www.gearbest.com
23.79.135.126 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

Submitted URL:
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 6yr old
Effective URL:
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195683790950589 9yr old
Submission: On March 01 via manual (March 1st 2021, 10:10:14 am UTC) from GB

Summary HTTP 844 Redirects Links 41 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 19 domains to perform 844 HTTP transactions. The main IP is 23.79.135.126, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.gearbest.com. 9yr old
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on April 13th 2020. Valid for: 1yr.

This is the only time www.gearbest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 48	139.45.197.147 139.45.197.147	9002 (RETN-AS) (RETN-AS)
138	139.45.197.240 139.45.197.240	9002 (RETN-AS) (RETN-AS)
498	139.45.196.147 139.45.196.147	9002 (RETN-AS) (RETN-AS)
2 2	139.45.197.8 139.45.197.8	9002 (RETN-AS) (RETN-AS)
6	23.79.135.126 23.79.135.126	16625 (AKAMAI-AS) (AKAMAI-AS)
34	23.79.135.60 23.79.135.60	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	3.222.108.138 3.222.108.138	14618 (AMAZON-AES) (AMAZON-AES)
1	35.157.42.167 35.157.42.167	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1	52.38.191.23 52.38.191.23	16509 (AMAZON-02) (AMAZON-02)
844	20

48 139.45.197.147 (United Kingdom) 2 redirects

ASN9002 (RETN-AS, GB)

topflownews.com 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

138 139.45.197.240 (United Kingdom)

ASN9002 (RETN-AS, GB)

propeller-tracking.com 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

498 139.45.196.147 (United Kingdom)

ASN9002 (RETN-AS, GB)

goaciptu.net 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 139.45.197.8 (United Kingdom) 2 redirects

ASN9002 (RETN-AS, GB)

betshucklean.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

6 23.79.135.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-135-126.deploy.static.akamaitechnologies.com

www.gearbest.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
order.gearbest.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
cur.gearbest.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
affiliate.gearbest.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

34 23.79.135.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-135-60.deploy.static.akamaitechnologies.com

css.gbtcdn.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
uidesign.gbtcdn.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
gloimg.gbtcdn.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

www.googleadservices.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 3.222.108.138 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-108-138.compute-1.amazonaws.com

glsdk.logsss.com 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
analytics.logsss.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.157.42.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-42-167.eu-central-1.compute.amazonaws.com

nginx.1cros.net 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com 12yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com 11yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 52.38.191.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-191-23.us-west-2.compute.amazonaws.com

messengerview.1talking.net 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
498	goaciptu.net goaciptu.net 5yr old	2 MB
138	propeller-tracking.com propeller-tracking.com 6yr old	162 KB
48	topflownews.com 2 redirects topflownews.com 6yr old	723 KB
34	gbtcdn.com css.gbtcdn.com 9yr old uidesign.gbtcdn.com 9yr old gloimg.gbtcdn.com 9yr old	737 KB
6	gearbest.com www.gearbest.com Failed 9yr old order.gearbest.com 9yr old cur.gearbest.com 7yr old affiliate.gearbest.com 9yr old	85 KB
4	facebook.com www.facebook.com 11yr old	822 B
4	google-analytics.com www.google-analytics.com 13yr old	21 KB
3	logsss.com glsdk.logsss.com 8yr old analytics.logsss.com 9yr old	28 KB
3	facebook.net connect.facebook.net 13yr old	164 KB
2	yimg.com s.yimg.com 13yr old	7 KB
2	bing.com bat.bing.com 12yr old	9 KB
2	google.de www.google.de 13yr old	637 B
2	google.com www.google.com 13yr old	425 B
2	doubleclick.net stats.g.doubleclick.net 10yr old googleads.g.doubleclick.net 9yr old	1 KB
2	betshucklean.com betshucklean.com Failed 5yr old	2 KB
1	1talking.net messengerview.1talking.net 7yr old	11 KB
1	1cros.net nginx.1cros.net 8yr old	265 B
1	googleadservices.com www.googleadservices.com 13yr old	13 KB
1	googletagmanager.com www.googletagmanager.com 13yr old	62 KB
844	19

	Domain	Requested by
498	goaciptu.net	topflownews.com goaciptu.net
138	propeller-tracking.com	topflownews.com propeller-tracking.com
48	topflownews.com	2 redirects topflownews.com
19	css.gbtcdn.com	www.gearbest.com css.gbtcdn.com
10	gloimg.gbtcdn.com	www.gearbest.com
5	uidesign.gbtcdn.com	www.gearbest.com uidesign.gbtcdn.com
4	www.facebook.com	www.gearbest.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.gearbest.com
3	connect.facebook.net	topflownews.com connect.facebook.net
3	www.gearbest.com	topflownews.com css.gbtcdn.com
2	s.yimg.com	topflownews.com s.yimg.com
2	bat.bing.com	topflownews.com www.gearbest.com
2	www.google.de	www.gearbest.com
2	www.google.com	www.gearbest.com
2	glsdk.logsss.com	topflownews.com glsdk.logsss.com
2	betshucklean.com	topflownews.com
1	analytics.logsss.com	css.gbtcdn.com
1	messengerview.1talking.net	css.gbtcdn.com
1	affiliate.gearbest.com	www.gearbest.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	cur.gearbest.com	css.gbtcdn.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	nginx.1cros.net	topflownews.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	www.gearbest.com
1	order.gearbest.com	www.gearbest.com
844	26

This site contains links to these domains. Also see Links.

Domain
gearbest.app.link
support.gearbest.com
fr.gearbest.com
es.gearbest.com
ru.gearbest.com
pt.gearbest.com
it.gearbest.com
de.gearbest.com
br.gearbest.com
tr.gearbest.com
pl.gearbest.com
jp.gearbest.com
user.gearbest.com
login.gearbest.com
cart.gearbest.com
www.facebook.com
goo.gl
www.youtube.com
www.pinterest.com
vk.com
www.instagram.com
twitter.com
bit.ly
affiliate.gearbest.com
www.sockslovely.com
www.mcafeesecure.com
www.resellerratings.com

Subject Issuer	Validity	Valid
topflownews.com R3	`2021-01-18` - `2021-04-18`	3mo	crt.sh
propeller-tracking.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-05` - `2021-11-05`	1yr	crt.sh
goaciptu.net R3	`2020-12-31` - `2021-03-31`	3mo	crt.sh
*.gearbest.com DigiCert SHA2 Secure Server CA	`2020-04-13` - `2021-07-13`	1yr	crt.sh
*.gbtcdn.com GeoTrust RSA CA 2018	`2020-06-23` - `2021-07-28`	1yr	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3mo	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3mo	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3mo	crt.sh
*.logsss.com Amazon	`2020-04-07` - `2021-05-07`	1yr	crt.sh
*.1cros.net GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-09-14` - `2021-09-29`	1yr	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3mo	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3mo	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3mo	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6mo	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3mo	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3mo	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-02-21` - `2021-04-06`	1mo	crt.sh
*.1talking.net Sectigo RSA Domain Validation Secure Server CA	`2021-02-05` - `2022-02-17`	1yr	crt.sh

This page contains 1 frames:

Primary Page: https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195683790950589
Frame ID: 5064CBD75943FC867A3C5BAFDEBD7F1E
Requests: 717 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta... HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195683790950589 Page URL

Detected technologies

Nginx (Web servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

844
Requests

89 %
HTTPS

50 %
IPv6

19
Domains

26
Subdomains

20
IPs

4
Countries

4135 kB
Transfer

10651 kB
Size

27
Cookies

41 Outgoing links

These are links going to different origins than the main page.

