wwwdailyforex.com Open in urlscan Pro
209.126.127.231 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://speedflow.io/adult/?a=rr
Effective URL:
http://wwwdailyforex.com/
Submission Tags: demotag1 demotag2 Search All
Submission: On November 08 via api (November 8th 2020, 2:24:25 am UTC) from US

Summary HTTP 76 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 26 domains to perform 76 HTTP transactions. The main IP is 209.126.127.231, located in St Louis, United States and belongs to AS-30083-GO-DADDY-COM-LLC, US. The main domain is wwwdailyforex.com.

This is the only time wwwdailyforex.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	198.54.116.135 198.54.116.135	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	95.211.229.247 95.211.229.247	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	162.213.255.36 162.213.255.36	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 4	107.170.39.103 107.170.39.103	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	35.190.72.161 35.190.72.161	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
19	2606:4700:303... 2606:4700:3038::6815:eae2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	139.45.195.107 139.45.195.107	9002 (RETN-AS) (RETN-AS)
5	139.45.195.38 139.45.195.38	9002 (RETN-AS) (RETN-AS)
2	13.226.156.18 13.226.156.18	16509 (AMAZON-02) (AMAZON-02)
6	139.45.196.211 139.45.196.211	9002 (RETN-AS) (RETN-AS)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
6	13.35.43.34 13.35.43.34	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.75 143.204.215.75	16509 (AMAZON-02) (AMAZON-02)
4	209.126.103.59 209.126.103.59	30083 (AS-30083-...) (AS-30083-GO-DADDY-COM-LLC)
1	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:97b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.195.162 139.45.195.162	9002 (RETN-AS) (RETN-AS)
5	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE)
1	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
2	209.126.127.231 209.126.127.231	30083 (AS-30083-...) (AS-30083-GO-DADDY-COM-LLC)
76	24

1 198.54.116.135 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server193-5.web-hosting.com

speedflow.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

a.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.229.247 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.213.255.36 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server145-4.web-hosting.com

manyhit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.170.39.103 (New York, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

traffdaq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.161 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com

c.securepaths.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:3038::6815:eae2 (United States)

ASN13335 (CLOUDFLARENET, US)

adyou.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.107 (Ascension Island)

ASN9002 (RETN-AS, EU)

go.oclasrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.195.38 (Ascension Island)

ASN9002 (RETN-AS, EU)

tharbadir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.156.18 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-18.dus51.r.cloudfront.net

d3t5ngjixpjdho.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.196.211 (Ascension Island)

ASN9002 (RETN-AS, EU)

pushnevis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.35.43.34 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-43-34.mxp64.r.cloudfront.net

ncediscou.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.75 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-75.fra53.r.cloudfront.net

ncorports.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.126.103.59 (St Louis, United States)

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: condor2630.startdedicated.com

7lstw4cd.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hashtag.cdncontentdelivery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:97b (United States)

ASN13335 (CLOUDFLARENET, US)

static.lalaping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.162 (Ascension Island)

ASN9002 (RETN-AS, EU)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.254 (Ascension Island)

ASN9002 (RETN-AS, EU)

o.wowreality.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.126.127.231 (St Louis, United States)

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: condor2543.startdedicated.com

securecontentssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wwwdailyforex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	adyou.me adyou.me	117 KB
6	ncediscou.fun ncediscou.fun	818 B
6	google-analytics.com www.google-analytics.com	55 KB
6	pushnevis.com pushnevis.com	87 KB
5	google.com www.google.com	36 KB
5	tharbadir.com tharbadir.com	124 KB
4	traffdaq.com 1 redirects traffdaq.com	4 KB
3	7lstw4cd.top 7lstw4cd.top	3 KB
2	cloudfront.net d3t5ngjixpjdho.cloudfront.net	113 KB
2	oclasrv.com go.oclasrv.com	22 KB
2	realsrv.com a.realsrv.com syndication.realsrv.com	1 KB
1	wwwdailyforex.com wwwdailyforex.com	393 B
1	securecontentssl.com securecontentssl.com	325 B
1	wowreality.info o.wowreality.info	441 B
1	cdncontentdelivery.com hashtag.cdncontentdelivery.com	407 B
1	rtmark.net my.rtmark.net	765 B
1	lalaping.com static.lalaping.com	33 KB
1	googleapis.com ajax.googleapis.com	33 KB
1	ncorports.top ncorports.top	502 B
1	cloudflare.com ajax.cloudflare.com	4 KB
1	jsdelivr.net cdn.jsdelivr.net	10 KB
1	securepaths.com c.securepaths.com
1	manyhit.com manyhit.com
1	speedflow.io speedflow.io	1 KB
0	defiy.io Failed defiy.io Failed
0	boudja.com Failed boudja.com Failed
76	26

	Domain	Requested by
19	adyou.me	traffdaq.com adyou.me ajax.cloudflare.com
6	ncediscou.fun	d3t5ngjixpjdho.cloudfront.net
6	www.google-analytics.com	adyou.me www.google-analytics.com speedflow.io
6	pushnevis.com	adyou.me pushnevis.com speedflow.io
5	www.google.com	adyou.me
5	tharbadir.com	adyou.me tharbadir.com
4	traffdaq.com	1 redirects speedflow.io traffdaq.com
3	7lstw4cd.top	ajax.cloudflare.com
2	d3t5ngjixpjdho.cloudfront.net	adyou.me
2	go.oclasrv.com	adyou.me go.oclasrv.com
1	wwwdailyforex.com
1	securecontentssl.com	7lstw4cd.top
1	o.wowreality.info	static.lalaping.com
1	hashtag.cdncontentdelivery.com	7lstw4cd.top
1	my.rtmark.net	speedflow.io
1	static.lalaping.com	tharbadir.com
1	ajax.googleapis.com	ajax.cloudflare.com
1	ncorports.top	adyou.me
1	ajax.cloudflare.com	adyou.me
1	cdn.jsdelivr.net	traffdaq.com
1	c.securepaths.com	traffdaq.com
1	manyhit.com	speedflow.io
1	syndication.realsrv.com	a.realsrv.com
1	a.realsrv.com	speedflow.io
1	speedflow.io
0	defiy.io Failed
0	boudja.com Failed	adyou.me
76	27

This site contains no links.

Subject Issuer	Validity	Valid
realsrv.com Let's Encrypt Authority X3	`2020-10-26` - `2021-01-24`	3 months	crt.sh
traffdaq.com Let's Encrypt Authority X3	`2020-10-31` - `2021-01-29`	3 months	crt.sh
*.securepaths.com Let's Encrypt Authority X3	`2020-09-22` - `2020-12-21`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
ncediscou.fun Amazon	`2020-10-22` - `2021-11-20`	a year	crt.sh
pushnevis.com Let's Encrypt Authority X3	`2020-10-24` - `2021-01-22`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
securecontentssl.com Let's Encrypt Authority X3	`2020-10-09` - `2021-01-07`	3 months	crt.sh

This page contains 8 frames:

Frame: http://defiy.io/?clickid=7b36220a-2169-11eb-a912-12a2fa295bab
Frame ID: DAD604E4F4960F8EDB4D2447A29BA16B
Requests: 66 HTTP requests in this frame

Frame: http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604802241591&sub=&tags=&screen_resolution=1600x1200&el=%22
Frame ID: AE8A5F860A87F6AFF7A7AEFFE39DDB19
Requests: 1 HTTP requests in this frame

Frame: http://manyhit.com/autosurf_if.php?user=speedflow
Frame ID: A817F3BDE460E6C660665B374718001A
Requests: 1 HTTP requests in this frame

Frame: http://ncediscou.fun/WjIxU0M7UFI+fDsPU3U2KF4MdnEcFwMVJ2lGBD0kMFtJIyk+Wl59IDZdRDclKF1fJ200V0V2cRxzU2EVM3xaYw4ZVUkCIDJBfBEkLgRnYhkNcF9iCR5KdwkKIgtoHQs9U3AHBQtnaSQuGFhVZiUiRVgXKxsHdwIFPHADIAcYc0kBIB9ZcBcFDEVpOA4eZ1hqEA9nYxATC3N+C3I9BHY7DhFqcgIgH1p4AgwbB2gXcjEBczQoFWQDOycTA1IKJQ9CaQYrblV1NBoWZXU4AhxVXgclMwNwBgIDWXABBhJlXDsnDGMICw8xQmkGLzEXAxEQNlZiBy4yVmcFbhd1dD92CGJgHSgJXlUAFSACVxASPnB6EnMVcQEZLAJhfwsBAkJzBS8LZldiehRxZ2d2G1VdGwEbB3oFchBTexISG2BGAXoZc3ARGwl4dgIFG3V9NCACdmcgLAleUjgHNAdzBRYtcVcVeg1mcBF7CV5VABEJRXsRARhUUBVzMGRGBXULZGsGBh5aYgYSAGdUPyAfZ2BqZmh0aRUaHnN5JxQCZGMHJRxRcxICABcDERsbdFARG2NXcGIwfFhCPC0qD2cdFDRmAzRyE1FkHHEpdV0
Frame ID: D9CA29BC542586D734442306CD1B848B
Requests: 1 HTTP requests in this frame

Frame: http://ncediscou.fun/WFhUZWU5OjcIWjllNkMQKjRpQFcefWYjAWssYQsCMjEsFQ88MDtLBjQ3IQEDKjc6EUs2PSBAVx43MAg/ERUDKDMbCw49PRkRBCkkIDoGMydhGQIzNBwcIAAhCQI2NTAwCxAfEhUCFR0qHTIeVSFpGQcoCQ49BlUkMw0VVTcPamEwIQoONgA3OxsRAjdpGgEwIRprAgYhGS8ELyNoGwFUNBcaEVQiCWs7JzYgKxwuVD8WFQIObw8BPyMSH2QhMCBgHTUjCQgBVDdsABUsMwlrOychGQ4QAAIdOgFUN2wZEigVDmssEDM0YRAAAh0bFg08Mw4WNDEaG3krPB5pGjAhPwoFNDAwbxZVPx0OOScEGy8dKS8aCgYrMBZuFTRdPhwHVTANDQ0nKQ4RHSIwYSwVVCgOHD4VABwwGiEANjw2NzAwbBxUARAOOhYDDg0wIQA/HQUjEhkoBRIVDA4VUSANHRIsAC88EiRULGACNCMaAD0OJg8zBjMAaRoCNCNhLxYSPxAAPR0xDWgCMykZNAU3IzstFyRDMis7CxVlLS1UHAIcAQpdLCIRCQ
Frame ID: D47C5FD42EF70A9CA2AB48AC80DA1AC9
Requests: 1 HTTP requests in this frame

