www.beebber.com Open in urlscan Pro
2606:4700:3034::681b:803f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://speedflow.io/adult/?a=rr
Effective URL:
https://www.beebber.com/
Submission Tags: demotag1 demotag2 Search All
Submission: On November 07 via api (November 7th 2020, 12:16:19 am UTC) from US

Summary HTTP 61 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 19 domains to perform 61 HTTP transactions. The main IP is 2606:4700:3034::681b:803f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.beebber.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 29th 2020. Valid for: a year.

This is the only time www.beebber.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	198.54.116.135 198.54.116.135	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	95.211.229.246 95.211.229.246	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	107.170.39.103 107.170.39.103	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	35.190.72.161 35.190.72.161	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
4	2606:4700:303... 2606:4700:3032::681b:a2f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE)
4	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3034::681f:5bd8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3034::681b:803f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
61	22

2 198.54.116.135 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server193-5.web-hosting.com

speedflow.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

a.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.229.246 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.170.39.103 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

traffdaq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.161 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com

c.securepaths.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3032::681b:a2f8 (United States)

ASN13335 (CLOUDFLARENET, US)

tr.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

da3484fc1624dfd35233e628cc65582c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::681f:5bd8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.pageqq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::681b:803f (United States)

ASN13335 (CLOUDFLARENET, US)

www.beebber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	googlesyndication.com pagead2.googlesyndication.com da3484fc1624dfd35233e628cc65582c.safeframe.googlesyndication.com tpc.googlesyndication.com	143 KB
5	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	119 KB
4	tr.im tr.im	23 KB
3	traffdaq.com traffdaq.com	4 KB
2	beebber.com www.beebber.com	7 KB
2	gstatic.com fonts.gstatic.com	16 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	realsrv.com a.realsrv.com syndication.realsrv.com	1 KB
2	speedflow.io speedflow.io	2 KB
1	pageqq.com 1 redirects www.pageqq.com	499 B
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	168 B
1	google.de adservice.google.de	168 B
1	googleadservices.com partner.googleadservices.com	256 B
1	googleapis.com fonts.googleapis.com	624 B
1	bootstrapcdn.com stackpath.bootstrapcdn.com	24 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	jsdelivr.net cdn.jsdelivr.net	10 KB
1	securepaths.com c.securepaths.com
61	19

	Domain	Requested by
5	pagead2.googlesyndication.com	tr.im pagead2.googlesyndication.com
4	tr.im	traffdaq.com tr.im
3	da3484fc1624dfd35233e628cc65582c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	securepubads.g.doubleclick.net	tr.im securepubads.g.doubleclick.net
3	traffdaq.com	speedflow.io traffdaq.com
2	www.beebber.com	tr.im www.beebber.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	speedflow.io	speedflow.io
1	www.pageqq.com	1 redirects
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	tr.im
1	stackpath.bootstrapcdn.com	tr.im
1	www.googletagmanager.com	tr.im
1	cdn.jsdelivr.net	traffdaq.com
1	c.securepaths.com	traffdaq.com
1	syndication.realsrv.com	a.realsrv.com
1	a.realsrv.com	speedflow.io
61	23

This site contains no links.

Subject Issuer	Validity	Valid
realsrv.com Let's Encrypt Authority X3	`2020-10-26` - `2021-01-24`	3 months	crt.sh
traffdaq.com Let's Encrypt Authority X3	`2020-10-31` - `2021-01-29`	3 months	crt.sh
*.securepaths.com Let's Encrypt Authority X3	`2020-09-22` - `2020-12-21`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-10` - `2021-07-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.beebber.com/
Frame ID: C29B2A69573771E105E901FE0E49345D
Requests: 54 HTTP requests in this frame

Frame: http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604708158717&sub=&tags=&screen_resolution=1600x1200&el=%22
Frame ID: 881C27410CE19667AEC56141D0DBEB20
Requests: 1 HTTP requests in this frame

Frame: http://speedflow.io/adult/%3C?echo%20$mh;?%3E
Frame ID: 8C363CA98814E3CC9326B68FA4D5C846
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/zrt_lookup.html
Frame ID: FD84025D564D74651E73888F2F709ECA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1229858928340193&output=html&adk=1812271804&adf=3025194257&lmt=1604708163&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Ftr.im%2F1i8Td&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604708163408&bpp=14&bdt=154&idt=86&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8170230223896&frm=20&pv=2&ga_vid=1806333496.1604708163&ga_sid=1604708164&ga_hid=1880134453&ga_fc=0&iag=0&icsg=34986&dssz=17&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1821327065930629&pem=642&ref=https%3A%2F%2Ftraffdaq.com%2Fdelivery%2Fdirectlink%2F47382%3Fhash%3DeyJpdiI6Ik5KVzJtZUZrWDUyMCt5QVBrMkx2NlE9PSIsInZhbHVlIjoiMHZIY2htOFdOMThsSXdKWVppWU02MTRXblBkdVRibkJwWE42a1R3TUhjeThGaXVSQjVLMmtZWHVnUU15S1wvQmdlWDJVMXBIakN1MzlSV29saDBYQXZaNHBhTjVHYUloUVFcL2FJenhIQk1xcTNBSWVMM3ZqVTRKWTdTM2pHenNTUVd1UlRNT0ZVc2NJdE9Cd3dZZlwvSVprbkQ2VVN1OUVHYlVRT3VrUXV6OVpkc1ZKS0VJQm40b0lqNDVnNFFOTXFYczZVWndPZ05KSHViVWozTnpzK3BuM3FDS0g0T3plSHd6YVBFeEhPalZRODVNMzdUKzhWSFk2Qm1oTWRabCtMYVR2XC9xR0s2S0l4Y2ZVUGI4QnZvMzhGT3JqQ2tjYllrU2s0dkpGZThlUG5DMWgwdVwvcWVjbDBvcTNlNEpzS1AyQyIsIm1hYyI6ImYzMGFhMmQ4ODAxOTYzMWJkM2RiNzFhZGE2ZTUzN2NlYjAyYzM4M2IyYzQzOTY0NzMzNjhiOGU4OWEwNDkzMTcifQ%253D%253D%26fp%3D66abd220fd1aeed21a48c2d9b60f0bf8&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=108
Frame ID: B009FEE6471E94BCF5869FF1B383B3B5
Requests: 1 HTTP requests in this frame

Frame: https://da3484fc1624dfd35233e628cc65582c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 79348B82E14992E59F332535D7DFB17A
Requests: 1 HTTP requests in this frame

Frame: https://da3484fc1624dfd35233e628cc65582c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: E053C6A3CBA42C0D1DCEDD7E8728ACFF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 5A28C1C812E18B635483E042FE032CF2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://speedflow.io/adult/?a=rr Page URL
https://traffdaq.com/delivery/dl/47382?category=amateur Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik5KVzJtZUZrWDUyMCt5QVBrMkx2NlE9PSIsI... Page URL
https://tr.im/1i8Td Page URL
https://www.pageqq.com/en/content/view/page/cntth1/0-3730236.html?utm_source=tr.im&utm_medium=traff... HTTP 301
https://www.beebber.com/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

