urlscan.io logo urlscan.io
SecurityTrails logo

www.adultd8.com Open in urlscan Pro
52.28.86.101  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://speedflow.io/adult/?a=rr
Effective URL: https://www.adultd8.com/c/8d2358ea43d0439d?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&s1=36_...
Submission Tags: demotag1 demotag2 Search All
Submission: On November 06 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 5 countries across 19 domains to perform 49 HTTP transactions. The main IP is 52.28.86.101, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.adultd8.com.
TLS certificate: Issued by Amazon on July 20th 2020. Valid for: a year.
This is the only time www.adultd8.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 198.54.116.135 22612 (NAMECHEAP...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 95.211.229.245 60781 (LEASEWEB-...)
3 107.170.39.103 14061 (DIGITALOC...)
1 35.190.72.161 15169 (GOOGLE)
1 2a04:4e42:1b:... 54113 (FASTLY)
1 1 67.199.248.11 396982 (GOOGLE-PR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 104.111.216.213 16625 (AKAMAI-AS)
1 5.187.0.84 44066 (DE-FIRSTC...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 52.28.144.55 16509 (AMAZON-02)
5 18.197.253.254 16509 (AMAZON-02)
1 52.28.86.101 16509 (AMAZON-02)
14 2.16.177.50 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
3 13.226.132.36 16509 (AMAZON-02)
7 35.157.55.18 16509 (AMAZON-02)
49 19
2    198.54.116.135 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server193-5.web-hosting.com
speedflow.io
1    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
a.realsrv.com
1    95.211.229.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
syndication.realsrv.com
3    107.170.39.103 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
traffdaq.com
1    35.190.72.161 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com
c.securepaths.com
1    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
2    2606:4700:3036::681b:b3e7 (United States)

ASN13335 (CLOUDFLARENET, US)
fireads.online
1    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    104.111.216.213 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-213.deploy.static.akamaitechnologies.com
s.click.aliexpress.com
best.aliexpress.com
1    5.187.0.84 (Frankfurt am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde335-1.fornex.org
letyshops.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    52.28.144.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-144-55.eu-central-1.compute.amazonaws.com
godatemetoday.com
5    18.197.253.254 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-254.eu-central-1.compute.amazonaws.com
typerock.com
1    52.28.86.101 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-86-101.eu-central-1.compute.amazonaws.com
www.adultd8.com
14    2.16.177.50 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-177-50.deploy.static.akamaitechnologies.com
cdn-tn.akamaized.net
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    13.226.132.36 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-36.dus51.r.cloudfront.net
serve4ys.xyz
7    35.157.55.18 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-55-18.eu-central-1.compute.amazonaws.com
uf.noclef.com
Domain Requested by
14 cdn-tn.akamaized.net www.adultd8.com
cdn-tn.akamaized.net
7 uf.noclef.com www.adultd8.com
uf.noclef.com
5 typerock.com fireads.online
typerock.com
3 serve4ys.xyz www.adultd8.com
3 traffdaq.com speedflow.io
traffdaq.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fireads.online traffdaq.com
fireads.online
2 speedflow.io speedflow.io
1 ajax.googleapis.com www.adultd8.com
1 www.adultd8.com typerock.com
1 godatemetoday.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 letyshops.com fireads.online
1 best.aliexpress.com fireads.online
1 s.click.aliexpress.com 1 redirects
1 www.googletagmanager.com fireads.online
1 bit.ly 1 redirects
1 cdn.jsdelivr.net traffdaq.com
1 c.securepaths.com traffdaq.com
1 syndication.realsrv.com a.realsrv.com
1 a.realsrv.com speedflow.io
49 21

This site contains links to these domains. Also see Links.

Domain
dirtytinder.club
Subject Issuer Validity Valid
realsrv.com
Let's Encrypt Authority X3		 2020-10-26 -
2021-01-24		 3 months crt.sh
traffdaq.com
Let's Encrypt Authority X3		 2020-10-31 -
2021-01-29		 3 months crt.sh
*.securepaths.com
Let's Encrypt Authority X3		 2020-09-22 -
2020-12-21		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
ru.aliexpress.com
DigiCert Secure Site ECC CA-1		 2020-06-09 -
2021-06-21		 a year crt.sh
*.letyshops.com
Sectigo RSA Domain Validation Secure Server CA		 2020-02-17 -
2021-02-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
typerock.com
Amazon		 2020-05-07 -
2021-06-07		 a year crt.sh
adultd8.com
Amazon		 2020-07-20 -
2021-08-19		 a year crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2020-07-15 -
2021-09-13		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
serve4ys.xyz
Amazon		 2020-01-20 -
2021-02-20		 a year crt.sh
uf.noclef.com
Amazon		 2020-10-12 -
2021-11-11		 a year crt.sh

This page contains 6 frames:

Primary Page: https://www.adultd8.com/c/8d2358ea43d0439d?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&s1=36_all_ng&s2=from_campaign&s3=int&s4=s8474kri&s5=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&s6=b8708rie
Frame ID: D75324B10B1B02B3FF64B539DBB65D76
Requests: 42 HTTP requests in this frame

Frame: http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604660899405&sub=&tags=&screen_resolution=1600x1200&el=%22
Frame ID: 6B6A1DA2E2279F0FE8527AD185F1EC4C
Requests: 1 HTTP requests in this frame

Frame: http://speedflow.io/adult/%3C?echo%20$mh;?%3E
Frame ID: 3836B508CBDE4B8F289241B6B2D62CA0
Requests: 1 HTTP requests in this frame

Frame: https://best.aliexpress.com/?aff_platform=portals-promotion&sk=_d9k1VCz&aff_trace_key=7fd6cb6514474cd088e074dea5e448e7-1604660905581-07053-_d9k1VCz&terminal_id=8be3cd4b900e4c1b9054daaeca400f0f
Frame ID: 7A2F4896F809256D4765589D77E88834
Requests: 1 HTTP requests in this frame

Frame: https://letyshops.com/pl/winwin?ww=14374968
Frame ID: 9C358083A8498E5BB9EA71C742902BBA
Requests: 1 HTTP requests in this frame

Frame: https://uf.noclef.com/c_js/rtSlot/init?event=externalJumpVisit
Frame ID: 6B5C91BD78CBCEEDA6F725252A6379AF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://speedflow.io/adult/?a=rr Page URL
  2. https://traffdaq.com/delivery/dl/47382?category=teen Page URL
  3. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IjRNT3BBY2x5bzEyeWdPK2FnR0JEdXc9PSIsI... Page URL
  4. http://bit.ly/2SiY1cu HTTP 301
    https://fireads.online/link/15/95993394 Page URL
  5. https://godatemetoday.com/int?tdsId=s8474kri_r&tds_campaign=s8474kri&utm_source=int&utm_campaign=e166c... HTTP 302
    https://typerock.com/fg/o/s/dda7a5209d75a23e73ed28812911a84a?tds_cid=e9b9bfc329127f5949bdd49df2c3... Page URL
  6. https://www.adultd8.com/c/8d2358ea43d0439d?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_camp... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

49
Requests

92 %
HTTPS

35 %
IPv6

19
Domains

21
Subdomains

19
IPs

5
Countries

1050 kB
Transfer

1309 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://speedflow.io/adult/?a=rr Page URL
  2. https://traffdaq.com/delivery/dl/47382?category=teen Page URL
  3. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IjRNT3BBY2x5bzEyeWdPK2FnR0JEdXc9PSIsInZhbHVlIjoiTTBLKzRkRTZ6QjJrQUlDTzdPK1VxbU8yNk5uckRoU1lUNUtzTmdWQTRKUFZWWUF1U0J5VzVZNlg0SVMxaGdHWHZPSlBVaUVBbCtZMFNBNGMwWDAwSnp6RmV0MmNJNDBwWFBLVHNncGw2a2hvOFZpMmY4a1lrM0p3OTdrQ212QVhsbHlVRUszdGNGT2dLaTNLc2FvUjdWWkI4TVlJWTNqc1llN2NQM0hKQmF6UmV3ZEY4T1puaGVnZVBwRENPSmw4R0xXR2FNNTJ6c2VTelwvYjRGSXQramVxRTlhTWFiZ3o0c0pxc2RaZjF2S2RGczZ1VUtVbHZvelZnNTdZOEU0RzZDXC9sMW5EenRySnVXY0NRbDh3UUZ5YUNFOG0xVEdGR1JxQUMzUTVYc2xIV0xaWG1FdXR1SVdrM1R1eE9USTNlQSIsIm1hYyI6IjcxYzU1ZTBkM2EyMDFhNGIzYTE5ZTVlMTM3M2U1MzUzOGIxYjRhODhlMDJmNTRjODFiNmE4NjExYzJjZmM1YzAifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8 Page URL
  4. http://bit.ly/2SiY1cu HTTP 301
    https://fireads.online/link/15/95993394 Page URL
  5. https://godatemetoday.com/int?tdsId=s8474kri_r&tds_campaign=s8474kri&utm_source=int&utm_campaign=e166c83b&utm_content=95993394&data2=d7fad6b4a33c58552849e48c2fd9ad&s1=int&utm_sub=opnfnl&utm_term={utm_term} HTTP 302
    https://typerock.com/fg/o/s/dda7a5209d75a23e73ed28812911a84a?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&__t=1604660907355&__l=60 Page URL
  6. https://www.adultd8.com/c/8d2358ea43d0439d?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&s1=36_all_ng&s2=from_campaign&s3=int&s4=s8474kri&s5=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&s6=b8708rie Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • http://bit.ly/2SiY1cu HTTP 301
  • https://fireads.online/link/15/95993394
Request Chain 12
  • https://s.click.aliexpress.com/e/_d9k1VCz HTTP 302
  • https://best.aliexpress.com/?aff_platform=portals-promotion&sk=_d9k1VCz&aff_trace_key=7fd6cb6514474cd088e074dea5e448e7-1604660905581-07053-_d9k1VCz&terminal_id=8be3cd4b900e4c1b9054daaeca400f0f
Request Chain 17
  • https://godatemetoday.com/int?tdsId=s8474kri_r&tds_campaign=s8474kri&utm_source=int&utm_campaign=e166c83b&utm_content=95993394&data2=d7fad6b4a33c58552849e48c2fd9ad&s1=int&utm_sub=opnfnl&utm_term={utm_term} HTTP 302
  • https://typerock.com/fg/o/s/dda7a5209d75a23e73ed28812911a84a?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&__t=1604660907355&__l=60