Frame: http://ncediscou.fun/eGFwSksZAxMndBlcEmw+Cg1Nb3k+REIML0sVRSQsEggIOiEcCR9kKBQOBS4tCg4ePmUWBARveT4wPgwBFDY0BBMoMANveTolNQt8OTYlBglKMyErCiEyPwgSSzklGD01JUQGEkoCFAd5FFQpHwYLMiYIPS4pRSwdLBYzEBkuMyALERQgGAMxOTUfBQowMCIBDQAHEj04DjMbA308GzYLGgErNAYdMSsgPSQRNhwtbkojMgJ7OgIdLgcZIykNEhNRQR8nG1YzMzMbMwo6ChlSNRgSPjQIEh45UjMSezojNHIONxkpDRIfDgIMLCIIOBJ7OiM3BB06FjkLDy5MMjINHzsZCAgQJScOKCsxJgwtNxk2cwogKx4cJkAFMngZOQAXByg3MEA5ExQJQxwzCzYyJwIyLCYiGRxQFCUdPiQIDiEbADUdCS4uQT4MKDAXcw0fOCUSHAsFMgIzKgAhBwMeJz46DR87GQwhFDcmGQo1ByEMMiJQKjwDKQUbGzJILjEOEjADBz4dITcIOwo5AgofeUwqNA0aOQAhPho1JyY4Cj4jARwmFyIlJzheCwMlJQhcJSxzL1QIIRE1Ug
Frame ID: BA43CFB751948F1ABB7CC47BDCEC348D
Requests: 1 HTTP requests in this frame

Frame: http://ncediscou.fun/ZnhvYTQHGgwMCwdFDUdBFBRSRAYgXV0nUFUMWg9TDBEXEV4CEABPVwoXGgVSFBcBFRoIHRtEBiAbDFBtHCkCUWUpLl8KYQEbSlNyMEtWAGdULScCWB4uPyR1EjkYL0Y3AAwFfCRBPSJOCQolJ1gNPz4KTSIWIS18HBwLK2IkLiJQBA4tKitDMxE2MWALMTkvXFYbPzAAVTkXAk4wKxwlcgwxOS9DHjcgUENSOi1ZAjMVCwd6MTULAl8OOjUJRxA8LSARVD43NW0lOStVYwUrVjZuJzUdIEMFAjdTUAApFRVnLy0HI24KDxcycSAVPFNQACldAnAuLhcpdzdVNRNnIz4CNF4vHCcbeiMyGFltNkgLD2wcLgUgfDA8PiZ1MRspUFY2LhxTdSRBFSBlIDE+Nm4AMxg4YwUPKRh3DiFeNndXPTkMZSIxPjR2KS5bD2cjPT4iByA8PlJTLhteUHUDOTkbZyM+AjB3KzQqCGYHIl5ZBT8PLVBlVjoIJ2ACKUkLRwkWH1xEMwgAKFYvLzcTXg
Frame ID: C38CA67EDDB41620BE4790CB47FC8425
Requests: 1 HTTP requests in this frame

Frame: http://go.oclasrv.com/fac.php
Frame ID: 6F371E8A06E70CC88D1DD49EC6C51F52
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://speedflow.io/adult/?a=rr Page URL
http://traffdaq.com/delivery/dl/47382?category=general HTTP 301
https://traffdaq.com/delivery/dl/47382?category=general Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ilg4ZlBiV2xxaHczU2JoQlcwcHIyTlE9PSIsI... Page URL
http://adyou.me/pmFS Page URL
https://securecontentssl.com/?s=hxXH3wsX6mSqkNThdpNxvgPfQthTflRhwdvocPlX3aDyS2yh9GZ7V5CMLphM3yA8P5%2FME8R... Page URL
http://wwwdailyforex.com/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

76
Requests

32 %
HTTPS

35 %
IPv6

26
Domains

27
Subdomains

24
IPs

4
Countries

647 kB
Transfer

1819 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://speedflow.io/adult/?a=rr Page URL
http://traffdaq.com/delivery/dl/47382?category=general HTTP 301
https://traffdaq.com/delivery/dl/47382?category=general Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ilg4ZlBiV2xxaHczU2JoQlcwcHIyTlE9PSIsInZhbHVlIjoiUG42czhlNDhTOHZaYkp6UDZGTWg0ME5SNVhyNXd4am9YU1wvRDQzaDZpS0FWOFhHdGE3aGJQTzNYdEt6a0RHWTZFaTFPOWxudjVXaXIwM05vU2xqSU5nY1dxNUZjTjFGcytVcGk4cmFxS2gwOHJvcXlUXC9oQWl6Z3F2ZE5LMGZNYUhjZDlDYWhmbWxkbjRXMWRtV2pcL243aDZUXC9qaWo4WGQ3K2xHa2RpMnM1dU5DakFuRjFiRVFnTjBhQTg2Q1hiMlFhM1FsdWYwZDZqeDAxMStOQUt4WUdPRUNySkxRUGVJcW56SEpwVHBjQ0Z3UDl6clFsaHpiT0pra0ZTT0FWV2xqSzRESXZmbmhBWUs2cVRRVU1COWRvcHY3emVja09WR2xLTHFZcXJyQ2x3bVUxQ293MTJDTExvb0VwY0swZEIzIiwibWFjIjoiYmY4ODhmMGQxOTE1YzcwYWVjNTYxMTYwMWE5YWRhZDQ4MTMxMzQ3YmVjMDdlMzBlNTBhYzM4M2Y5MzljNGZkZCJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8 Page URL
http://adyou.me/pmFS Page URL
https://securecontentssl.com/?s=hxXH3wsX6mSqkNThdpNxvgPfQthTflRhwdvocPlX3aDyS2yh9GZ7V5CMLphM3yA8P5%2FME8Rsnm%2BXrX0%2FzmwSjw%3D%3D&src=YWR5b3UubWU%3D Page URL
http://wwwdailyforex.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://traffdaq.com/delivery/dl/47382?category=general HTTP 301
https://traffdaq.com/delivery/dl/47382?category=general

Request Chain 28

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 65

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 67

http://www.google-analytics.com/collect?v=1&_v=j87&a=2145224889&t=pageview&_s=2&dl=http%3A%2F%2Fadyou.me%2FpmFS&ul=en-us&de=UTF-8&dt=shortadd%20%3A%20trabaje%20desde%20casa%20totalmente%20real&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=1292429517.1604802247&tid=UA-80820254-1&_gid=1875487114.1604802247&z=63310903 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j87&a=2145224889&t=pageview&_s=2&dl=http%3A%2F%2Fadyou.me%2FpmFS&ul=en-us&de=UTF-8&dt=shortadd%20%3A%20trabaje%20desde%20casa%20totalmente%20real&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=1292429517.1604802247&tid=UA-80820254-1&_gid=1875487114.1604802247&z=63310903

Request Chain 70

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=804391910&utmhn=adyou.me&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=shortadd%20%3A%20trabaje%20desde%20casa%20totalmente%20real&utmhid=2145224889&utmr=-&utmp=%2FpmFS&utmht=1604802247640&utmac=UA-36368221-2&utmcc=__utma%3D207300675.1292429517.1604802247.1604802248.1604802248.1%3B%2B__utmz%3D207300675.1604802248.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=526030364&utmredir=1&utmu=qBAAAAACAAAAAAAAAAABAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=804391910&utmhn=adyou.me&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=shortadd%20%3A%20trabaje%20desde%20casa%20totalmente%20real&utmhid=2145224889&utmr=-&utmp=%2FpmFS&utmht=1604802247640&utmac=UA-36368221-2&utmcc=__utma%3D207300675.1292429517.1604802247.1604802248.1604802248.1%3B%2B__utmz%3D207300675.1604802248.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=526030364&utmredir=1&utmu=qBAAAAACAAAAAAAAAAABAAAE~

Request Chain 73

http://ortrun-adi.com/wwwdailyforex.com?adTagId=a40262c0-49a6-11ea-8c7f-0a71705c5345&fallbackUrl=http://defiy.io HTTP 302
http://defiy.io/?clickid=7b36220a-2169-11eb-a912-12a2fa295bab

76 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
speedflow.io/adult/ 1 KB
1 KB 328ms
313ms Document
text/html 198.54.116.135
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Server: 198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server193-5.web-hosting.com
Software: Apache / PHP/7.1.33
Resource Hash: f0304f634f030209d91d76f627b9e80311740c1c224cafaf3e6f137e0b753538

Request headers

Host: speedflow.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr

Response headers

date: Sun, 08 Nov 2020 02:24:01 GMT
server: Apache
x-powered-by: PHP/7.1.33
set-cookie: visits_todaya=1; expires=Sun, 08-Nov-2020 22:59:00 GMT; Max-Age=74099; path=/ time_start=1604802241.4861; expires=Sun, 08-Nov-2020 22:59:00 GMT; Max-Age=74099; path=/ ip=185.212.171.67 mobile=0 country=++ visits_todayi=0; expires=Sun, 08-Nov-2020 22:59:00 GMT; Max-Age=74099; path=/
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
content-length: 543
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK ads.js Show response
a.realsrv.com/ 2 KB
1 KB 21ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://a.realsrv.com/ads.js
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: d3f814d49049b29143de2fccdbd97d0a1f0739e2554c482684c7c906b535ea43

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:01 GMT
Content-Encoding: gzip
X-HW: 1604802241.dop057.fr8.shc,1604802241.dop057.fr8.t,1604802241.cds129.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 928

GET
H/1.1 200
OK Cookie set ads-iframe-display.php
syndication.realsrv.com/ Frame AE8A 0
0 39ms
23ms Document
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604802241591&sub=&tags=&screen_resolution=1600x1200&el=%22
Requested by: Host: a.realsrv.com
URL: https://a.realsrv.com/ads.js
Protocol: HTTP/1.1
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: syndication.realsrv.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

Server: nginx
Date: Sun, 08 Nov 2020 02:24:01 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225fa756c1984f84.478373241451649877%22%3B%7D; expires=Tue, 08 Nov 2022 02:24:01 GMT; path=; domain=.realsrv.com;
Content-Encoding: gzip

GET
H/1.1 200
OK autosurf_if.php
manyhit.com/ Frame A817 0
0 359ms
344ms Document
text/html 162.213.255.36
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://manyhit.com/autosurf_if.php?user=speedflow
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Server: 162.213.255.36 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server145-4.web-hosting.com
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Host: manyhit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

date: Sun, 08 Nov 2020 02:24:01 GMT
server: Apache
x-powered-by: PHP/5.4.45
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=aa743653b9c077ef37c7834f4d9d25c1; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 1220
content-type: text/html

GET
H/1.1

200
OK

47382 Show response
traffdaq.com/delivery/dl/
Redirect Chain

http://traffdaq.com/delivery/dl/47382?category=general
https://traffdaq.com/delivery/dl/47382?category=general

3 KB
2 KB

464ms
278ms

Document
text/html

107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/dl/47382?category=general
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: f7b4c45d7e7ad414abc734ec7a6f4e752aceb837ca9f18ac74ab5c41f9e55313

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/adult/?a=rr

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Sun, 08 Nov 2020 02:24:02 GMT
Content-Encoding: gzip

Redirect headers

Content-length: 0
Location: https://traffdaq.com/delivery/dl/47382?category=general
Connection: close

