urlscan.io logo urlscan.io
SecurityTrails logo

adultfriendfinder.com Open in urlscan Pro
69.165.107.69  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://speedflow.io/adult/?a=rr
Effective URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=AHy3qF-x...
Submission Tags: demotag1 demotag2 Search All
Submission: On November 09 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 14 domains to perform 27 HTTP transactions. The main IP is 69.165.107.69, located in United States and belongs to VARIO, US. The main domain is adultfriendfinder.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 12th 2019. Valid for: 2 years.
This is the only time adultfriendfinder.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 198.54.116.135 22612 (NAMECHEAP...)
1 5 107.170.39.103 14061 (DIGITALOC...)
1 162.213.255.36 22612 (NAMECHEAP...)
2 52.6.203.110 14618 (AMAZON-AES)
1 35.190.72.161 15169 (GOOGLE)
1 2a04:4e42:1b:... 54113 (FASTLY)
2 144.76.40.130 24940 (HETZNER-AS)
1 1 88.212.232.188 7979 (SERVERS-COM)
1 188.72.236.136 35415 (WEBZILLA)
2 4 69.165.107.69 25875 (VARIO)
1 2a00:1450:400... 15169 (GOOGLE)
8 192.229.233.220 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
27 14
1    198.54.116.135 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server193-5.web-hosting.com
speedflow.io
5    107.170.39.103 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
traffdaq.com
1    162.213.255.36 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server145-4.web-hosting.com
manyhit.com
2    52.6.203.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-203-110.compute-1.amazonaws.com
cors-anywhere.herokuapp.com
1    35.190.72.161 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com
c.securepaths.com
1    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    144.76.40.130 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.130.40.76.144.clients.your-server.de
all.obozrevatelcom.info
1    88.212.232.188 (Russian Federation)

ASN7979 (SERVERS-COM, US)
PTR: da1.d.fozzy.com
btcxxx.ru
1    188.72.236.136 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: 1f2-12-d2456-136.webazilla.com
expert2020software.com
4    69.165.107.69 (United States)

ASN25875 (VARIO, US)
adultfriendfinder.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    192.229.233.220 (Los Angeles, United States)

ASN15133 (EDGECAST, US)
secureimage.securedataimages.com
1    2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2600:9000:2156:aa00:1c:e067:200:93a1 (United States)

ASN16509 (AMAZON-02, US)
aff.trackinglibrary.prodperfect.com
1    2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
8 secureimage.securedataimages.com adultfriendfinder.com
5 traffdaq.com 1 redirects speedflow.io
traffdaq.com
4 adultfriendfinder.com 2 redirects expert2020software.com
adultfriendfinder.com
2 all.obozrevatelcom.info traffdaq.com
speedflow.io
2 cors-anywhere.herokuapp.com speedflow.io
1 fonts.gstatic.com fonts.googleapis.com
1 aff.trackinglibrary.prodperfect.com adultfriendfinder.com
1 ajax.googleapis.com adultfriendfinder.com
1 fonts.googleapis.com adultfriendfinder.com
1 expert2020software.com speedflow.io
1 btcxxx.ru 1 redirects
1 cdn.jsdelivr.net traffdaq.com
1 c.securepaths.com traffdaq.com
1 manyhit.com speedflow.io
1 speedflow.io
27 15

This site contains no links.

Subject Issuer Validity Valid
traffdaq.com
Let's Encrypt Authority X3		 2020-10-31 -
2021-01-29		 3 months crt.sh
*.herokuapp.com
DigiCert SHA2 High Assurance Server CA		 2020-06-15 -
2021-07-07		 a year crt.sh
*.securepaths.com
Let's Encrypt Authority X3		 2020-09-22 -
2020-12-21		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh
obozrevatelcom.info
Let's Encrypt Authority X3		 2020-09-27 -
2020-12-26		 3 months crt.sh
*.adultfriendfinder.com
DigiCert SHA2 Secure Server CA		 2019-03-12 -
2021-05-06		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
www.securedataimages.com
DigiCert SHA2 Secure Server CA		 2020-10-27 -
2021-11-01		 a year crt.sh
*.trackinglibrary.prodperfect.com
Amazon		 2020-03-14 -
2021-04-14		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=AHy3qF-xTQQA8j4CAENINAASAI9-iRYA
Frame ID: 5C9629F483E865D939BB4C5820714B77
Requests: 25 HTTP requests in this frame

Frame: http://manyhit.com/autosurf_if.php?user=speedflow
Frame ID: 9CA64C4B4C26D57A1F58CE23CBD11784
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://speedflow.io/adult/?a=rr Page URL
  2. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6ImNtQVlpaVpWdGp4UWpuZU50bTZwbEE9PSIsI... Page URL
  3. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlcwNEVnRHdoN3JTQVBSRnRXWDM0Qnc9PSIsI... Page URL
  4. https://all.obozrevatelcom.info/?p=N2NhMDdmZGEyY2ZiMWIyYTNiMjZhZjgwYmQ2OTVmOWR8Mzg5MTk3fEdlbkxpbmt8fDEwMDB8N... Page URL
  5. https://btcxxx.ru/searchsatfir/search.php?Q=KEYWORD&utm_source=traffstock.net&utm_medium=strea... HTTP 302
    http://expert2020software.com/8Jas1oMAHy3qF-xTQQA8j4CAENINAASAI9-iRYA Page URL
  6. http://adultfriendfinder.com/go/p2082988.sub[Sub_ID]?&sub_id=282033&tpa=AHy3qF-xTQQA8j4CAENINAASAI9-iRYA HTTP 302
    https://adultfriendfinder.com/go/p2082988.sub[Sub_ID]?&sub_id=282033&tpa=AHy3qF-xTQQA8j4CAENINAASAI9-iRYA HTTP 302
    https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redi... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