61
Requests

62 %
HTTPS

77 %
IPv6

19
Domains

23
Subdomains

22
IPs

4
Countries

433 kB
Transfer

1212 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://speedflow.io/adult/?a=rr Page URL
https://traffdaq.com/delivery/dl/47382?category=amateur Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik5KVzJtZUZrWDUyMCt5QVBrMkx2NlE9PSIsInZhbHVlIjoiMHZIY2htOFdOMThsSXdKWVppWU02MTRXblBkdVRibkJwWE42a1R3TUhjeThGaXVSQjVLMmtZWHVnUU15S1wvQmdlWDJVMXBIakN1MzlSV29saDBYQXZaNHBhTjVHYUloUVFcL2FJenhIQk1xcTNBSWVMM3ZqVTRKWTdTM2pHenNTUVd1UlRNT0ZVc2NJdE9Cd3dZZlwvSVprbkQ2VVN1OUVHYlVRT3VrUXV6OVpkc1ZKS0VJQm40b0lqNDVnNFFOTXFYczZVWndPZ05KSHViVWozTnpzK3BuM3FDS0g0T3plSHd6YVBFeEhPalZRODVNMzdUKzhWSFk2Qm1oTWRabCtMYVR2XC9xR0s2S0l4Y2ZVUGI4QnZvMzhGT3JqQ2tjYllrU2s0dkpGZThlUG5DMWgwdVwvcWVjbDBvcTNlNEpzS1AyQyIsIm1hYyI6ImYzMGFhMmQ4ODAxOTYzMWJkM2RiNzFhZGE2ZTUzN2NlYjAyYzM4M2IyYzQzOTY0NzMzNjhiOGU4OWEwNDkzMTcifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8 Page URL
https://tr.im/1i8Td Page URL
https://www.pageqq.com/en/content/view/page/cntth1/0-3730236.html?utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1i8Td&utm_content=link_click HTTP 301
https://www.beebber.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
speedflow.io/adult/ 988 B
1 KB 173ms
173ms Document
text/html 198.54.116.135
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Server: 198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server193-5.web-hosting.com
Software: Apache / PHP/7.1.33
Resource Hash: 3ef6dfa95e636281803f2da8f04d7821bc49236db02d30fc443bcb23b7204286

Request headers

Host: speedflow.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr

Response headers

date: Sat, 07 Nov 2020 00:15:58 GMT
server: Apache
x-powered-by: PHP/7.1.33
set-cookie: visits_todaya=1; expires=Sat, 07-Nov-2020 22:59:00 GMT; Max-Age=81782; path=/ time_start=1604708158.6181; expires=Sat, 07-Nov-2020 22:59:00 GMT; Max-Age=81782; path=/ ip=185.212.171.67 mobile=0 country=++ visits_todayi=0; expires=Sat, 07-Nov-2020 22:59:00 GMT; Max-Age=81782; path=/
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
content-length: 517
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK ads.js Show response
a.realsrv.com/ 2 KB
1 KB 6ms
6ms Script
application/javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://a.realsrv.com/ads.js
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: d3f814d49049b29143de2fccdbd97d0a1f0739e2554c482684c7c906b535ea43

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 00:15:58 GMT
Content-Encoding: gzip
X-HW: 1604708151.dop235.fr8.shc,1604708151.dop235.fr8.t,1604708158.cds129.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 928

GET
H/1.1 200
OK Cookie set ads-iframe-display.php
syndication.realsrv.com/ Frame 881C 0
0 39ms
26ms Document
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604708158717&sub=&tags=&screen_resolution=1600x1200&el=%22
Requested by: Host: a.realsrv.com
URL: https://a.realsrv.com/ads.js
Protocol: HTTP/1.1
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: syndication.realsrv.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

Server: nginx
Date: Sat, 07 Nov 2020 00:15:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225fa5e73eb63429.678411731739590144%22%3B%7D; expires=Mon, 07 Nov 2022 00:15:58 GMT; path=; domain=.realsrv.com;
Content-Encoding: gzip

GET
H/1.1 404
Not Found %3C
speedflow.io/adult/ Frame 8C36 315 B
460 B 170ms
170ms Document
text/html 198.54.116.135
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://speedflow.io/adult/%3C?echo%20$mh;?%3E
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Server: 198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server193-5.web-hosting.com
Software: Apache /
Resource Hash

Request headers

Host: speedflow.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ip=185.212.171.67; mobile=0; country=++; visits_todaya=1; time_start=1604708158.6181; visits_todayi=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

date: Sat, 07 Nov 2020 00:15:58 GMT
server: Apache
content-length: 315
content-type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK 47382 Show response
traffdaq.com/delivery/dl/ 3 KB
2 KB 662ms
469ms Document
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/dl/47382?category=amateur
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: 2dfe0f738968f947827a5b2296af2a1185604a3d164e8d2a792188d27969ca59

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Sat, 07 Nov 2020 00:15:59 GMT
Content-Encoding: gzip

GET
H/1.1 200
OK eyJpdiI6IkpQc3ZyT2VnSHN1QTYyVUNUanowZEE9PSIsInZhbHVlIjoiUzFVTUQxVzhnbFVZWEdEajBwWWhpYzNcL0hLTnBTQldYdUE1RVpzNGRhVHdEVUFieE42eDdIMlV4VXpYZlFhTHNcL0JjTDZnam5xS085QnJla1Q3T3NsUT09IiwibWFjIjoiYjlmMTQ3Y...
traffdaq.com/users/track/ 0
860 B 626ms
460ms Image
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffdaq.com/users/track/eyJpdiI6IkpQc3ZyT2VnSHN1QTYyVUNUanowZEE9PSIsInZhbHVlIjoiUzFVTUQxVzhnbFVZWEdEajBwWWhpYzNcL0hLTnBTQldYdUE1RVpzNGRhVHdEVUFieE42eDdIMlV4VXpYZlFhTHNcL0JjTDZnam5xS085QnJla1Q3T3NsUT09IiwibWFjIjoiYjlmMTQ3YmQ5MjZmYmU3M2M1MjMwODUwMGYxYTZhMmY5YzE4ODMwYzY0NDJiODc2ZThlYmE1YzU2N2U1ZTI3MyJ9
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=amateur
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 00:15:59 GMT
Cache-Control: no-cache
Server: nginx/1.16.1 (Ubuntu)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 401 implement.js
c.securepaths.com/js/ 0
0 30ms
30ms Script
application/javascript 35.190.72.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c.securepaths.com/js/implement.js?org=FziBhN0qA1aE5tBQrQLl&s=5fa5e73eef851&p=TDQ47382&a=47382&cmp=47382&rd=http%3A%2F%2Fspeedflow.io%2F&rt=click&sl=0&stId=0&ty=l

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=amateur

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

161.72.190.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Nov 2020 00:15:59 GMT
via: 1.1 google
status: 401
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
x-xss-protection: 0
expires: 0