GET
H/1.1 200
OK eyJpdiI6ImZ2MTRlclZLa2VBYUJwVkFrRjlsS1E9PSIsInZhbHVlIjoiYkcwVVd2QXo2eGVTa0VHWDBHTjFuVjlXMHREQlk4VXhMZExGSkxDMkdnSXZuendxTEdhb0U5QUdCOXRGajR1ZkxBV2hadXhDTFlhdjY1ZThKdElZZlE9PSIsIm1hYyI6IjY5YTNhZDYxZ...
traffdaq.com/users/track/ 0
856 B 760ms
579ms Image
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffdaq.com/users/track/eyJpdiI6ImZ2MTRlclZLa2VBYUJwVkFrRjlsS1E9PSIsInZhbHVlIjoiYkcwVVd2QXo2eGVTa0VHWDBHTjFuVjlXMHREQlk4VXhMZExGSkxDMkdnSXZuendxTEdhb0U5QUdCOXRGajR1ZkxBV2hadXhDTFlhdjY1ZThKdElZZlE9PSIsIm1hYyI6IjY5YTNhZDYxZjE2MGFhMWFjODEyYmFhMGZhNmU3ODUzZjdlYzNkZjA3ZGY4MTQ2OGU2ODMxY2M1MWQ4NmQ5YTEifQ%3D%3D
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=general
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:02 GMT
Cache-Control: no-cache
Server: nginx/1.16.1 (Ubuntu)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 401 implement.js
c.securepaths.com/js/ 0
0 85ms
32ms Script
application/javascript 35.190.72.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c.securepaths.com/js/implement.js?org=FziBhN0qA1aE5tBQrQLl&s=5fa756c20759e&p=TDQ47382&a=47382&cmp=47382&rd=http%3A%2F%2Fspeedflow.io%2F&rt=click&sl=0&stId=0&ty=l

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=general

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

161.72.190.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Nov 2020 02:24:02 GMT
via: 1.1 google
status: 401
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
x-xss-protection: 0
expires: 0

GET
H2 200 fingerprint2.min.js Show response
cdn.jsdelivr.net/fingerprintjs2/1.4.0/ 33 KB
10 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/fingerprintjs2/1.4.0/fingerprint2.min.js

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=general

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 886230
x-cache: HIT, HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 10191
etag: W/"83f3-ijg3WuTgKQH1Hch06eHdIajrA24"
x-served-by: cache-fra19149-FRA, cache-hhn4063-HHN
date: Sun, 08 Nov 2020 02:24:02 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 47382 Show response
traffdaq.com/delivery/directlink/ 2 KB
1 KB 2482ms
2312ms Document
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ilg4ZlBiV2xxaHczU2JoQlcwcHIyTlE9PSIsInZhbHVlIjoiUG42czhlNDhTOHZaYkp6UDZGTWg0ME5SNVhyNXd4am9YU1wvRDQzaDZpS0FWOFhHdGE3aGJQTzNYdEt6a0RHWTZFaTFPOWxudjVXaXIwM05vU2xqSU5nY1dxNUZjTjFGcytVcGk4cmFxS2gwOHJvcXlUXC9oQWl6Z3F2ZE5LMGZNYUhjZDlDYWhmbWxkbjRXMWRtV2pcL243aDZUXC9qaWo4WGQ3K2xHa2RpMnM1dU5DakFuRjFiRVFnTjBhQTg2Q1hiMlFhM1FsdWYwZDZqeDAxMStOQUt4WUdPRUNySkxRUGVJcW56SEpwVHBjQ0Z3UDl6clFsaHpiT0pra0ZTT0FWV2xqSzRESXZmbmhBWUs2cVRRVU1COWRvcHY3emVja09WR2xLTHFZcXJyQ2x3bVUxQ293MTJDTExvb0VwY0swZEIzIiwibWFjIjoiYmY4ODhmMGQxOTE1YzcwYWVjNTYxMTYwMWE5YWRhZDQ4MTMxMzQ3YmVjMDdlMzBlNTBhYzM4M2Y5MzljNGZkZCJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=general
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: 751fc7684ccc430ab4224f5eb224ee76ecd070c1d9acc5f696ba906d7956daa5

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://traffdaq.com/delivery/dl/47382?category=general
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tdqct=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://traffdaq.com/delivery/dl/47382?category=general

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Sun, 08 Nov 2020 02:24:04 GMT
Content-Encoding: gzip

GET
H/1.1 200
OK Cookie set pmFS Show response
adyou.me/ 33 KB
16 KB 194ms
180ms Document
text/html 2606:4700:3038::6815:eae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://adyou.me/pmFS

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ilg4ZlBiV2xxaHczU2JoQlcwcHIyTlE9PSIsInZhbHVlIjoiUG42czhlNDhTOHZaYkp6UDZGTWg0ME5SNVhyNXd4am9YU1wvRDQzaDZpS0FWOFhHdGE3aGJQTzNYdEt6a0RHWTZFaTFPOWxudjVXaXIwM05vU2xqSU5nY1dxNUZjTjFGcytVcGk4cmFxS2gwOHJvcXlUXC9oQWl6Z3F2ZE5LMGZNYUhjZDlDYWhmbWxkbjRXMWRtV2pcL243aDZUXC9qaWo4WGQ3K2xHa2RpMnM1dU5DakFuRjFiRVFnTjBhQTg2Q1hiMlFhM1FsdWYwZDZqeDAxMStOQUt4WUdPRUNySkxRUGVJcW56SEpwVHBjQ0Z3UDl6clFsaHpiT0pra0ZTT0FWV2xqSzRESXZmbmhBWUs2cVRRVU1COWRvcHY3emVja09WR2xLTHFZcXJyQ2x3bVUxQ293MTJDTExvb0VwY0swZEIzIiwibWFjIjoiYmY4ODhmMGQxOTE1YzcwYWVjNTYxMTYwMWE5YWRhZDQ4MTMxMzQ3YmVjMDdlMzBlNTBhYzM4M2Y5MzljNGZkZCJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Protocol

HTTP/1.1

Server

2606:4700:3038::6815:eae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7235ced74083ce11bf74233e04b5292ad03a070e9d17dcde18ac1f4b534186d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: adyou.me
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr

Response headers

Date: Sun, 08 Nov 2020 02:24:05 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d8e42fafdabb602d27186c7b7e02d9c981604802245; expires=Tue, 08-Dec-20 02:24:05 GMT; path=/; domain=.adyou.me; HttpOnly; SameSite=Lax adb_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22dcb659acd47edba5c6233d85426a50b6%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A14%3A%22162.158.88.187%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1604802245%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D1107b4b44cc7f6afd59bd645a970060f; path=/ adb_session=a%3A6%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22dcb659acd47edba5c6233d85426a50b6%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A14%3A%22162.158.88.187%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1604802245%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A9%3A%22DATA_pmFS%22%3Ba%3A3%3A%7Bs%3A1%3A%22r%22%3Bs%3A0%3A%22%22%3Bs%3A1%3A%22c%22%3Bs%3A3%3A%22654%22%3Bs%3A1%3A%22s%22%3Bs%3A32%3A%2207b449d42e434b10480ec85be748f685%22%3B%7D%7Db65eb74d5d9a73d453cdbbb852517dd6; path=/ adb_session=a%3A7%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22dcb659acd47edba5c6233d85426a50b6%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A14%3A%22162.158.88.187%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1604802245%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A9%3A%22DATA_pmFS%22%3Ba%3A3%3A%7Bs%3A1%3A%22r%22%3Bs%3A0%3A%22%22%3Bs%3A1%3A%22c%22%3Bs%3A3%3A%22654%22%3Bs%3A1%3A%22s%22%3Bs%3A32%3A%2207b449d42e434b10480ec85be748f685%22%3B%7Ds%3A9%3A%22VIEW_pmFS%22%3Bi%3A0%3B%7D3ba30a02af055bb123686a5b450d40b8; path=/ adb_session=a%3A8%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22dcb659acd47edba5c6233d85426a50b6%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A14%3A%22162.158.88.187%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1604802245%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3Bs%3A9%3A%22DATA_pmFS%22%3Ba%3A3%3A%7Bs%3A1%3A%22r%22%3Bs%3A0%3A%22%22%3Bs%3A1%3A%22c%22%3Bs%3A3%3A%22654%22%3Bs%3A1%3A%22s%22%3Bs%3A32%3A%2207b449d42e434b10480ec85be748f685%22%3B%7Ds%3A9%3A%22VIEW_pmFS%22%3Bi%3A0%3Bs%3A11%3A%22LOADING_URL%22%3Bs%3A4%3A%22pmFS%22%3B%7D634176916966e6fe7efa016bf5b3509e; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
cf-request-id: 06474409ca00002bca96a7b000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gQYAgWNkUsLP14Qs0wiGRR4%2Fo4rZf%2Br7RETt7qwBRLMXKZCzSJXZf8ezCsIWz395F9MIU7PXK%2BXCmvaE2xa8YZ3vXYA7UyyBOWgdPyWA2nyVvOY0pw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 5eebd5efaa432bca-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK QsEamMYGTswSNUZeYoP0Chejuvs.js Show response
adyou.me/cdn-cgi/apps/head/ 6 KB
3 KB 41ms
11ms Script
application/javascript 2606:4700:3038::6815:eae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://adyou.me/cdn-cgi/apps/head/QsEamMYGTswSNUZeYoP0Chejuvs.js

Requested by

Host: adyou.me
URL: http://adyou.me/pmFS

Protocol

HTTP/1.1

Server

2606:4700:3038::6815:eae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52ecf85ce2f74eddbaeab6bc4f8cf4cc75b1805ba4dcfdb90b1be7a6813088a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 12299432
CF-RAY: 5eebd5f10fd3dfbb-FRA
Connection: keep-alive
Content-Length: 2024
x-amz-id-2: ODASBh4+qg5cWZSt24bsN+iPtm4z/YbYrI4b2zy0Un2ACLC9MAz9JjB5bf6S/euaRcQE9wVtgBg=
Last-Modified: Mon, 24 Jul 2017 16:33:17 GMT
Server: cloudflare
ETag: "57cddfb83cd157ae31a76beee90c032f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bLdzmGlciEuu4QflncV5aNnK1k2Y%2FgN%2FuYdswvGJ09WBiq4JCXs5mZrD0vVmwNwAIMt4Lv2qPS3buZHH96LJXk0XMrFd6JktztGc8jA%2F9MuH1fe1cw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: C6AB2E3F2398BD12
Cache-Control: public, max-age=31536000
x-amz-version-id: 0U_CzwvCXRxfATKZ7LFS9klRd0JspO8T
cf-request-id: 0647440aaa0000dfbbf614e000000001
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK j[jbar].css
adyou.me/assets/css/ 1 KB
1 KB 25ms
16ms Stylesheet
text/css 2606:4700:3038::6815:eae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://adyou.me/assets/css/j[jbar].css

Requested by

Host: adyou.me
URL: http://adyou.me/pmFS

Protocol

HTTP/1.1

Server

2606:4700:3038::6815:eae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

599dfd51e4a5a12c86d6d8d785f000db61cad4e8febcb9f88d42d6dec374d9c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 327339
Cf-Polished: origSize=1218
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0647440a940000dfe35b08c000000001
Cf-Bgj: minify
Server: cloudflare
ETag: W/"8a1ba53054a00b8dfe18e4c4ef98c4f9"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0e8xL6CaV%2BicUQarSCvbAAZYbIBkgnfGTz56PQeiMqIhCl%2BDuMFPx5nXl4y6H5OAAxDp%2B%2FXrWwRzWCFxGqIFn7WJvKnZ61lkEKm43nAuWJWjwQJA2g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=536661
CF-RAY: 5eebd5f0eb62dfe3-FRA
Expires: Sat, 14 Nov 2020 07:28:26 GMT