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
speedflow.io/adult/ 		982 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Server
198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server193-5.web-hosting.com
Software
Apache / PHP/7.1.33
Resource Hash
93843ec5d164f6834bf7c8b0203e97459277958476df1dcce17f1b61b96c04cb

Request headers

Host
speedflow.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr

Response headers

date
Fri, 06 Nov 2020 11:08:19 GMT
server
Apache
x-powered-by
PHP/7.1.33
set-cookie
visits_todaya=1; expires=Fri, 06-Nov-2020 22:59:00 GMT; Max-Age=42641; path=/ time_start=1604660899.3035; expires=Fri, 06-Nov-2020 22:59:00 GMT; Max-Age=42641; path=/ ip=185.212.171.67 mobile=0 country=++ visits_todayi=0; expires=Fri, 06-Nov-2020 22:59:00 GMT; Max-Age=42641; path=/
accept-ranges
none
vary
Accept-Encoding
content-encoding
gzip
content-length
515
content-type
text/html; charset=UTF-8
ads.js
a.realsrv.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.realsrv.com/ads.js
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
d3f814d49049b29143de2fccdbd97d0a1f0739e2554c482684c7c906b535ea43

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 06 Nov 2020 11:08:19 GMT
Content-Encoding
gzip
X-HW
1604660899.dop229.fr8.shc,1604660899.dop229.fr8.t,1604660899.cds129.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
928
Cookie set ads-iframe-display.php
syndication.realsrv.com/ Frame 6B6A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604660899405&sub=&tags=&screen_resolution=1600x1200&el=%22
Requested by
Host: a.realsrv.com
URL: https://a.realsrv.com/ads.js
Protocol
HTTP/1.1
Server
95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
syndication.realsrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/

Response headers

Server
nginx
Date
Fri, 06 Nov 2020 11:08:19 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225fa52ea369dda5.524406063928351821%22%3B%7D; expires=Sun, 06 Nov 2022 11:08:19 GMT; path=; domain=.realsrv.com;
Content-Encoding
gzip
%3C
speedflow.io/adult/ Frame 3836 		315 B
460 B 		Document
General
Check archive.org
Download Go to
Full URL
http://speedflow.io/adult/%3C?echo%20$mh;?%3E
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Server
198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server193-5.web-hosting.com
Software
Apache /
Resource Hash

Request headers

Host
speedflow.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
ip=185.212.171.67; mobile=0; country=++; visits_todaya=1; time_start=1604660899.3035; visits_todayi=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/

Response headers

date
Fri, 06 Nov 2020 11:08:19 GMT
server
Apache
content-length
315
content-type
text/html; charset=iso-8859-1
47382
traffdaq.com/delivery/dl/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://traffdaq.com/delivery/dl/47382?category=teen
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash
b05c35ac700e29221906f61d680fb4ccc1be7b2f2b2e9e49f97374f3cab56dfd

Request headers

Host
traffdaq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/

Response headers

Server
nginx/1.16.1 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Cache-Control
no-cache
Date
Fri, 06 Nov 2020 11:08:20 GMT
Content-Encoding
gzip
eyJpdiI6IjlXSStwNkQwODZpVnF1UGl2NXJxWXc9PSIsInZhbHVlIjoicGloZVhcL0JcLzVaZmlSMGo1b0xOeklJSmkrckhJY0xMbjlFZFIxZndJMExQaVlwMXlTV0tZUWNjRlJBQzlaSTVqWm9kMThCNlwvaWxZS3ordjVadnJyY1E9PSIsIm1hYyI6ImMzZWEzO...
traffdaq.com/users/track/ 		0
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://traffdaq.com/users/track/eyJpdiI6IjlXSStwNkQwODZpVnF1UGl2NXJxWXc9PSIsInZhbHVlIjoicGloZVhcL0JcLzVaZmlSMGo1b0xOeklJSmkrckhJY0xMbjlFZFIxZndJMExQaVlwMXlTV0tZUWNjRlJBQzlaSTVqWm9kMThCNlwvaWxZS3ordjVadnJyY1E9PSIsIm1hYyI6ImMzZWEzOTJlY2E1OWYyMDZlMWFiYjAxZjEzZTI2OGRiODYzNTI0YzFjODljZjI5ODJhMGViYTMxMzAwNzJhYWIifQ%3D%3D
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=teen
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 06 Nov 2020 11:08:21 GMT
Cache-Control
no-cache
Server
nginx/1.16.1 (Ubuntu)
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
implement.js
c.securepaths.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://c.securepaths.com/js/implement.js?org=FziBhN0qA1aE5tBQrQLl&s=5fa52ea39af39&p=TDQ47382&a=47382&cmp=47382&rd=http%3A%2F%2Fspeedflow.io%2F&rt=click&sl=0&stId=0&ty=l
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=teen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Nov 2020 11:08:20 GMT
via
1.1 google
status
401
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
x-xss-protection
0
expires
0
fingerprint2.min.js
cdn.jsdelivr.net/fingerprintjs2/1.4.0/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/fingerprintjs2/1.4.0/fingerprint2.min.js
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=teen
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
744889
x-cache
HIT, HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
10191
etag
W/"83f3-ijg3WuTgKQH1Hch06eHdIajrA24"
x-served-by
cache-fra19149-FRA, cache-hhn4072-HHN
date
Fri, 06 Nov 2020 11:08:20 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
47382
traffdaq.com/delivery/directlink/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IjRNT3BBY2x5bzEyeWdPK2FnR0JEdXc9PSIsInZhbHVlIjoiTTBLKzRkRTZ6QjJrQUlDTzdPK1VxbU8yNk5uckRoU1lUNUtzTmdWQTRKUFZWWUF1U0J5VzVZNlg0SVMxaGdHWHZPSlBVaUVBbCtZMFNBNGMwWDAwSnp6RmV0MmNJNDBwWFBLVHNncGw2a2hvOFZpMmY4a1lrM0p3OTdrQ212QVhsbHlVRUszdGNGT2dLaTNLc2FvUjdWWkI4TVlJWTNqc1llN2NQM0hKQmF6UmV3ZEY4T1puaGVnZVBwRENPSmw4R0xXR2FNNTJ6c2VTelwvYjRGSXQramVxRTlhTWFiZ3o0c0pxc2RaZjF2S2RGczZ1VUtVbHZvelZnNTdZOEU0RzZDXC9sMW5EenRySnVXY0NRbDh3UUZ5YUNFOG0xVEdGR1JxQUMzUTVYc2xIV0xaWG1FdXR1SVdrM1R1eE9USTNlQSIsIm1hYyI6IjcxYzU1ZTBkM2EyMDFhNGIzYTE5ZTVlMTM3M2U1MzUzOGIxYjRhODhlMDJmNTRjODFiNmE4NjExYzJjZmM1YzAifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=teen
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash
4ce90b6a712f243fc29ce7f90835112d396317ac2a9cbd5723d9913576e5c443

Request headers

Host
traffdaq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://traffdaq.com/delivery/dl/47382?category=teen
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
tdqct=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://traffdaq.com/delivery/dl/47382?category=teen

