;place=0;mt=1604906953856727;hc=ac2425e0e6a8bb30f8c5b4e02590e76fbe2065d0 Show response
servedbyadbutler.com/adserve-beta/ 0
318 B 39ms
38ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve-beta/;MID=142519;type=eligibleimpression;placementID=769430;setID=68329;channelID=0;CID=0;BID=519574799;TAID=0;place=0;mt=1604906953856727;hc=ac2425e0e6a8bb30f8c5b4e02590e76fbe2065d0
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app-costco.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Nov 2020 07:29:13 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://vipvoy.activeboard.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;libID=500630
servedbyadbutler.com/getad.img/ 32 KB
32 KB 36ms
35ms Image
image/png 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedbyadbutler.com/getad.img/;libID=500630
Requested by: Host: vipvoy.activeboard.com
URL: https://vipvoy.activeboard.com/?afsrc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 41291611b7fa87a59bbea99372940b126d9ffc51f59eab0e216e8a95159b6c29

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:29:13 GMT
last-modified: Thu, 14 Mar 2019 18:29:30 GMT
server: nginx
etag: "5c8a9d8a-7e38"
content-type: image/png
status: 200
cache-control: max-age=31536000
content-disposition: inline; filename="728X90-support.png"
accept-ranges: bytes
content-length: 32312
expires: Mon, 08 Nov 2021 23:29:13 PST

GET
H2 200 ab_monitor Show response
www.activeboard.com/ 379 B
275 B 182ms
182ms Script
text/javascript 64.34.33.210
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.activeboard.com/ab_monitor?aBID=125240&t=1604906954415
Requested by: Host: www.activeboard.com
URL: https://www.activeboard.com/js/forum_monitor.js?v=MTM0MA==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.34.33.210 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: blogbaker.com
Software: nginx /
Resource Hash: c17b9a908ca6353a89a04f94929695975439f2bec0c3dd19f38880e5bbdcac97

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 09 Nov 2020 07:29:14 GMT
content-encoding: gzip
server: nginx
content-length: 191
content-type: text/javascript

GET
H2

200

vglnk.js Show response
cdn.viglink.com/api/
Redirect Chain

https://api.viglink.com/api/vglnk.js
https://cdn.viglink.com/api/vglnk.js

81 KB
29 KB

40ms
21ms

Script
text/javascript

2606:4700::6810:a40d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viglink.com/api/vglnk.js
Requested by: Host: vipvoy.activeboard.com
URL: https://vipvoy.activeboard.com/?afsrc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 118fed840f0d7aaf66cb448e951f0b3c8489616f835166043bbec657f763bc8c

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 181560
cf-ray: 5ef5d2539c1bc26d-FRA
status: 200
content-length: 28810
x-amz-id-2: mW+PQlwqQrGVY2Ip6dlQ87eTgjFZhQMaJP7vI319eCxfokfCBO53Ig+APjeseNBptaORwObelDQ=
last-modified: Thu, 15 Oct 2020 17:09:30 GMT
server: cloudflare
etag: "897869e3371e20a8c2b6604b59c03bdc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 6EA0E681AA2D73E9
cache-control: public, max-age=1800
cf-request-id: 064d81c8400000c26d84a98000000001
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 09 Nov 2020 07:59:14 GMT

Redirect headers

Location: https://cdn.viglink.com/api/vglnk.js
Connection: keep-alive
Content-Length: 0

GET
H2 200 share_button.php
www.facebook.com/plugins/ Frame 4FD5 0
0 78ms
66ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1375658727608c%26domain%3Dvipvoy.activeboard.com%26origin%3Dhttps%253A%252F%252Fvipvoy.activeboard.com%252Ff3a4379341664dc%26relation%3Dparent.parent&container_width=156&href=https%3A%2F%2Fvipvoy.activeboard.com%2F%3Fafsrc%3D1&locale=en_US&sdk=joey&type=button

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=7440da09e05638147c69129e91a6c223&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1375658727608c%26domain%3Dvipvoy.activeboard.com%26origin%3Dhttps%253A%252F%252Fvipvoy.activeboard.com%252Ff3a4379341664dc%26relation%3Dparent.parent&container_width=156&href=https%3A%2F%2Fvipvoy.activeboard.com%2F%3Fafsrc%3D1&locale=en_US&sdk=joey&type=button
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vipvoy.activeboard.com/?afsrc=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://vipvoy.activeboard.com/?afsrc=1