GET
H/1.1 200
OK f[bug].css
adyou.me/assets/css/ 6 KB
2 KB 19ms
10ms Stylesheet
text/css 2606:4700:3038::6815:eae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://adyou.me/assets/css/f[bug].css

Requested by

Host: adyou.me
URL: http://adyou.me/pmFS

Protocol

HTTP/1.1

Server

2606:4700:3038::6815:eae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba183ffbea19d69da2fc96be83005d60fa08c68022e5db02b671a98801d17b9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 153878
Cf-Polished: origSize=6485
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0647440a9400002bca733a6000000001
Cf-Bgj: minify
Server: cloudflare
ETag: W/"386ccdd7861fca9dc2bc1db690592cb8"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mYeudw1KJqcgftjL1SO9lAHOgOxlrd%2BdNR4CJEKpWWRyURyawcNUt%2FKGiK11Hb%2FtH1d7%2BuFT8s1kLPo0TTd1nbtitJ29UQSnhiuRD9NCqjpXt40QWw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=710122
CF-RAY: 5eebd5f0ebc02bca-FRA
Expires: Mon, 16 Nov 2020 07:39:27 GMT

GET
H/1.1 200
OK bootstrap.min.css
adyou.me/assets/abdoghaly/css/ 118 KB
20 KB 26ms
17ms Stylesheet
text/css 2606:4700:3038::6815:eae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://adyou.me/assets/abdoghaly/css/bootstrap.min.css

Requested by

Host: adyou.me
URL: http://adyou.me/pmFS

Protocol

HTTP/1.1

Server

2606:4700:3038::6815:eae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2971
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0647440a9400006371843df000000001
Last-Modified: Fri, 09 Dec 2016 03:41:52 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H0wOL4DEft8%2Bb9r%2Bk7TEocrnSVcw%2Fv66AjItFuZdLiGueR3A3FvGy%2BrNsrZaLhV5EZLd8cQPGu%2FfO780IZd8%2BqfecSoeI5t5Cw6My6U%2FDv5TMBccmw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
CF-RAY: 5eebd5f0ef426371-FRA

GET
H/1.1 200
OK font-awesome.min.css
adyou.me/assets/abdoghaly/css/ 30 KB
7 KB 29ms
20ms Stylesheet
text/css 2606:4700:3038::6815:eae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://adyou.me/assets/abdoghaly/css/font-awesome.min.css

Requested by

Host: adyou.me
URL: http://adyou.me/pmFS

Protocol

HTTP/1.1

Server

2606:4700:3038::6815:eae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 5207
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0647440a940000dfbb942f3000000001
Last-Modified: Thu, 03 Nov 2016 09:08:06 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Vm%2BMyeHCPStI1%2B9NzVjQm3jtRwG463BqH1HL3ttYivj0Lj1NpyMlF8LQj%2FYVB3wXsg9Y6yMmhYYkD8dcbqcq0g0HRk6q6ZCvbmIzG8BGGQ17e6ySPA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
CF-RAY: 5eebd5f0efb5dfbb-FRA

GET
H/1.1 200
OK animate.css
adyou.me/assets/abdoghaly/css/ 55 KB
5 KB 24ms
16ms Stylesheet
text/css 2606:4700:3038::6815:eae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://adyou.me/assets/abdoghaly/css/animate.css

Requested by

Host: adyou.me
URL: http://adyou.me/pmFS

Protocol

HTTP/1.1

Server

2606:4700:3038::6815:eae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

244d233aed62b754e04433d8abb9b357abf949862867798f70bf087075c9a1b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2231
Cf-Polished: origSize=72256
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0647440a940000074659a0f000000001
Last-Modified: Wed, 24 May 2017 14:35:44 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ExaWxGyE8WaUgd%2BXxxlH3BgYGp5MqvSgoCrzi52WiMr0rREOtdc%2Bz9PvGzF2ClbDCrcbwdiVl8cbYlsNdmy6K6TFTkqtoCf1gObRNFy0lvh9z%2BwiEA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
CF-RAY: 5eebd5f0eff20746-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK normalize.css
adyou.me/assets/abdoghaly/css/ 2 KB
2 KB 26ms
18ms Stylesheet
text/css 2606:4700:3038::6815:eae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://adyou.me/assets/abdoghaly/css/normalize.css

Requested by

Host: adyou.me
URL: http://adyou.me/pmFS

Protocol

HTTP/1.1

Server

2606:4700:3038::6815:eae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29924563f5d15ed365c7103124fcbd0157439ce8792218efeec0c33f9b05171e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 252
Cf-Polished: origSize=8053
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0647440a9400002fa52bab0000000001
Last-Modified: Fri, 09 Dec 2016 09:15:48 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SEb6yl02wAlfXK2Ue%2Fl9hTHaHJTNgkmVW2i%2BRwd%2FFQt9eDhIuSLIEhY%2FCTozFL%2FmdbYOTmzEFm08Hb%2FlhWC1XFYoffe24kj%2FDlNXawYpOA6wbXD0wg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
CF-RAY: 5eebd5f0e9e72fa5-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK special_animate.css
adyou.me/assets/abdoghaly/css/ 648 B
985 B 32ms
13ms Stylesheet
text/css 2606:4700:3038::6815:eae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://adyou.me/assets/abdoghaly/css/special_animate.css

Requested by

Host: adyou.me
URL: http://adyou.me/pmFS

Protocol

HTTP/1.1

Server

2606:4700:3038::6815:eae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf2d59667e53c59559b2865f61dbf438dc726814d0d805e69f57a6bdf79d0a7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 5207
Cf-Polished: origSize=918
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0647440aa300002bca9c233000000001
Last-Modified: Sat, 22 Apr 2017 21:50:58 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BwiribyZgtWqWX4m1JPGJOL78Ll%2FOAhP8OxQ9LeZR9P3RFQ2hOf7I1WqRfDnQZKzE8uh0IUreX873XF5OBgvTye0TSlexkXKC4ChI%2BDAdgXgtg787g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
CF-RAY: 5eebd5f10bee2bca-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK bootstrap-aid.css
adyou.me/assets/abdoghaly/css/ 322 B
962 B 38ms
14ms Stylesheet
text/css 2606:4700:3038::6815:eae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://adyou.me/assets/abdoghaly/css/bootstrap-aid.css

Requested by

Host: adyou.me
URL: http://adyou.me/pmFS

Protocol

HTTP/1.1

Server

2606:4700:3038::6815:eae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7471e364a4a41ce33939871da6c145e3da7672684456feba90c43f92da397ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2231
Cf-Polished: origSize=494
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0647440aa50000dfe3fc9a8000000001
last-modified: Thu, 27 Apr 2017 23:32:14 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tesxFHnei4RWmgMhu1kIp2w21XUUE5apeCnsqdTLd2tS89PKQS1706UpFKq4Bbw%2FKr6zksSkxIV8ebnnfBmJIVDjt2Cho23lmibvxZqOG%2BF8aUAoIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
access-control-allow-origin: *
Cache-Control: max-age=7200
CF-RAY: 5eebd5f10b8adfe3-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK style.css
adyou.me/assets/abdoghaly/css/ 31 KB
8 KB 35ms
10ms Stylesheet
text/css 2606:4700:3038::6815:eae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://adyou.me/assets/abdoghaly/css/style.css

Requested by

Host: adyou.me
URL: http://adyou.me/pmFS

Protocol

HTTP/1.1

Server

2606:4700:3038::6815:eae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d22c3b80ec0358b9cd82f421ca7464cef343181ebe037213906d89b71f9d141

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 5919
Cf-Polished: status=cannot_optimize
Transfer-Encoding: chunked
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Connection: keep-alive
cf-request-id: 0647440aa50000074610166000000001
Last-Modified: Mon, 25 Jun 2018 22:16:54 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yfToEN2NmvcYXF%2Br5PhL9YrLV8H64rbX1vst9QZ2Gj7DVCwL%2F0pZwJmKKgHPI8F9KY9DugKoG9cN6G4nP8CAK%2FXmNdv985uGc%2B1Ti7ayKtPHIp1FeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
CF-RAY: 5eebd5f108130746-FRA
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Cf-Bgj: minify

GET
H/1.1 200
OK ltr.css
adyou.me/assets/abdoghaly/css/ 9 KB
3 KB 41ms
15ms Stylesheet
text/css 2606:4700:3038::6815:eae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://adyou.me/assets/abdoghaly/css/ltr.css

Requested by

Host: adyou.me
URL: http://adyou.me/pmFS

Protocol

HTTP/1.1

Server

2606:4700:3038::6815:eae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96e77a060cf1faeac19404090ebea7eebcb361f276c28df15101e6e4d293d966

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2231
Cf-Polished: origSize=11377
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0647440aa7000063718f14e000000001
Last-Modified: Thu, 14 Jun 2018 07:22:12 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3J75oxWgESpTZ%2FLXICiAAFFmPPltLR13C8o2fwijHEd6%2Bxh387svHlS0cRmyHsRRXYPhbFCYVvjQCkIoSIamVWwH6XcEhjnwvwwa4e69MRp28L4E9g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
CF-RAY: 5eebd5f10f466371-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK responsive_ltr.css
adyou.me/assets/abdoghaly/css/ 20 KB
5 KB 39ms
13ms Stylesheet
text/css 2606:4700:3038::6815:eae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://adyou.me/assets/abdoghaly/css/responsive_ltr.css

Requested by

Host: adyou.me
URL: http://adyou.me/pmFS

Protocol

HTTP/1.1

Server

2606:4700:3038::6815:eae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41dfb086ee3d198b11c14d10c56eed0ebb4f1b88a2a24fc52160d8894a3cae40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 5207
Cf-Polished: origSize=25081
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0647440aaa00002fa506ac4000000001
Last-Modified: Sun, 18 Nov 2018 01:05:03 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mTRn5VJRaPxVGu2U0PJkxFiA4Wwo2y5wFACv5DuWlHjXvt6rPfpHn%2FuwioU4F48aafq7VPaLCnsklIr62Iy7cq2hgZhE2Tvuz9286tkd4jzlQZAn3w%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
CF-RAY: 5eebd5f10a022fa5-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK apu.php Show response
go.oclasrv.com/ 61 KB
22 KB 49ms
27ms Script
application/javascript 139.45.195.107
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://go.oclasrv.com/apu.php?zoneid=795049