URL: https://gearbest.app.link/pctopios

Search URL Search Domain Scan URL

URL: https://gearbest.app.link/pctopandroid

Search URL Search Domain Scan URL

URL: https://support.gearbest.com/ticket/ticket/cat
Title: Support Center

Search URL Search Domain Scan URL

URL: https://fr.gearbest.com/
Title: France

Search URL Search Domain Scan URL

URL: https://es.gearbest.com/
Title: España

Search URL Search Domain Scan URL

URL: https://ru.gearbest.com/
Title: Россия

Search URL Search Domain Scan URL

URL: https://pt.gearbest.com/
Title: Portugal

Search URL Search Domain Scan URL

URL: https://it.gearbest.com/
Title: Italia

Search URL Search Domain Scan URL

URL: https://de.gearbest.com/
Title: Deutschland

Search URL Search Domain Scan URL

URL: https://br.gearbest.com/
Title: Brasil

Search URL Search Domain Scan URL

URL: https://tr.gearbest.com/
Title: Türkiye

Search URL Search Domain Scan URL

URL: https://pl.gearbest.com/
Title: Polska

Search URL Search Domain Scan URL

URL: https://jp.gearbest.com/
Title: Japan

Search URL Search Domain Scan URL

URL: https://user.gearbest.com/index#/favor/goods
Title: Gearbest

Search URL Search Domain Scan URL

URL: https://login.gearbest.com/m-users-a-sign.htm?type=1
Title: Sign In

Search URL Search Domain Scan URL

URL: https://login.gearbest.com/m-users-a-register.htm?type=1
Title: Register

Search URL Search Domain Scan URL

URL: https://user.gearbest.com/index
Title:

Search URL Search Domain Scan URL

URL: https://user.gearbest.com/index#/order/list?index=0
Title: My Orders

Search URL Search Domain Scan URL

URL: https://support.gearbest.com/ticket/ticket/ticket-list?lang=en
Title: My Tickets

Search URL Search Domain Scan URL

URL: https://user.gearbest.com/index#/message/list?index=0
Title: System information

Search URL Search Domain Scan URL

URL: https://user.gearbest.com/index#/leavemessage/list?index=0
Title: My Messages

Search URL Search Domain Scan URL

URL: https://user.gearbest.com/index#/wallet/index
Title: My G Wallet

Search URL Search Domain Scan URL

URL: https://user.gearbest.com/index#/point
Title: My Points

Search URL Search Domain Scan URL

URL: https://user.gearbest.com/index#/vip/center
Title: VIP Center NEW

Search URL Search Domain Scan URL

URL: https://user.gearbest.com/index#/setting/info
Title: My Profile

Search URL Search Domain Scan URL

URL: https://user.gearbest.com/index#/coupon
Title: My Coupon

Search URL Search Domain Scan URL

URL: https://login.gearbest.com/m-users-a-logout.htm
Title: Sign Out

Search URL Search Domain Scan URL

URL: https://cart.gearbest.com/cart/index
Title: Cart 0

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gearbest
Title:

Search URL Search Domain Scan URL

URL: https://goo.gl/qXtLAh
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TheGearBest
Title:

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/gearbestlife/
Title:

Search URL Search Domain Scan URL

URL: https://vk.com/gearbest
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gearbest/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/TheGearbest/
Title:

Search URL Search Domain Scan URL

URL: http://bit.ly/2LadoyE
Title:

Search URL Search Domain Scan URL

URL: https://affiliate.gearbest.com/
Title: Associate Program

Search URL Search Domain Scan URL

URL: https://www.sockslovely.com/
Title: Wholesale Socks

Search URL Search Domain Scan URL

URL: https://www.sockslovely.com/category/funny-socks-c_61/
Title: Wholesale Funny Socks

Search URL Search Domain Scan URL

URL: https://www.mcafeesecure.com/verify?host=gearbest.com
Title:

Search URL Search Domain Scan URL

URL: https://www.resellerratings.com/store/gearbest
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851 Page URL
https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195683790950589 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195649905173417

Request Chain 22

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195653763932786

Request Chain 40

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195658616746080

Request Chain 58

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195659241693280

Request Chain 76

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195658461556973

Request Chain 94

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851

Request Chain 112

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195659241693468

Request Chain 130

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195658461557181

Request Chain 148

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195658616746540

Request Chain 166

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195662064464106

Request Chain 184

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195662064464169

Request Chain 202

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195662064464237

Request Chain 220

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195658616746853

Request Chain 238

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195658461557646

Request Chain 256

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195667064070181

Request Chain 274

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195659241694160

Request Chain 292

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851

Request Chain 310

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195667064070408

Request Chain 328

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195667462533287

Request Chain 346

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195667064070520

Request Chain 364

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195667462533570

Request Chain 382

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195670444675275

Request Chain 400

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195667462533706

Request Chain 418

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195667064070937

Request Chain 436

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195667064071006

Request Chain 454

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195667064071056

Request Chain 472

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195666950820187

Request Chain 490

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195670444675637

Request Chain 508

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195670444675701

Request Chain 526

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851

Request Chain 544

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851

Request Chain 562

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195676388003949

Request Chain 580

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195676392198149

Request Chain 598

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195675687559483

Request Chain 616

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195675293299135

Request Chain 634

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195675293299193

Request Chain 652

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195675687559696

Request Chain 670

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195675293299358

Request Chain 688

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195678866841894

Request Chain 706

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195675687559904

Request Chain 724

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195675687559964

Request Chain 742

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195675293299606

Request Chain 760

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195675687560085

Request Chain 778

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195683790950445

Request Chain 796

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd2ea3df15272daf3cf507&z=14962851&b={bannerid}&g={geo}&svar={timestamp}&ssk={timestamp_key}&oaid={oaid}&did={deviceid}&campid={campaignid} HTTP 302
https://betshucklean.com/4/3082150/?var=14962851 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195683790950524

844 HTTP transactions
55 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 132ms
77ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: 8b98a59c32f5e506a38801a2df8223a95bfb5cd521d0119976e8264f063fe33d

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=S5bUs4HuM3w5o6uB4hahkOUQZAJZK6MgOTa9U0E_rNM; expires=Mon, 01-Mar-2021 11:10:14 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 48ms
15ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=1812641136

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: 144ba0623470034d257ae4e4bdc58c4f
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 52ms
15ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195649905173417

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
492 B 16ms
15ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1812641136

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: b56c56d5ebe2650a92e0b5a17e90cd3f
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:06 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 9ef3ddcbce94b9c16f2401117c2cce9b
Date: Mon, 01 Mar 2021 10:10:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 60ms
30ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 15ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1812641136