27
Requests

89 %
HTTPS

33 %
IPv6

14
Domains

15
Subdomains

14
IPs

5
Countries

979 kB
Transfer

1348 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://speedflow.io/adult/?a=rr Page URL
  2. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6ImNtQVlpaVpWdGp4UWpuZU50bTZwbEE9PSIsInZhbHVlIjoib0lTREIwbjg3RFdtMU9PNmQ2aDV4MGlhZjBwT01XR3BydWh0bldOTVFiVW9jaVQ3R3J2ZUtVeEZQWk56TDhWTlVlNlphS3UwdTI1eDRRQldCMVJRVlArQTljUmYyT0d3QUhwcEVyeWhqeW9ZSXlCY2VIU2VqbVVQVGZHeE55bkFNVVhuQllQeklrSzJsWVZjNjd4YWl5dkNQd0VXV2ViQ3ozT255WlVidmRQeWR2K25mcTlCcHhDSmh6b3B1cUVcL1V0ZHRhc1lrUSttQjdiWGJvXC9JaWhBPT0iLCJtYWMiOiIzOTVkZjJkYjU2MmM3ZmFjMzgyZWU3MThlZTdiNThjMjEwMDMyZDllNDZkMjIxOTI1MDY5OWMyMzdmOGUxZTYzIn0%3D Page URL
  3. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlcwNEVnRHdoN3JTQVBSRnRXWDM0Qnc9PSIsInZhbHVlIjoiTFFLcUV6TjZVRnNBRXEzOWhFT1pIZno4bWNGVmF6aDF1XC9WcnNRTFdBeXhad0JBTzlRY1JpT2JsTVZUZVJVSzhaTE90QXFBYzVIclRIZDBSd2lSaDN1cFZuU3JiK09vVTZKVWYwbDlPWUVXTzRWRk1sNUV4bzUzMm5UNmNNVGkyU28xY0QzN1l2N0NtazdvdStDeG9mNHpLUEIxMk1lUFM5b2h0OVwveE9ISzIreDBBV1dFdFptM1FibG1WbDNDVGNwd2lcL3o4R25PdHpDSVhKb1hoekF5UmJTbUpuMEtnYWxkcWNoZE51OGNST0x0MzljK2pOV1BuQU1uenl0SUt6eTk0bXZ5UTlGb001ZkZzZ1lsQUVKVk5WVUN6cFMwVkN0OFNhMmpNR0paR08xaUFHeVBRZ0N2Ykdid1E0aWlRMEgiLCJtYWMiOiJmOTk3MTRmMTI5ZmY3MTkyNTYxY2M1ZDkyMTU5ZWM4NWZkOWJlZWQ2M2JmNjFkMDY0NGJmODFmYmFhNzY4NDc2In0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8 Page URL
  4. https://all.obozrevatelcom.info/?p=N2NhMDdmZGEyY2ZiMWIyYTNiMjZhZjgwYmQ2OTVmOWR8Mzg5MTk3fEdlbkxpbmt8fDEwMDB8NTE2Nzg3MjA=&v=2&poid=0&coid=0 Page URL
  5. https://btcxxx.ru/searchsatfir/search.php?Q=KEYWORD&utm_source=traffstock.net&utm_medium=stream&utm_campaign=0&utm_content=source_V1yiifwjdwDJJ7VwmSB5xOmLiyS2FXKQ2Qb6QWS6BOTLiL_B0Lk@ HTTP 302
    http://expert2020software.com/8Jas1oMAHy3qF-xTQQA8j4CAENINAASAI9-iRYA Page URL
  6. http://adultfriendfinder.com/go/p2082988.sub[Sub_ID]?&sub_id=282033&tpa=AHy3qF-xTQQA8j4CAENINAASAI9-iRYA HTTP 302
    https://adultfriendfinder.com/go/p2082988.sub[Sub_ID]?&sub_id=282033&tpa=AHy3qF-xTQQA8j4CAENINAASAI9-iRYA HTTP 302
    https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=AHy3qF-xTQQA8j4CAENINAASAI9-iRYA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://traffdaq.com/delivery/pu/47382?category=lesbian_dating HTTP 301
  • https://traffdaq.com/delivery/pu/47382?category=lesbian_dating
Request Chain 12
  • https://btcxxx.ru/searchsatfir/search.php?Q=KEYWORD&utm_source=traffstock.net&utm_medium=stream&utm_campaign=0&utm_content=source_V1yiifwjdwDJJ7VwmSB5xOmLiyS2FXKQ2Qb6QWS6BOTLiL_B0Lk@ HTTP 302
  • http://expert2020software.com/8Jas1oMAHy3qF-xTQQA8j4CAENINAASAI9-iRYA

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
speedflow.io/adult/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Server
198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server193-5.web-hosting.com
Software
Apache / PHP/7.1.33
Resource Hash
4ad97ae7123617cd0647990012f72c56c489da67295b7eaa1fc9e7d4176a5b71

Request headers

Host
speedflow.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr

Response headers

date
Mon, 09 Nov 2020 03:28:57 GMT
server
Apache
x-powered-by
PHP/7.1.33
set-cookie
visits_todaya=1; expires=Mon, 09-Nov-2020 22:59:00 GMT; Max-Age=70203; path=/ time_start=1604892537.9544; expires=Mon, 09-Nov-2020 22:59:00 GMT; Max-Age=70203; path=/ ip=185.156.175.107 mobile=0 country=GB visits_todayi=0; expires=Mon, 09-Nov-2020 22:59:00 GMT; Max-Age=70203; path=/
vary
Accept-Encoding
content-encoding
gzip
content-length
618
content-type
text/html; charset=UTF-8
47382
traffdaq.com/delivery/pu/
Redirect Chain
  • http://traffdaq.com/delivery/pu/47382?category=lesbian_dating
  • https://traffdaq.com/delivery/pu/47382?category=lesbian_dating
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://traffdaq.com/delivery/pu/47382?category=lesbian_dating
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash
fd0cc5a82092ac4cdd7483271024ea5c45762e6c90e7907eb6eecde56539d743

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 09 Nov 2020 03:28:58 GMT
Content-Encoding
gzip
Server
nginx/1.16.1 (Ubuntu)
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Location
https://traffdaq.com/delivery/pu/47382?category=lesbian_dating
Connection
close
Content-length
0
autosurf_if.php
manyhit.com/ Frame 9CA6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://manyhit.com/autosurf_if.php?user=speedflow
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Server
162.213.255.36 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server145-4.web-hosting.com
Software
Apache / PHP/5.4.45
Resource Hash

Request headers

Host
manyhit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/

Response headers

date
Mon, 09 Nov 2020 03:28:58 GMT
server
Apache
x-powered-by
PHP/5.4.45
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
set-cookie
PHPSESSID=7cfcc71fcbf6a483876e6e5cb89af9dd; path=/
vary
Accept-Encoding
content-encoding
gzip
content-length
1271
content-type
text/html
47382
cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/47382?category=lesbian_dating
Protocol
HTTP/1.1
Server
52.6.203.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-203-110.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-requested-with
Origin
http://speedflow.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
Cowboy
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Access-Control-Allow-Headers
x-requested-with
Access-Control-Expose-Headers
access-control-allow-origin,access-control-allow-methods,access-control-allow-headers
Date
Mon, 09 Nov 2020 03:28:59 GMT
Transfer-Encoding
chunked
Via
1.1 vegur
47382
cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/47382?category=lesbian_dating
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.203.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-203-110.compute-1.amazonaws.com
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With
XMLHttpRequest