Requested by

Host: adyou.me
URL: http://adyou.me/pmFS

Protocol

HTTP/1.1

Server

139.45.195.107 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

d5aa516d7efe5c06d27bca8c994b964ec7a80a8feeab5aa7884e97ea6398bfc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: d613753015e1255f06ed9c00ea4cde73
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK 2 Show response
tharbadir.com/ 7 KB
4 KB 44ms
23ms Script
text/javascript 139.45.195.38
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tharbadir.com/2?z=2456331
Requested by: Host: adyou.me
URL: http://adyou.me/pmFS
Protocol: HTTP/1.1
Server: 139.45.195.38 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: 06fa9a9cdcb00185ae7b3133635c3591ecfde23be57ce140ef70a6a2df6cab91

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 Nov 2020 02:24:05 GMT
Content-Encoding: gzip
X-Sc: 01AbFj8AwL-x9WBrChYhesM-xXwb2FVbj2BivhiFoC2_F4YyE8efkX_TaEx9rEsehuZxWpyTkpxFnb7osb6cpj5ycJU=
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK / Show response
d3t5ngjixpjdho.cloudfront.net/ 292 KB
96 KB 202ms
179ms Script
text/plain 13.226.156.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d3t5ngjixpjdho.cloudfront.net/?jgntd=783400
Requested by: Host: adyou.me
URL: http://adyou.me/pmFS
Protocol: HTTP/1.1
Server: 13.226.156.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-18.dus51.r.cloudfront.net
Software: /
Resource Hash: 6fb3c3b2b215fbde620bbd73647e1b28b55e40e9e8bf61c930ab799cba251690

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 Nov 2020 02:24:05 GMT
content-encoding: gzip
X-Amz-Cf-Pop: DUS51-C1
X-Cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection: keep-alive
Content-Length: 97771
Via: 1.1 414a05dee9c365a2a2079013f9d53671.cloudfront.net (CloudFront)
X-Amz-Cf-Id: et43VZiTb-VtORPr3aBGIyBD1NYHnX95vSHUiwleVThRt-cXV3XHEg==

GET
H/1.1 200
OK / Show response
d3t5ngjixpjdho.cloudfront.net/ 46 KB
17 KB 330ms
307ms Script
text/plain 13.226.156.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d3t5ngjixpjdho.cloudfront.net/?jgntd=783401
Requested by: Host: adyou.me
URL: http://adyou.me/pmFS
Protocol: HTTP/1.1
Server: 13.226.156.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-18.dus51.r.cloudfront.net
Software: /
Resource Hash: 646eb30119b9c4f4a62335b5704d1bbe7dc0b724330069f15963352021d11eca

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 Nov 2020 02:24:05 GMT
content-encoding: gzip
X-Amz-Cf-Pop: DUS51-C1
X-Cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection: keep-alive
Content-Length: 17291
Via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
X-Amz-Cf-Id: sPgtOfeCSeDg93GVnl0LDVvyGFM4UasRTVx_iBECB-EZ3DUzMg1e1w==

GET
H/1.1 200
OK ntfc.php Show response
pushnevis.com/ 40 KB
12 KB 34ms
19ms Script
application/javascript 139.45.196.211
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pushnevis.com/ntfc.php?p=2652628
Requested by: Host: adyou.me
URL: http://adyou.me/pmFS
Protocol: HTTP/1.1
Server: 139.45.196.211 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: 84cafb9765ccb18ed4f4c5d64d91cd50cffd07de98d712cd51c546a95b99f0f1

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 Nov 2020 02:24:05 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Nov 2020 13:09:14 GMT
Server: nginx
ETag: W/"5fa1567a-a07d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 28ms
11ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: adyou.me
URL: http://adyou.me/pmFS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 02:24:05 GMT
content-encoding: gzip
vary: Accept-Encoding
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 0647440c990000c28179849000000001
last-modified: Tue, 27 Oct 2020 17:31:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f985973-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jLFWgynOkXXs7mmpOmYXtYNKMVcjvz25KclknMlJvlK6NM8%2Bvix6AnP8SD3yEn2salS4CJqgAKEjShRDWPTOH2Z8cvBZ%2FmTX1SVvRjnazs%2FIaoZaWDA3URGvz15x%2B%2BRv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 5eebd5f42ebdc281-FRA
expires: Tue, 10 Nov 2020 02:24:05 GMT

GET
H2

200

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

46 KB
19 KB

26ms
6ms

Script
text/javascript

2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: adyou.me
URL: http://adyou.me/pmFS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2080
date: Sun, 08 Nov 2020 01:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sun, 08 Nov 2020 03:49:25 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2 204 utx Show response
ncediscou.fun/ 0
409 B 198ms
131ms XHR
text/plain 13.35.43.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ncediscou.fun/utx?cb=kdD9Vhkbaq1V&top=adyou.me&tid=783400
Requested by: Host: d3t5ngjixpjdho.cloudfront.net
URL: http://d3t5ngjixpjdho.cloudfront.net/?jgntd=783400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.43.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-43-34.mxp64.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Nov 2020 02:24:05 GMT
via: 1.1 0f6f1904b6904f4881311d3f5570a9ab.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: MXP64-C1
status: 204
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: http://adyou.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: Kj1CPCYsePdVeix9trxL3ncgEv1HOjR9IxJkFjp3r0kXavfyaQYiBQ==

GET
H2 204 utx Show response
ncediscou.fun/ 0
409 B 191ms
132ms XHR
text/plain 13.35.43.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ncediscou.fun/utx?cb=YdIh4MxIhqJ9&top=adyou.me&tid=836505
Requested by: Host: d3t5ngjixpjdho.cloudfront.net
URL: http://d3t5ngjixpjdho.cloudfront.net/?jgntd=783400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.43.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-43-34.mxp64.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Nov 2020 02:24:05 GMT
via: 1.1 0f6f1904b6904f4881311d3f5570a9ab.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: MXP64-C1
status: 204
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: http://adyou.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 06GPHEwrBzjfyc7tb_teHdZebVuwNA0_PHr0hIBanrPMBqaYxUO0Mw==

GET
H/1.1 200
OK popunder.gif
ncorports.top/ 35 B
502 B 139ms
121ms Image
image/gif 143.204.215.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ncorports.top/popunder.gif
Requested by: Host: adyou.me
URL: http://adyou.me/pmFS
Protocol: HTTP/1.1
Server: 143.204.215.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-75.fra53.r.cloudfront.net
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sun, 08 Nov 2020 02:24:05 GMT
content-encoding: gzip
X-Amz-Cf-Pop: FRA53-C1
X-Cache: Miss from cloudfront
Content-Type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
Connection: keep-alive
Content-Length: 58
Via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
X-Amz-Cf-Id: JLMwUbBRFkUKVZA2FJ2t3XNYgFLOzmPfDXiTGemJ3moydkWc15S9YQ==

GET popunder.gif
boudja.com/ 0
0

GET
H/1.1 403
Forbidden draft_03.jpg
adyou.me/assets/abdoghaly/images/style/ 3 KB
3 KB 10ms
9ms Image
text/html 2606:4700:3038::6815:eae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://adyou.me/assets/abdoghaly/images/style/draft_03.jpg

Requested by

Host: adyou.me
URL: http://adyou.me/assets/abdoghaly/css/style.css

Protocol

HTTP/1.1

Server

2606:4700:3038::6815:eae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c2c598e1c44f0bf67feb15f887c0a5b6362ade8bb99b07e0ffd02c62fe8cc18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0LjaG5bT%2BYnwEjBNQ8EDvBNsQPjQDo1vJSL%2BlJMWExLAqKfO8Ea6Y94wBun9e0CCmXCiSD8FAcFS6h2sXSyxzoXblWhSg5YH4w%2ByDGEplRSCN7NNDw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5eebd5f40fb06371-FRA
Vary: Referer, Accept-Encoding
cf-request-id: 0647440c890000637170866000000001
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 403
Forbidden ayag_09.png
adyou.me/assets/abdoghaly/images/style/ 3 KB
3 KB 11ms
11ms Image
text/html 2606:4700:3038::6815:eae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://adyou.me/assets/abdoghaly/images/style/ayag_09.png

Requested by

Host: adyou.me
URL: http://adyou.me/assets/abdoghaly/css/style.css

Protocol

HTTP/1.1

Server

2606:4700:3038::6815:eae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98e836951ff83db4643475a224fdad33ee4c5dd80c0d1f9a94a544b2d6b00b44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NHEsB9WRp5875a%2F27MdPeWMD3UH2%2BdRQWrU9edLjTRsGqIz1fNLcw4fx3fHGS4frQwyAnmJ3dYxrTiFw%2B7ye8gBgcVCKkQrEvOEOAg0gY%2B7CaGHxhw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5eebd5f41cfa2fa5-FRA
Vary: Referer, Accept-Encoding
cf-request-id: 0647440c8a00002fa53c2ae000000001
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK 7Au_p_0qiz-adZXgOCX2zw.woff2
adyou.me/assets/abdoghaly/css/fonts/ 17 KB
17 KB 11ms
10ms Font
font/woff2 2606:4700:3038::6815:eae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://adyou.me/assets/abdoghaly/css/fonts/7Au_p_0qiz-adZXgOCX2zw.woff2

Requested by

Host: adyou.me
URL: http://adyou.me/assets/abdoghaly/css/ltr.css

Protocol

HTTP/1.1

Server

2606:4700:3038::6815:eae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2417a3947ab9107980dc6add3c8ab4a490cd30ecb449b1dd8b09965b281b964e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: http://adyou.me
Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:05 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2230
Connection: keep-alive
Content-Length: 17140
cf-request-id: 0647440c8a0000dfbb86399000000001
Last-Modified: Tue, 13 Feb 2018 14:48:06 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WmQrLxkINAitNcsFw63%2B0FkfQC5jpDGD7%2FFN6x0AEXir15hiwROu4j72LjdxlAqxlf6Av4kUiDDnbT34LJbirLSFrTUlJwQ7A%2BeD0TgvF4RNAeb3Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Accept-Ranges: bytes
CF-RAY: 5eebd5f41a45dfbb-FRA

GET
H/1.1 200
OK 7Auwp_0qiz-afTLGLQ.woff2
adyou.me/assets/abdoghaly/css/fonts/ 17 KB
17 KB 14ms
13ms Font
font/woff2 2606:4700:3038::6815:eae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://adyou.me/assets/abdoghaly/css/fonts/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: adyou.me
URL: http://adyou.me/assets/abdoghaly/css/ltr.css

Protocol

HTTP/1.1

Server

2606:4700:3038::6815:eae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc2cbc3890127c30e4eec9172b1ecc8270d5db3b1dbcb30ab5eb45edccaf8538

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: http://adyou.me
Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:05 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2226
Connection: keep-alive
Content-Length: 17172
cf-request-id: 0647440c910000dfe375168000000001
Last-Modified: Tue, 13 Feb 2018 14:46:38 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yCZEI0qU%2FTDzMSmGdRjQW6jVZfSTtPkLe73LNlTujFPCvf13FrFaaUovSbmr2%2BKjuHhGV3iXAHznXjZ5B9xcHIJu%2BcU42oEANRCA7N21JssfMlU1Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Accept-Ranges: bytes
CF-RAY: 5eebd5f41e7bdfe3-FRA

GET
H/1.1 200
OK b5705f2416629f304b4e003dad256550
tharbadir.com/27/ 361 KB
118 KB 19ms
18ms Script
application/javascript 139.45.195.38
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://tharbadir.com/27/b5705f2416629f304b4e003dad256550