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 498d86e20118562ccaa518b79d4656cf
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:06 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 29ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 18ms
18ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 8c32d816c0214298ca1146067c2f4f4f
Date: Mon, 01 Mar 2021 10:10:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 19ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: d62f87cb9cd0fd349b2ef74989682d72
Date: Mon, 01 Mar 2021 10:10:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 38ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 38ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST custom
goaciptu.net/ 0
0

POST event
goaciptu.net/ 0
0

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 55ms
54ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: 96737202d560d808b9fbffdf727e4824f90aec7c6cc24569e14b79c76a68a72c

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=S5bUs4HuM3w5o6uB4hahkOUQZAJZK6MgOTa9U0E_rNM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=IGMWA2C6A_LVJpnLQF3AHUnMAbE2kjF-iA_653ArcFQ; expires=Mon, 01-Mar-2021 11:10:14 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
16ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=1983135724

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: 0fd3c67cea4c637cdef57bf25f72af4f
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 19ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195653763932786

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
492 B 16ms
15ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1983135724

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: 1da11382742227a4160175651c3f6164
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:06 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 18ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 67d6ccb4ce8ce4592e059bfce325c7fc
Date: Mon, 01 Mar 2021 10:10:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 21ms
20ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 15ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1983135724

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 95c87ec7836bc9681016110ea41880a7
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:06 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 35e064cf55171c615cc0160edaa78612
Date: Mon, 01 Mar 2021 10:10:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 17ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: d32dcdc0d84e3d3215076ee18f57a16a
Date: Mon, 01 Mar 2021 10:10:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 736d0772e80a6bd150c5d59c6930bc75
Date: Mon, 01 Mar 2021 10:10:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 29ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 3c7facd4cea4b39b41faa5605d030559
Date: Mon, 01 Mar 2021 10:10:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 65ms
65ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: f77f07d638cb41173497065a629aa5f758944a3d23664af0316c4cf0c2f544a7

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=IGMWA2C6A_LVJpnLQF3AHUnMAbE2kjF-iA_653ArcFQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=9CqAtT6iuK2BMjxa5qTxPjR0JrulKQNPBytskSeaGwU; expires=Mon, 01-Mar-2021 11:10:14 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
16ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=1297075863

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: ed02442bc9b76dfede66602abf234b5b
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 17ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195658616746080

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
492 B 15ms
15ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1297075863

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: fcdebe2fba7d5ea0f88d5b3c974dfed5
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:06 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 18ms
18ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: c44d9fe0f4338475d21fce4ee004bab7
Date: Mon, 01 Mar 2021 10:10:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 30ms
29ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 15ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1297075863

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 53feeaabe2df730744884555dcac14e8
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:06 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 520169d8aa24fa0ea701d5ba85083b28
Date: Mon, 01 Mar 2021 10:10:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 59f90a9c1d0e755a075823d7f8bce63b
Date: Mon, 01 Mar 2021 10:10:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 18ms
18ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: f818973de881ed9b54ff6292f5101f5b
Date: Mon, 01 Mar 2021 10:10:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 17ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 625d041f53004f597ca2e23a518e91f6
Date: Mon, 01 Mar 2021 10:10:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 65ms
65ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.13
Resource Hash: 44b4ca4ed53a0805a34e821ff2b625d691bd92c9389c249ffe6dabc7958d2400

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=9CqAtT6iuK2BMjxa5qTxPjR0JrulKQNPBytskSeaGwU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.13
Set-Cookie: reverse=-YPqeTWHtLUh67sdEPoUBCqoIso6iA9SLtG8byJ2r4o; expires=Mon, 01-Mar-2021 11:10:14 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
15ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=219476322

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: fcbc5bcb88ab6f2e560977a5c6eb2cae
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 15ms
15ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195659241693280

0
0

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: b01b122d0cda70ec871c5429b8ea53ac
Date: Mon, 01 Mar 2021 10:10:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 20ms
19ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
492 B 15ms
15ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=219476322

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: c3f08658320e4e6812ce3450276a3cdc
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:06 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 15ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=219476322

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: e6b596bfe91a2910fa4a2a96ec969fcc
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:06 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 28d203ea258f4cc68e5f63386a89972c
Date: Mon, 01 Mar 2021 10:10:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 7d6221c8fdefb71aae6c3acccb2ddf0c
Date: Mon, 01 Mar 2021 10:10:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 15ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: dc845f8da39473d35db460f7d5027ff1
Date: Mon, 01 Mar 2021 10:10:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: dcf12d65beee3670c55e4919c7bca676
Date: Mon, 01 Mar 2021 10:10:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 65ms
64ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: 0e2fe23cad3b63d9b20a2ae8c96a596d9eae6bc333a1ad8fe58d07376fbbb898

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=-YPqeTWHtLUh67sdEPoUBCqoIso6iA9SLtG8byJ2r4o
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=spScD-VbcPCmSE2teAoVGm-uj_o7vMnVf5fzo652AGY; expires=Mon, 01-Mar-2021 11:10:14 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 18ms
17ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=549062039

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: 65dbbc5e54c60fb67f0a0007af30e7a8
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 16ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195658461556973

0
0

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 19ms
18ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: db38131b978a945119cb4397b12d71d7
Date: Mon, 01 Mar 2021 10:10:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 22ms
22ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
492 B 19ms
18ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=549062039

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: 4451857f360dc019b98fdbd9442530ca
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:06 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 15ms
14ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=549062039

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 7204b3cf87df5b2ca74ebe9f2db5c83c
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:06 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: f20b50f955193fa25ee9eb3da29eeb34
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 9f0c0abda03506f610df6ab1675fb738
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 15ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 8160ddc6a147ffea7d11643378991998
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 8b09a17c8b15eb01ef74a1768bd4d72e
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 65ms
65ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: f4f29858dc1468082366127f0a660c85bbe2efd0b3c89f0ac50c0e4ed41485b6

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=spScD-VbcPCmSE2teAoVGm-uj_o7vMnVf5fzo652AGY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=UTftN8PEcTEHcApupoPKwQSKo9Qfeg0p7cxM3WsUmWg; expires=Mon, 01-Mar-2021 11:10:15 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 17ms
16ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=375272589

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: 58f3ca4976e1a6956cd747df779718a5
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 17ms
17ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

/
betshucklean.com/4/3082150/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
492 B 16ms
16ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=375272589

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: 1203c15fcb4a9c85473c21ea52637f86
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:07 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 95446e5fa88bcd11caecd13e13a7a75f
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 19ms
18ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 16ms
16ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=375272589

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 8e2824678bc090056003a243c69049d6
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:07 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 17ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 7e04cf3519afc35bd7e393262660c6ce
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 15ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: a7a9e1a71cadaa2311dc1e85eb1adf30
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 15ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 13e1d248233eb5348fae08edce7f48c3
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 17ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: f2492439f95d61f9c7ef5bf91a0b4ac2
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 75ms
75ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.13
Resource Hash: 0bdda085389578fd7d30fa665d585fafe1adb9fab0a08707b8d3afdbaf408758