Response headers

Server
nginx/1.16.1 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Cache-Control
no-cache
Date
Fri, 06 Nov 2020 11:08:25 GMT
Content-Encoding
gzip
95993394
fireads.online/link/15/
Redirect Chain
  • http://bit.ly/2SiY1cu
  • https://fireads.online/link/15/95993394
995 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fireads.online/link/15/95993394
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IjRNT3BBY2x5bzEyeWdPK2FnR0JEdXc9PSIsInZhbHVlIjoiTTBLKzRkRTZ6QjJrQUlDTzdPK1VxbU8yNk5uckRoU1lUNUtzTmdWQTRKUFZWWUF1U0J5VzVZNlg0SVMxaGdHWHZPSlBVaUVBbCtZMFNBNGMwWDAwSnp6RmV0MmNJNDBwWFBLVHNncGw2a2hvOFZpMmY4a1lrM0p3OTdrQ212QVhsbHlVRUszdGNGT2dLaTNLc2FvUjdWWkI4TVlJWTNqc1llN2NQM0hKQmF6UmV3ZEY4T1puaGVnZVBwRENPSmw4R0xXR2FNNTJ6c2VTelwvYjRGSXQramVxRTlhTWFiZ3o0c0pxc2RaZjF2S2RGczZ1VUtVbHZvelZnNTdZOEU0RzZDXC9sMW5EenRySnVXY0NRbDh3UUZ5YUNFOG0xVEdGR1JxQUMzUTVYc2xIV0xaWG1FdXR1SVdrM1R1eE9USTNlQSIsIm1hYyI6IjcxYzU1ZTBkM2EyMDFhNGIzYTE5ZTVlMTM3M2U1MzUzOGIxYjRhODhlMDJmNTRjODFiNmE4NjExYzJjZmM1YzAifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b3e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66149c3136ef36ebef349ef84dc826ca0ff076a39a39e8d3bea8e31ce9a02b32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
fireads.online
:scheme
https
:path
/link/15/95993394
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IjRNT3BBY2x5bzEyeWdPK2FnR0JEdXc9PSIsInZhbHVlIjoiTTBLKzRkRTZ6QjJrQUlDTzdPK1VxbU8yNk5uckRoU1lUNUtzTmdWQTRKUFZWWUF1U0J5VzVZNlg0SVMxaGdHWHZPSlBVaUVBbCtZMFNBNGMwWDAwSnp6RmV0MmNJNDBwWFBLVHNncGw2a2hvOFZpMmY4a1lrM0p3OTdrQ212QVhsbHlVRUszdGNGT2dLaTNLc2FvUjdWWkI4TVlJWTNqc1llN2NQM0hKQmF6UmV3ZEY4T1puaGVnZVBwRENPSmw4R0xXR2FNNTJ6c2VTelwvYjRGSXQramVxRTlhTWFiZ3o0c0pxc2RaZjF2S2RGczZ1VUtVbHZvelZnNTdZOEU0RzZDXC9sMW5EenRySnVXY0NRbDh3UUZ5YUNFOG0xVEdGR1JxQUMzUTVYc2xIV0xaWG1FdXR1SVdrM1R1eE9USTNlQSIsIm1hYyI6IjcxYzU1ZTBkM2EyMDFhNGIzYTE5ZTVlMTM3M2U1MzUzOGIxYjRhODhlMDJmNTRjODFiNmE4NjExYzJjZmM1YzAifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Response headers

status
200
date
Fri, 06 Nov 2020 11:08:25 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d490de3c840cf23b2abcce9bb3a8eb7da1604660905; expires=Sun, 06-Dec-20 11:08:25 GMT; path=/; domain=.fireads.online; HttpOnly; SameSite=Lax XSRF-TOKEN=eyJpdiI6IldFYTV1Q05XWUg3dTZzR3JSUGYxWVE9PSIsInZhbHVlIjoiM0NEXC9wY1E5MmpvTnU1aVViUnZTMDF2VW8yRkducElXY3B5RXliZlJqVEpNNnRCNzdrUFhHK2NBeGsrRkpiSDUiLCJtYWMiOiJhNTRjZWNhODA2ZTljMDRiZDVmZDNhM2ZmOWU1MTZlOTY5YTE2ZWU1YTBlZDBmMGRlYjFjNDQ3NzBlOTMxMGIyIn0%3D; expires=Sat, 07-Nov-2020 11:08:25 GMT; Max-Age=86400; path=/ fireads_session=eyJpdiI6ImVQdVdXbFVFb3lUcWhRakJpb2FUeHc9PSIsInZhbHVlIjoiZmZBRHV5WFNZUDE5MEhCRXNIZUtFN3BMWktQWDd1dHl4eGtHSmxURjlXdFdJTVd1b241TnhFYmdrcmJMZUdaQSIsIm1hYyI6ImYzOTVhMThiN2Q2MGVkNDEwNmZjMmYzMjJiNzk0ZmRiY2EzOTk0ODVjYjg0MTRhODk0NTQ5MDk5Yjk2N2NmOTgifQ%3D%3D; expires=Sat, 07-Nov-2020 11:08:25 GMT; Max-Age=86400; path=/; httponly
vary
Accept-Encoding
cache-control
no-cache, private
x-xss-protection
1; mode=block
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
cf-request-id
063ed75dac00002b35d13b6000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5DJu9BadM%2F5%2FKcAF2VBXI3HIQjQ5nVKJPvMUHTlLjBK4A9Y%2BoKXcZjwAvyaHXGKOyo7iAXx%2FgNsOVf2H4vKDYHOQOFNxyUTquaAJ229iiSh0CsalihPXbiyXHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5ede5b42ae9e2b35-FRA
content-encoding
br

Redirect headers

Server
nginx
Date
Fri, 06 Nov 2020 11:08:25 GMT
Content-Type
text/html; charset=utf-8
Content-Length
126
Cache-Control
private, max-age=90
Location
https://fireads.online/link/15/95993394
Set-Cookie
_bit=ka6b8p-2f5248631f9611e12f-00B; Domain=bit.ly; Expires=Wed, 05 May 2021 11:08:25 GMT
Via
1.1 google
94MQi_Fepqo5CGmehxy4PZEwfLE.js
fireads.online/cdn-cgi/apps/head/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fireads.online/cdn-cgi/apps/head/94MQi_Fepqo5CGmehxy4PZEwfLE.js
Requested by
Host: fireads.online
URL: https://fireads.online/link/15/95993394
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b3e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57df5a96bde6ab0f5fa57260a9ac9c261d6726d502a610de5615da6f11903c89

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 06 Nov 2020 11:08:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
24595
status
200
content-type
application/javascript; charset=utf-8
x-amz-request-id
E5CB0AC347A3E6C5
x-amz-id-2
bCupDvNJK07gKCBROCuzE7QnvlUvVALH8eLLrNxblsHMGVZ6GwoDt6W4eQfxYXMl8f8ihOUqEbY=
last-modified
Tue, 09 Jul 2019 16:04:36 GMT
server
cloudflare
etag
W/"a7d8df5005457ce242e68aa03c9a8100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Qf4pnqaQqqvdimTekNPeA9KaqabnomdjeHl7nIJt94KuHF5FAeRD7YfuwlQbPCu5V4Hi48GLNSJmZR9cAal8LGCek57uqWKNF7UdNG%2F86LfEdsQzo7POm3aXcw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
88aBIYyIDB2S.ZF0wYQmtQVUSk6pt_yv
cache-control
public, max-age=31536000
cf-request-id
063ed75e1c00002b35d1b94000000001
cf-ray
5ede5b4368522b35-FRA
js
www.googletagmanager.com/gtag/ 		95 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-143545402-1
Requested by
Host: fireads.online
URL: https://fireads.online/cdn-cgi/apps/head/94MQi_Fepqo5CGmehxy4PZEwfLE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
001f3215c33416bf79d8edb12634108c3d7bdf2676a52334d3a6f18c0f5c5f18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 06 Nov 2020 11:08:25 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38323
x-xss-protection
0
last-modified
Fri, 06 Nov 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 06 Nov 2020 11:08:25 GMT
/
best.aliexpress.com/ Frame 7A2F
Redirect Chain
  • https://s.click.aliexpress.com/e/_d9k1VCz
  • https://best.aliexpress.com/?aff_platform=portals-promotion&sk=_d9k1VCz&aff_trace_key=7fd6cb6514474cd088e074dea5e448e7-1604660905581-07053-_d9k1VCz&terminal_id=8be3cd4b900e4c1b9054daaeca400f0f
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://best.aliexpress.com/?aff_platform=portals-promotion&sk=_d9k1VCz&aff_trace_key=7fd6cb6514474cd088e074dea5e448e7-1604660905581-07053-_d9k1VCz&terminal_id=8be3cd4b900e4c1b9054daaeca400f0f
Requested by
Host: fireads.online
URL: https://fireads.online/link/15/95993394
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.216.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-216-213.deploy.static.akamaitechnologies.com
Software
Tengine/Aserver /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
best.aliexpress.com
:scheme
https
:path
/?aff_platform=portals-promotion&sk=_d9k1VCz&aff_trace_key=7fd6cb6514474cd088e074dea5e448e7-1604660905581-07053-_d9k1VCz&terminal_id=8be3cd4b900e4c1b9054daaeca400f0f
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fireads.online/link/15/95993394
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
xman_us_f=x_l=0&x_as_i=%7B%22aeuCID%22%3A%227fd6cb6514474cd088e074dea5e448e7-1604660905581-07053-_d9k1VCz%22%2C%22affiliateKey%22%3A%22_d9k1VCz%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%22140736037%22%2C%22tagtime%22%3A1604660905581%7D&acs_rt=8be3cd4b900e4c1b9054daaeca400f0f; acs_usuc_t=x_csrf=1dragei6yk9dn&acs_rt=8be3cd4b900e4c1b9054daaeca400f0f; aeu_cid=7fd6cb6514474cd088e074dea5e448e7-1604660905581-07053-_d9k1VCz; xman_t=hz6PR+AAsMRe6oO5QeMj8+4bQzZ2+QYMUD82Qdy5sCQhgct/uikoK0ApUWjKiU5O; xman_f=hIbLwPUwTGlNYYIAGFnweNTWBCvLzY9vlFesSbu8ZujQ+5grYY2Cw82BDhrTvDBeJnYsOw8Gqye6WHpLlvRxEmLOmoJMoeMEqc7hJ0pA8mgWXw3cPoJZuw==; af_ss_a=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://fireads.online/link/15/95993394