Requested by

Host: tharbadir.com
URL: http://tharbadir.com/2?z=2456331

Protocol

HTTP/1.1

Server

139.45.195.38 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 03 Nov 2020 07:59:45 GMT
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: max-age:290304000, public
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Tue, 03 Dec 2080 07:59:45 GMT

GET
H/1.1 200
OK 38 Show response
tharbadir.com/42/ 0
834 B 32ms
18ms Script
text/plain 139.45.195.38
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tharbadir.com/42/38?z=2891820
Requested by: Host: tharbadir.com
URL: http://tharbadir.com/2?z=2456331
Protocol: HTTP/1.1
Server: 139.45.195.38 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 Nov 2020 02:24:05 GMT
X-Sc: B0uAdgLoD5tq4SXyYVPS5TumxHcSMnyOLvO5La-w1bsU_6BS9JxfHkTWve9os-vHRkW2nkFaeNOO_ZhumloHHa-EbFU=
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Content-Length: 0
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK zone
pushnevis.com/ 717 B
1 KB 54ms
18ms Fetch
application/json 139.45.196.211
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pushnevis.com/zone?pub=0&zone_id=2652628&is_mobile=false&domain=adyou.me&var=&ymid=&var_3=

Requested by

Host: pushnevis.com
URL: http://pushnevis.com/ntfc.php?p=2652628

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.211 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: a950d5000fa9c450d4a800217727af4e
Date: Sun, 08 Nov 2020 02:24:05 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://adyou.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 717

GET
H/1.1 200
OK universal.min.js
pushnevis.com/pfe/current/ 190 KB
54 KB 69ms
33ms Fetch
application/javascript 139.45.196.211
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushnevis.com/pfe/current/universal.min.js?v=3.1.276
Requested by: Host: pushnevis.com
URL: http://pushnevis.com/ntfc.php?p=2652628
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.211 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 Nov 2020 02:24:05 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Nov 2020 13:09:14 GMT
Server: nginx
ETag: W/"5fa1567a-2f7b2"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: http://adyou.me
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK 82c3aee92590b1aad62fd73601853d6c.js
7lstw4cd.top/82/c3/ae/ 3 KB
1 KB 253ms
231ms Script
application/javascript 209.126.103.59
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://7lstw4cd.top/82/c3/ae/82c3aee92590b1aad62fd73601853d6c.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 209.126.103.59 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: condor2630.startdedicated.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:05 GMT
Content-Encoding: gzip
Server: Apache/2.4.18 (Ubuntu)
Connection: close
Content-Length: 1255
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H/1.1 200
OK feb195c3e3712c600a776936b9d5acd6.js
7lstw4cd.top/fe/b1/95/ 3 KB
1 KB 262ms
240ms Script
application/javascript 209.126.103.59
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://7lstw4cd.top/fe/b1/95/feb195c3e3712c600a776936b9d5acd6.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 209.126.103.59 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: condor2630.startdedicated.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:05 GMT
Content-Encoding: gzip
Server: Apache/2.4.18 (Ubuntu)
Connection: close
Content-Length: 1255
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H/1.1 200
OK ads.js
adyou.me/assets/js/ 19 B
801 B 14ms
13ms Script
application/javascript 2606:4700:3038::6815:eae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://adyou.me/assets/js/ads.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Server

2606:4700:3038::6815:eae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:05 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 3778
Cf-Polished: origSize=207
Connection: keep-alive
Content-Length: 19
cf-request-id: 0647440caa0000dfe35b0a1000000001
last-modified: Sun, 04 Jun 2017 23:55:56 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wg4m8ii7Zc8B4kpYNbc%2BFqlaSqBxPifFPzysLU%2F4yj56HPnA236NQwqJQKcsiVW9VmtWILcBdzJwyE2pyWWsb298FkYM1gHRFFKY1LfJWSlFTQb7jw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
access-control-allow-origin: *
Cache-Control: max-age=7200
Accept-Ranges: bytes
CF-RAY: 5eebd5f44e9fdfe3-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK j[jbar,jsizes].js
adyou.me/assets/js/ 3 KB
2 KB 12ms
11ms Script
text/javascript 2606:4700:3038::6815:eae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://adyou.me/assets/js/j[jbar,jsizes].js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Server

2606:4700:3038::6815:eae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2226
Cf-Polished: origSize=2918
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0647440caa0000dfbb7e040000000001
Cf-Bgj: minify
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=19w61sxzhtguFOR45lYxDwBIduPjAHkQtN8bHwMqU6W4rsIZohPLeFK2pSu58VRFoBH47zQ4vk4cFmw7tlhPvoexoabQWtjlhuJyyBh6SwTan9WRBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
CF-RAY: 5eebd5f44a69dfbb-FRA

GET
H2 200 jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 91 KB
33 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 19:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24257
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33621
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Nov 2021 19:39:48 GMT

GET
H/1.1 200
OK WjIxU0M7UFI+fDsPU3U2KF4MdnEcFwMVJ2lGBD0kMFtJIyk+Wl59IDZdRDclKF1fJ200V0V2cRxzU2EVM3xaYw4ZVUkCIDJBfBEkLgRnYhkNcF9iCR5KdwkKIgtoHQs9U3AHBQtnaSQuGFhVZiUiRVgXKxsHdwIFPHADIAcYc0kBIB9ZcBcFDEVpOA4eZ1hqEA9nY...
ncediscou.fun/ Frame D9CA 0
0 172ms
158ms Document
text/html 13.35.43.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ncediscou.fun/WjIxU0M7UFI+fDsPU3U2KF4MdnEcFwMVJ2lGBD0kMFtJIyk+Wl59IDZdRDclKF1fJ200V0V2cRxzU2EVM3xaYw4ZVUkCIDJBfBEkLgRnYhkNcF9iCR5KdwkKIgtoHQs9U3AHBQtnaSQuGFhVZiUiRVgXKxsHdwIFPHADIAcYc0kBIB9ZcBcFDEVpOA4eZ1hqEA9nYxATC3N+C3I9BHY7DhFqcgIgH1p4AgwbB2gXcjEBczQoFWQDOycTA1IKJQ9CaQYrblV1NBoWZXU4AhxVXgclMwNwBgIDWXABBhJlXDsnDGMICw8xQmkGLzEXAxEQNlZiBy4yVmcFbhd1dD92CGJgHSgJXlUAFSACVxASPnB6EnMVcQEZLAJhfwsBAkJzBS8LZldiehRxZ2d2G1VdGwEbB3oFchBTexISG2BGAXoZc3ARGwl4dgIFG3V9NCACdmcgLAleUjgHNAdzBRYtcVcVeg1mcBF7CV5VABEJRXsRARhUUBVzMGRGBXULZGsGBh5aYgYSAGdUPyAfZ2BqZmh0aRUaHnN5JxQCZGMHJRxRcxICABcDERsbdFARG2NXcGIwfFhCPC0qD2cdFDRmAzRyE1FkHHEpdV0
Requested by: Host: d3t5ngjixpjdho.cloudfront.net
URL: http://d3t5ngjixpjdho.cloudfront.net/?jgntd=783400
Protocol: HTTP/1.1
Server: 13.35.43.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-43-34.mxp64.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: ncediscou.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://adyou.me/pmFS
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://adyou.me/pmFS

Response headers

Content-Type: text/html
Content-Length: 1271
Connection: keep-alive
Date: Sun, 08 Nov 2020 02:24:07 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 75606caa7122049e455c8f29e5ce11c7.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MXP64-C1
X-Amz-Cf-Id: 5pBCiNb8Vaf1BaXGdLFqZtlIoICjqCWMwGz-UBCoz0M_BtDgNJ5wJA==

GET
H/1.1 200
OK HQUjEhkoBRIVDA4VUSANHRIsAC88EiRULGACNCMaAD0OJg8zBjMAaRoCNCNhLxYSPxAAPR0xDWgCMykZNAU3IzstFyRDMis7CxVlLS1UHAIcAQpdLCIRCQ
ncediscou.fun/WFhUZWU5OjcIWjllNkMQKjRpQFcefWYjAWssYQsCMjEsFQ88MDtLBjQ3IQEDKjc6EUs2PSBAVx43MAg/ERUDKDMbCw49PRkRBCkkIDoGMydhGQIzNBwcIAAhCQI2NTAwCxAfEhUCFR0qHTIeVSFpGQcoCQ49BlUkMw0VVTcPamEwIQoONgA3Oxs... Frame D47C 0
0 162ms
147ms Document
text/html 13.35.43.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ncediscou.fun/WFhUZWU5OjcIWjllNkMQKjRpQFcefWYjAWssYQsCMjEsFQ88MDtLBjQ3IQEDKjc6EUs2PSBAVx43MAg/ERUDKDMbCw49PRkRBCkkIDoGMydhGQIzNBwcIAAhCQI2NTAwCxAfEhUCFR0qHTIeVSFpGQcoCQ49BlUkMw0VVTcPamEwIQoONgA3OxsRAjdpGgEwIRprAgYhGS8ELyNoGwFUNBcaEVQiCWs7JzYgKxwuVD8WFQIObw8BPyMSH2QhMCBgHTUjCQgBVDdsABUsMwlrOychGQ4QAAIdOgFUN2wZEigVDmssEDM0YRAAAh0bFg08Mw4WNDEaG3krPB5pGjAhPwoFNDAwbxZVPx0OOScEGy8dKS8aCgYrMBZuFTRdPhwHVTANDQ0nKQ4RHSIwYSwVVCgOHD4VABwwGiEANjw2NzAwbBxUARAOOhYDDg0wIQA/HQUjEhkoBRIVDA4VUSANHRIsAC88EiRULGACNCMaAD0OJg8zBjMAaRoCNCNhLxYSPxAAPR0xDWgCMykZNAU3IzstFyRDMis7CxVlLS1UHAIcAQpdLCIRCQ
Requested by: Host: d3t5ngjixpjdho.cloudfront.net
URL: http://d3t5ngjixpjdho.cloudfront.net/?jgntd=783400
Protocol: HTTP/1.1
Server: 13.35.43.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-43-34.mxp64.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: ncediscou.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://adyou.me/pmFS
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://adyou.me/pmFS

Response headers

Content-Type: text/html
Content-Length: 1244
Connection: keep-alive
Date: Sun, 08 Nov 2020 02:24:07 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 785863fe1b0961dc0a54153752ab0c4c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MXP64-C1
X-Amz-Cf-Id: MrRXJE7l05kyAL2J96ZmOTT5sf7if8PqHHrMFD40shJ2r96yJAK8xw==