Response headers

Date
Mon, 09 Nov 2020 03:28:59 GMT
Content-Encoding
gzip
Server
nginx/1.16.1 (Ubuntu)
X-Request-Url
http://traffdaq.com/delivery/pu/47382?category=lesbian_dating
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
server,date,content-type,transfer-encoding,connection,content-encoding,x-final-url,access-control-allow-origin
Connection
keep-alive
X-Cors-Redirect-1
301 https://traffdaq.com/delivery/pu/47382?category=lesbian_dating
X-Final-Url
https://traffdaq.com/delivery/pu/47382?category=lesbian_dating
Via
1.1 vegur
47382
traffdaq.com/delivery/directlink/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6ImNtQVlpaVpWdGp4UWpuZU50bTZwbEE9PSIsInZhbHVlIjoib0lTREIwbjg3RFdtMU9PNmQ2aDV4MGlhZjBwT01XR3BydWh0bldOTVFiVW9jaVQ3R3J2ZUtVeEZQWk56TDhWTlVlNlphS3UwdTI1eDRRQldCMVJRVlArQTljUmYyT0d3QUhwcEVyeWhqeW9ZSXlCY2VIU2VqbVVQVGZHeE55bkFNVVhuQllQeklrSzJsWVZjNjd4YWl5dkNQd0VXV2ViQ3ozT255WlVidmRQeWR2K25mcTlCcHhDSmh6b3B1cUVcL1V0ZHRhc1lrUSttQjdiWGJvXC9JaWhBPT0iLCJtYWMiOiIzOTVkZjJkYjU2MmM3ZmFjMzgyZWU3MThlZTdiNThjMjEwMDMyZDllNDZkMjIxOTI1MDY5OWMyMzdmOGUxZTYzIn0%3D
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash
5eb910ed495510072ff0dcb6da3f6a198edff7d88a9a456aa6356f98ea96b732

Request headers

Host
traffdaq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/

Response headers

Server
nginx/1.16.1 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Cache-Control
no-cache
Date
Mon, 09 Nov 2020 03:28:59 GMT
Content-Encoding
gzip
eyJpdiI6IlpZZHE1ZXg2dWZjK2tyMVFhaDJjK2c9PSIsInZhbHVlIjoieE50dElQbUx6c1NlSk94eXFDaWllSWRyVllRWUxuQm43cWVLZXI0dWwxMlJaaDh6Y3Q3cmU0VzliV1JpNDQ3S282bWUzNE5iZStYMDJTXC96b1NvMzZBPT0iLCJtYWMiOiIzNGRjZGFjY...
traffdaq.com/users/track/ 		0
860 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://traffdaq.com/users/track/eyJpdiI6IlpZZHE1ZXg2dWZjK2tyMVFhaDJjK2c9PSIsInZhbHVlIjoieE50dElQbUx6c1NlSk94eXFDaWllSWRyVllRWUxuQm43cWVLZXI0dWwxMlJaaDh6Y3Q3cmU0VzliV1JpNDQ3S282bWUzNE5iZStYMDJTXC96b1NvMzZBPT0iLCJtYWMiOiIzNGRjZGFjYmQ4NWIxNTg5Zjk4MGUzNGY1MmIwMTQ4ZDU3NmFhNzYzYjg0OTk3ZjZkNmY5MDk4ZjIwN2EyNWZjIn0%3D
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6ImNtQVlpaVpWdGp4UWpuZU50bTZwbEE9PSIsInZhbHVlIjoib0lTREIwbjg3RFdtMU9PNmQ2aDV4MGlhZjBwT01XR3BydWh0bldOTVFiVW9jaVQ3R3J2ZUtVeEZQWk56TDhWTlVlNlphS3UwdTI1eDRRQldCMVJRVlArQTljUmYyT0d3QUhwcEVyeWhqeW9ZSXlCY2VIU2VqbVVQVGZHeE55bkFNVVhuQllQeklrSzJsWVZjNjd4YWl5dkNQd0VXV2ViQ3ozT255WlVidmRQeWR2K25mcTlCcHhDSmh6b3B1cUVcL1V0ZHRhc1lrUSttQjdiWGJvXC9JaWhBPT0iLCJtYWMiOiIzOTVkZjJkYjU2MmM3ZmFjMzgyZWU3MThlZTdiNThjMjEwMDMyZDllNDZkMjIxOTI1MDY5OWMyMzdmOGUxZTYzIn0%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 09 Nov 2020 03:29:00 GMT
Cache-Control
no-cache
Server
nginx/1.16.1 (Ubuntu)
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
implement.js
c.securepaths.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://c.securepaths.com/js/implement.js?org=FziBhN0qA1aE5tBQrQLl&s=5fa8b77b55e16&p=TDQ47382&a=47382&cmp=47382&rd=http%3A%2F%2Fspeedflow.io%2F&rt=click&sl=0&stId=0&ty=l
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6ImNtQVlpaVpWdGp4UWpuZU50bTZwbEE9PSIsInZhbHVlIjoib0lTREIwbjg3RFdtMU9PNmQ2aDV4MGlhZjBwT01XR3BydWh0bldOTVFiVW9jaVQ3R3J2ZUtVeEZQWk56TDhWTlVlNlphS3UwdTI1eDRRQldCMVJRVlArQTljUmYyT0d3QUhwcEVyeWhqeW9ZSXlCY2VIU2VqbVVQVGZHeE55bkFNVVhuQllQeklrSzJsWVZjNjd4YWl5dkNQd0VXV2ViQ3ozT255WlVidmRQeWR2K25mcTlCcHhDSmh6b3B1cUVcL1V0ZHRhc1lrUSttQjdiWGJvXC9JaWhBPT0iLCJtYWMiOiIzOTVkZjJkYjU2MmM3ZmFjMzgyZWU3MThlZTdiNThjMjEwMDMyZDllNDZkMjIxOTI1MDY5OWMyMzdmOGUxZTYzIn0%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Nov 2020 03:28:59 GMT
via
1.1 google
status
401
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
x-xss-protection
0
expires
0
fingerprint2.min.js
cdn.jsdelivr.net/fingerprintjs2/1.4.0/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/fingerprintjs2/1.4.0/fingerprint2.min.js
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6ImNtQVlpaVpWdGp4UWpuZU50bTZwbEE9PSIsInZhbHVlIjoib0lTREIwbjg3RFdtMU9PNmQ2aDV4MGlhZjBwT01XR3BydWh0bldOTVFiVW9jaVQ3R3J2ZUtVeEZQWk56TDhWTlVlNlphS3UwdTI1eDRRQldCMVJRVlArQTljUmYyT0d3QUhwcEVyeWhqeW9ZSXlCY2VIU2VqbVVQVGZHeE55bkFNVVhuQllQeklrSzJsWVZjNjd4YWl5dkNQd0VXV2ViQ3ozT255WlVidmRQeWR2K25mcTlCcHhDSmh6b3B1cUVcL1V0ZHRhc1lrUSttQjdiWGJvXC9JaWhBPT0iLCJtYWMiOiIzOTVkZjJkYjU2MmM3ZmFjMzgyZWU3MThlZTdiNThjMjEwMDMyZDllNDZkMjIxOTI1MDY5OWMyMzdmOGUxZTYzIn0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
976528
x-cache
HIT, HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
10191
etag
W/"83f3-ijg3WuTgKQH1Hch06eHdIajrA24"
x-served-by
cache-fra19149-FRA, cache-hhn4025-HHN
date
Mon, 09 Nov 2020 03:28:59 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
47382
traffdaq.com/delivery/directlink/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlcwNEVnRHdoN3JTQVBSRnRXWDM0Qnc9PSIsInZhbHVlIjoiTFFLcUV6TjZVRnNBRXEzOWhFT1pIZno4bWNGVmF6aDF1XC9WcnNRTFdBeXhad0JBTzlRY1JpT2JsTVZUZVJVSzhaTE90QXFBYzVIclRIZDBSd2lSaDN1cFZuU3JiK09vVTZKVWYwbDlPWUVXTzRWRk1sNUV4bzUzMm5UNmNNVGkyU28xY0QzN1l2N0NtazdvdStDeG9mNHpLUEIxMk1lUFM5b2h0OVwveE9ISzIreDBBV1dFdFptM1FibG1WbDNDVGNwd2lcL3o4R25PdHpDSVhKb1hoekF5UmJTbUpuMEtnYWxkcWNoZE51OGNST0x0MzljK2pOV1BuQU1uenl0SUt6eTk0bXZ5UTlGb001ZkZzZ1lsQUVKVk5WVUN6cFMwVkN0OFNhMmpNR0paR08xaUFHeVBRZ0N2Ykdid1E0aWlRMEgiLCJtYWMiOiJmOTk3MTRmMTI5ZmY3MTkyNTYxY2M1ZDkyMTU5ZWM4NWZkOWJlZWQ2M2JmNjFkMDY0NGJmODFmYmFhNzY4NDc2In0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6ImNtQVlpaVpWdGp4UWpuZU50bTZwbEE9PSIsInZhbHVlIjoib0lTREIwbjg3RFdtMU9PNmQ2aDV4MGlhZjBwT01XR3BydWh0bldOTVFiVW9jaVQ3R3J2ZUtVeEZQWk56TDhWTlVlNlphS3UwdTI1eDRRQldCMVJRVlArQTljUmYyT0d3QUhwcEVyeWhqeW9ZSXlCY2VIU2VqbVVQVGZHeE55bkFNVVhuQllQeklrSzJsWVZjNjd4YWl5dkNQd0VXV2ViQ3ozT255WlVidmRQeWR2K25mcTlCcHhDSmh6b3B1cUVcL1V0ZHRhc1lrUSttQjdiWGJvXC9JaWhBPT0iLCJtYWMiOiIzOTVkZjJkYjU2MmM3ZmFjMzgyZWU3MThlZTdiNThjMjEwMDMyZDllNDZkMjIxOTI1MDY5OWMyMzdmOGUxZTYzIn0%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash
d4fe1303c3df69465ec3ad9f544c264d4771faa2bc4c8e09a6b8cbea5e644c7e