Response headers

status
200
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
x-application-context
ae-traffic-affiliateweb-f:prod,de:7001
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
0
x-frame-options
DENY
strict-transport-security
max-age=31536000 ; includeSubDomains max-age=31536000
content-language
nl-NL
content-encoding
gzip
server
Tengine/Aserver
eagleeye-traceid
2100bdf016046606125377155e450e
timing-allow-origin
*
content-length
7293
date
Fri, 06 Nov 2020 11:08:25 GMT
set-cookie
aep_usuc_f=site=nld&b_locale=nl_NL; Expires=Mon, 04 Nov 2030 11:08:25 GMT; Path=/; Domain=.aliexpress.com e_id=pt30; Expires=Mon, 04 Nov 2030 11:08:25 GMT; Path=/; Domain=.aliexpress.com

Redirect headers

status
302
content-length
0
x-application-context
global-traffic-holmes-f:production:7001
p3p
CP="CAO PSA OUR"
x-frame-options
DENY
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
0
strict-transport-security
max-age=31536000 ; includeSubDomains max-age=31536000
location
https://best.aliexpress.com/?aff_platform=portals-promotion&sk=_d9k1VCz&aff_trace_key=7fd6cb6514474cd088e074dea5e448e7-1604660905581-07053-_d9k1VCz&terminal_id=8be3cd4b900e4c1b9054daaeca400f0f
content-language
en-US
server
Tengine/Aserver
eagleeye-traceid
2100bb4916046609055784939e9dc0
timing-allow-origin
*
date
Fri, 06 Nov 2020 11:08:25 GMT
set-cookie
xman_us_f=x_l=0&x_as_i=%7B%22aeuCID%22%3A%227fd6cb6514474cd088e074dea5e448e7-1604660905581-07053-_d9k1VCz%22%2C%22affiliateKey%22%3A%22_d9k1VCz%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%22140736037%22%2C%22tagtime%22%3A1604660905581%7D&acs_rt=8be3cd4b900e4c1b9054daaeca400f0f; Domain=.aliexpress.com; Expires=Wed, 24-Nov-2088 14:22:32 GMT; Path=/; Secure; SameSite=None acs_usuc_t=x_csrf=1dragei6yk9dn&acs_rt=8be3cd4b900e4c1b9054daaeca400f0f; Domain=.aliexpress.com; Path=/; Secure; SameSite=None aeu_cid=7fd6cb6514474cd088e074dea5e448e7-1604660905581-07053-_d9k1VCz; Domain=.aliexpress.com; Expires=Wed, 24-Nov-2088 14:22:32 GMT; Path=/; Secure; SameSite=None xman_t=hz6PR+AAsMRe6oO5QeMj8+4bQzZ2+QYMUD82Qdy5sCQhgct/uikoK0ApUWjKiU5O; Domain=.aliexpress.com; Expires=Thu, 04-Feb-2021 11:08:25 GMT; Path=/; Secure; SameSite=None; HttpOnly xman_f=hIbLwPUwTGlNYYIAGFnweNTWBCvLzY9vlFesSbu8ZujQ+5grYY2Cw82BDhrTvDBeJnYsOw8Gqye6WHpLlvRxEmLOmoJMoeMEqc7hJ0pA8mgWXw3cPoJZuw==; Domain=.aliexpress.com; Expires=Wed, 24-Nov-2088 14:22:32 GMT; Path=/; Secure; SameSite=None; HttpOnly traffic_se_co=%7B%7D; Max-Age=2147483647; Expires=Wed, 24-Nov-2088 14:22:32 GMT; Domain=aliexpress.com; Path=/ af_ss_a=1; Path=/; Domain=.aliexpress.com; Max-Age=2147483647; Secure; SameSite=None af_ss_b=1; Path=/; Domain=.aliexpress.com; Max-Age=2147483647; SameSite=Lax
x-akamai-fwd-auth-sha
9DE5FAEFDE8E016DE214C6F2BD3D3D6CF23D6A54C82323BE412650D180816A8F
x-akamai-fwd-auth-data
1966293156, 2.16.187.39, 1604660905, 185.212.171.67
x-akamai-fwd-auth-sign
jlzFfrHFVqWaVIkeUCtAxGWoarSfh6WNjSIPvqa/jFECfCSecBgGRbtqy2fci7JbnmTudbnJ0XkEwHOsxcl6+YlnCQDkCOAzQgGIGxQP2qg=
Cookie set winwin
letyshops.com/pl/ Frame 9C35 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://letyshops.com/pl/winwin?ww=14374968
Requested by
Host: fireads.online
URL: https://fireads.online/link/15/95993394
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.187.0.84 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde335-1.fornex.org
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
letyshops.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://fireads.online/link/15/95993394
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://fireads.online/link/15/95993394

Response headers

Server
nginx
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Vary
Accept-Encoding
Cache-Control
max-age=0, must-revalidate, private
Date
Fri, 06 Nov 2020 11:08:25 GMT
X-LSVTKN
9cdc8766e258b0dec35ca92561a380b4
X-SERVER-NAME
letyshops.com
Set-Cookie
lsvtkn=9cdc8766e258b0dec35ca92561a380b4; expires=Sat, 06-Nov-2021 11:08:25 GMT; Max-Age=31536000; path=/; secure; httponly country=PL%3A0; expires=Sat, 06-Nov-2021 11:08:25 GMT; Max-Age=31536000; path=/; domain=.letyshops.com merchant_data=%7B%22ww%22%3A%2214374968%22%7D; expires=Sat, 06-Nov-2021 11:08:25 GMT; Max-Age=31536000; path=/; domain=.letyshops.com
X-Frame-Options
SAMEORIGIN
Content-Encoding
gzip
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-143545402-1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
4740
date
Fri, 06 Nov 2020 09:49:25 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Fri, 06 Nov 2020 11:49:25 GMT
collect
www.google-analytics.com/j/ 		2 B
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=104502384&t=pageview&_s=1&dl=https%3A%2F%2Ffireads.online%2Flink%2F15%2F95993394&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1542115590&gjid=1129597245&cid=1796694765.1604660906&tid=UA-143545402-1&_gid=1524855208.1604660906&_r=1&gtm=2ouas1&z=706880916
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Nov 2020 11:08:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://fireads.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-143545402-1&cid=1796694765.1604660906&jid=1542115590&gjid=1129597245&_gid=1524855208.1604660906&_u=IEBAAUAAAAAAAC~&z=996909127
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 06 Nov 2020 11:08:25 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://fireads.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
dda7a5209d75a23e73ed28812911a84a
typerock.com/fg/o/s/
Redirect Chain
  • https://godatemetoday.com/int?tdsId=s8474kri_r&tds_campaign=s8474kri&utm_source=int&utm_campaign=e166c83b&utm_content=95993394&data2=d7fad6b4a33c58552849e48c2fd9ad&s1=int&utm_sub=opnfnl&utm_term={u...
  • https://typerock.com/fg/o/s/dda7a5209d75a23e73ed28812911a84a?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&__t=1604660907355&__l=60
700 B
943 B 		Document
General
Check archive.org
Download Go to
Full URL
https://typerock.com/fg/o/s/dda7a5209d75a23e73ed28812911a84a?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&__t=1604660907355&__l=60
Requested by
Host: fireads.online
URL: https://fireads.online/link/15/95993394
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.253.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-254.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a8f6a2b3c4fed5eba9cea112976da2327b7fb10c05dbf729749c4402e2b2391e

Request headers

:method
GET
:authority
typerock.com
:scheme
https
:path
/fg/o/s/dda7a5209d75a23e73ed28812911a84a?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&__t=1604660907355&__l=60
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://fireads.online/link/15/95993394
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://fireads.online/link/15/95993394

Response headers

status
200
date
Fri, 06 Nov 2020 11:08:27 GMT
content-type
text/html
server
nginx
set-cookie
AWSALB=pHwK+mu+ms4Vb78lh5YYMLsTfowg5KLu/7Hq+0INDhWtjtqIRuGAQ2Dv/9Po3O97ULDab4NL8QTyTUXSFShBVxWEY+B9POrvy8sz+Evz+085FDAHl/xIAEnO217g; Expires=Fri, 13 Nov 2020 11:08:27 GMT; Path=/ AWSALBCORS=pHwK+mu+ms4Vb78lh5YYMLsTfowg5KLu/7Hq+0INDhWtjtqIRuGAQ2Dv/9Po3O97ULDab4NL8QTyTUXSFShBVxWEY+B9POrvy8sz+Evz+085FDAHl/xIAEnO217g; Expires=Fri, 13 Nov 2020 11:08:27 GMT; Path=/; SameSite=None; Secure
accept-ch
UA, Platform, Model, Mobile, Arch
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

status
302
date
Fri, 06 Nov 2020 11:08:27 GMT
location
https://typerock.com/fg/o/s/dda7a5209d75a23e73ed28812911a84a?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&__t=1604660907355&__l=60
server
nginx
set-cookie
AWSALB=HOria2UnQ5UIoNSARomX4YIucTjhBexDRLl+vO5OT7sfxIBwQ2BbgiPJXToF48TzyhJ+s9s8H8k/ya7VCwfR57QUSjAnbo4eQxz9GJYGqSiMm+8XDvb4aNWTunEp; Expires=Fri, 13 Nov 2020 11:08:27 GMT; Path=/ AWSALBCORS=HOria2UnQ5UIoNSARomX4YIucTjhBexDRLl+vO5OT7sfxIBwQ2BbgiPJXToF48TzyhJ+s9s8H8k/ya7VCwfR57QUSjAnbo4eQxz9GJYGqSiMm+8XDvb4aNWTunEp; Expires=Fri, 13 Nov 2020 11:08:27 GMT; Path=/; SameSite=None; Secure dci=57829d6df3eeef3f9d2282acd4a6d6f43a9311c6; Max-Age=31536000; Domain=.godatemetoday.com; Path=/; Expires=Sat, 06 Nov 2021 11:08:27 GMT; Secure; SameSite=None
accept-ch
UA, Platform, Model, Mobile, Arch
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
access-control-allow-origin
*
style.css
typerock.com/fg/ 		1 KB
922 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://typerock.com/fg/style.css
Requested by
Host: typerock.com
URL: https://typerock.com/fg/o/s/dda7a5209d75a23e73ed28812911a84a?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&__t=1604660907355&__l=60
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.253.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-254.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ea929ab07b7bf2a8848a25d3073bbf9b6b6c9bad34196d4f41e7ae5cbd84bc62