GET
H2 200 fingerprint2.min.js Show response
cdn.jsdelivr.net/fingerprintjs2/1.4.0/ 33 KB
10 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/fingerprintjs2/1.4.0/fingerprint2.min.js

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=amateur

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 792148
x-cache: HIT, HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 10191
etag: W/"83f3-ijg3WuTgKQH1Hch06eHdIajrA24"
x-served-by: cache-fra19149-FRA, cache-hhn4047-HHN
date: Sat, 07 Nov 2020 00:15:59 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 47382 Show response
traffdaq.com/delivery/directlink/ 2 KB
1 KB 2753ms
2576ms Document
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik5KVzJtZUZrWDUyMCt5QVBrMkx2NlE9PSIsInZhbHVlIjoiMHZIY2htOFdOMThsSXdKWVppWU02MTRXblBkdVRibkJwWE42a1R3TUhjeThGaXVSQjVLMmtZWHVnUU15S1wvQmdlWDJVMXBIakN1MzlSV29saDBYQXZaNHBhTjVHYUloUVFcL2FJenhIQk1xcTNBSWVMM3ZqVTRKWTdTM2pHenNTUVd1UlRNT0ZVc2NJdE9Cd3dZZlwvSVprbkQ2VVN1OUVHYlVRT3VrUXV6OVpkc1ZKS0VJQm40b0lqNDVnNFFOTXFYczZVWndPZ05KSHViVWozTnpzK3BuM3FDS0g0T3plSHd6YVBFeEhPalZRODVNMzdUKzhWSFk2Qm1oTWRabCtMYVR2XC9xR0s2S0l4Y2ZVUGI4QnZvMzhGT3JqQ2tjYllrU2s0dkpGZThlUG5DMWgwdVwvcWVjbDBvcTNlNEpzS1AyQyIsIm1hYyI6ImYzMGFhMmQ4ODAxOTYzMWJkM2RiNzFhZGE2ZTUzN2NlYjAyYzM4M2IyYzQzOTY0NzMzNjhiOGU4OWEwNDkzMTcifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=amateur
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: 42810264b10be93c8297d64518f67aff0a75bac9804f3c24b7dd2bb6580e3a45

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://traffdaq.com/delivery/dl/47382?category=amateur
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tdqct=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://traffdaq.com/delivery/dl/47382?category=amateur

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Sat, 07 Nov 2020 00:16:02 GMT
Content-Encoding: gzip

GET
H2 200 1i8Td Show response
tr.im/ 9 KB
3 KB 790ms
789ms Document
text/html 2606:4700:3032::681b:a2f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.im/1i8Td

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik5KVzJtZUZrWDUyMCt5QVBrMkx2NlE9PSIsInZhbHVlIjoiMHZIY2htOFdOMThsSXdKWVppWU02MTRXblBkdVRibkJwWE42a1R3TUhjeThGaXVSQjVLMmtZWHVnUU15S1wvQmdlWDJVMXBIakN1MzlSV29saDBYQXZaNHBhTjVHYUloUVFcL2FJenhIQk1xcTNBSWVMM3ZqVTRKWTdTM2pHenNTUVd1UlRNT0ZVc2NJdE9Cd3dZZlwvSVprbkQ2VVN1OUVHYlVRT3VrUXV6OVpkc1ZKS0VJQm40b0lqNDVnNFFOTXFYczZVWndPZ05KSHViVWozTnpzK3BuM3FDS0g0T3plSHd6YVBFeEhPalZRODVNMzdUKzhWSFk2Qm1oTWRabCtMYVR2XC9xR0s2S0l4Y2ZVUGI4QnZvMzhGT3JqQ2tjYllrU2s0dkpGZThlUG5DMWgwdVwvcWVjbDBvcTNlNEpzS1AyQyIsIm1hYyI6ImYzMGFhMmQ4ODAxOTYzMWJkM2RiNzFhZGE2ZTUzN2NlYjAyYzM4M2IyYzQzOTY0NzMzNjhiOGU4OWEwNDkzMTcifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:a2f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.28-1+deb.sury.org~xenial+1

Resource Hash

59b241ab894eb589fde87c5b66a32c37df2d91313fba88cbdd79fa35e396193b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: tr.im
:scheme: https
:path: /1i8Td
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik5KVzJtZUZrWDUyMCt5QVBrMkx2NlE9PSIsInZhbHVlIjoiMHZIY2htOFdOMThsSXdKWVppWU02MTRXblBkdVRibkJwWE42a1R3TUhjeThGaXVSQjVLMmtZWHVnUU15S1wvQmdlWDJVMXBIakN1MzlSV29saDBYQXZaNHBhTjVHYUloUVFcL2FJenhIQk1xcTNBSWVMM3ZqVTRKWTdTM2pHenNTUVd1UlRNT0ZVc2NJdE9Cd3dZZlwvSVprbkQ2VVN1OUVHYlVRT3VrUXV6OVpkc1ZKS0VJQm40b0lqNDVnNFFOTXFYczZVWndPZ05KSHViVWozTnpzK3BuM3FDS0g0T3plSHd6YVBFeEhPalZRODVNMzdUKzhWSFk2Qm1oTWRabCtMYVR2XC9xR0s2S0l4Y2ZVUGI4QnZvMzhGT3JqQ2tjYllrU2s0dkpGZThlUG5DMWgwdVwvcWVjbDBvcTNlNEpzS1AyQyIsIm1hYyI6ImYzMGFhMmQ4ODAxOTYzMWJkM2RiNzFhZGE2ZTUzN2NlYjAyYzM4M2IyYzQzOTY0NzMzNjhiOGU4OWEwNDkzMTcifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik5KVzJtZUZrWDUyMCt5QVBrMkx2NlE9PSIsInZhbHVlIjoiMHZIY2htOFdOMThsSXdKWVppWU02MTRXblBkdVRibkJwWE42a1R3TUhjeThGaXVSQjVLMmtZWHVnUU15S1wvQmdlWDJVMXBIakN1MzlSV29saDBYQXZaNHBhTjVHYUloUVFcL2FJenhIQk1xcTNBSWVMM3ZqVTRKWTdTM2pHenNTUVd1UlRNT0ZVc2NJdE9Cd3dZZlwvSVprbkQ2VVN1OUVHYlVRT3VrUXV6OVpkc1ZKS0VJQm40b0lqNDVnNFFOTXFYczZVWndPZ05KSHViVWozTnpzK3BuM3FDS0g0T3plSHd6YVBFeEhPalZRODVNMzdUKzhWSFk2Qm1oTWRabCtMYVR2XC9xR0s2S0l4Y2ZVUGI4QnZvMzhGT3JqQ2tjYllrU2s0dkpGZThlUG5DMWgwdVwvcWVjbDBvcTNlNEpzS1AyQyIsIm1hYyI6ImYzMGFhMmQ4ODAxOTYzMWJkM2RiNzFhZGE2ZTUzN2NlYjAyYzM4M2IyYzQzOTY0NzMzNjhiOGU4OWEwNDkzMTcifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Response headers