Request headers

Host
traffdaq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6ImNtQVlpaVpWdGp4UWpuZU50bTZwbEE9PSIsInZhbHVlIjoib0lTREIwbjg3RFdtMU9PNmQ2aDV4MGlhZjBwT01XR3BydWh0bldOTVFiVW9jaVQ3R3J2ZUtVeEZQWk56TDhWTlVlNlphS3UwdTI1eDRRQldCMVJRVlArQTljUmYyT0d3QUhwcEVyeWhqeW9ZSXlCY2VIU2VqbVVQVGZHeE55bkFNVVhuQllQeklrSzJsWVZjNjd4YWl5dkNQd0VXV2ViQ3ozT255WlVidmRQeWR2K25mcTlCcHhDSmh6b3B1cUVcL1V0ZHRhc1lrUSttQjdiWGJvXC9JaWhBPT0iLCJtYWMiOiIzOTVkZjJkYjU2MmM3ZmFjMzgyZWU3MThlZTdiNThjMjEwMDMyZDllNDZkMjIxOTI1MDY5OWMyMzdmOGUxZTYzIn0%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
tdqct=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6ImNtQVlpaVpWdGp4UWpuZU50bTZwbEE9PSIsInZhbHVlIjoib0lTREIwbjg3RFdtMU9PNmQ2aDV4MGlhZjBwT01XR3BydWh0bldOTVFiVW9jaVQ3R3J2ZUtVeEZQWk56TDhWTlVlNlphS3UwdTI1eDRRQldCMVJRVlArQTljUmYyT0d3QUhwcEVyeWhqeW9ZSXlCY2VIU2VqbVVQVGZHeE55bkFNVVhuQllQeklrSzJsWVZjNjd4YWl5dkNQd0VXV2ViQ3ozT255WlVidmRQeWR2K25mcTlCcHhDSmh6b3B1cUVcL1V0ZHRhc1lrUSttQjdiWGJvXC9JaWhBPT0iLCJtYWMiOiIzOTVkZjJkYjU2MmM3ZmFjMzgyZWU3MThlZTdiNThjMjEwMDMyZDllNDZkMjIxOTI1MDY5OWMyMzdmOGUxZTYzIn0%3D