GET
H/1.1 200
OK eGFwSksZAxMndBlcEmw+Cg1Nb3k+REIML0sVRSQsEggIOiEcCR9kKBQOBS4tCg4ePmUWBARveT4wPgwBFDY0BBMoMANveTolNQt8OTYlBglKMyErCiEyPwgSSzklGD01JUQGEkoCFAd5FFQpHwYLMiYIPS4pRSwdLBYzEBkuMyALERQgGAMxOTUfBQowMCIBDQAHE...
ncediscou.fun/ Frame BA43 0
0 162ms
148ms Document
text/html 13.35.43.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ncediscou.fun/eGFwSksZAxMndBlcEmw+Cg1Nb3k+REIML0sVRSQsEggIOiEcCR9kKBQOBS4tCg4ePmUWBARveT4wPgwBFDY0BBMoMANveTolNQt8OTYlBglKMyErCiEyPwgSSzklGD01JUQGEkoCFAd5FFQpHwYLMiYIPS4pRSwdLBYzEBkuMyALERQgGAMxOTUfBQowMCIBDQAHEj04DjMbA308GzYLGgErNAYdMSsgPSQRNhwtbkojMgJ7OgIdLgcZIykNEhNRQR8nG1YzMzMbMwo6ChlSNRgSPjQIEh45UjMSezojNHIONxkpDRIfDgIMLCIIOBJ7OiM3BB06FjkLDy5MMjINHzsZCAgQJScOKCsxJgwtNxk2cwogKx4cJkAFMngZOQAXByg3MEA5ExQJQxwzCzYyJwIyLCYiGRxQFCUdPiQIDiEbADUdCS4uQT4MKDAXcw0fOCUSHAsFMgIzKgAhBwMeJz46DR87GQwhFDcmGQo1ByEMMiJQKjwDKQUbGzJILjEOEjADBz4dITcIOwo5AgofeUwqNA0aOQAhPho1JyY4Cj4jARwmFyIlJzheCwMlJQhcJSxzL1QIIRE1Ug
Requested by: Host: d3t5ngjixpjdho.cloudfront.net
URL: http://d3t5ngjixpjdho.cloudfront.net/?jgntd=783400
Protocol: HTTP/1.1
Server: 13.35.43.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-43-34.mxp64.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: ncediscou.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://adyou.me/pmFS
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://adyou.me/pmFS

Response headers

Content-Type: text/html
Content-Length: 1261
Connection: keep-alive
Date: Sun, 08 Nov 2020 02:24:07 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 af99c3a89a763b28315bf37a304c4f2c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MXP64-C1
X-Amz-Cf-Id: j_oprDYRuKIOe57BoLF2d9krtWxKRRr_yKGOy39NX_WV3Di0i7isZw==

GET
H/1.1 200
OK ZnhvYTQHGgwMCwdFDUdBFBRSRAYgXV0nUFUMWg9TDBEXEV4CEABPVwoXGgVSFBcBFRoIHRtEBiAbDFBtHCkCUWUpLl8KYQEbSlNyMEtWAGdULScCWB4uPyR1EjkYL0Y3AAwFfCRBPSJOCQolJ1gNPz4KTSIWIS18HBwLK2IkLiJQBA4tKitDMxE2MWALMTkvXFYbP...
ncediscou.fun/ Frame C38C 0
0 163ms
149ms Document
text/html 13.35.43.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ncediscou.fun/ZnhvYTQHGgwMCwdFDUdBFBRSRAYgXV0nUFUMWg9TDBEXEV4CEABPVwoXGgVSFBcBFRoIHRtEBiAbDFBtHCkCUWUpLl8KYQEbSlNyMEtWAGdULScCWB4uPyR1EjkYL0Y3AAwFfCRBPSJOCQolJ1gNPz4KTSIWIS18HBwLK2IkLiJQBA4tKitDMxE2MWALMTkvXFYbPzAAVTkXAk4wKxwlcgwxOS9DHjcgUENSOi1ZAjMVCwd6MTULAl8OOjUJRxA8LSARVD43NW0lOStVYwUrVjZuJzUdIEMFAjdTUAApFRVnLy0HI24KDxcycSAVPFNQACldAnAuLhcpdzdVNRNnIz4CNF4vHCcbeiMyGFltNkgLD2wcLgUgfDA8PiZ1MRspUFY2LhxTdSRBFSBlIDE+Nm4AMxg4YwUPKRh3DiFeNndXPTkMZSIxPjR2KS5bD2cjPT4iByA8PlJTLhteUHUDOTkbZyM+AjB3KzQqCGYHIl5ZBT8PLVBlVjoIJ2ACKUkLRwkWH1xEMwgAKFYvLzcTXg
Requested by: Host: d3t5ngjixpjdho.cloudfront.net
URL: http://d3t5ngjixpjdho.cloudfront.net/?jgntd=783401
Protocol: HTTP/1.1
Server: 13.35.43.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-43-34.mxp64.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: ncediscou.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://adyou.me/pmFS
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://adyou.me/pmFS

Response headers

Content-Type: text/html
Content-Length: 1225
Connection: keep-alive
Date: Sun, 08 Nov 2020 02:24:07 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 3f89e37587211b5ffd0fe59e12bf92d5.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MXP64-C1
X-Amz-Cf-Id: OildhdUJMTOqAPvE9l8a-niaL_2_Y9ox5IyeSq2M0GKwsyO2ux70lw==

GET
H/1.1 204
No Content fac.php
go.oclasrv.com/ Frame 6F37 0
0 80ms
80ms Document
text/html 139.45.195.107
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://go.oclasrv.com/fac.php

Requested by

Host: go.oclasrv.com
URL: http://go.oclasrv.com/apu.php?zoneid=795049

Protocol

HTTP/1.1

Server

139.45.195.107 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: go.oclasrv.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://adyou.me/pmFS
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://adyou.me/pmFS

Response headers

Server: nginx
Date: Sun, 08 Nov 2020 02:24:07 GMT
Content-Type: text/html; charset=utf8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
X-Trace-Id: 885dda3e643cf4b14674f532480eacee
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

POST
H3-Q050 200 collect
www.google-analytics.com/j/ 2 B
403 B 45ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=2145224889&t=pageview&_s=1&dl=http%3A%2F%2Fadyou.me%2FpmFS&ul=en-us&de=UTF-8&dt=shortadd%20%3A%20trabaje%20desde%20casa%20totalmente%20real&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1265776311&gjid=189108096&cid=1292429517.1604802247&tid=UA-80820254-1&_gid=1875487114.1604802247&_r=1&_slc=1&z=1868117736

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Nov 2020 02:24:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: http://adyou.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 204
No Content 9
tharbadir.com/ Frame 0
0 31ms
17ms Other 139.45.195.38
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tharbadir.com/9?z=2891820&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fadyou.me%2FpmFS&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&sah=1200&drf=&hil=2&ist=0
Protocol: HTTP/1.1
Server: 139.45.195.38 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://adyou.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sun, 08 Nov 2020 02:24:07 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://adyou.me
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 online.js
static.lalaping.com/ 84 KB
33 KB 29ms
15ms Script
application/javascript 2606:4700:20::681a:97b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lalaping.com/online.js?ver=2.0.0
Requested by: Host: tharbadir.com
URL: http://tharbadir.com/27/b5705f2416629f304b4e003dad256550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:97b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 02:24:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 852
status: 200
cf-request-id: 06474412230000061c7a8ef000000001
last-modified: Mon, 12 Oct 2020 13:24:03 GMT
server: cloudflare
etag: W/"5f8458f3-14f3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mPj%2Fl9h5ULeJkQhboSTmBdAav%2BS2CFM8oT5kLGWYOj7xkug40FUvD2Nm7iT%2FJMLnqpGQYB%2BXGrmZpqTRy5TGkLfnhDo4Jx26reyTpo%2FcW3l5EN7%2BbE0TjGoZjvvTC4j%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5eebd5fd0c0f061c-FRA

POST
H/1.1 204
No Content 9
tharbadir.com/ 0
876 B 18ms
18ms XHR
application/javascript 139.45.195.38
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tharbadir.com/9?z=2891820&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fadyou.me%2FpmFS&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&sah=1200&drf=&hil=2&ist=0
Requested by: Host: tharbadir.com
URL: http://tharbadir.com/27/b5705f2416629f304b4e003dad256550
Protocol: HTTP/1.1
Server: 139.45.195.38 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Sun, 08 Nov 2020 02:24:07 GMT
X-Sc: MRdBBEONaTeA5reQmBsK48WaHEw8MXCiM8njO8gNAAgWsKFa-kbkKD7iI4LM-e4Dlx8hmjFg5e6OMjJUL93N29Z0xP0=
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin: http://adyou.me
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H/1.1 200
OK custom
pushnevis.com/ Frame 0
0 16ms
16ms Other
text/plain 139.45.196.211
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushnevis.com/custom
Protocol: HTTP/1.1
Server: 139.45.196.211 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://adyou.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sun, 08 Nov 2020 02:24:07 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://adyou.me
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
pushnevis.com/ 39 B
482 B 18ms
17ms Fetch
application/json 139.45.196.211
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pushnevis.com/custom

Requested by

Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.211 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 504007454a9353cec1f75cbb6264053f
Date: Sun, 08 Nov 2020 02:24:07 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://adyou.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H/1.1 200
OK gid.js
my.rtmark.net/ 65 B
765 B 67ms
17ms Fetch
application/json 139.45.195.162
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=fde484fd1f6343a8b2d1199fff92e8d0&zoneId=2652628&checkDuplicate=true&ymid=&var=

Requested by

Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.162 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:07 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://adyou.me
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 65

GET
H/1.1 200
OK googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 5 KB
5 KB 22ms
14ms Image
image/png 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Requested by

Host: adyou.me
URL: http://adyou.me/pmFS

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Content-Type: image/png
Cache-Control: private, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 5087
X-XSS-Protection: 0
Expires: Sun, 08 Nov 2020 02:24:07 GMT

GET
H/1.1 200
OK googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 46ms
39ms Image
image/png 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Host: adyou.me
URL: http://adyou.me/pmFS

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Content-Type: image/png
Cache-Control: private, max-age=31536000
Accept-Ranges: bytes
Content-Length: 5969
X-XSS-Protection: 0
Expires: Sun, 08 Nov 2020 02:24:07 GMT

GET
H/1.1 200
OK googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 13 KB
14 KB 20ms
13ms Image
image/png 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Requested by

Host: adyou.me
URL: http://adyou.me/pmFS

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Content-Type: image/png
Cache-Control: private, max-age=31536000
Accept-Ranges: bytes
Content-Length: 13504
X-XSS-Protection: 0
Expires: Sun, 08 Nov 2020 02:24:07 GMT

GET
H/1.1 200
OK googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 7 KB
7 KB 46ms
40ms Image
image/png 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Requested by

Host: adyou.me
URL: http://adyou.me/pmFS

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Content-Type: image/png
Cache-Control: private, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 7048
X-XSS-Protection: 0
Expires: Sun, 08 Nov 2020 02:24:07 GMT

GET
H/1.1 200
OK googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 4 KB
4 KB 20ms
14ms Image
image/png 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Requested by

Host: adyou.me
URL: http://adyou.me/pmFS

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Content-Type: image/png
Cache-Control: private, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 3934
X-XSS-Protection: 0
Expires: Sun, 08 Nov 2020 02:24:07 GMT

GET
H/1.1 200
OK defaultSkin.min.js
pushnevis.com/pfe/current/ 56 KB
19 KB 19ms
18ms Fetch
application/javascript 139.45.196.211
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushnevis.com/pfe/current/defaultSkin.min.js
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.211 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 Nov 2020 02:24:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Nov 2020 13:09:14 GMT
Server: nginx
ETag: W/"5fa1567a-de6b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: http://adyou.me
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET popunder.gif
boudja.com/ 0
0

GET
H3-Q050

200

ga.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4203
date: Sun, 08 Nov 2020 01:14:04 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sun, 08 Nov 2020 03:14:04 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H3-Q050 200 analytics.js
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2082
date: Sun, 08 Nov 2020 01:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sun, 08 Nov 2020 03:49:25 GMT

GET
H3-Q050

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j87&a=2145224889&t=pageview&_s=2&dl=http%3A%2F%2Fadyou.me%2FpmFS&ul=en-us&de=UTF-8&dt=shortadd%20%3A%20trabaje%20desde%20casa%20totalmente%20real&sd=2...
https://www.google-analytics.com/collect?v=1&_v=j87&a=2145224889&t=pageview&_s=2&dl=http%3A%2F%2Fadyou.me%2FpmFS&ul=en-us&de=UTF-8&dt=shortadd%20%3A%20trabaje%20desde%20casa%20totalmente%20real&sd=...