status: 200
date: Sat, 07 Nov 2020 00:16:03 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d12e0f14bf467cd484d32502d50cc60b51604708162; expires=Mon, 07-Dec-20 00:16:02 GMT; path=/; domain=.tr.im; HttpOnly; SameSite=Lax __cf_bm=0bcd4eb8c3238691fcdb68736db4a524b5606dfc-1604708163-1800-AbUbXzbyoArWluTQSsr+00gy9qszxQeDaR4JqpbVAxsxCRwcndJcV4gkFkpu+5Eq9y/rIb6LjVn0npUew5iBfGs=; path=/; expires=Sat, 07-Nov-20 00:46:03 GMT; domain=.tr.im; HttpOnly; Secure; SameSite=None
x-powered-by: PHP/5.6.28-1+deb.sury.org~xenial+1
cache-control: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
cf-request-id: 0641a8739d00001f4d172c3000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yhPBpZVxwfjtKEN3e6HHg%2FHi4BqJo1erCKYIz15b9FRvTRNBA39EOe4OxvQpT6fUGBzOaxw72A6f69R%2FiAMALf56DsgdrO2MS3yVMzawQMxo1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5ee2dcff6def1f4d-FRA
content-encoding: br

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 131 KB
44 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: tr.im
URL: https://tr.im/1i8Td

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e83b2cdd58cbb5bc2b28882b64aa965231f491804d497999763ba8df84282910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 00:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45426
x-xss-protection: 0
server: cafe
etag: 10562869928832476540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 07 Nov 2020 00:16:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-139146315-9

Requested by

Host: tr.im
URL: https://tr.im/1i8Td

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6d00421703479478838ab557ed3ed0785c83227cbd7a2e1528f347c752b9180

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 00:16:03 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38327
x-xss-protection: 0
last-modified: Sat, 07 Nov 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 07 Nov 2020 00:16:03 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 55 KB
18 KB 108ms
57ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tr.im
URL: https://tr.im/1i8Td

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

e64e8b723b080e855157f0fd8cd4bc3427be184a96c42071e4f6af6b38be6fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 00:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "686 / 425 of 1000 / last-modified: 1604704676"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18264
x-xss-protection: 0
expires: Sat, 07 Nov 2020 00:16:03 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/ 157 KB
24 KB 25ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css

Requested by

Host: tr.im
URL: https://tr.im/1i8Td

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://tr.im
Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 00:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 May 2020 17:29:51 GMT
status: 200
etag: "1589304591"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 23841

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
624 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500&display=swap

Requested by

Host: tr.im
URL: https://tr.im/1i8Td

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a3120d4bddcbcde8e4f0e0088646c6ab2c06e11d21257d238748f6ac76c51417

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 07 Nov 2020 00:16:03 GMT
server: ESF
date: Sat, 07 Nov 2020 00:16:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 Nov 2020 00:16:03 GMT

GET
H2 200 style.css
tr.im/bundles/trim/ad-page-072020/css/ 2 KB
888 B 14ms
13ms Stylesheet
text/css 2606:4700:3032::681b:a2f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.im/bundles/trim/ad-page-072020/css/style.css

Requested by

Host: tr.im
URL: https://tr.im/1i8Td

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:a2f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8234f5e5b2933912bf30cbcff6aade9d5f5a2dbe15d44937c13b46090d1f1498

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 00:16:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2083
status: 200
cf-request-id: 0641a876c100001f4dd8bce000000001
last-modified: Tue, 06 Oct 2020 07:24:41 GMT
server: cloudflare
etag: W/"5f7c1bb9-813"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Qf3IBmbWMP0y6fu4z4o6NYu%2BCy5qP9BfNmIko7ze0oaL6pVQ0aR%2Bai1f3hvJJMt3PYQCUjJo%2FxpxeHvdBrTELsiIFvTGfFKbgOz2iz%2Fh0E4xfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 5ee2dd046bc31f4d-FRA

GET
H2 200 logo.png
tr.im/bundles/trim/ad-page-072020/images/ 5 KB
5 KB 13ms
13ms Image
image/png 2606:4700:3032::681b:a2f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.im/bundles/trim/ad-page-072020/images/logo.png

Requested by

Host: tr.im
URL: https://tr.im/1i8Td

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:a2f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

317b57b8207135b3223181d14cf2e213bf0b7a0050a3e2f92a48c26f13703365

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 00:16:03 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2083
status: 200
content-length: 4650
cf-request-id: 0641a876c100001f4d15b44000000001
last-modified: Tue, 06 Oct 2020 07:24:41 GMT
server: cloudflare
etag: "5f7c1bb9-122a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ry%2BdPG%2F3e6ipP%2BDZVFPUGneW6%2BXXu%2BmcclO7mxNymscuGaBpXpxVGgW38c%2FVf9j0h3wnT2Ed%2FMQrLwW5udOZfp3hUUKX30KIFyw4nI5zSLdoZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ee2dd046bc41f4d-FRA

GET
H2 200 feature.png
tr.im/bundles/trim/ad-page-072020/images/ 14 KB
15 KB 14ms
13ms Image
image/png 2606:4700:3032::681b:a2f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.im/bundles/trim/ad-page-072020/images/feature.png

Requested by

Host: tr.im
URL: https://tr.im/1i8Td

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:a2f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3a2ed372eb25f036218e1cf130657ba79eff86384c1292bb16c95e4d34af5d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 00:16:03 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2083
status: 200
content-length: 14664
cf-request-id: 0641a876c200001f4d172ea000000001
last-modified: Tue, 06 Oct 2020 07:24:41 GMT
server: cloudflare
etag: "5f7c1bb9-3948"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gikNWRZ17KcvUaJE5BnEwdyY%2Bwb%2FJCwMuz%2FncBN6RGQfykNcwCeMUkiVaMUNWXNMCDLILhoPb0zwTz8YQ5k%2Bdlk%2B7WVKEEQ7NRgG8ZgMGk8Ppw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ee2dd046bc51f4d-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-139146315-9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 1598
date: Fri, 06 Nov 2020 23:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sat, 07 Nov 2020 01:49:25 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tr.im
Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 22:12:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:01:44 GMT
server: sffe
age: 93788
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
expires: Fri, 05 Nov 2021 22:12:55 GMT

GET
H3-Q050 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 34ms
20ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tr.im
Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 22:12:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:01:13 GMT
server: sffe
age: 93798
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
expires: Fri, 05 Nov 2021 22:12:45 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/ 230 KB
86 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22f38713e3cb086adc05ce7b3f126b1a3c18d0bd120bafd17c85117de81741b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 00:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88225
x-xss-protection: 0
server: cafe
etag: 10001109163846534958
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 Nov 2020 00:16:03 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/ Frame FD84 0
0 6ms
6ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201104/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tr.im/1i8Td
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://tr.im/1i8Td