Response headers

Server
nginx/1.16.1 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Cache-Control
no-cache
Date
Mon, 09 Nov 2020 03:29:01 GMT
Content-Encoding
gzip
/
all.obozrevatelcom.info/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://all.obozrevatelcom.info/?p=N2NhMDdmZGEyY2ZiMWIyYTNiMjZhZjgwYmQ2OTVmOWR8Mzg5MTk3fEdlbkxpbmt8fDEwMDB8NTE2Nzg3MjA=&v=2&poid=0&coid=0
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlcwNEVnRHdoN3JTQVBSRnRXWDM0Qnc9PSIsInZhbHVlIjoiTFFLcUV6TjZVRnNBRXEzOWhFT1pIZno4bWNGVmF6aDF1XC9WcnNRTFdBeXhad0JBTzlRY1JpT2JsTVZUZVJVSzhaTE90QXFBYzVIclRIZDBSd2lSaDN1cFZuU3JiK09vVTZKVWYwbDlPWUVXTzRWRk1sNUV4bzUzMm5UNmNNVGkyU28xY0QzN1l2N0NtazdvdStDeG9mNHpLUEIxMk1lUFM5b2h0OVwveE9ISzIreDBBV1dFdFptM1FibG1WbDNDVGNwd2lcL3o4R25PdHpDSVhKb1hoekF5UmJTbUpuMEtnYWxkcWNoZE51OGNST0x0MzljK2pOV1BuQU1uenl0SUt6eTk0bXZ5UTlGb001ZkZzZ1lsQUVKVk5WVUN6cFMwVkN0OFNhMmpNR0paR08xaUFHeVBRZ0N2Ykdid1E0aWlRMEgiLCJtYWMiOiJmOTk3MTRmMTI5ZmY3MTkyNTYxY2M1ZDkyMTU5ZWM4NWZkOWJlZWQ2M2JmNjFkMDY0NGJmODFmYmFhNzY4NDc2In0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.40.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.130.40.76.144.clients.your-server.de
Software
nginx /
Resource Hash
628ec72607434db08a24eb1148d6173a71ff9385ff91c7a9ecd884ebe0b0a144
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
all.obozrevatelcom.info
:scheme
https
:path
/?p=N2NhMDdmZGEyY2ZiMWIyYTNiMjZhZjgwYmQ2OTVmOWR8Mzg5MTk3fEdlbkxpbmt8fDEwMDB8NTE2Nzg3MjA=&v=2&poid=0&coid=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlcwNEVnRHdoN3JTQVBSRnRXWDM0Qnc9PSIsInZhbHVlIjoiTFFLcUV6TjZVRnNBRXEzOWhFT1pIZno4bWNGVmF6aDF1XC9WcnNRTFdBeXhad0JBTzlRY1JpT2JsTVZUZVJVSzhaTE90QXFBYzVIclRIZDBSd2lSaDN1cFZuU3JiK09vVTZKVWYwbDlPWUVXTzRWRk1sNUV4bzUzMm5UNmNNVGkyU28xY0QzN1l2N0NtazdvdStDeG9mNHpLUEIxMk1lUFM5b2h0OVwveE9ISzIreDBBV1dFdFptM1FibG1WbDNDVGNwd2lcL3o4R25PdHpDSVhKb1hoekF5UmJTbUpuMEtnYWxkcWNoZE51OGNST0x0MzljK2pOV1BuQU1uenl0SUt6eTk0bXZ5UTlGb001ZkZzZ1lsQUVKVk5WVUN6cFMwVkN0OFNhMmpNR0paR08xaUFHeVBRZ0N2Ykdid1E0aWlRMEgiLCJtYWMiOiJmOTk3MTRmMTI5ZmY3MTkyNTYxY2M1ZDkyMTU5ZWM4NWZkOWJlZWQ2M2JmNjFkMDY0NGJmODFmYmFhNzY4NDc2In0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlcwNEVnRHdoN3JTQVBSRnRXWDM0Qnc9PSIsInZhbHVlIjoiTFFLcUV6TjZVRnNBRXEzOWhFT1pIZno4bWNGVmF6aDF1XC9WcnNRTFdBeXhad0JBTzlRY1JpT2JsTVZUZVJVSzhaTE90QXFBYzVIclRIZDBSd2lSaDN1cFZuU3JiK09vVTZKVWYwbDlPWUVXTzRWRk1sNUV4bzUzMm5UNmNNVGkyU28xY0QzN1l2N0NtazdvdStDeG9mNHpLUEIxMk1lUFM5b2h0OVwveE9ISzIreDBBV1dFdFptM1FibG1WbDNDVGNwd2lcL3o4R25PdHpDSVhKb1hoekF5UmJTbUpuMEtnYWxkcWNoZE51OGNST0x0MzljK2pOV1BuQU1uenl0SUt6eTk0bXZ5UTlGb001ZkZzZ1lsQUVKVk5WVUN6cFMwVkN0OFNhMmpNR0paR08xaUFHeVBRZ0N2Ykdid1E0aWlRMEgiLCJtYWMiOiJmOTk3MTRmMTI5ZmY3MTkyNTYxY2M1ZDkyMTU5ZWM4NWZkOWJlZWQ2M2JmNjFkMDY0NGJmODFmYmFhNzY4NDc2In0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Response headers

status
200
server
nginx
date
Mon, 09 Nov 2020 03:29:01 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding
x-frame-options
DENY
expires
Mon, 09 Nov 2020 03:29:01 +0000
cache-control
no-cache, must-revalidate
pragma
no-cache
x-robots-tag
noindex
referer
strict-transport-security
max-age=31536000
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
public-key-pins-report-only
pin-sha256="7lBfQKfoMCy39EXTFdxjoUvP87rYEbuya2kzN6/f4wE="; pin-sha256="efRXWfSs2jsGspReg4wM6BZec+gy29/uyIFXlD2sg2c="; max-age=31536000; includeSubDomains; report-uri="https://traffstock.net/?mod=ticket_system&do=ticket_create"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-encoding
gzip
/
all.obozrevatelcom.info/ 		227 B
888 B 		Script
General
Check archive.org
Download Go to
Full URL
https://all.obozrevatelcom.info/?p=OTE5ZjFmNzU0MTYwZGYxZjQ4Zjk0M2Q5NTE5Mjg0YWZ8Mzg5MTk3fEdlbkxpbmt8fDEwMDB8NzU5OTUzNDE=&v=2&poid=0&r=https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlcwNEVnRHdoN3JTQVBSRnRXWDM0Qnc9PSIsInZhbHVlIjoiTFFLcUV6TjZVRnNBRXEzOWhFT1pIZno4bWNGVmF6aDF1XC9WcnNRTFdBeXhad0JBTzlRY1JpT2JsTVZUZVJVSzhaTE90QXFBYzVIclRIZDBSd2lSaDN1cFZuU3JiK09vVTZKVWYwbDlPWUVXTzRWRk1sNUV4bzUzMm5UNmNNVGkyU28xY0QzN1l2N0NtazdvdStDeG9mNHpLUEIxMk1lUFM5b2h0OVwveE9ISzIreDBBV1dFdFptM1FibG1WbDNDVGNwd2lcL3o4R25PdHpDSVhKb1hoekF5UmJTbUpuMEtnYWxkcWNoZE51OGNST0x0MzljK2pOV1BuQU1uenl0SUt6eTk0bXZ5UTlGb001ZkZzZ1lsQUVKVk5WVUN6cFMwVkN0OFNhMmpNR0paR08xaUFHeVBRZ0N2Ykdid1E0aWlRMEgiLCJtYWMiOiJmOTk3MTRmMTI5ZmY3MTkyNTYxY2M1ZDkyMTU5ZWM4NWZkOWJlZWQ2M2JmNjFkMDY0NGJmODFmYmFhNzY4NDc2In0=&fp=66abd220fd1aeed21a48c2d9b60f0bf8&poid=0&coid=0&icn_directlink=1&alin=0&callback=jsonp_nk0ftsupbe9qeq5
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.40.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.130.40.76.144.clients.your-server.de
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 03:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
status
200
vary
Accept-Encoding, Accept-Encoding
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
x-frame-options
DENY
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
cache-control
no-cache, must-revalidate
referer
x-robots-tag
noindex
public-key-pins-report-only
pin-sha256="7lBfQKfoMCy39EXTFdxjoUvP87rYEbuya2kzN6/f4wE="; pin-sha256="efRXWfSs2jsGspReg4wM6BZec+gy29/uyIFXlD2sg2c="; max-age=31536000; includeSubDomains; report-uri="https://traffstock.net/?mod=ticket_system&do=ticket_create"
expires
Mon, 09 Nov 2020 03:29:02 +0000
Cookie set 8Jas1oMAHy3qF-xTQQA8j4CAENINAASAI9-iRYA
expert2020software.com/
Redirect Chain
  • https://btcxxx.ru/searchsatfir/search.php?Q=KEYWORD&utm_source=traffstock.net&utm_medium=stream&utm_campaign=0&utm_content=source_V1yiifwjdwDJJ7VwmSB5xOmLiyS2FXKQ2Qb6QWS6BOTLiL_B0Lk@
  • http://expert2020software.com/8Jas1oMAHy3qF-xTQQA8j4CAENINAASAI9-iRYA
7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://expert2020software.com/8Jas1oMAHy3qF-xTQQA8j4CAENINAASAI9-iRYA
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Server
188.72.236.136 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
1f2-12-d2456-136.webazilla.com
Software
nginx/1.18.0 /
Resource Hash
2ec70b80e9aa655ef32e072f3f3823332914856659d636b6d24923851165beee