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 06 Nov 2020 11:08:27 GMT
content-encoding
gzip
last-modified
Thu, 05 Nov 2020 07:55:07 GMT
server
nginx
etag
W/"4b6-1759766ef78"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=6
accept-ranges
bytes
script.js
typerock.com/fg/ 		1 KB
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://typerock.com/fg/script.js
Requested by
Host: typerock.com
URL: https://typerock.com/fg/o/s/dda7a5209d75a23e73ed28812911a84a?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&__t=1604660907355&__l=60
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.253.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-254.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
25155bd764665f1335dec24598d5a787888b0faf12c5f03ef4fb58891bff430b

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 06 Nov 2020 11:08:27 GMT
content-encoding
gzip
last-modified
Thu, 05 Nov 2020 07:55:07 GMT
server
nginx
etag
W/"4d6-1759766ef78"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=6
accept-ranges
bytes
t
typerock.com/fg/ 		35 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://typerock.com/fg/t?_=1604660907493
Requested by
Host: typerock.com
URL: https://typerock.com/fg/o/s/dda7a5209d75a23e73ed28812911a84a?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&__t=1604660907355&__l=60
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.253.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-254.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 06 Nov 2020 11:08:28 GMT
server
nginx
accept-ch
UA, Platform, Model, Mobile, Arch
content-type
image/gif
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
t2
typerock.com/fg/ 		35 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://typerock.com/fg/t2?_=1604660907493
Requested by
Host: typerock.com
URL: https://typerock.com/fg/o/s/dda7a5209d75a23e73ed28812911a84a?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&__t=1604660907355&__l=60
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.253.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-254.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 06 Nov 2020 11:08:28 GMT
server
nginx
accept-ch
UA, Platform, Model, Mobile, Arch
content-type
image/gif
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Primary Request 8d2358ea43d0439d
www.adultd8.com/c/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adultd8.com/c/8d2358ea43d0439d?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&s1=36_all_ng&s2=from_campaign&s3=int&s4=s8474kri&s5=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&s6=b8708rie
Requested by
Host: typerock.com
URL: https://typerock.com/fg/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.86.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-86-101.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f73cd7ca1ed0b2e83c4b23d660a0a238227f88099eec77b1284080d182aceb87

Request headers

:method
GET
:authority
www.adultd8.com
:scheme
https
:path
/c/8d2358ea43d0439d?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&s1=36_all_ng&s2=from_campaign&s3=int&s4=s8474kri&s5=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&s6=b8708rie
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://typerock.com/fg/o/s/dda7a5209d75a23e73ed28812911a84a?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&__t=1604660907355&__l=60
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://typerock.com/fg/o/s/dda7a5209d75a23e73ed28812911a84a?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&__t=1604660907355&__l=60

Response headers

status
200
date
Fri, 06 Nov 2020 11:08:28 GMT
content-type
text/html; charset=utf-8
server
nginx
set-cookie
unique_184287=unique_184287; Path=/; Expires=Tue, 05 Jan 2021 11:08:28 GMT; Secure; SameSite=None unique_id=5fa52eac0008c62a; Path=/; Expires=Tue, 05 Jan 2021 11:08:28 GMT; Secure; SameSite=None impression=; Path=/; Expires=Fri, 06 Nov 2020 11:08:28 GMT; Secure; SameSite=None
css.css
cdn-tn.akamaized.net/landings/90693/1561389237/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-tn.akamaized.net/landings/90693/1561389237/css/css.css?1561389237
Requested by
Host: www.adultd8.com
URL: https://www.adultd8.com/c/8d2358ea43d0439d?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&s1=36_all_ng&s2=from_campaign&s3=int&s4=s8474kri&s5=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&s6=b8708rie
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.177.50 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-177-50.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d39b8226d2612b464c72d54cf2f9d7cccbba6d806d202678c532e4d87c84a97

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 06 Nov 2020 11:08:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Jun 2019 15:14:00 GMT
Server
AmazonS3
x-amz-request-id
5A3F5609D1632D30
ETag
"df80f7df89fffe0b2c11a9c837a87b76"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1210
x-amz-id-2
hyC3Z4E7FftEQZh4TnImfjok33inJF0weDtD2A7A5B59r2o/u6e9ITFVfi0sz9RPLf/6by5g9tw=
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js?1561389237
Requested by
Host: www.adultd8.com
URL: https://www.adultd8.com/c/8d2358ea43d0439d?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&s1=36_all_ng&s2=from_campaign&s3=int&s4=s8474kri&s5=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&s6=b8708rie
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 06 Nov 2020 11:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Nov 2021 11:08:28 GMT
js.js
cdn-tn.akamaized.net/landings/90693/1561389237/js/ 		1 KB
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-tn.akamaized.net/landings/90693/1561389237/js/js.js?1561389237
Requested by
Host: www.adultd8.com
URL: https://www.adultd8.com/c/8d2358ea43d0439d?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&s1=36_all_ng&s2=from_campaign&s3=int&s4=s8474kri&s5=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&s6=b8708rie
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.177.50 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-177-50.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e2c52e29a9b381dd8fe9e912754c0b275242b46c488d6875e812dd4348a26641

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 06 Nov 2020 11:08:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Jun 2019 15:14:00 GMT
Server
AmazonS3
x-amz-request-id
D2DBF4DF8DC53802
ETag
"c7fb4b577a00fb9c18a7358c9088f13f"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
508
x-amz-id-2
tyyyo5mX0VwxYvEWGuTLgpdxScQvMWn1RXSo6GKzZS/Fvr4uVOf9Zuym7fHTHIIwM5Gdi3yCo1g=
52190_lp.png
cdn-tn.akamaized.net/landings/90693/1561389237/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-tn.akamaized.net/landings/90693/1561389237/images/52190_lp.png
Requested by
Host: www.adultd8.com
URL: https://www.adultd8.com/c/8d2358ea43d0439d?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&s1=36_all_ng&s2=from_campaign&s3=int&s4=s8474kri&s5=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&s6=b8708rie
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.177.50 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-177-50.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5f52bdc1d144e5570bff39e7792f69fe9ce9fa89ba96a7d5623c2913d4b6b358

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 06 Nov 2020 11:08:29 GMT
Last-Modified
Mon, 24 Jun 2019 15:14:00 GMT
Server
AmazonS3
x-amz-request-id
14FCF162C6267D99
ETag
"1239f87a4b7d703bbc0a6fa3e138a7e3"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4131
x-amz-id-2
HWCL7NSFdfrgj97IVrM3rBIlXQfGZwSjlO3dv8z1XIXbT0nmicXeoR4V0wrQu80xTWdY3nGcA1I=
domain.js
serve4ys.xyz/push/ 		1 KB
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://serve4ys.xyz/push/domain.js
Requested by
Host: www.adultd8.com
URL: https://www.adultd8.com/c/8d2358ea43d0439d?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&s1=36_all_ng&s2=from_campaign&s3=int&s4=s8474kri&s5=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&s6=b8708rie
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-36.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b62b1418540646cbad539fd437c468fd456991667277b1ece3b586bea49983c

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 23:09:16 GMT
content-encoding
gzip
last-modified
Mon, 20 Jan 2020 15:08:47 GMT
server
AmazonS3
age
43154
etag
"80f3cc2399a9de592784a4f1016ad7aa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
vFoLxy0x6MOid2VUNS4YXXGfhE-FmJC1KNvq99Hy03IXF2BA1KGzuQ==
via
1.1 414a05dee9c365a2a2079013f9d53671.cloudfront.net (CloudFront)
bo_trace.js
serve4ys.xyz/bo/dat/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serve4ys.xyz/bo/dat/bo_trace.js
Requested by
Host: www.adultd8.com
URL: https://www.adultd8.com/c/8d2358ea43d0439d?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&s1=36_all_ng&s2=from_campaign&s3=int&s4=s8474kri&s5=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&s6=b8708rie
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-36.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e75b5b570e4de2dc146cf1997c57361cc04e2b91705935d6503297657c037c37

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 11:11:41 GMT
content-encoding
gzip
last-modified
Mon, 20 Jan 2020 15:08:47 GMT
server
AmazonS3
age
86209
etag
W/"0a6c3896a90199e54896e6f41ce08886"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
UcOKFw-sxRzuEQsG8QPrc85-djQsd1Ikvn7X8vNNRf3Azt03BsKxTw==
via
1.1 414a05dee9c365a2a2079013f9d53671.cloudfront.net (CloudFront)
2x_off_trace_multi.js
serve4ys.xyz/so/dat/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serve4ys.xyz/so/dat/2x_off_trace_multi.js
Requested by
Host: www.adultd8.com
URL: https://www.adultd8.com/c/8d2358ea43d0439d?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&s1=36_all_ng&s2=from_campaign&s3=int&s4=s8474kri&s5=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&s6=b8708rie
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.132.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-132-36.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
13e93c80cea997f1b804d8c3072679955aa7dcc3b6151f2c81fff4c2cfdf77a4