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Fri, 06 Nov 2020 18:54:19 GMT
expires: Fri, 20 Nov 2020 18:54:19 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 19304
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
60 B 13ms
13ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1880134453&t=pageview&_s=1&dl=https%3A%2F%2Ftr.im%2F1i8Td&dr=https%3A%2F%2Ftraffdaq.com%2Fdelivery%2Fdirectlink%2F47382%3Fhash%3DeyJpdiI6Ik5KVzJtZUZrWDUyMCt5QVBrMkx2NlE9PSIsInZhbHVlIjoiMHZIY2htOFdOMThsSXdKWVppWU02MTRXblBkdVRibkJwWE42a1R3TUhjeThGaXVSQjVLMmtZWHVnUU15S1wvQmdlWDJVMXBIakN1MzlSV29saDBYQXZaNHBhTjVHYUloUVFcL2FJenhIQk1xcTNBSWVMM3ZqVTRKWTdTM2pHenNTUVd1UlRNT0ZVc2NJdE9Cd3dZZlwvSVprbkQ2VVN1OUVHYlVRT3VrUXV6OVpkc1ZKS0VJQm40b0lqNDVnNFFOTXFYczZVWndPZ05KSHViVWozTnpzK3BuM3FDS0g0T3plSHd6YVBFeEhPalZRODVNMzdUKzhWSFk2Qm1oTWRabCtMYVR2XC9xR0s2S0l4Y2ZVUGI4QnZvMzhGT3JqQ2tjYllrU2s0dkpGZThlUG5DMWgwdVwvcWVjbDBvcTNlNEpzS1AyQyIsIm1hYyI6ImYzMGFhMmQ4ODAxOTYzMWJkM2RiNzFhZGE2ZTUzN2NlYjAyYzM4M2IyYzQzOTY0NzMzNjhiOGU4OWEwNDkzMTcifQ%253D%253D%26fp%3D66abd220fd1aeed21a48c2d9b60f0bf8&ul=en-us&de=UTF-8&dt=tr.im%20-%20url%20shortener&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1743954744&gjid=830730572&cid=1806333496.1604708163&tid=UA-139146315-9&_gid=17462663.1604708163&_r=1&gtm=2ouas1&z=1436885608

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 07 Nov 2020 00:16:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://tr.im
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2020110301.js Show response
securepubads.g.doubleclick.net/gpt/ 275 KB
97 KB 102ms
73ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110301.js?21068488

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

a1fd8f0219afdf6523ec555ee655319f7d936736e4ebd816a14a08c6939ed488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 00:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 03 Nov 2020 09:55:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99111
x-xss-protection: 0
expires: Sat, 07 Nov 2020 00:16:03 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 195 B
256 B 30ms
30ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tr.im&callback=_gfp_s_&client=ca-pub-1229858928340193

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

f200dd5f300d93e71a33b6c2faefa1cb7a173eef2be66727fc6b2699ea17a823

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 00:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 188
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 17ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tr.im

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 07 Nov 2020 00:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tr.im

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 07 Nov 2020 00:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame B009 0
0 27ms
26ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1229858928340193&output=html&adk=1812271804&adf=3025194257&lmt=1604708163&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Ftr.im%2F1i8Td&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604708163408&bpp=14&bdt=154&idt=86&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8170230223896&frm=20&pv=2&ga_vid=1806333496.1604708163&ga_sid=1604708164&ga_hid=1880134453&ga_fc=0&iag=0&icsg=34986&dssz=17&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1821327065930629&pem=642&ref=https%3A%2F%2Ftraffdaq.com%2Fdelivery%2Fdirectlink%2F47382%3Fhash%3DeyJpdiI6Ik5KVzJtZUZrWDUyMCt5QVBrMkx2NlE9PSIsInZhbHVlIjoiMHZIY2htOFdOMThsSXdKWVppWU02MTRXblBkdVRibkJwWE42a1R3TUhjeThGaXVSQjVLMmtZWHVnUU15S1wvQmdlWDJVMXBIakN1MzlSV29saDBYQXZaNHBhTjVHYUloUVFcL2FJenhIQk1xcTNBSWVMM3ZqVTRKWTdTM2pHenNTUVd1UlRNT0ZVc2NJdE9Cd3dZZlwvSVprbkQ2VVN1OUVHYlVRT3VrUXV6OVpkc1ZKS0VJQm40b0lqNDVnNFFOTXFYczZVWndPZ05KSHViVWozTnpzK3BuM3FDS0g0T3plSHd6YVBFeEhPalZRODVNMzdUKzhWSFk2Qm1oTWRabCtMYVR2XC9xR0s2S0l4Y2ZVUGI4QnZvMzhGT3JqQ2tjYllrU2s0dkpGZThlUG5DMWgwdVwvcWVjbDBvcTNlNEpzS1AyQyIsIm1hYyI6ImYzMGFhMmQ4ODAxOTYzMWJkM2RiNzFhZGE2ZTUzN2NlYjAyYzM4M2IyYzQzOTY0NzMzNjhiOGU4OWEwNDkzMTcifQ%253D%253D%26fp%3D66abd220fd1aeed21a48c2d9b60f0bf8&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=108

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1229858928340193&output=html&adk=1812271804&adf=3025194257&lmt=1604708163&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Ftr.im%2F1i8Td&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604708163408&bpp=14&bdt=154&idt=86&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8170230223896&frm=20&pv=2&ga_vid=1806333496.1604708163&ga_sid=1604708164&ga_hid=1880134453&ga_fc=0&iag=0&icsg=34986&dssz=17&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1821327065930629&pem=642&ref=https%3A%2F%2Ftraffdaq.com%2Fdelivery%2Fdirectlink%2F47382%3Fhash%3DeyJpdiI6Ik5KVzJtZUZrWDUyMCt5QVBrMkx2NlE9PSIsInZhbHVlIjoiMHZIY2htOFdOMThsSXdKWVppWU02MTRXblBkdVRibkJwWE42a1R3TUhjeThGaXVSQjVLMmtZWHVnUU15S1wvQmdlWDJVMXBIakN1MzlSV29saDBYQXZaNHBhTjVHYUloUVFcL2FJenhIQk1xcTNBSWVMM3ZqVTRKWTdTM2pHenNTUVd1UlRNT0ZVc2NJdE9Cd3dZZlwvSVprbkQ2VVN1OUVHYlVRT3VrUXV6OVpkc1ZKS0VJQm40b0lqNDVnNFFOTXFYczZVWndPZ05KSHViVWozTnpzK3BuM3FDS0g0T3plSHd6YVBFeEhPalZRODVNMzdUKzhWSFk2Qm1oTWRabCtMYVR2XC9xR0s2S0l4Y2ZVUGI4QnZvMzhGT3JqQ2tjYllrU2s0dkpGZThlUG5DMWgwdVwvcWVjbDBvcTNlNEpzS1AyQyIsIm1hYyI6ImYzMGFhMmQ4ODAxOTYzMWJkM2RiNzFhZGE2ZTUzN2NlYjAyYzM4M2IyYzQzOTY0NzMzNjhiOGU4OWEwNDkzMTcifQ%253D%253D%26fp%3D66abd220fd1aeed21a48c2d9b60f0bf8&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=108
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tr.im/1i8Td
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://tr.im/1i8Td