Request headers

Host
expert2020software.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://all.obozrevatelcom.info/?p=N2NhMDdmZGEyY2ZiMWIyYTNiMjZhZjgwYmQ2OTVmOWR8Mzg5MTk3fEdlbkxpbmt8fDEwMDB8NTE2Nzg3MjA=&v=2&poid=0&coid=0

Response headers

Server
nginx/1.18.0
Date
Mon, 09 Nov 2020 03:29:02 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
bd_context=JHzXrjbX+GPhjIJhPj/eNJI4h2yQNxy2acq7WDZT1Jqx149cLUyNWOGwavCW0UxKdKWqrxkHfaEAFQnTBNfRj1mvuAxFmA/3ODIbFPnJbNftaOxqpYBfKayge1cNtNv0AwKBMJuw4q5ADQDttoy9wHZ762AJPJepsYG10IFcFWzJFK+deHNHYn1gUr9CC6cV9jTmvUngCiSeO/0JlJbujWKYtENQ3hyIWoZ5dokxWnLSMqPGWgbQfcb7FG0o8yEDUx/4gMn84IfUBigLysHX6wnGf0macV3pnqknWhGOZyFBIT9ZyIhk7QkKFohJkQ==; Expires=Tue, 09 Nov 2021 03:29:02 GMT

Redirect headers

status
302
expires
Tue, 03 Jul 2001 06:00:00 GMT
last-modified
Mon, 09 Nov 2020 03:29:02 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma
no-cache
location
http://expert2020software.com/8Jas1oMAHy3qF-xTQQA8j4CAENINAASAI9-iRYA
content-type
text/html; charset=UTF-8
content-length
7
content-encoding
br
vary
Accept-Encoding,User-Agent
date
Mon, 09 Nov 2020 03:29:02 GMT
server
LiteSpeed
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
Primary Request Cookie set landing_page_272
adultfriendfinder.com/go/page/
Redirect Chain
  • http://adultfriendfinder.com/go/p2082988.sub[Sub_ID]?&sub_id=282033&tpa=AHy3qF-xTQQA8j4CAENINAASAI9-iRYA
  • https://adultfriendfinder.com/go/p2082988.sub[Sub_ID]?&sub_id=282033&tpa=AHy3qF-xTQQA8j4CAENINAASAI9-iRYA
  • https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=AHy3qF-xTQQA8j4CAENINAASAI9-iRYA
30 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=AHy3qF-xTQQA8j4CAENINAASAI9-iRYA
Requested by
Host: expert2020software.com
URL: http://expert2020software.com/8Jas1oMAHy3qF-xTQQA8j4CAENINAASAI9-iRYA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.165.107.69 , United States, ASN25875 (VARIO, US),
Reverse DNS
Software
Apache /
Resource Hash
8b8ddee9bf1e3c9ec91342ba6fe4210d91e38bd3d94f93b265fcb45c08b04e43
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Host
adultfriendfinder.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://expert2020software.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ALPO=198973601; click_id_time=1755709454_2020-11-08 19:29:03; AB_TRACKING=aypLC79AV04Jehmf4teLYZ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://expert2020software.com/8Jas1oMAHy3qF-xTQQA8j4CAENINAASAI9-iRYA

Response headers

Date
Mon, 09 Nov 2020 03:29:03 GMT
Server
Apache
Set-Cookie
ffadult_who=r_0_4L5OUS_4V6cVtFSxSjP6ggB4bxPe23kUWtFfQ0TXebC6iWgSgGHiNiNojk09f8dnaMVMRo72bmVrvmmrvNtHkH2b6lrVxWl/uHVrQg0QNFYABXd4_5RgMafCNTTQMBuBK_CCFtm0G45pKhBlskpLMdHQNdZ1uqZByfmjdbfASRPoc8E0Is3E4Rg1GW/_IFPHr/hC84C5GPQfAZ2QrM3A--; path=/; domain=.adultfriendfinder.com; expires=Wed, 09-Nov-2022 03:29:04 GMT v_hash=_german_0; path=/; domain=.adultfriendfinder.com; expires=Wed, 09-Dec-2020 03:29:04 GMT IP_COUNTRY=Switzerland; path=/; domain=.adultfriendfinder.com; expires=Wed, 09-Dec-2020 03:29:04 GMT ffadult_tr=r_pJYanwrHKz1as8Ucj7qYzHF8u2QwWFC35r7IXPNnPFWu2zSJZ2AuSFgJWKtwWgqN; path=/; domain=.adultfriendfinder.com; expires=Wed, 09-Dec-2020 03:29:04 GMT LOCATION_FROM_IP=country&Switzerland&area_code&0&longitude&8.4450&country_name&Switzerland&lat&47.3940&region_name&Zurich&country_code&CH&region&25&state&&city&Zurich&postal_code&8010&latitude&47.3940&lon&8.4450&dma_code&0&country_code3&CHE; path=/; domain=.adultfriendfinder.com; expires=Wed, 09-Dec-2020 03:29:04 GMT HISTORY=20201108-1-Dc; path=/; domain=.adultfriendfinder.com; expires=Wed, 09-Dec-2020 03:29:04 GMT throttling={"time":1604892544,"GTM":0,"AppD":1}; path=/; domain=.adultfriendfinder.com; expires=Wed, 09-Dec-2020 03:29:04 GMT
X-PERF
0.108531,0.047280,TS_2_0.0005170,TM_18_0.0086570,DB_6_0.0061160,CD_22_0.0141660,FS_10_0.0069610,PK_1_0.0000460,CE_17_0.0247880
Strict-Transport-Security
max-age=300; includeSubDomains
X-Frame-Options
SAMEORIGIN
ETag
TESTBED
P3P
CP="DSP LAW"
X-ApacheServer
ki205-241.friendfinderinc.com
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
6791
Keep-Alive
timeout=5
Connection
Keep-Alive
Content-Type
text/html;charset=UTF-8