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=UTftN8PEcTEHcApupoPKwQSKo9Qfeg0p7cxM3WsUmWg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.13
Set-Cookie: reverse=6WhSnBiouXp6HGhpDfN0XHihnny2wCoyLSMt2CU5r4c; expires=Mon, 01-Mar-2021 11:10:15 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
15ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=342928736

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: 9f3479c6f79aaf917471a1182d7852a5
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 39ms
39ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195659241693468

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
492 B 15ms
15ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=342928736

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: b1b1d86cc83a2360d1422a0671850bff
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:07 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 15ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=342928736

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 6af06a4764c8376f368f1a827f2c2e4c
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:07 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 17ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 9e9a44810964c6e36f824ddb0fb51283
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 20ms
19ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 991b6651d6228548b6dc9b0394606fc5
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 9fc96a55a0dcca87b33de78dcef51701
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 25ms
25ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: b29ed5f40793e268231af11d1b115b16
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 19ms
19ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 1f0bc968a15090c1433d266646c61916
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 64ms
63ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: 47ce4c9bf8a315823433a1bb3b9c55d8569a932409cd5965afe0e1d32067dac7

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=6WhSnBiouXp6HGhpDfN0XHihnny2wCoyLSMt2CU5r4c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=5vhCf9ii4I0Lbzz7hO7bHiSWZC3MTpcGSjrTyASdnrM; expires=Mon, 01-Mar-2021 11:10:15 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
15ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=508759906

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: 44167f375dc9bc9bc791fe81a594106f
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 16ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195658461557181

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
493 B 18ms
17ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=508759906

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: 6b7f7ea7995678dc15f8530875dc1985
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:07 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 35ms
34ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: a67257359f9f2552b6c6fc925fd73bc0
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 39ms
39ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 15ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=508759906

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 85738b9c4c9a749b31b168d4c0caa75c
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:07 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 90ab83191d08265d0ee38ab0bf614151
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 15ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: e963079773f168709f737367f6792c82
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 15ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 1e183e1dcc2ebaf52f445c1f993c72bf
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 23ms
23ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: c564dea98d962cffba0530b61a093ca9
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 88ms
88ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: d0157d271fcac83dd57d2a09f0a23658a7997fe67bb35dc0d8a0770af8f8e0bf

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=5vhCf9ii4I0Lbzz7hO7bHiSWZC3MTpcGSjrTyASdnrM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=NbhflYPcx78wzRKS9Ocn4raDawDJ5vQAiNzpJPYyw0U; expires=Mon, 01-Mar-2021 11:10:15 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
15ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=1888289986

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: d611624e5fb8bde93989c7bce6ce87c3
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 18ms
18ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195658616746540

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
492 B 16ms
15ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1888289986

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: e09e83f5b440ad1c1a252570f7b088da
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:07 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 17ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: e2780146f30889b6efe14e2c257af7f3
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 19ms
19ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 16ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1888289986

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: fa2885a39b8ac424fc7d3c47c2e31636
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:07 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: e15afe8265f68b425438181398ffbe3f
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 3d5d752a0c83a63039aa1a50d209523c
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 17ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 84c7ffb272e27f1c4a916aa936de66aa
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 23ms
23ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 7cc975f1ca0dcd3843f2e6b67f64d32d
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 85ms
84ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: 7ea240269600a93e6f5dd140c81fdedb5f22eeb87d62aba9443e1af79964d1e0

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=NbhflYPcx78wzRKS9Ocn4raDawDJ5vQAiNzpJPYyw0U
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=D4sPTTjePSmuoKn9Xfe_CD7JNuJN9FDQrekL1QvWw98; expires=Mon, 01-Mar-2021 11:10:15 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
15ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=872114553

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: 0bb6897ce6389c1117ddc7a5a53baa54
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 18ms
17ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195662064464106

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
492 B 17ms
16ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=872114553

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: 6aa9f91699b63e2134d48e68cd7cd0a7
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:07 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 18ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 5eb4a212deba518af4259c565edffc40
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 19ms
18ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 15ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=872114553

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 9a3165333267323d52a0e8f410332fc7
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:07 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 17ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: eedd086468b59ac76f31d9934727b289
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: a7a45e7a1ca6bd3d8907f616e8bd4573
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 19ms
19ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 19ms
19ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 13e45aee7d32d086011e64c2078f4ce7
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: fc3866872973c77d7a62ef20dc80936d
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 57ms
57ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: 8b5ea34b65b10e1c65925e8147d1951492eb5ede4e2b79cecb38cf478f630a7d

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=D4sPTTjePSmuoKn9Xfe_CD7JNuJN9FDQrekL1QvWw98
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=_fZl1QDTq1sExgKg0uNazHmThAy3KHU_jpCb6T5nf7M; expires=Mon, 01-Mar-2021 11:10:15 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
15ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=151231512

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: 31ced930283e10ba26c33295bd4aa9c2
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 17ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195662064464169

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
491 B 15ms
15ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=151231512

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: f61caa0da6100b15889c62896acec96c
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:07 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 17ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 74e67c75d5f14fe6f3eb7b025be6ffa4
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 23ms
23ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 15ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=151231512

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 3501587c6f8bc37d48aa2bb994080381
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:07 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 15ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 3d3a7654fb9ba76c51092113dc7fc4bc
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 067d8f833788c402f2c213ab687abdfe
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:15 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 18ms
18ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 36771663bf02ec491db9544c9eb33111
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 17ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 92110586b4eb89ce7127083683d48fca
Date: Mon, 01 Mar 2021 10:10:15 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 57ms
57ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: cf3e45174a1f683bf7089cff688acb1222cfccaa8912937ecf8af1701abe5407

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=_fZl1QDTq1sExgKg0uNazHmThAy3KHU_jpCb6T5nf7M
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=bZSEr83gaupJI7fd8kx_zo_PtFeEME6eXEe3PbO0tus; expires=Mon, 01-Mar-2021 11:10:16 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
15ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=1382974735

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: cb026def3006369aeaec784197b92e80
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 17ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195662064464237

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
492 B 15ms
15ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1382974735

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: 164eb4ecd4947ef0f2e42e2f7dc41f88
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:08 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 18ms
18ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: f7457a90f8d83d464d5e078e6d4cecf1
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 19ms
18ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 15ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1382974735

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 2114e742e13b4436479f931c8df47330
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:08 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 16ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 19ms
18ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: c7990fb8e49bab049b3b36bc40496044
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: c816e394b418739fb25204d0d2dcaeba
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 16ms
16ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 15ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 2cb513262237475f9f26b7a81452abb4
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 20ms
19ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: b1a5d710a4448ca9213c2af0c4819aaa
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 105ms
105ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: 3c5900020a6ec557251658be0313dd43dea2c1bdd8b1b938439e7f691b8c3444

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=bZSEr83gaupJI7fd8kx_zo_PtFeEME6eXEe3PbO0tus
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=QrciY3KWykTlptN2SigtPICnFm-H4xEBPQuGQp4qWAw; expires=Mon, 01-Mar-2021 11:10:16 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
15ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=934538690

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: d837d33bd6efdda6ef1dbf29a442988e
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 16ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195658616746853

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
492 B 16ms
16ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=934538690