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 12:23:57 GMT
content-encoding
gzip
last-modified
Mon, 20 Jan 2020 15:08:47 GMT
server
AmazonS3
age
81873
etag
W/"625ae475a98f36dd0e093b56fee3e20e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
N_NWYIAOPVNRGnuDbl2zdpAVPT_ymPU6l603nDYLdfkb17CxNwhGsQ==
via
1.1 414a05dee9c365a2a2079013f9d53671.cloudfront.net (CloudFront)
main.js
uf.noclef.com/c_js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uf.noclef.com/c_js/main.js?dp=ce18020f12d0853676d054070c16dfd5&owner_id=%E1%84%A0&jump_id=%F0%96%89%85&country=Netherlands&traffic_type=web&connection_type=DESKTOP&isp=uk%20web.solutions%20direct%20ltd&carrier=Desktop&token1=36_all_ng&token2=from_campaign&token3=int&token4=s8474kri&token5=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&token6=b8708rie
Requested by
Host: www.adultd8.com
URL: https://www.adultd8.com/c/8d2358ea43d0439d?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&s1=36_all_ng&s2=from_campaign&s3=int&s4=s8474kri&s5=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&s6=b8708rie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.55.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-55-18.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash
f9c304e391ef55b194f31b9f33a59d75a0bca95a90179726c0c65e367504ef0b

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 06 Nov 2020 11:08:29 GMT
content-encoding
gzip
etag
W/"209e-lcOjNYVJyjGEcwjFzamlGKXKSmY"
status
200
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
52179_lp.jpg
cdn-tn.akamaized.net/landings/90693/1561389237/images/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-tn.akamaized.net/landings/90693/1561389237/images/52179_lp.jpg
Requested by
Host: cdn-tn.akamaized.net
URL: https://cdn-tn.akamaized.net/landings/90693/1561389237/css/css.css?1561389237
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.177.50 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-177-50.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6c085e560e780caff5684296baf11ee8676c5b5bf73af253033d8406d171967a

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 06 Nov 2020 11:08:29 GMT
Last-Modified
Mon, 24 Jun 2019 15:13:59 GMT
Server
AmazonS3
x-amz-request-id
84964A2A2911D897
ETag
"b36da54e3bdaf3523adddc93ef4614d6"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51951
x-amz-id-2
wh9fdIqnIxeeLY9/wq4v2u+HY5Qj2xp0Yxif6fJK4zzfLhj2ghxRvbZBG9Kiphto5E4IOahPwYU=
52180_lp.jpg
cdn-tn.akamaized.net/landings/90693/1561389237/images/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-tn.akamaized.net/landings/90693/1561389237/images/52180_lp.jpg
Requested by
Host: cdn-tn.akamaized.net
URL: https://cdn-tn.akamaized.net/landings/90693/1561389237/css/css.css?1561389237
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.177.50 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-177-50.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5ef46e874777dea30e482229b59fa0f16c42fd76223bdff8ba2095e769c983a0

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 06 Nov 2020 11:08:30 GMT
Last-Modified
Mon, 24 Jun 2019 15:13:59 GMT
Server
AmazonS3
x-amz-request-id
0A0DE5253131C068
ETag
"dd40f1370895164470a2e427cced9172"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
97924
x-amz-id-2
LRoZe9PGfbsweMfoulGPw8lH22hHgRc/8B2auXNxk5QefKwaJUOsw07WTUDqDM/TEtCY4jr+6DE=
52181_lp.jpg
cdn-tn.akamaized.net/landings/90693/1561389237/images/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-tn.akamaized.net/landings/90693/1561389237/images/52181_lp.jpg
Requested by
Host: cdn-tn.akamaized.net
URL: https://cdn-tn.akamaized.net/landings/90693/1561389237/css/css.css?1561389237
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.177.50 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-177-50.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d2caff602d370b86eefc97276917f6985d819dc7303098222054012ed619ca09

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 06 Nov 2020 11:08:29 GMT
Last-Modified
Mon, 24 Jun 2019 15:13:59 GMT
Server
AmazonS3
x-amz-request-id
7E034E5502AB155B
ETag
"c5e191e33ff8b16b6f8af76620eb9636"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
77863
x-amz-id-2
AXE4KuC70r6YLvsJJzhjjC3mW/CY9ZAvrs5DeRs9GMbz7uZKy2esDiHVVwkJXDT0lLK6UOBmNlg=
52182_lp.jpg
cdn-tn.akamaized.net/landings/90693/1561389237/images/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-tn.akamaized.net/landings/90693/1561389237/images/52182_lp.jpg
Requested by
Host: cdn-tn.akamaized.net
URL: https://cdn-tn.akamaized.net/landings/90693/1561389237/css/css.css?1561389237
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.177.50 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-177-50.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
610eeca7f32401ed789bbbdca6c18c1990fd7e3ff36e1885ac311416a764c1aa

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 06 Nov 2020 11:08:30 GMT
Last-Modified
Mon, 24 Jun 2019 15:13:59 GMT
Server
AmazonS3
x-amz-request-id
AB310F20177208F1
ETag
"52329b6f3d6bf5e2cb0fbe9f2529d5e3"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
112630
x-amz-id-2
jTSvdz4B7Bj9388+IzDlqGhSxu7wEJafKcPy1K3OWNAXXp44U8SyK/fVWaA6gE2w6uWUpPH2fbU=
52183_lp.jpg
cdn-tn.akamaized.net/landings/90693/1561389237/images/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-tn.akamaized.net/landings/90693/1561389237/images/52183_lp.jpg
Requested by
Host: cdn-tn.akamaized.net
URL: https://cdn-tn.akamaized.net/landings/90693/1561389237/css/css.css?1561389237
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.177.50 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-177-50.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3a558e6807e223de56d8e8a4b6720602fce3e50c61511d3d0d0e5060bf8a9e34

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 06 Nov 2020 11:08:29 GMT
Last-Modified
Mon, 24 Jun 2019 15:14:00 GMT
Server
AmazonS3
x-amz-request-id
C997F7B46E2579B2
ETag
"ec0f28d8658ca64737806d43f1612dbc"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
44333
x-amz-id-2
5mNkGDdAayToJiHO/xjyXee/F1GrbEeZv9uF8vmXwvnvd7weBQNXCCpMhTU7J64owIDz+AoWLAE=
52184_lp.jpg
cdn-tn.akamaized.net/landings/90693/1561389237/images/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-tn.akamaized.net/landings/90693/1561389237/images/52184_lp.jpg
Requested by
Host: cdn-tn.akamaized.net
URL: https://cdn-tn.akamaized.net/landings/90693/1561389237/css/css.css?1561389237
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.177.50 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-177-50.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b264461c1deb682ae33bce69add8e7b49d3395bb3e6036521a57d28d3d42419a

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 06 Nov 2020 11:08:29 GMT
Last-Modified
Mon, 24 Jun 2019 15:14:00 GMT
Server
AmazonS3
x-amz-request-id
DA99CD8FE94BA16D
ETag
"1619d77213d68ecd0dc7e153a6cab8d0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
112937
x-amz-id-2
FsQzZkAUkwFFIcPvdP0eSjJ8uXeYZ/0y9kODAv3Vs/iZd5iel8BAmWFd4uMSNSotVGo2AsYfLh0=
52185_lp.jpg
cdn-tn.akamaized.net/landings/90693/1561389237/images/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-tn.akamaized.net/landings/90693/1561389237/images/52185_lp.jpg
Requested by
Host: cdn-tn.akamaized.net
URL: https://cdn-tn.akamaized.net/landings/90693/1561389237/css/css.css?1561389237
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.177.50 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-177-50.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
cf2cb730df0a121d44339ffacc4e41dc109124cab59698ec9c83e2f47e1779d3

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 06 Nov 2020 11:08:29 GMT
Last-Modified
Mon, 24 Jun 2019 15:14:00 GMT
Server
AmazonS3
x-amz-request-id
C2CF7981B768FA3F
ETag
"51b8cc4425331dc033c4dbf45c457e8d"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
59309
x-amz-id-2
5jxLFn9lk6UwYyhBW2LrcPqmUrAWtjBqpq1nPHcOn4SGnkwu4NLvTMDVbC5yEIAw79l8Asc0Lg8=
52186_lp.jpg
cdn-tn.akamaized.net/landings/90693/1561389237/images/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-tn.akamaized.net/landings/90693/1561389237/images/52186_lp.jpg
Requested by
Host: cdn-tn.akamaized.net
URL: https://cdn-tn.akamaized.net/landings/90693/1561389237/css/css.css?1561389237
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.177.50 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-177-50.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c5484a8c01f4b2703d0c420fc6f808a8471aba805cd3390eb509c02a5db2e5fb