Redirect headers

Date
Mon, 09 Nov 2020 03:29:03 GMT
Server
Apache
Strict-Transport-Security
max-age=300; includeSubDomains
X-PERF
0.222575,0.139075,DB_23_0.0224950,CD_19_0.0133660,PK_2_0.0000890,CE_25_0.0475500
Location
https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=AHy3qF-xTQQA8j4CAENINAASAI9-iRYA
Set-Cookie
ALPO=198973601; path=/; domain=.adultfriendfinder.com; expires=Wed, 09-Dec-2020 03:29:03 GMT click_id_time=1755709454_2020-11-08 19:29:03; path=/; domain=.adultfriendfinder.com; expires=Wed, 09-Dec-2020 03:29:03 GMT AB_TRACKING=aypLC79AV04Jehmf4teLYZ; path=/; domain=.adultfriendfinder.com; expires=Wed, 09-Dec-2020 03:29:03 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
292
Keep-Alive
timeout=5
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
header.css
adultfriendfinder.com/images/ffadult/css/ 		1 B
652 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adultfriendfinder.com/images/ffadult/css/header.css
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=AHy3qF-xTQQA8j4CAENINAASAI9-iRYA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.165.107.69 , United States, ASN25875 (VARIO, US),
Reverse DNS
Software
Apache /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ApacheServer
ki305-371.friendfinderinc.com
Date
Mon, 09 Nov 2020 03:29:04 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Mon, 13 Jul 2020 08:07:21 GMT
Server
Apache
ETag
"fbdc450-1-5aa4e2e252ccb"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubDomains
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
21
css
fonts.googleapis.com/ 		3 KB
641 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:300,400
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=AHy3qF-xTQQA8j4CAENINAASAI9-iRYA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f6e43907a75f2d7ad44d2646b7023dba3d630617ae7470a188dfdc1f9833f075
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 09 Nov 2020 03:29:04 GMT
server
ESF
date
Mon, 09 Nov 2020 03:29:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 09 Nov 2020 03:29:04 GMT
bootstrap.min.css
secureimage.securedataimages.com/images/ffadult/landing_pages/212/css/ 		138 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secureimage.securedataimages.com/images/ffadult/landing_pages/212/css/bootstrap.min.css
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=AHy3qF-xTQQA8j4CAENINAASAI9-iRYA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.220 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE6) /
Resource Hash
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 03:29:04 GMT
content-encoding
gzip
last-modified
Thu, 31 May 2018 10:35:27 GMT
server
ECS (mil/6CE6)
age
2278120
etag
"fbe28ab-22682-56d7e06947c1e"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
expires
Wed, 09 Dec 2020 03:29:04 GMT
cache-control
max-age=2592000
accept-ranges
bytes
content-length
21086
x-cache-hits
2
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=AHy3qF-xTQQA8j4CAENINAASAI9-iRYA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 22:10:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19117
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 08 Nov 2021 22:10:27 GMT
ffadult-german-confirm_alert-1535586440.js
secureimage.securedataimages.com/javascript/live_cd/secure/ 		316 B
355 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secureimage.securedataimages.com/javascript/live_cd/secure/ffadult-german-confirm_alert-1535586440.js
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=AHy3qF-xTQQA8j4CAENINAASAI9-iRYA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.220 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF6) /
Resource Hash
397eb1c0aac253e26a31ab73a8d105eeee0d5356366b418d44bcaa82d6f0b995

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-perf
0.011461,0.011416,CD_1_0.0000450
date
Mon, 09 Nov 2020 03:29:04 GMT
content-encoding
gzip
last-modified
Mon, 12 Oct 2020 04:28:01 GMT
server
ECS (mil/6CF6)
age
2415663
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
expires
Wed, 09 Dec 2020 03:29:04 GMT
cache-control
max-age=2592000
accept-ranges
bytes
content-length
229
x-cache-hits
23
bootstrap.min.js
secureimage.securedataimages.com/images/ffadult/landing_pages/212/js/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureimage.securedataimages.com/images/ffadult/landing_pages/212/js/bootstrap.min.js
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=AHy3qF-xTQQA8j4CAENINAASAI9-iRYA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.220 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CEC) /
Resource Hash
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 03:29:04 GMT
content-encoding
gzip
last-modified
Thu, 31 May 2018 10:35:12 GMT
server
ECS (mil/6CEC)
age
2451143
etag
"fbe28ba-c62b-56d7e05b43eab"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
expires
Wed, 09 Dec 2020 03:29:04 GMT
cache-control
max-age=2592000
accept-ranges
bytes
content-length
14048
x-cache-hits
19
logo_red_wht.png
secureimage.securedataimages.com/images/ffadult/logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secureimage.securedataimages.com/images/ffadult/logos/logo_red_wht.png
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=AHy3qF-xTQQA8j4CAENINAASAI9-iRYA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.220 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF2) /
Resource Hash
b95bb2845a1ea6f282b49bcfb3844b7e494a549ab17d14ff8bd160cbdc1fe691

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 03:29:04 GMT
last-modified
Thu, 06 Feb 2014 22:46:37 GMT
server
ECS (mil/6CF2)
age
15869
etag
"fbe6443-1410-4f1c4a56a7bb9"
x-cache
HIT
content-type
image/png
status
200
expires
Wed, 09 Dec 2020 03:29:04 GMT
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5136
x-cache-hits
1
jquery-1.11.0.min.js
secureimage.securedataimages.com/images/common/js/jquery/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureimage.securedataimages.com/images/common/js/jquery/jquery-1.11.0.min.js
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=AHy3qF-xTQQA8j4CAENINAASAI9-iRYA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.220 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CEC) /
Resource Hash
af2419dd15e09ea913cfe94d130f9870486732e57764e0f02ea3846f204146ee

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 03:29:04 GMT
content-encoding
gzip
last-modified
Wed, 23 Apr 2014 21:00:54 GMT
server
ECS (mil/6CEC)
age
2456468
etag
"fbcaa73-1787f-4f7bc073a0d80"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
expires
Wed, 09 Dec 2020 03:29:04 GMT
cache-control
max-age=2592000
accept-ranges
bytes
content-length
33375
x-cache-hits
26
keen-tracking.min.js
aff.trackinglibrary.prodperfect.com/ 		70 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aff.trackinglibrary.prodperfect.com/keen-tracking.min.js
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=AHy3qF-xTQQA8j4CAENINAASAI9-iRYA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:aa00:1c:e067:200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5970265baad138586a80f10ae2a655c08596685c297ebb841f45b4234d0c8bca