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 07 Nov 2020 00:16:03 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 07-Nov-2020 00:31:03 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sat, 07 Nov 2020 00:16:03 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b67b0772cddf8915ec85788e361a4331fbdcc4bcf7656b9d6aa4299b5b470f9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 00:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604665402527796"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27920
x-xss-protection: 0
expires: Sat, 07 Nov 2020 00:16:03 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
24 B 14ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_negative_stack_trace&pvsid=1821327065930629&vrg=2020110301&nw_id=7421032&nslots=3&eid=21068488%2C21064170%2C21067447%2C21068110%2C21068418%2C21068441%2C21067487&pub_url=https%3A%2F%2Ftr.im%2F1i8Td&stackTrace=Error%0A%20%20%20%20at%20Av%20(https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgpt%2Fpubads_impl_2020110301.js%3F21068488%3A6%3A190378)%0A%20%20%20%20at%20gv%20(https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgpt%2Fpubads_impl_2020110301.js%3F21068488%3A6%3A185543)%0A%20%20%20%20at%20iv%20(https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgpt%2Fpubads_impl_2020110301.js%3F21068488%3A6%3A181790)%0A%20%20%20%20at%20ed.l%20(https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgpt%2Fpubads_impl_2020110301.js%3F21068488%3A6%3A245303)%0A%20%20%20%20at%20gd%20(https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgpt%2Fpubads_impl_2020110301.js%3F21068488%3A6%3A16656)%0A%20%20%20%20at%20id.next%20(https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgpt%2Fpubads_impl_2020110301.js%3F21068488%3A6%3A16948)%0A%20%20%20%20at%20f%20(https%3A%2F%2Fsecurepubads.g.doubleclick.net%2Fgpt%2Fpubads_impl_2020110301.js%3F21068488%3A6%3A30619)

Requested by

Host: tr.im
URL: https://tr.im/1i8Td

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Nov 2020 00:16:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 72ms
72ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1821327065930629&correlator=3963079990068523&output=ldjh&impl=fifs&adsid=NT&eid=21068488%2C21064170%2C21067447%2C21068110%2C21068418%2C21068441%2C21067487&vrg=2020110301&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201107&iu_parts=7421032%2Ctr.im_top_banner%2Ctr.im_300x250%2Ctr.im_intermediary_ad_unit&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x100%7C728x90%7C320x50%2C300x250%2C1x1&cookie=ID%3D94ee9dc8385ee7b6-2219921125b90045%3AT%3D1604708163%3ART%3D1604708163%3AS%3DALNI_MYlSu8SljaAD_WTLJigobNcn1ik6A&bc=31&abxe=1&lmt=1604708163&dt=1604708163691&dlt=1604708163253&idt=415&frm=20&biw=1600&bih=1200&oid=3&adxs=640%2C650%2C0&adys=128%2C326%2C1473&adks=3911691608%2C2859235672%2C716300676&ucis=1%7C2%7C3&ifi=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftr.im%2F1i8Td&ref=https%3A%2F%2Ftraffdaq.com%2Fdelivery%2Fdirectlink%2F47382%3Fhash%3DeyJpdiI6Ik5KVzJtZUZrWDUyMCt5QVBrMkx2NlE9PSIsInZhbHVlIjoiMHZIY2htOFdOMThsSXdKWVppWU02MTRXblBkdVRibkJwWE42a1R3TUhjeThGaXVSQjVLMmtZWHVnUU15S1wvQmdlWDJVMXBIakN1MzlSV29saDBYQXZaNHBhTjVHYUloUVFcL2FJenhIQk1xcTNBSWVMM3ZqVTRKWTdTM2pHenNTUVd1UlRNT0ZVc2NJdE9Cd3dZZlwvSVprbkQ2VVN1OUVHYlVRT3VrUXV6OVpkc1ZKS0VJQm40b0lqNDVnNFFOTXFYczZVWndPZ05KSHViVWozTnpzK3BuM3FDS0g0T3plSHd6YVBFeEhPalZRODVNMzdUKzhWSFk2Qm1oTWRabCtMYVR2XC9xR0s2S0l4Y2ZVUGI4QnZvMzhGT3JqQ2tjYllrU2s0dkpGZThlUG5DMWgwdVwvcWVjbDBvcTNlNEpzS1AyQyIsIm1hYyI6ImYzMGFhMmQ4ODAxOTYzMWJkM2RiNzFhZGE2ZTUzN2NlYjAyYzM4M2IyYzQzOTY0NzMzNjhiOGU4OWEwNDkzMTcifQ%253D%253D%26fp%3D66abd220fd1aeed21a48c2d9b60f0bf8&dssz=18&icsg=559274&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x100%7C300x250%7C1600x1473&msz=1600x100%7C300x-1%7C1x-1&ga_vid=1806333496.1604708163&ga_sid=1604708164&ga_hid=1880134453&fws=0%2C0%2C0&ohw=0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110301.js?21068488

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e9d504a6f1413b34cc265db14e198e39384f882dc2c782f0fe2449508611844c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 00:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3118
x-xss-protection: 0
google-lineitem-id: 5459744855,5448126947,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138321056366,138319698993,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tr.im
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
da3484fc1624dfd35233e628cc65582c.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 53ms
39ms Other
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://da3484fc1624dfd35233e628cc65582c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110301.js?21068488
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 26ms
26ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201104&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

559a05751ef26c08021d97d1fad1d8eec3ca76d7858923c15623f2a09af1a2aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 07 Nov 2020 00:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6440
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 00:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Sat, 07 Nov 2020 00:16:03 GMT

GET
H3-Q050 200 container.html
da3484fc1624dfd35233e628cc65582c.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 7934 0
0 35ms
21ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://da3484fc1624dfd35233e628cc65582c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110301.js?21068488

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: da3484fc1624dfd35233e628cc65582c.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tr.im/1i8Td
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://tr.im/1i8Td

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sat, 07 Nov 2020 00:16:03 GMT
expires: Sun, 07 Nov 2021 00:16:03 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 container.html
da3484fc1624dfd35233e628cc65582c.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame E053 0
0 30ms
20ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://da3484fc1624dfd35233e628cc65582c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110301.js?21068488

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: da3484fc1624dfd35233e628cc65582c.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tr.im/1i8Td
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://tr.im/1i8Td

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sat, 07 Nov 2020 00:16:03 GMT
expires: Sun, 07 Nov 2021 00:16:03 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 5A28 0
0 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tr.im/1i8Td
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://tr.im/1i8Td