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 06 Nov 2020 11:08:29 GMT
Last-Modified
Mon, 24 Jun 2019 15:14:00 GMT
Server
AmazonS3
x-amz-request-id
7A38A0315108A27B
ETag
"12ea895c627ebd821e8d84d1f68020f1"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
99348
x-amz-id-2
isguSS/Ul9cYx6MFmJXItJPwLQVqtOFjNWSw3q+o5J7gDHhIM2ExBmqMhGCK05yDa5DjyIyxcbM=
52187_lp.jpg
cdn-tn.akamaized.net/landings/90693/1561389237/images/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-tn.akamaized.net/landings/90693/1561389237/images/52187_lp.jpg
Requested by
Host: cdn-tn.akamaized.net
URL: https://cdn-tn.akamaized.net/landings/90693/1561389237/css/css.css?1561389237
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.177.50 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-177-50.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2b844814449738c8cdcf3d02c7fa3ce949b18c063b8b7b70bf6cac1124383841

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 06 Nov 2020 11:08:29 GMT
Last-Modified
Mon, 24 Jun 2019 15:14:00 GMT
Server
AmazonS3
x-amz-request-id
0D46AC6DCA65B50E
ETag
"a60620225faee25ce81c0264dd80bcd5"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64451
x-amz-id-2
3lR9/KhvQqjumfsepet7QPqCVRlEtlogmMcuxgrBP1xpRse3FJcvw9vLcrJUe7E+BRKlZzwXD+U=
52188_lp.jpg
cdn-tn.akamaized.net/landings/90693/1561389237/images/ 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-tn.akamaized.net/landings/90693/1561389237/images/52188_lp.jpg
Requested by
Host: cdn-tn.akamaized.net
URL: https://cdn-tn.akamaized.net/landings/90693/1561389237/css/css.css?1561389237
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.177.50 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-177-50.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a2a76ba5b0771b5d82d662d6b5b3df625e238622fdeef6e9089bbde1ab9882bf

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 06 Nov 2020 11:08:29 GMT
Last-Modified
Mon, 24 Jun 2019 15:14:00 GMT
Server
AmazonS3
x-amz-request-id
5WDT0WBK9V2M1RCW
ETag
"382aa9079b291d983eda06d4dfc89490"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
99789
x-amz-id-2
XVf+2q12U1d4yCJyGnqRtZ772B7CZjMiDqyWfE20xT/BfSupGKDtbEZ29YsuBK8iz639VfP168E=
52189_lp.jpg
cdn-tn.akamaized.net/landings/90693/1561389237/images/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-tn.akamaized.net/landings/90693/1561389237/images/52189_lp.jpg
Requested by
Host: cdn-tn.akamaized.net
URL: https://cdn-tn.akamaized.net/landings/90693/1561389237/css/css.css?1561389237
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.177.50 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-177-50.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9118fbac8272ad3fa2a3bfeb1780c3b5dce976df8d1a1d0f039e92bf0e058110

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 06 Nov 2020 11:08:29 GMT
Last-Modified
Mon, 24 Jun 2019 15:14:00 GMT
Server
AmazonS3
x-amz-request-id
0CC63DC7DB70B5E5
ETag
"301c942c88699923e27c5bb267cd3278"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
79531
x-amz-id-2
suvU4yX/4ThcqEW2MDSAWECVhap+30/ye6yRlPnbyFMl3LqG92T5pINfLTRM0pWZlCsvEAotxVo=
webpush.js
uf.noclef.com/c_js/ 		111 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uf.noclef.com/c_js/webpush.js?placement=com_bridge&referer=https%3A%2F%2Ftyperock.com%2Ffg%2Fo%2Fs%2Fdda7a5209d75a23e73ed28812911a84a%3Ftds_cid%3De9b9bfc329127f5949bdd49df2c35cfbeb09fe89%26tds_campaign%3Db8708rie%26__t%3D1604660907355%26__l%3D60&doc_location=https%253A%252F%252Fwww.adultd8.com%252Fc%252F8d2358ea43d0439d%253Ftds_cid%253De9b9bfc329127f5949bdd49df2c35cfbeb09fe89%2526tds_campaign%253Db8708rie%2526s1%253D36_all_ng%2526s2%253Dfrom_campaign%2526s3%253Dint%2526s4%253Ds8474kri%2526s5%253De9b9bfc329127f5949bdd49df2c35cfbeb09fe89%2526s6%253Db8708rie&dp=ce18020f12d0853676d054070c16dfd5&owner_id=%E1%84%A0&jump_id=%F0%96%89%85&country=Netherlands&traffic_type=web&connection_type=DESKTOP&isp=uk%20web.solutions%20direct%20ltd&carrier=Desktop&token1=36_all_ng&token2=from_campaign&token3=int&token4=s8474kri&token5=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&token6=b8708rie&uaDataValues={}
Requested by
Host: uf.noclef.com
URL: https://uf.noclef.com/c_js/main.js?dp=ce18020f12d0853676d054070c16dfd5&owner_id=%E1%84%A0&jump_id=%F0%96%89%85&country=Netherlands&traffic_type=web&connection_type=DESKTOP&isp=uk%20web.solutions%20direct%20ltd&carrier=Desktop&token1=36_all_ng&token2=from_campaign&token3=int&token4=s8474kri&token5=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&token6=b8708rie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.55.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-55-18.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash
97d049811c63760c56a08cd3b464f6889aac51db21c084d43d3f95571f845018

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 06 Nov 2020 11:08:29 GMT
content-encoding
gzip
etag
W/"1bbad-620zufHeKgu7c5fq01N9scpbNrY"
status
200
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
custom_jump.js
uf.noclef.com/c_js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uf.noclef.com/c_js/custom_jump.js?placement=com_bridge&referer=https%3A%2F%2Ftyperock.com%2Ffg%2Fo%2Fs%2Fdda7a5209d75a23e73ed28812911a84a%3Ftds_cid%3De9b9bfc329127f5949bdd49df2c35cfbeb09fe89%26tds_campaign%3Db8708rie%26__t%3D1604660907355%26__l%3D60&doc_location=https%253A%252F%252Fwww.adultd8.com%252Fc%252F8d2358ea43d0439d%253Ftds_cid%253De9b9bfc329127f5949bdd49df2c35cfbeb09fe89%2526tds_campaign%253Db8708rie%2526s1%253D36_all_ng%2526s2%253Dfrom_campaign%2526s3%253Dint%2526s4%253Ds8474kri%2526s5%253De9b9bfc329127f5949bdd49df2c35cfbeb09fe89%2526s6%253Db8708rie&dp=ce18020f12d0853676d054070c16dfd5&owner_id=%E1%84%A0&jump_id=%F0%96%89%85&country=Netherlands&traffic_type=web&connection_type=DESKTOP&isp=uk%20web.solutions%20direct%20ltd&carrier=Desktop&token1=36_all_ng&token2=from_campaign&token3=int&token4=s8474kri&token5=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&token6=b8708rie&uaDataValues={}
Requested by
Host: uf.noclef.com
URL: https://uf.noclef.com/c_js/main.js?dp=ce18020f12d0853676d054070c16dfd5&owner_id=%E1%84%A0&jump_id=%F0%96%89%85&country=Netherlands&traffic_type=web&connection_type=DESKTOP&isp=uk%20web.solutions%20direct%20ltd&carrier=Desktop&token1=36_all_ng&token2=from_campaign&token3=int&token4=s8474kri&token5=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&token6=b8708rie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.55.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-55-18.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash
9f86c84f0303d6178aaa0299b6fd6c01c0438fd4fcb4569cc305f929f2294286

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 06 Nov 2020 11:08:29 GMT
content-encoding
gzip
etag
W/"ce3-xZ83eBfURJbDs2hV4UqZGzgngY8"
status
200
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
init
uf.noclef.com/c_js/rtSlot/ Frame 6B5C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://uf.noclef.com/c_js/rtSlot/init?event=externalJumpVisit
Requested by
Host: uf.noclef.com
URL: https://uf.noclef.com/c_js/custom_jump.js?placement=com_bridge&referer=https%3A%2F%2Ftyperock.com%2Ffg%2Fo%2Fs%2Fdda7a5209d75a23e73ed28812911a84a%3Ftds_cid%3De9b9bfc329127f5949bdd49df2c35cfbeb09fe89%26tds_campaign%3Db8708rie%26__t%3D1604660907355%26__l%3D60&doc_location=https%253A%252F%252Fwww.adultd8.com%252Fc%252F8d2358ea43d0439d%253Ftds_cid%253De9b9bfc329127f5949bdd49df2c35cfbeb09fe89%2526tds_campaign%253Db8708rie%2526s1%253D36_all_ng%2526s2%253Dfrom_campaign%2526s3%253Dint%2526s4%253Ds8474kri%2526s5%253De9b9bfc329127f5949bdd49df2c35cfbeb09fe89%2526s6%253Db8708rie&dp=ce18020f12d0853676d054070c16dfd5&owner_id=%E1%84%A0&jump_id=%F0%96%89%85&country=Netherlands&traffic_type=web&connection_type=DESKTOP&isp=uk%20web.solutions%20direct%20ltd&carrier=Desktop&token1=36_all_ng&token2=from_campaign&token3=int&token4=s8474kri&token5=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&token6=b8708rie&uaDataValues={}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.55.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-55-18.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

:method
GET
:authority
uf.noclef.com
:scheme
https
:path
/c_js/rtSlot/init?event=externalJumpVisit
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.adultd8.com/c/8d2358ea43d0439d?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&s1=36_all_ng&s2=from_campaign&s3=int&s4=s8474kri&s5=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&s6=b8708rie
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
visitor_id=5fa52ead27326a0031438b9b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://www.adultd8.com/c/8d2358ea43d0439d?tds_cid=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&tds_campaign=b8708rie&s1=36_all_ng&s2=from_campaign&s3=int&s4=s8474kri&s5=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&s6=b8708rie