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: 2b68c8ed6622fcd03f93d6f1beefa95a
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:08 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 17ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: b820e82f7b405118cb3f1a99bdf3b2d5
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 19ms
19ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 15ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=934538690

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 1d88c1c89e6e66ed89cffca4c263470f
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:08 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 16ms
16ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 1f77b5ca8ee08a38daf0758008e0e3a7
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 17ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 7e03702625796a392ee77153fcd24c63
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: f29fd062a85bb7a0de45234c7ff90908
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 809b8759394fa623c6fb26823f316adf
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 58ms
57ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.13
Resource Hash: 430b13908ccc629ba7f369c596c4e8dc97d26ffb9b3a1498b95670c5dd73564a

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=QrciY3KWykTlptN2SigtPICnFm-H4xEBPQuGQp4qWAw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.13
Set-Cookie: reverse=2UIrwZJeZvlULH4hHpNImGhVRd7XzCI2UDnFV_oTjDA; expires=Mon, 01-Mar-2021 11:10:16 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
15ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=101193635

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: a75b23c3db63798e5ab8762b38d37981
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 16ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195658461557646

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
492 B 16ms
15ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=101193635

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: 92158ff61fd2ed0d939ad7963e01b563
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:08 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 17ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 9227cc0ffa60eea4442d1371479f6a3a
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 22ms
22ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 17ms
17ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=101193635

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: a4b37d94da8e3022d120ff90375faa5d
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:08 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 19ms
18ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 1bf90c9772f2deff63540cf47be8e99f
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 15ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 76e1345f7116290cc2538eb6eacf0ab8
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 15ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: cd16d0c277b9b065b34cc734824f5ac0
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 711170d2a99c6dbba659c4f56b088ede
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 66ms
66ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: fffa5dbda63df2c569951bd57eb5860dbc82d86c2b9b770da320f82ae2f3cb7c

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=2UIrwZJeZvlULH4hHpNImGhVRd7XzCI2UDnFV_oTjDA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=DyqLw70sJ1lOLgoSty9kMdOHhyhDbRomK6dcHd0_4Hg; expires=Mon, 01-Mar-2021 11:10:16 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
16ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=701630746

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: 6b34d1b8ea8ff12b1ad3415979f9270d
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 17ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195667064070181

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
492 B 15ms
15ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=701630746

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: c64a9cdd8497b2d6b56554a91dbb1d8a
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:08 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 17ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 4443564472a011a9c75072a6e1d03402
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 19ms
19ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 15ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=701630746

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 35df3d63470de129b12ec825a06793c8
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:08 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 17ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 8a5c3ed360c7cd6673b685b4aa7a1742
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 2b742853fb184fd55c4f349551d71b7f
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: db839f5c675046b2b5105f949ff43b50
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 77cb5e714e100a6de7ffd697f5dee784
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 68ms
68ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: c4ecb40957a45fe6fdb818ae0899775587a36090f377308aff65a4daf3772b22

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=DyqLw70sJ1lOLgoSty9kMdOHhyhDbRomK6dcHd0_4Hg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=M88xlQXJUgHpmBCYI7lFKRSGpKiXVpynZB2sMKkF0No; expires=Mon, 01-Mar-2021 11:10:16 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 24ms
24ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=39710966

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: 08672f420c64ce808e785e991453e326
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 26ms
25ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2

200

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195659241694160

0
0

28ms
28ms

Document
text/html

23.79.135.126
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195659241694160
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.135.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-135-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: www.gearbest.com
:scheme: https
:path: /promotion-bestseller-special-1308.html?lkid=45687009&cid=390195659241694160
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

content-type: text/html; charset=UTF-8
pragma: public
last-modified: Mon, 01 Mar 2021 10:09:12 GMT
gbcdnlang: en
access-control-allow-origin: *
access-control-allow-methods: GET, POST
ng-cache: HIT
content-encoding: gzip
content-length: 40104
x-edgeconnect-midmile-rtt: 0 0 0
x-edgeconnect-origin-mex-latency: 199 199 199
cache-control: public, max-age=60
expires: Mon, 01 Mar 2021 10:11:16 GMT
date: Mon, 01 Mar 2021 10:10:16 GMT
vary: Accept-Encoding User-Agent
set-cookie: AKAM_CLIENTID=e93f41447e153855fc1af5841a7d0446; expires=Mon, 31-Dec-2038 23:59:59 GMT; path=/; domain=.gearbest.com AKA_A2=A; expires=Mon, 01-Mar-2021 11:10:16 GMT; path=/; domain=gearbest.com; secure; HttpOnly

Redirect headers

server: nginx
date: Mon, 01 Mar 2021 10:10:16 GMT
content-length: 0
location: https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195659241694160
access-control-allow-origin: * *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
timing-allow-origin: *
x-trace-id: dc3ae2cee36eaf27444700c259b0b95a
link: <https://propeller-tracking.com>; rel="dns-prefetch preconnect",<//>; rel="dns-prefetch preconnect" <https://www.gearbest.com>; rel="dns-prefetch preconnect",<https://propeller-tracking.com>; rel="dns-prefetch preconnect"
referrer-policy: no-referrer
set-cookie: OAID=dc6aa332b79c4615a35ac910c876f690; expires=Tue, 01 Mar 2022 10:10:16 GMT; path=/; secure; SameSite=None oaidts=1614593414; expires=Tue, 01 Mar 2022 10:10:16 GMT; path=/; secure; SameSite=None

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
493 B 42ms
41ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=39710966

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: 3ff75f830ff8e9d8d50b6941067cd85f
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:08 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 45ms
45ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 71f9d8bdaa587966118009b4479f399f
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 43ms
42ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 15ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=39710966

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 1a3f278fbbe38a22ba20f5b09c5b372c
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:08 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 18ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: eaf49927276e9e353ce7b6251ad46eca
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: c0eb0a0cad091cfee0806ebb47f7d9b8
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 19ms
19ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: ce8e69c23c4130f88535c2fa07b187dd
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 20ms
20ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: dd31a311e39e3ccd82ef18098c523933
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 63ms
63ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: b0ce17b7d60cda7ff62bbe6aed3a36e65edc47ec46f1ce3994447c37c4963ff8

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=M88xlQXJUgHpmBCYI7lFKRSGpKiXVpynZB2sMKkF0No
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=fqUFxZqWvJxh1FPOMtF-stZnD5xSyTRpPqeNP3LGLgA; expires=Mon, 01-Mar-2021 11:10:16 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 17ms
16ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=657838

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: ab1f4155285527e12aa0f7e044999ec1
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 16ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

/
betshucklean.com/4/3082150/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851

0
0

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 18ms
18ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 5c043fc240c5cc1167eebf9c28dbb6cb
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 19ms
19ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
492 B 15ms
15ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=657838

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: 966565db88ae1b065eaf74c5d6245e26
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:08 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 15ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=657838

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: caeb95ac5536a36157a07734c0eb1556
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:08 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 18ms
18ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 32a52781f17840119ef51ce4c53e1be3
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 8812f8bb9e112ad4450c71412db60330
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 6c56ce55e5bce079870695c1229b9b05
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 9a9f140fc5f185b2fbee1c5dfd01e999
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 49ms
49ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: d47ac27b8d54e556b75e92880c201c6059a050c9b44621520a90a57f510cc5d3