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Fri, 06 Nov 2020 23:38:46 GMT
expires: Sat, 06 Nov 2021 23:38:46 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2237
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
45 B 15ms
15ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201104&jk=1821327065930629&bg=!g4ClgKDNAAXuKKZk7ljhgFFKGVAfEwIAAACKUgAAABFoAQcKAPbx3665cvgilwUAudaM_TdImGqDxnCMFa7yizooFADF-eIRsBETMUA1AIuTJYTPh95jbORG6gXPoWeRn4KePQhv0oUtvCuz-K0A7yoFQhCXqRkdCdicGczYmRyvh7VvVxC2H28FEmF1t6CVQKdF2fvnqNpIWas_Zk_xC5B-wyAbNaxgiX1-58Nk9OGFGY_Ltecv1w4LaSx7t3_i3i77Fc8MGahnTRCks5r8yTfxkp6uX7RFNxr5eiSbg6UiitZyTmgx-xQTJxo6H6jxab7DmTK0XAfXZu6L343u4XBaTbN4I4R8gaVsNV0Dc15oaKC4XaTRgqxofpGZAa4YwdIzU3wSJiFqhLdbyuURxugCwNq1rF6t4UnpOJb2F-mIOYrvRmFAp7bU28rCzR1NCWXtheZeN1AuS02MOrnfeRXfSX5kUPdn43slMY-7WiV6FuFEkHr3Fs3xiRFQKpYXKkuSu_CvOs9seIswS5-SLV--1MpOWodTjXb1wYb5uy4brx6AsnXurkfrnbXzzrwDLIcskUtRCAm0JLoJhrcqVQZ0An13LVWXYVOC6SHFrTjZl5ZXk5ZxNNjX5yzt0l3cPSUYQgXAEfCOZe5rovVBjkMl_aMA05YBRMYvs3aVEKEsFuaTPaEN0qN-oSh6okO5hCsSDn-z-KakHY18qU6YxUvRidx6DQb6In17BmTdh4tRC-Hx4FZInysmd1RqCeYoVvWmJkDfXDFDdpQI3FFGb1H1s8syrYAObB6LWU_wiHHslliUbJAvg8Cx5k7SlgrxSks_rO2JWks7T8noMIN1peAZ9NVmMOAip3IRr9KshPn6cWWLOk2V52SpuMOH2DfvEga9MGTw0Ygn2nwEBwZwMDdAT3l69EyJ91HFUyG0faRYzOLHHtnZ5G_InzRq

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Nov 2020 00:16:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Primary Request / Show response
www.beebber.com/
Redirect Chain

https://www.pageqq.com/en/content/view/page/cntth1/0-3730236.html?utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1i8Td&utm_content=link_click
https://www.beebber.com/

11 KB
3 KB

351ms
323ms

Document
text/html

2606:4700:3034::681b:803f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.beebber.com/
Requested by: Host: tr.im
URL: https://tr.im/1i8Td
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:803f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fc9de671220615d2e25fe32549f5aa3529df77830498c1c0cdbf90b53d16e6b

Request headers

:method: GET
:authority: www.beebber.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://tr.im/1i8Td
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://tr.im/1i8Td

Response headers

status: 200
date: Sat, 07 Nov 2020 00:16:13 GMT
content-type: text/html
set-cookie: __cfduid=df183eb59a0f107c6999afc6e5c8e3f311604708173; expires=Mon, 07-Dec-20 00:16:13 GMT; path=/; domain=.beebber.com; HttpOnly; SameSite=Lax; Secure
last-modified: Sat, 11 Jul 2020 08:22:09 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 0641a89ec300000629ec0a0000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mnh%2B0EWtxdrq8aSUf8GHBXHaZxGg5z1vC1dK98itcvoQuxG3ZgdHRq%2BmFM8SbZczBgtHE%2BCEGCtPXw%2B4bsEZBU5Vrt9NjqANREPl%2Bq5eM%2Bin2LLxl%2BWXV0TNDUA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5ee2dd446e010629-FRA
content-encoding: br

Redirect headers

status: 301
date: Sat, 07 Nov 2020 00:16:13 GMT
cache-control: max-age=3600
expires: Sat, 07 Nov 2020 01:16:13 GMT
location: https://www.beebber.com
cf-request-id: 0641a89e9d00002c2a2d9b2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FnNSyUHXr1vDz%2BpfvmCPepMNupv1KxBa6erj5VAtcWwV%2BIu1Y3r%2Bs3ds1D%2FNNEVeR2mtHLNLksrkhEfGYGl8dz416hJd6uoyDWC5cV1XZ1oZ9btF%2BViyGGp7Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 5ee2dd442b4a2c2a-FRA

GET mbr-additional.css
www.beebber.com/assets/mobirise/css/ 0
0

GET mobirise-icons.css
www.beebber.com/assets/web/assets/mobirise-icons/ 0
0

GET bootstrap.min.css
www.beebber.com/assets/bootstrap/css/ 0
0

GET bootstrap-grid.min.css
www.beebber.com/assets/bootstrap/css/ 0
0

GET bootstrap-reboot.min.css
www.beebber.com/assets/bootstrap/css/ 0
0

GET styles.css
www.beebber.com/assets/socicon/css/ 0
0

GET tether.min.css
www.beebber.com/assets/tether/ 0
0

GET style.css
www.beebber.com/assets/dropdown/css/ 0
0

GET icon-nobg-white-nb-1.svg
www.beebber.com/assets/images/ 0
0

GET untitled-1-1-1014x1014.png
www.beebber.com/assets/images/ 0
0

GET 3457694-1.svg
www.beebber.com/assets/images/ 0
0

GET jquery.min.js
www.beebber.com/assets/web/assets/jquery/ 0
0

GET popper.min.js
www.beebber.com/assets/popper/ 0
0

GET bootstrap.min.js
www.beebber.com/assets/bootstrap/js/ 0
0

GET tether.min.js
www.beebber.com/assets/tether/ 0
0

GET
H2 200 nav-dropdown.js Show response
www.beebber.com/assets/dropdown/js/ 18 KB
4 KB 352ms
349ms Script
application/javascript 2606:4700:3034::681b:803f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.beebber.com/assets/dropdown/js/nav-dropdown.js
Requested by: Host: www.beebber.com
URL: https://www.beebber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:803f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9e800dab50c202621225b605347fedc067286e5fce53a90523f5e4fa404f331

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 00:16:14 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 03 Jul 2020 12:23:04 GMT
server: cloudflare
etag: W/"49e1-5a988963d4d3e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WoI4MF69ittNropTVrlHuCm%2BvLBrUc2Ytf6u2DZSc0zH30%2Fmp8kYC%2BIzKVgUAaWNQT38%2FHIs1Eo%2BjiFr%2Fy1vEbHm7KgpBjOc3qpJ82y7gCvpGguUJAGYpgS4aEI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
cache-control: max-age=1800
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5ee2dd46d9cc0629-FRA
cf-request-id: 0641a8a04b000006290a86b000000001

GET navbar-dropdown.js
www.beebber.com/assets/dropdown/js/ 0
0

GET jquery.touch-swipe.min.js
www.beebber.com/assets/touchswipe/ 0
0

GET jarallax.min.js
www.beebber.com/assets/parallax/ 0
0

GET smooth-scroll.js
www.beebber.com/assets/smoothscroll/ 0
0

GET script.js
www.beebber.com/assets/theme/js/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.beebber.com
URL: https://www.beebber.com/assets/mobirise/css/mbr-additional.css