Response headers

status: 200
vary: Accept-Encoding
pragma: no-cache
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: ayFlcru6vYwRxFDInAhu6tLLAu/ZWeSfiUJtrEneENm773kwZKkqPhXt11oIbkN4OZyw3A1RpfU4MSfDuoSMiA==
date: Mon, 09 Nov 2020 07:29:14 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
291 B 18ms
17ms Image
image/gif 2606:4700::6810:a40d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=1&rn=10.459701594769033
Requested by: Host: vipvoy.activeboard.com
URL: https://vipvoy.activeboard.com/?afsrc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:29:14 GMT
cf-cache-status: HIT
age: 2
cf-ray: 5ef5d253cc7fc26d-FRA
status: 200
content-length: 43
x-amz-id-2: nT0cBZIgERA7nSkPp4dxutFychUqCDs46jD+a6k8XDYvF4HfownZE08KRLdj2vcYPK1/F8Y8Lf4=
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 6372D9E1ABF428A8
cache-control: max-age=15, must-revalidate
cf-request-id: 064d81c8600000c26d98140000000001
accept-ranges: bytes
content-type: image/gif

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
129 B 24ms
23ms Image
image/gif 2606:4700::6810:a40d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=2&rn=10.459701594769033
Requested by: Host: vipvoy.activeboard.com
URL: https://vipvoy.activeboard.com/?afsrc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 07:29:14 GMT
cf-cache-status: HIT
age: 2
cf-ray: 5ef5d253cc82c26d-FRA
status: 200
content-length: 43
x-amz-id-2: nT0cBZIgERA7nSkPp4dxutFychUqCDs46jD+a6k8XDYvF4HfownZE08KRLdj2vcYPK1/F8Y8Lf4=
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 6372D9E1ABF428A8
cache-control: max-age=15, must-revalidate
cf-request-id: 064d81c8610000c26dc8143000000001
accept-ranges: bytes
content-type: image/gif

GET
H2 200 ;MID=142519;type=viewableimpression;placementID=769430;setID=68329;channelID=0;CID=0;BID=519574799;TAID=0;place=0;mt=1604906953856714;hc=af7f239b2db6985e29fc6920b1f76f9c746a5eba Show response
servedbyadbutler.com/adserve-beta/ 0
318 B 38ms
37ms XHR
text/html 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve-beta/;MID=142519;type=viewableimpression;placementID=769430;setID=68329;channelID=0;CID=0;BID=519574799;TAID=0;place=0;mt=1604906953856714;hc=af7f239b2db6985e29fc6920b1f76f9c746a5eba
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app-costco.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Nov 2020 07:29:14 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://vipvoy.activeboard.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 273 B
1006 B 54ms
54ms XHR
text/javascript 34.246.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/ping
Requested by: Host: api.viglink.com
URL: https://api.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.247.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-247-152.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 964d07149a94c3c1b49c68e2de4ca9b7429cbb612966d38915485539f82f0447

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 09 Nov 2020 07:29:15 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://vipvoy.activeboard.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 273
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.js Show response
api.viglink.com/api/ 0
307 B 50ms
50ms Script
text/plain 34.246.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/sync.js?key=07fb2a1f7863b1992bda53cccc658569
Requested by: Host: api.viglink.com
URL: https://api.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.247.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-247-152.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Nov 2020 07:29:15 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.gif
api.viglink.com/api/ 0
307 B 133ms
46ms Image
text/plain 34.246.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.viglink.com/api/sync.gif?key=07fb2a1f7863b1992bda53cccc658569
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.247.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-247-152.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Nov 2020 07:29:14 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 159 B
614 B 99ms
57ms XHR
text/javascript 34.246.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/domains
Requested by: Host: api.viglink.com
URL: https://api.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.247.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-247-152.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b3dec1baf4f7cba0656efe485f6d96391f63f1bc3e237f49147ea842fea6ada1