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=fqUFxZqWvJxh1FPOMtF-stZnD5xSyTRpPqeNP3LGLgA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=xak-6C_4143bizYcifkvnwsuWpd8Cpqz5roLuxKy6u8; expires=Mon, 01-Mar-2021 11:10:16 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 17ms
17ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=2014371155

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: 01288fc5afb4eb8f5c344d629288947f
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 17ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195667064070408

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
492 B 16ms
15ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=2014371155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: f75caa9df56d1867840804cf856390a5
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:08 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: eefb3a1f3257c4771e4081c269850504
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 19ms
18ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 15ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=2014371155

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 21ca78bcd6cb436eaeb4b433360a6cd6
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:08 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 19ms
18ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: c495467b1865fd9ddb0085ba96eda66e
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 19ms
18ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 403273003ffcfd6a4d1e7672741cc29b
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 17ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 823ee928e55af87377150a33de9ce5ed
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 17ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: d09b413a69bf770544f5292276a95ea0
Date: Mon, 01 Mar 2021 10:10:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 49ms
49ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: 9ecf42856a1bd8cc7be08a4a91e0f2ffb213216ad5065c83bafa35669a8f1343

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=xak-6C_4143bizYcifkvnwsuWpd8Cpqz5roLuxKy6u8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=CriicJZAizFxIiHswgOeheLh4WfZWjCoSeiePAarZ4Q; expires=Mon, 01-Mar-2021 11:10:16 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
15ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=1006684473

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: 7ced69e45550596e3e72e138f9882a13
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 16ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195667462533287

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
492 B 15ms
15ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1006684473

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: 23b676c32482482f853e8a027c678647
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:09 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 29a435eb8674cb9a0086009ec0c77d10
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 19ms
19ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 15ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1006684473

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: b279e6c0a7d35cbc031e7431023405e9
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:09 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: aab1058d96caeaa2f21c782ae5fafd8b
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: e1b3bc78d37ab4c5597d6ae6ebd376a4
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: bed42193215ad23781e129fe27f96ab4
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 17ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: b0ca2cbaf1228dfbf254843265afa047
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 64ms
63ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.12
Resource Hash: b86003ea5d447f819fa13cb7bd502ae3e065247519556967e125cb85f1dcbba7

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=CriicJZAizFxIiHswgOeheLh4WfZWjCoSeiePAarZ4Q
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.12
Set-Cookie: reverse=M4Lvm8eBFYhuegYPIlK9fnMuVlnytj019wAmJTzgFeo; expires=Mon, 01-Mar-2021 11:10:17 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
15ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=1811230694

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: 68c0d53fdee89b221db0e62944bafae3
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 16ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195667064070520

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
491 B 15ms
15ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1811230694

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: 64c82c252c9cab193ecba8fa101b1980
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:09 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 20ms
19ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 314fa8cebab2b529e947b69c6a4f9821
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 19ms
18ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 15ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1811230694

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: c068b86c8eb878e98cabfcb45e34c5e7
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:09 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 2fff4819f29541db9c5e5b4b30ea5fb8
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 8750b8c33e9f81ec94053265e4175722
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 16ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: e475d886db6fd7f7fff4df15d5b93cca
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 869486f6bee658256f73f987a86336da
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 47ms
47ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: 639dffe27a738da52f05f7fad4c63c8fc054ded9fe88c4dfb5d930cd7fd85ee0

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=9v_jAdNMAjpHc5oTT7PyE0MhXyic0FxjrumOWcfqCOY; expires=Mon, 01-Mar-2021 11:10:17 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
15ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=443476893

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: 1b3726e2cf28a18a3a57d9c0ae27e34e
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 17ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195667462533570

0
0

GET
H2 204 vctx
propeller-tracking.com/ 0
493 B 15ms
15ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=443476893

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: f536bb767b173bd8cd23cbfe0733949c
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:09 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone
goaciptu.net/ 757 B
1 KB 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: f31ccce8ff67ccce5dd1f45fddc89c1d
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js
goaciptu.net/pfe/current/ 100 KB
36 KB 19ms
19ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 15ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=443476893

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 07c9b0ecd77b9616219bd6cda1acf435
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:09 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 16ms
16ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 17ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 11992ce3a98edb0b238a98367b2a3ac0
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 17ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: ad1a33cd7723025f3cefb46860c523f1
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 15ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: d0c431f24a20ecce995f504f343c4418
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 17ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: ea52fa598e36097451c8b3dacecd109a
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 63ms
63ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.13
Resource Hash: d65b1ea6fe38c90d65d11430d0a023dbb13f6e6cef2af6bfcef82df753280690

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=9v_jAdNMAjpHc5oTT7PyE0MhXyic0FxjrumOWcfqCOY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.13
Set-Cookie: reverse=jkzGHHM-kjup-znONGw9XTB1tKvUF5_L2NKnT_0JXB8; expires=Mon, 01-Mar-2021 11:10:17 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
16ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=212643525

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: 86f1f1402aaf857a5a6587642d3ab693
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 17ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195670444675275

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
492 B 16ms
15ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=212643525

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: 983ffe9340f9ab7a249f78f092ce345d
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:09 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 17ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: cf0c2dcc8f503eb718c78fb12c7450bf
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 19ms
18ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 15ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=212643525

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 14b747fc145990c9d8df11ad68c41e6a
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:09 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 15ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: bf2ac6d2a32eec4dc95be23892530a79
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: d33c12976751d02f04edd029657cacd3
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 18ms
18ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 680c1d7aff4c5e90fff76056d299156f
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 18f760a85f7c78d41cf3dd6ccc960897
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 62ms
62ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: 6e5bd57227dd7e247ba8e44768f8b20d59681f2f53812848f296205e854e5a8f

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=jkzGHHM-kjup-znONGw9XTB1tKvUF5_L2NKnT_0JXB8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=BWrCIGUkXPWXJ7y6AIzXbrGSD8HiSUwj21jFKRSKhR8; expires=Mon, 01-Mar-2021 11:10:17 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
16ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=969544012

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: 9b6ccc9788541da7e6b95ceb56791172
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 17ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195667462533706

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
492 B 15ms
15ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=969544012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: 3c39b86de80d4e45b7ffb4bd19e99a31
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:09 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: ba360d908ab8c725d948bd6491b23550
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 19ms
19ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 15ms
14ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=969544012

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 36883937811185b4cbc21a7149b68f20
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:09 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: f5645bee15177f23cffbd4f559737536
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 17ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: c0b3b925f5fce5303a519e0ca5a18ea0
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 16ms
16ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 15ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 2d13f1d41840b2d110b489c71fd76995
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: ca1c22a25ab6b8890d6db62bb7348d14
Date: Mon, 01 Mar 2021 10:10:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 63ms
63ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: 858b279576a0f6b6cc9841a5458a11818088a05fabf2ac2212738a81651143a1

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=BWrCIGUkXPWXJ7y6AIzXbrGSD8HiSUwj21jFKRSKhR8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=0E_qM-0ZqCSRfn8lEFPqWsxLDGp8p6djp43nxUquqlU; expires=Mon, 01-Mar-2021 11:10:17 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 17ms
17ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=197839761