Domain: www.beebber.com
URL: https://www.beebber.com/assets/web/assets/mobirise-icons/mobirise-icons.css

Domain: www.beebber.com
URL: https://www.beebber.com/assets/bootstrap/css/bootstrap.min.css

Domain: www.beebber.com
URL: https://www.beebber.com/assets/bootstrap/css/bootstrap-grid.min.css

Domain: www.beebber.com
URL: https://www.beebber.com/assets/bootstrap/css/bootstrap-reboot.min.css

Domain: www.beebber.com
URL: https://www.beebber.com/assets/socicon/css/styles.css

Domain: www.beebber.com
URL: https://www.beebber.com/assets/tether/tether.min.css

Domain: www.beebber.com
URL: https://www.beebber.com/assets/dropdown/css/style.css

Domain: www.beebber.com
URL: https://www.beebber.com/assets/images/icon-nobg-white-nb-1.svg

Domain: www.beebber.com
URL: https://www.beebber.com/assets/images/untitled-1-1-1014x1014.png

Domain: www.beebber.com
URL: https://www.beebber.com/assets/images/3457694-1.svg

Domain: www.beebber.com
URL: https://www.beebber.com/assets/web/assets/jquery/jquery.min.js

Domain: www.beebber.com
URL: https://www.beebber.com/assets/popper/popper.min.js

Domain: www.beebber.com
URL: https://www.beebber.com/assets/bootstrap/js/bootstrap.min.js

Domain: www.beebber.com
URL: https://www.beebber.com/assets/tether/tether.min.js

Domain: www.beebber.com
URL: https://www.beebber.com/assets/dropdown/js/navbar-dropdown.js

Domain: www.beebber.com
URL: https://www.beebber.com/assets/touchswipe/jquery.touch-swipe.min.js

Domain: www.beebber.com
URL: https://www.beebber.com/assets/parallax/jarallax.min.js

Domain: www.beebber.com
URL: https://www.beebber.com/assets/smoothscroll/smooth-scroll.js

Domain: www.beebber.com
URL: https://www.beebber.com/assets/theme/js/script.js

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tr.im/	1970-01-19 23:06:44	Name: __gads Value: ID=94ee9dc8385ee7b6-2219921125b90045:T=1604708163:RT=1604708163:S=ALNI_MYlSu8SljaAD_WTLJigobNcn1ik6A
.tr.im/	1970-01-19 13:45:08	Name: _gat_gtag_UA_139146315_9 Value: 1
.doubleclick.net/	1970-01-19 13:45:09	Name: test_cookie Value: CheckForPermission
.tr.im/	1970-01-19 13:46:34	Name: _gid Value: GA1.2.17462663.1604708163
.tr.im/	1970-01-19 13:45:09	Name: __cf_bm Value: 0bcd4eb8c3238691fcdb68736db4a524b5606dfc-1604708163-1800-AbUbXzbyoArWluTQSsr+00gy9qszxQeDaR4JqpbVAxsxCRwcndJcV4gkFkpu+5Eq9y/rIb6LjVn0npUew5iBfGs=
.tr.im/	1970-01-20 07:16:20	Name: _ga Value: GA1.2.1806333496.1604708163
.tr.im/	1970-01-19 14:28:20	Name: __cfduid Value: d12e0f14bf467cd484d32502d50cc60b51604708162

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.realsrv.com
adservice.google.com
adservice.google.de
c.securepaths.com
cdn.jsdelivr.net
da3484fc1624dfd35233e628cc65582c.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
securepubads.g.doubleclick.net
speedflow.io
stackpath.bootstrapcdn.com
syndication.realsrv.com
tpc.googlesyndication.com
tr.im
traffdaq.com
www.beebber.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.pageqq.com
www.beebber.com
107.170.39.103
198.54.116.135
2001:4de0:ac19::1:b:2a
2001:4de0:ac19::1:b:3a
216.58.212.130
2606:4700:3032::681b:a2f8
2606:4700:3034::681b:803f
2606:4700:3034::681f:5bd8
2a00:1450:4001:800::2002
2a00:1450:4001:802::2001
2a00:1450:4001:803::200e
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:814::2003
2a00:1450:4001:814::200e
2a00:1450:4001:817::2003
2a00:1450:4001:820::200a
2a00:1450:4001:821::2008
2a00:1450:4001:824::2001
2a04:4e42:1b::621
35.190.72.161
95.211.229.246
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
22f38713e3cb086adc05ce7b3f126b1a3c18d0bd120bafd17c85117de81741b8
2dfe0f738968f947827a5b2296af2a1185604a3d164e8d2a792188d27969ca59
2fc9de671220615d2e25fe32549f5aa3529df77830498c1c0cdbf90b53d16e6b
317b57b8207135b3223181d14cf2e213bf0b7a0050a3e2f92a48c26f13703365
3ef6dfa95e636281803f2da8f04d7821bc49236db02d30fc443bcb23b7204286
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
42810264b10be93c8297d64518f67aff0a75bac9804f3c24b7dd2bb6580e3a45
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
559a05751ef26c08021d97d1fad1d8eec3ca76d7858923c15623f2a09af1a2aa
59b241ab894eb589fde87c5b66a32c37df2d91313fba88cbdd79fa35e396193b
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8234f5e5b2933912bf30cbcff6aade9d5f5a2dbe15d44937c13b46090d1f1498
a1fd8f0219afdf6523ec555ee655319f7d936736e4ebd816a14a08c6939ed488
a3120d4bddcbcde8e4f0e0088646c6ab2c06e11d21257d238748f6ac76c51417
a6d00421703479478838ab557ed3ed0785c83227cbd7a2e1528f347c752b9180
b67b0772cddf8915ec85788e361a4331fbdcc4bcf7656b9d6aa4299b5b470f9e
d3f814d49049b29143de2fccdbd97d0a1f0739e2554c482684c7c906b535ea43
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d9e800dab50c202621225b605347fedc067286e5fce53a90523f5e4fa404f331
e3a2ed372eb25f036218e1cf130657ba79eff86384c1292bb16c95e4d34af5d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e64e8b723b080e855157f0fd8cd4bc3427be184a96c42071e4f6af6b38be6fc3
e83b2cdd58cbb5bc2b28882b64aa965231f491804d497999763ba8df84282910
e9d504a6f1413b34cc265db14e198e39384f882dc2c782f0fe2449508611844c
f200dd5f300d93e71a33b6c2faefa1cb7a173eef2be66727fc6b2699ea17a823

www.beebber.com Open in urlscan Pro 2606:4700:3034::681b:803f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

62 %HTTPS

77 %IPv6

19 Domains

23 Subdomains

22 IPs

4 Countries

433 kBTransfer

1212 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.beebber.com Open in urlscan Pro
2606:4700:3034::681b:803f Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

62 %
HTTPS

77 %
IPv6

19
Domains

23
Subdomains

22
IPs

4
Countries

433 kB
Transfer

1212 kB
Size

7
Cookies

61 HTTP transactions
0 data transactions