Response headers

status
200
date
Fri, 06 Nov 2020 11:08:29 GMT
content-type
text/html; charset=utf-8
content-length
284
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
etag
W/"11c-sPIX56igdBXK2Z2NOBw203hr7Do"
vary
Accept-Encoding
track
uf.noclef.com/v1/webpush/ 		11 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://uf.noclef.com/v1/webpush/track?uaDataValues={}
Requested by
Host: uf.noclef.com
URL: https://uf.noclef.com/c_js/webpush.js?placement=com_bridge&referer=https%3A%2F%2Ftyperock.com%2Ffg%2Fo%2Fs%2Fdda7a5209d75a23e73ed28812911a84a%3Ftds_cid%3De9b9bfc329127f5949bdd49df2c35cfbeb09fe89%26tds_campaign%3Db8708rie%26__t%3D1604660907355%26__l%3D60&doc_location=https%253A%252F%252Fwww.adultd8.com%252Fc%252F8d2358ea43d0439d%253Ftds_cid%253De9b9bfc329127f5949bdd49df2c35cfbeb09fe89%2526tds_campaign%253Db8708rie%2526s1%253D36_all_ng%2526s2%253Dfrom_campaign%2526s3%253Dint%2526s4%253Ds8474kri%2526s5%253De9b9bfc329127f5949bdd49df2c35cfbeb09fe89%2526s6%253Db8708rie&dp=ce18020f12d0853676d054070c16dfd5&owner_id=%E1%84%A0&jump_id=%F0%96%89%85&country=Netherlands&traffic_type=web&connection_type=DESKTOP&isp=uk%20web.solutions%20direct%20ltd&carrier=Desktop&token1=36_all_ng&token2=from_campaign&token3=int&token4=s8474kri&token5=e9b9bfc329127f5949bdd49df2c35cfbeb09fe89&token6=b8708rie&uaDataValues={}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.55.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-55-18.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash
185486091df0b98cd0497e39891912209209c94df89bd989a0ab397cde61f1d4

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Fri, 06 Nov 2020 11:08:29 GMT
status
200
x-powered-by
Express
etag
W/"b-yHl5CkQW7JVvNHB+r5i4h6FZPGk"
vary
X-HTTP-Method-Override, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
11
track
uf.noclef.com/v1/webpush/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://uf.noclef.com/v1/webpush/track?uaDataValues={}
Protocol
H2
Server
35.157.55.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-55-18.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.adultd8.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
date
Fri, 06 Nov 2020 11:08:29 GMT
content-type
text/html; charset=utf-8
content-length
4
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
allow
POST
etag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
vary
Accept-Encoding
track
uf.noclef.com/v1/webpush/ 		0
0
track
uf.noclef.com/v1/webpush/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://uf.noclef.com/v1/webpush/track?uaDataValues={}
Protocol
H2
Server
35.157.55.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-55-18.eu-central-1.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.adultd8.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
date
Fri, 06 Nov 2020 11:08:30 GMT
content-type
text/html; charset=utf-8
content-length
4
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
allow
POST
etag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
vary
Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
uf.noclef.com
URL
https://uf.noclef.com/v1/webpush/track?uaDataValues={}

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery string| target_offer string| target_geo function| getQueryString string| jumpId object| jumpIds_db string| jumpIds_db_all object| trd_jumps number| is_jumpId_db number| is_jumpId_trd string| userLang string| lang_code string| domain string| script_version function| getURLParameter string| s1_value string| s1_orig string| s3_value string| s6_so string| s5_bo string| tds_campaign object| s1_token object| s6_token object| s5_token string| s5_value string| st_value number| st object| arr_s6 string| st6_value number| arr_s6_num string| so_value string| adlt_url string| trd_url string| final_url boolean| __disBo function| boPopState string| backOfferUrl number| st_num object| arr_s5 string| st5_value number| arr_s5_num string| bo_value boolean| __disSo function| agreeClickTrack function| onRecaptchaLoadCallback object| ufApp object| firebase

5 Cookies

Domain/Path Name / Value
tsyndicate.com/ Name: ts_rt_4e8c1d4c-44bc-479d-b9ac-0e6e522cb432
Value: AQE=
uf.noclef.com/ Name: company_id
Value: 5ecbb847356b5f00497f3a22
www.adultd8.com/ Name: unique_id
Value: 5fa52eac0008c62a
uf.noclef.com/ Name: visitor_id
Value: 5fa52ead27326a0031438b9b
www.adultd8.com/ Name: unique_184287
Value: unique_184287

2 Console Messages

Source Level URL
Text
console-api log URL: https://serve4ys.xyz/push/domain.js(Line 13)
Message:
Jump ID: 90693
console-api log URL: https://serve4ys.xyz/push/domain.js(Line 19)
Message:
User Lang: en

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.realsrv.com
ajax.googleapis.com
best.aliexpress.com
bit.ly
c.securepaths.com
cdn-tn.akamaized.net
cdn.jsdelivr.net
fireads.online
godatemetoday.com
letyshops.com
s.click.aliexpress.com
serve4ys.xyz
speedflow.io
stats.g.doubleclick.net
syndication.realsrv.com
traffdaq.com
typerock.com
uf.noclef.com
www.adultd8.com
www.google-analytics.com
www.googletagmanager.com
uf.noclef.com
104.111.216.213
107.170.39.103
13.226.132.36
18.197.253.254
198.54.116.135
2.16.177.50
2001:4de0:ac19::1:b:3a
2606:4700:3036::681b:b3e7
2a00:1450:4001:800::200a
2a00:1450:4001:803::2008
2a00:1450:4001:803::200e
2a00:1450:400c:c07::9b
2a04:4e42:1b::621
35.157.55.18
35.190.72.161
5.187.0.84
52.28.144.55
52.28.86.101
67.199.248.11
95.211.229.245
001f3215c33416bf79d8edb12634108c3d7bdf2676a52334d3a6f18c0f5c5f18
13e93c80cea997f1b804d8c3072679955aa7dcc3b6151f2c81fff4c2cfdf77a4
185486091df0b98cd0497e39891912209209c94df89bd989a0ab397cde61f1d4
1d39b8226d2612b464c72d54cf2f9d7cccbba6d806d202678c532e4d87c84a97
25155bd764665f1335dec24598d5a787888b0faf12c5f03ef4fb58891bff430b
2b844814449738c8cdcf3d02c7fa3ce949b18c063b8b7b70bf6cac1124383841
3a558e6807e223de56d8e8a4b6720602fce3e50c61511d3d0d0e5060bf8a9e34
4ce90b6a712f243fc29ce7f90835112d396317ac2a9cbd5723d9913576e5c443
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
57df5a96bde6ab0f5fa57260a9ac9c261d6726d502a610de5615da6f11903c89
5ef46e874777dea30e482229b59fa0f16c42fd76223bdff8ba2095e769c983a0
5f52bdc1d144e5570bff39e7792f69fe9ce9fa89ba96a7d5623c2913d4b6b358
610eeca7f32401ed789bbbdca6c18c1990fd7e3ff36e1885ac311416a764c1aa
66149c3136ef36ebef349ef84dc826ca0ff076a39a39e8d3bea8e31ce9a02b32
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c085e560e780caff5684296baf11ee8676c5b5bf73af253033d8406d171967a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9118fbac8272ad3fa2a3bfeb1780c3b5dce976df8d1a1d0f039e92bf0e058110
93843ec5d164f6834bf7c8b0203e97459277958476df1dcce17f1b61b96c04cb
97d049811c63760c56a08cd3b464f6889aac51db21c084d43d3f95571f845018
9b62b1418540646cbad539fd437c468fd456991667277b1ece3b586bea49983c
9f86c84f0303d6178aaa0299b6fd6c01c0438fd4fcb4569cc305f929f2294286
a2a76ba5b0771b5d82d662d6b5b3df625e238622fdeef6e9089bbde1ab9882bf
a8f6a2b3c4fed5eba9cea112976da2327b7fb10c05dbf729749c4402e2b2391e
b05c35ac700e29221906f61d680fb4ccc1be7b2f2b2e9e49f97374f3cab56dfd
b264461c1deb682ae33bce69add8e7b49d3395bb3e6036521a57d28d3d42419a
c5484a8c01f4b2703d0c420fc6f808a8471aba805cd3390eb509c02a5db2e5fb
cf2cb730df0a121d44339ffacc4e41dc109124cab59698ec9c83e2f47e1779d3
d2caff602d370b86eefc97276917f6985d819dc7303098222054012ed619ca09
d3f814d49049b29143de2fccdbd97d0a1f0739e2554c482684c7c906b535ea43
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2c52e29a9b381dd8fe9e912754c0b275242b46c488d6875e812dd4348a26641
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e75b5b570e4de2dc146cf1997c57361cc04e2b91705935d6503297657c037c37
ea929ab07b7bf2a8848a25d3073bbf9b6b6c9bad34196d4f41e7ae5cbd84bc62
f73cd7ca1ed0b2e83c4b23d660a0a238227f88099eec77b1284080d182aceb87
f9c304e391ef55b194f31b9f33a59d75a0bca95a90179726c0c65e367504ef0b