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: e3a22ddb44ad9202f3f4a77d9b5065d9
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 16ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195667064070937

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
492 B 16ms
15ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=197839761

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: 21f459cda99f09b4acfeb4a185e27aaf
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:09 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 1433d176d06a531763f63ed1ebc05f7e
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 19ms
19ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
491 B 15ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=197839761

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 21874c6ac1ba1e9ab3f8ee0a3e540df1
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 19ms
18ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 1afb137f25d49b76a0ed02817f324d7b
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 919639d671a41a3e446bb42e1c06a496
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: a16310ee37cfe22102be814ae2a73018
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 22ms
21ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 77f96a493fc02a3a228720e76db5a5cc
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 46ms
46ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: a1b3a85b9e9349ae0e49a584a4af1a9bef8f6488223ac8c73dd08559e4ff85e4

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=0E_qM-0ZqCSRfn8lEFPqWsxLDGp8p6djp43nxUquqlU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=UIqPD63VI4aUD09FXrzapSimIxDD91Ln_q7DCnCvGsM; expires=Mon, 01-Mar-2021 11:10:18 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
15ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=122259261

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: 3e00283d0aec185011a21394c2d27c4c
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 17ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195667064071006

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
491 B 15ms
15ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=122259261

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: c141118facddff524e0910739023fe4e
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 17ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 8310bd9744a4d552e87a31ce4b77c931
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 19ms
18ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 15ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=122259261

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 3000fc954be98b1ada2c04af3c618dcb
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 18ms
18ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 8e26779d7a55e1eff39cedfb0d9c21b4
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: a02d2b7983b85692b90c7d69fb0a3d52
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 55f1639dd3cc977ba34668dce97d88d6
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 17ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: ce2a71593762e46c344935dd41416262
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 50ms
50ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.13
Resource Hash: 0dbb64ee2865386e337c599e3ff365f32b39052e0e15c4e2e9cdbca688f4f885

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=UIqPD63VI4aUD09FXrzapSimIxDD91Ln_q7DCnCvGsM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.13
Set-Cookie: reverse=Xq1bKBOL5LoKcKQoYKLC2FTzRc2SXkDF483qcszpjKk; expires=Mon, 01-Mar-2021 11:10:18 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 17ms
17ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=1834652823

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: 12a9e3f19cfbc2949ed2caeba9c3f956
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 16ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195667064071056

0
0

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 17ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 8d0807aac4af34bc1329d96ce25b6b91
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 19ms
19ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
491 B 16ms
16ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1834652823

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: 8d07e2056fea7e7beeeda2f2cc835ba9
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 15ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1834652823

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 338d473b6696826a519032d7ac2d88f9
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 17ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 70765a433b978fa9e1de09b07fa9b160
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: f72ff82b1edaac6f21599e71bdbe9cb4
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 17ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 76232e77784a1e2c6ea249e5d0da6d61
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 7b6a963293a6c2c7c39d1eee0acf42fa
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 60ms
60ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: 2cfa402ba3b52e94165107c333ae18dece0784a6f013fd209284d8b954cde9e2

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=Xq1bKBOL5LoKcKQoYKLC2FTzRc2SXkDF483qcszpjKk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=6XhR542uK1O30Zr15SqMuFbmBO0oEUj2BuRco92RqfI; expires=Mon, 01-Mar-2021 11:10:18 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
15ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=108112842

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: 9b944649ffb5042b48b658b76d653723
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 17ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195666950820187

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
492 B 15ms
15ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=108112842

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: 7787c14edfef06b350d9d86314793c7d
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 17ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: ba7a3e94200c705e75b729ed5715cc06
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 19ms
19ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
493 B 15ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=108112842

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 5d77b9f8a98978d7d64b7ddb1fe4da2e
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 16ms
16ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 9b7f22e8ea3a0a04a0ea0aa849fa02cc
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 17ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 7d2b6c87cf461e8a83501ece18424db5
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 82fdf9d9d206fca7afb3db4a8c9fc01b
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 18ms
18ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 4580ad7c08a628883ca83c4ab86dc9b2
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 58ms
58ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: 25965d4e71bbc58259011c98f13285666fb2c43d0196dcc3c1dd672b8d71aca6

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=6XhR542uK1O30Zr15SqMuFbmBO0oEUj2BuRco92RqfI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=PL5_CmCpS0RY70ObSJ4Ym8DsymcsSxE_y6IzM2rkcqA; expires=Mon, 01-Mar-2021 11:10:18 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
15ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=1196809466

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: a0f843659ff1052f6a0278c504e6ad3b
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 16ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195670444675637

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
493 B 16ms
15ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1196809466

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: c9038f94c8546499e6fa93fb54d68413
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 17ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 65d823addc3efbf70fb73da5e76b691f
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 20ms
19ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 17ms
16ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1196809466

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 1ce035ebf390930cfb68fd60f2dccddf
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 2d669d2d3a42e7dd5ba026a7af99c1e6
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 23ad421c5354d65425212419fd60c022
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 638557cf3d96807d81dace8d3c268c49
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 20ms
20ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 0ea0cca75542bf861a763d4a06857daa
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 64ms
64ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: fd76bd70d0bc3f4ad519332563e4c6f50d0ee7b7975fb75490c799cab7d28108

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=PL5_CmCpS0RY70ObSJ4Ym8DsymcsSxE_y6IzM2rkcqA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=dYjs3mSJUL4Kg-4XzH8KzTCYgIur2-FlHmNy0i1HoY4; expires=Mon, 01-Mar-2021 11:10:18 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
15ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=1535308067

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: c75ae0abe6e43e60dbca326cea5feae3
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 16ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195670444675701

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
491 B 16ms
16ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1535308067

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: a5f8c2a0a01c1faba517f8865da7e5d2
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 18ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 9a501040b0369e70c8f08ed5b8168c7b
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 19ms
19ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 16ms
16ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1535308067

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: b86901fa7421d9137d5c418e9390dc5c
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: d6aa43daa0f5c48d1c0b811a8403652f
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 50ms
50ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 0440742abed1655b55e3d64f78165c70
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 18ms
18ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: ca0238fef701634a37228c18e340a12d
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 6396b8d457c33c01a1af7212fc12d6b4
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 60ms
59ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: a819ba0d162118cfc5706f9c12f43c2629bead06675f3a8c9568d67fca61edec

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=dYjs3mSJUL4Kg-4XzH8KzTCYgIur2-FlHmNy0i1HoY4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=GBRgkhJ0ENSXyfJQ2LtxqV4vmgZ7N8sn7qPsz_WEirw; expires=Mon, 01-Mar-2021 11:10:18 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
15ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=198375642

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: 5e83ef6968e917a0813aa0aa35765143
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 16ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

/
betshucklean.com/4/3082150/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
492 B 15ms
15ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=198375642

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: d37f1da4e64366626565d698b2adc18f
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 17ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 23ed3ff7c958bdbd2d1bc56624c65f06
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 19ms
19ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 15ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=198375642