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 09 Nov 2020 07:29:15 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://vipvoy.activeboard.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 159
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 18:11:58	Name: NID Value: 204=OONs_4F0H3o74Gf67HeR-EouhFdT_IuY-W-9EsayMPZI3CMNKQcA1Dws96XWR09LqwvuZwl-A_ohDtLlFmtp_gWyU8to-elSq5Soavkl98QyqH8kmLW1-UzRhVk4JL06lEU9CDW5dlMmCSuZ2j__jUXPAwtMvuJehthjQ0Ugao8
.activeboard.com/	1970-01-19 13:48:27	Name: abIC125240 Value: 1
.activeboard.com/	1970-01-19 13:58:31	Name: abCookieTest Value: 1
.activeboard.com/	1970-01-19 22:34:02	Name: sparkKey Value: 9f38d1ab0a6fcfd0f21f9962dd962140a0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.viglink.com
apis.google.com
c.securepaths.com
cdn.jsdelivr.net
cdn.viglink.com
connect.facebook.net
cors-anywhere.herokuapp.com
i.ibb.co
manyhit.com
servedbyadbutler.com
speedflow.io
static.xx.fbcdn.net
traffdaq.com
vipvoy.activeboard.com
www.activeboard.com
www.facebook.com
www.sparklit.com
107.170.39.103
116.202.46.88
162.213.255.36
198.54.116.135
2606:4700::6810:a40d
2a00:1450:4001:800::200d
2a00:1450:4001:824::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::621
34.246.247.152
35.190.72.161
51.210.112.129
52.201.121.154
64.34.33.201
64.34.33.207
64.34.33.210
0051a14418e54b14db26833ab3574fec47c116f1031ac44a311f488d06baa3c7
0c6d2023f575508c2988fb02f8ae4cf6b842954e26642e0c251d88e502e69997
0e3baa7a5f86a7defe23d1b298a65959f948918741e41ae11749634ff4f3ae3e
118fed840f0d7aaf66cb448e951f0b3c8489616f835166043bbec657f763bc8c
1dae58c9f21daeef53af34972a9c20ef707c6118ebd3d5cc45106e806cc99aac
1e534be2c89e1f740aa5e337494a1c35fa2de8fa8d4d8e4748f403c167e83141
26bef37d2a52601e3a49e3803d110f79b665e0c0d9ceb70684b035495cfe8788
29902192f7770e6bb446cf7cae5ed7e3bebd07dd5842cda79a5ff9982f84807a
41291611b7fa87a59bbea99372940b126d9ffc51f59eab0e216e8a95159b6c29
41a52b3a16397aa23bebbd5ef086972b1c4f006994b400922514f8425dd8e553
44feb9bffde8d8b76b7e18c9837e4a8b6eedd91073558afd5d76734d9ebe096d
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
611412ee7618130c34e66d16321fc855fd54e937f2538dc969eb50a515ea2c7b
685d5578742091765009658f7eedfe3ef9b4fe7ee986b425d8410b0722011486
687db827725b0f7a0f2d7c7d3f3001f047837cea35d949d254bdbf2d539541b5
692c359546a70be539116dc4dd6d936d7f5e5d3fb4536c05a0bc59f496a3bb36
7383bae6454045a5eb9b1b5c8665baa7b20c9809178ce0f7a2eea6c03b533aa9
7d2a0acc80b1b085951857bfa79bb54bef1f83f05ff5c5be1cbcad59cb838f82
7f08d9497a20997a4a0f85d41094512a356efc1700367ab9cd9bf3fc872d6c60
85e435412275fd0a2a0b32f865976a2e6109451358c50b2b43a6272b333db099
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ad20208ca746a1eb6953e85727ad4879908a355c40c3583860f6a638f0dadd5
8f56314992a04cf69fc4eed4041ab7947451cde29ca6c3542db0164d3af14291
8f83ec4847f74e502cf7cb88387326d770877897b977619c93327fc99b244bbd
964d07149a94c3c1b49c68e2de4ca9b7429cbb612966d38915485539f82f0447
b3dec1baf4f7cba0656efe485f6d96391f63f1bc3e237f49147ea842fea6ada1
b78c856c883d5a65c3d90109705f763b5e58804a47148a44978f95c82881bf1e
ba7fc09c67f4dc9260cb5027a15b2069d36bce24a94946fb9d1e428ecc2a3e73
c0fe04a52e14753f5ee9e4ea915574be119812fee34dd5fe38033a5095991b7e
c17b9a908ca6353a89a04f94929695975439f2bec0c3dd19f38880e5bbdcac97
dbc7a8ca893d3d0bbda61e96ee3f18e76bae218c8d2c2ad2e3c54ee8a200270b
df8b6ec4796cf5ecf339f8ef8bada3dec41efcac20e2081afd7c57020d16db52
e3841fcb65134b4d6334c4e61ba83ca57d59d0a37f726488a437b070aa60db1a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c042325f55650b11a7c5fce30d4ee5dc1c8a28cd71a1127c6291c37f78a5b2
ec816d8701237966890fce34eaef2256ecd262a32f97a2911fd20776bdbd7fa1
ed57e9ddc6e45d56e03857240e6cf0f8064d6488e2d116f624636ec4a1035133

vipvoy.activeboard.com Open in urlscan Pro 64.34.33.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

96 %HTTPS

35 %IPv6

15 Domains

18 Subdomains

17 IPs

6 Countries

424 kBTransfer

979 kBSize

4 Cookies

35 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vipvoy.activeboard.com Open in urlscan Pro
64.34.33.201 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

96 %
HTTPS

35 %
IPv6

15
Domains

18
Subdomains

17
IPs

6
Countries

424 kB
Transfer

979 kB
Size

4
Cookies

49 HTTP transactions
0 data transactions