35 B
122 B

6ms
6ms

Image
image/gif

2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=2145224889&t=pageview&_s=2&dl=http%3A%2F%2Fadyou.me%2FpmFS&ul=en-us&de=UTF-8&dt=shortadd%20%3A%20trabaje%20desde%20casa%20totalmente%20real&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=1292429517.1604802247&tid=UA-80820254-1&_gid=1875487114.1604802247&z=63310903

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Nov 2020 05:15:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76147
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j87&a=2145224889&t=pageview&_s=2&dl=http%3A%2F%2Fadyou.me%2FpmFS&ul=en-us&de=UTF-8&dt=shortadd%20%3A%20trabaje%20desde%20casa%20totalmente%20real&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=1292429517.1604802247&tid=UA-80820254-1&_gid=1875487114.1604802247&z=63310903
Non-Authoritative-Reason: HSTS

POST
H/1.1 200
OK stats.php
hashtag.cdncontentdelivery.com/f/ 149 B
407 B 263ms
241ms XHR
text/html 209.126.103.59
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://hashtag.cdncontentdelivery.com/f/stats.php
Requested by: Host: 7lstw4cd.top
URL: http://7lstw4cd.top/fe/b1/95/feb195c3e3712c600a776936b9d5acd6.js
Protocol: HTTP/1.1
Server: 209.126.103.59 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: condor2630.startdedicated.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Sun, 08 Nov 2020 02:24:07 GMT
Content-Encoding: gzip
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: close
Content-Length: 160

GET
H/1.1 200
OK invoke.js
7lstw4cd.top/5d10ede433734d277a3dc2d9deb4c2f1/ 3 KB
0 251ms
237ms Script
application/javascript 209.126.103.59
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://7lstw4cd.top/5d10ede433734d277a3dc2d9deb4c2f1/invoke.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 209.126.103.59 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: condor2630.startdedicated.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 02:24:07 GMT
Content-Encoding: gzip
Server: Apache/2.4.18 (Ubuntu)
Connection: close
Content-Length: 1255
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H3-Q050

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=804391910&utmhn=adyou.me&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=shortadd%20%3...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=804391910&utmhn=adyou.me&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=shortadd%20%...

35 B
57 B

13ms
13ms

Image
image/gif

2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=804391910&utmhn=adyou.me&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=shortadd%20%3A%20trabaje%20desde%20casa%20totalmente%20real&utmhid=2145224889&utmr=-&utmp=%2FpmFS&utmht=1604802247640&utmac=UA-36368221-2&utmcc=__utma%3D207300675.1292429517.1604802247.1604802248.1604802248.1%3B%2B__utmz%3D207300675.1604802248.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=526030364&utmredir=1&utmu=qBAAAAACAAAAAAAAAAABAAAE~

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Nov 2020 02:24:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=804391910&utmhn=adyou.me&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=shortadd%20%3A%20trabaje%20desde%20casa%20totalmente%20real&utmhid=2145224889&utmr=-&utmp=%2FpmFS&utmht=1604802247640&utmac=UA-36368221-2&utmcc=__utma%3D207300675.1292429517.1604802247.1604802248.1604802248.1%3B%2B__utmz%3D207300675.1604802248.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=526030364&utmredir=1&utmu=qBAAAAACAAAAAAAAAAABAAAE~
Non-Authoritative-Reason: HSTS

POST
H/1.1 200
OK add
o.wowreality.info/api/time_visit/ 2 B
441 B 33ms
18ms Other
text/plain 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://o.wowreality.info/api/time_visit/add
Requested by: Host: static.lalaping.com
URL: https://static.lalaping.com/online.js?ver=2.0.0
Protocol: HTTP/1.1
Server: 139.45.195.254 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 08 Nov 2020 02:24:07 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: http://speedflow.io
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length: 2

GET
H/1.1 200
OK /
securecontentssl.com/ 110 B
325 B 388ms
135ms Document
text/html 209.126.127.231
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://securecontentssl.com/?s=hxXH3wsX6mSqkNThdpNxvgPfQthTflRhwdvocPlX3aDyS2yh9GZ7V5CMLphM3yA8P5%2FME8Rsnm%2BXrX0%2FzmwSjw%3D%3D&src=YWR5b3UubWU%3D
Requested by: Host: 7lstw4cd.top
URL: http://7lstw4cd.top/fe/b1/95/feb195c3e3712c600a776936b9d5acd6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.126.127.231 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: condor2543.startdedicated.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

Host: securecontentssl.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://adyou.me/pmFS
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://adyou.me/pmFS

Response headers

Date: Sun, 08 Nov 2020 02:24:08 GMT
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 110
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK Primary Request /
wwwdailyforex.com/ 198 B
393 B 269ms
244ms Document
text/html 209.126.127.231
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://wwwdailyforex.com/
Protocol: HTTP/1.1
Server: 209.126.127.231 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: condor2543.startdedicated.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

Host: wwwdailyforex.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr

Response headers

Date: Sun, 08 Nov 2020 02:24:08 GMT
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 178
Connection: close
Content-Type: text/html; charset=UTF-8

GET

/
defiy.io/
Redirect Chain

http://ortrun-adi.com/wwwdailyforex.com?adTagId=a40262c0-49a6-11ea-8c7f-0a71705c5345&fallbackUrl=http://defiy.io
http://defiy.io/?clickid=7b36220a-2169-11eb-a912-12a2fa295bab

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: boudja.com
URL: http://boudja.com/popunder.gif

Domain: boudja.com
URL: http://boudja.com/popunder.gif

Domain: defiy.io
URL: http://defiy.io/?clickid=7b36220a-2169-11eb-a912-12a2fa295bab

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7lstw4cd.top
a.realsrv.com
adyou.me
ajax.cloudflare.com
ajax.googleapis.com
boudja.com
c.securepaths.com
cdn.jsdelivr.net
d3t5ngjixpjdho.cloudfront.net
defiy.io
go.oclasrv.com
hashtag.cdncontentdelivery.com
manyhit.com
my.rtmark.net
ncediscou.fun
ncorports.top
o.wowreality.info
pushnevis.com
securecontentssl.com
speedflow.io
static.lalaping.com
syndication.realsrv.com
tharbadir.com
traffdaq.com
www.google-analytics.com
www.google.com
wwwdailyforex.com
boudja.com
defiy.io
107.170.39.103
13.226.156.18
13.35.43.34
139.45.195.107
139.45.195.162
139.45.195.254
139.45.195.38
139.45.196.211
143.204.215.75
162.213.255.36
198.54.116.135
2001:4de0:ac19::1:b:2a
209.126.103.59
209.126.127.231
2606:4700:20::681a:97b
2606:4700:3038::6815:eae2
2606:4700::6810:a823
2a00:1450:4001:80b::200e
2a00:1450:4001:817::200a
2a00:1450:4001:81d::2004
2a04:4e42:1b::621
35.190.72.161
95.211.229.247
06fa9a9cdcb00185ae7b3133635c3591ecfde23be57ce140ef70a6a2df6cab91
0d22c3b80ec0358b9cd82f421ca7464cef343181ebe037213906d89b71f9d141
2417a3947ab9107980dc6add3c8ab4a490cd30ecb449b1dd8b09965b281b964e
244d233aed62b754e04433d8abb9b357abf949862867798f70bf087075c9a1b4
29924563f5d15ed365c7103124fcbd0157439ce8792218efeec0c33f9b05171e
41dfb086ee3d198b11c14d10c56eed0ebb4f1b88a2a24fc52160d8894a3cae40
4c2c598e1c44f0bf67feb15f887c0a5b6362ade8bb99b07e0ffd02c62fe8cc18
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
52ecf85ce2f74eddbaeab6bc4f8cf4cc75b1805ba4dcfdb90b1be7a6813088a5
599dfd51e4a5a12c86d6d8d785f000db61cad4e8febcb9f88d42d6dec374d9c1
646eb30119b9c4f4a62335b5704d1bbe7dc0b724330069f15963352021d11eca
6fb3c3b2b215fbde620bbd73647e1b28b55e40e9e8bf61c930ab799cba251690
7235ced74083ce11bf74233e04b5292ad03a070e9d17dcde18ac1f4b534186d3
751fc7684ccc430ab4224f5eb224ee76ecd070c1d9acc5f696ba906d7956daa5
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84cafb9765ccb18ed4f4c5d64d91cd50cffd07de98d712cd51c546a95b99f0f1
96e77a060cf1faeac19404090ebea7eebcb361f276c28df15101e6e4d293d966
98e836951ff83db4643475a224fdad33ee4c5dd80c0d1f9a94a544b2d6b00b44
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
ba183ffbea19d69da2fc96be83005d60fa08c68022e5db02b671a98801d17b9f
bc2cbc3890127c30e4eec9172b1ecc8270d5db3b1dbcb30ab5eb45edccaf8538
bf2d59667e53c59559b2865f61dbf438dc726814d0d805e69f57a6bdf79d0a7c
c7471e364a4a41ce33939871da6c145e3da7672684456feba90c43f92da397ce
d3f814d49049b29143de2fccdbd97d0a1f0739e2554c482684c7c906b535ea43
d5aa516d7efe5c06d27bca8c994b964ec7a80a8feeab5aa7884e97ea6398bfc2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0304f634f030209d91d76f627b9e80311740c1c224cafaf3e6f137e0b753538
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f7b4c45d7e7ad414abc734ec7a6f4e752aceb837ca9f18ac74ab5c41f9e55313

wwwdailyforex.com Open in urlscan Pro 209.126.127.231 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

32 %HTTPS

35 %IPv6

26 Domains

27 Subdomains

24 IPs

4 Countries

647 kBTransfer

1819 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wwwdailyforex.com Open in urlscan Pro
209.126.127.231 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

32 %
HTTPS

35 %
IPv6

26
Domains

27
Subdomains

24
IPs

4
Countries

647 kB
Transfer

1819 kB
Size

0
Cookies

76 HTTP transactions
-1 data transactions