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: f613673b32adb971f923e49cba9f943a
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 16ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: f131047f0bfebee1854a3bcad01c44c5
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 15ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 461d3eb40c2a2aff3ef638cc8d32c9dd
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 14ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 17ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 53edd72055a71773f37db1c74e3a3b96
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 8ec08194c80ff6d5c078cba3b758fd64
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 49ms
49ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.13
Resource Hash: fec235952bee21b384870afa033a64969cc495cf4c5ead54060366ff006f586a

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=GBRgkhJ0ENSXyfJQ2LtxqV4vmgZ7N8sn7qPsz_WEirw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.13
Set-Cookie: reverse=exA85lhQoyR01KQ4PfyyRq_Pu_UwPY9_lvFhdPB-4r0; expires=Mon, 01-Mar-2021 11:10:18 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
15ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=2125822191

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: d1968a4548250f8e6d926f5edd766d47
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 16ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

/
betshucklean.com/4/3082150/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
493 B 15ms
15ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=2125822191

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: 7293dd35d05313b8b287b4f556697b17
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 17ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 0c160af3ca15e6ed026856ea00827010
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 19ms
19ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 15ms
15ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=2125822191

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 481ee6f36a2a47d73e5f11a091369062
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 17ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: a39bc5e8c2234132804a82f5ffae1613
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 15ms
15ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 384045c2e85ebcd72151b09bac35f586
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
14ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 16ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 17ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 8ffcc69e35408a580f7c802797b2bca2
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 16ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: c497a412f3bb0e24fb93319b8381d257
Date: Mon, 01 Mar 2021 10:10:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 47ms
47ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: 3437e4323fb5df0c6688d749375153d4cecbfaf38f3b8e071912c37bce5e5377

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=exA85lhQoyR01KQ4PfyyRq_Pu_UwPY9_lvFhdPB-4r0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=q4UKq1e05xDr9LjjW_RFtEMdMy65OgIlYRuEnb07c-s; expires=Mon, 01-Mar-2021 11:10:18 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
15ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=834178892

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: d45c0cbd09e88da45d9f48192ed1ea27
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
goaciptu.net/pfe/current/ 14 KB
6 KB 16ms
16ms Script
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 393196ce68a9af81f502847190437bae27b821df405bd404d9dc12174416fb41

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-373d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET

promotion-bestseller-special-1308.html
www.gearbest.com/
Redirect Chain

https://topflownews.com/?track=aHR0cHM6Ly9iZXRzaHVja2xlYW4uY29tLzQvMzA4MjE1MC8_dmFyPTE0OTYyODUx&meta-id=NDIzMzAz&brandSafe=1&rsz=14962851&cd_meta_crid=40845&meta-tracking-id=13980762&s=8391168439bd...
https://betshucklean.com/4/3082150/?var=14962851
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=390195676388003949

0
0

GET
H2 204 vctx Show response
propeller-tracking.com/ 0
491 B 15ms
15ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=834178892

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: d1da49fc5acf22cd90bc25230d7eebde
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
goaciptu.net/ 757 B
1 KB 18ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/zone?pub=0&zone_id=3081946&is_mobile=false&domain=topflownews.com&var=14962851&ymid=8391168439bd2ea3df15272daf3cf507&var_3=

Requested by

Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d8679b07f0c8d7c41631297532d56f30271657b872d1f42be239106153e3f767

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: a4bd5e8a44cb1eea26e299fcfa87c4e0
Date: Mon, 01 Mar 2021 10:10:19 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 757

GET
H/1.1 200
OK standalone.min.js Show response
goaciptu.net/pfe/current/ 100 KB
36 KB 19ms
19ms Fetch
application/javascript 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/pfe/current/standalone.min.js?v=3.1.282
Requested by: Host: goaciptu.net
URL: https://goaciptu.net/pfe/current/tag.min.js?z=3081946&t=standalone&ymid=8391168439bd2ea3df15272daf3cf507&var=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8c2c5fccd6836c2b7567c6b4d611ced4a803510062acb0221395d60e1509e17a

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 10:10:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 13:34:12 GMT
Server: nginx
ETag: W/"602bc9d4-1902c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://topflownews.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 vbl
propeller-tracking.com/ 0
492 B 17ms
17ms Other
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=834178892

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 819f323861883c78dc5e147bb99de19a
pragma: no-cache
date: Mon, 01 Mar 2021 10:10:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://topflownews.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:19 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 17ms
16ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:19 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 19ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: c8c69398d942a4e5b42baffd5c617f95
Date: Mon, 01 Mar 2021 10:10:19 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 18ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 6dde6b9635c1750471ad0b8baf17583d
Date: Mon, 01 Mar 2021 10:10:19 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
goaciptu.net/ 0
0 15ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:19 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom
goaciptu.net/ 39 B
490 B 17ms
16ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/custom

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 4aeb5fcdbc3cd13e8c6f7761ce5e9517
Date: Mon, 01 Mar 2021 10:10:19 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK event
goaciptu.net/ 0
0 16ms
15ms Other
text/plain 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://goaciptu.net/event
Protocol: HTTP/1.1
Server: 139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://topflownews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:19 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK event
goaciptu.net/ 94 B
545 B 17ms
17ms Fetch
application/json 139.45.196.147
RETN-AS

General

Check archive.org

Download Go to

Full URL

https://goaciptu.net/event

Requested by

Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.147 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 81ee849b9c423822c4295034b37b5f69
Date: Mon, 01 Mar 2021 10:10:19 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://topflownews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

GET
H/1.1 200
OK Cookie set / Show response
topflownews.com/ 33 KB
16 KB 55ms
54ms Document
text/html 139.45.197.147
RETN-AS

General

Check archive.org

Download Go to

Full URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Requested by: Host: topflownews.com
URL: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.147 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.10
Resource Hash: a45bb0b68108a877bfd2d47edc248378390455a91824c5fe444a3eb9bcf12bd5

Request headers

Host: topflownews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: reverse=q4UKq1e05xDr9LjjW_RFtEMdMy65OgIlYRuEnb07c-s
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://topflownews.com/?l=yecvxtYeyNvi4VA&s=8391168439bd2ea3df15272daf3cf507&z=14962851

Response headers

Server: nginx
Date: Mon, 01 Mar 2021 10:10:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.10
Set-Cookie: reverse=33NbzzV57IfLfToZFQHuCcQd8e0z5noYZyFHNzqAnlE; expires=Mon, 01-Mar-2021 11:10:19 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

POST vb
propeller-tracking.com/ 0
0

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 16ms
15ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Download Go to

www.gearbest.com 23.79.135.126 Public Scan Open in urlscan Pro

Internal

Effective Hostname

Submitted URL

Effective URL Pivot

Effective IP

Summary

urlscan.io Verdict: No classification

Domain & IP information

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

844 Requests

89 %HTTPS

50 %IPv6

19 Domains

26 Subdomains

20 IPs

4 Countries

4135 kBTransfer

10651 kBSize

27 Cookies

41 Outgoing links

Page URL History

Redirected requests

844 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 55 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gearbest.com
23.79.135.126 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

844
Requests

89 %
HTTPS

50 %
IPv6

19
Domains

26
Subdomains

20
IPs

4
Countries

4135 kB
Transfer

10651 kB
Size

27
Cookies

844 HTTP transactions
55 data transactions