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
wQTnDvuB2vZJBU577gxabMnUN0.BGo5Z
content-encoding
gzip
last-modified
Fri, 17 Apr 2020 19:43:36 GMT
server
AmazonS3
age
8213
etag
"44a5974f23726792e0e2b7553540eb8c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
date
Mon, 09 Nov 2020 01:12:12 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
POR3vu-BeWfrBWrYZHrCEEPiZXoRdUgywBVFT0LnTjyNpMxCMSk2Yw==
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
bg_1.jpg
secureimage.securedataimages.com/images/ffadult/landing_pages/272/image/Desktop/ 		232 KB
232 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secureimage.securedataimages.com/images/ffadult/landing_pages/272/image/Desktop/bg_1.jpg
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=AHy3qF-xTQQA8j4CAENINAASAI9-iRYA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.220 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF3) /
Resource Hash
f4d43ef3d82f98eb2a0831e67b318daaf5e84e7c31eca81e21c10dcd846a5d19

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 03:29:04 GMT
last-modified
Mon, 05 Nov 2018 03:54:07 GMT
server
ECS (mil/6CF3)
age
98335
etag
"fbe3697-3a0cc-579e2d636a202"
x-cache
HIT
content-type
image/jpeg
status
200
expires
Wed, 09 Dec 2020 03:29:04 GMT
cache-control
max-age=2592000
accept-ranges
bytes
content-length
237772
x-cache-hits
0
TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
fonts.gstatic.com/s/oswald/v35/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v35/TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:300,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://adultfriendfinder.com
Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 11:20:36 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Jul 2020 19:17:26 GMT
server
sffe
age
58108
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25376
x-xss-protection
0
expires
Mon, 08 Nov 2021 11:20:36 GMT
bg_2.jpg
secureimage.securedataimages.com/images/ffadult/landing_pages/272/image/Desktop/ 		280 KB
280 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secureimage.securedataimages.com/images/ffadult/landing_pages/272/image/Desktop/bg_2.jpg
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=AHy3qF-xTQQA8j4CAENINAASAI9-iRYA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.220 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE0) /
Resource Hash
55ba92fbf4d0c1cab9bb1a1567edf6e3599a2ed17630270b70cd1370f2c4f7aa

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 09 Nov 2020 03:29:09 GMT
last-modified
Mon, 18 Mar 2019 07:54:53 GMT
server
ECS (mil/6CE0)
age
561869
etag
"fbe36ad-46019-58459b43055df"
x-cache
HIT
content-type
image/jpeg
status
200
expires
Wed, 09 Dec 2020 03:29:09 GMT
cache-control
max-age=2592000
accept-ranges
bytes
content-length
286745
x-cache-hits
1
bg_3.jpg
secureimage.securedataimages.com/images/ffadult/landing_pages/272/image/Desktop/ 		276 KB
276 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secureimage.securedataimages.com/images/ffadult/landing_pages/272/image/Desktop/bg_3.jpg
Requested by
Host: adultfriendfinder.com
URL: https://adultfriendfinder.com/go/page/landing_page_272?pid=p2082988.subSub_ID&ip=auto&no_click=1&alpo_redirect=1&nats=AHy3qF-xTQQA8j4CAENINAASAI9-iRYA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.220 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF1) /
Resource Hash
9636b99bef2ae06bd2e79a4dbe90143db6dec3eeb8070e603745ca569a9b957c

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 08 Nov 2020 23:35:11 GMT
last-modified
Mon, 05 Nov 2018 03:54:07 GMT
server
ECS (mil/6CF1)
age
14044
etag
"fbe36b4-44fa3-579e2d63e2bd8"
x-cache
HIT
content-type
image/jpeg
status
200
expires
Wed, 09 Dec 2020 03:29:14 GMT
cache-control
max-age=2592000
accept-ranges
bytes
content-length
282531
x-cache-hits
2

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| ProdPerfectKeen function| $ function| jQuery object| FFN_MC_confirmAlert object| bootstrap string| hash_string object| hash_array number| last_hash_element function| jump function| Keen function| setImmediate function| clearImmediate

11 Cookies

Domain/Path Name / Value
.adultfriendfinder.com/ Name: throttling
Value: {"time":1604892544,"GTM":0,"AppD":1}
.adultfriendfinder.com/ Name: HISTORY
Value: 20201108-1-Dc
.adultfriendfinder.com/ Name: LOCATION_FROM_IP
Value: country&Switzerland&area_code&0&longitude&8.4450&country_name&Switzerland&lat&47.3940&region_name&Zurich&country_code&CH&region&25&state&&city&Zurich&postal_code&8010&latitude&47.3940&lon&8.4450&dma_code&0&country_code3&CHE
.adultfriendfinder.com/ Name: ffadult_tr
Value: r_pJYanwrHKz1as8Ucj7qYzHF8u2QwWFC35r7IXPNnPFWu2zSJZ2AuSFgJWKtwWgqN
.adultfriendfinder.com/ Name: IP_COUNTRY
Value: Switzerland
.adultfriendfinder.com/ Name: v_hash
Value: _german_0
.adultfriendfinder.com/ Name: ffadult_who
Value: r_0_4L5OUS_4V6cVtFSxSjP6ggB4bxPe23kUWtFfQ0TXebC6iWgSgGHiNiNojk09f8dnaMVMRo72bmVrvmmrvNtHkH2b6lrVxWl/uHVrQg0QNFYABXd4_5RgMafCNTTQMBuBK_CCFtm0G45pKhBlskpLMdHQNdZ1uqZByfmjdbfASRPoc8E0Is3E4Rg1GW/_IFPHr/hC84C5GPQfAZ2QrM3A--
.adultfriendfinder.com/ Name: AB_TRACKING
Value: aypLC79AV04Jehmf4teLYZ
.adultfriendfinder.com/ Name: SC0
Value: Pu17BjPdzO8jVkbljA5/pQOYjGLAW7epXcPQjBu2jAoABbOkKgC3mwAFs6QqALebAAAAAAAAAAAAAAAAAAAAADIsqs9V+k0SuPHxFnKuM8YwLjAA
.adultfriendfinder.com/ Name: click_id_time
Value: 1755709454_2020-11-08 19:29:03
.adultfriendfinder.com/ Name: ALPO
Value: 198973601

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adultfriendfinder.com
aff.trackinglibrary.prodperfect.com
ajax.googleapis.com
all.obozrevatelcom.info
btcxxx.ru
c.securepaths.com
cdn.jsdelivr.net
cors-anywhere.herokuapp.com
expert2020software.com
fonts.googleapis.com
fonts.gstatic.com
manyhit.com
secureimage.securedataimages.com
speedflow.io
traffdaq.com
107.170.39.103
144.76.40.130
162.213.255.36
188.72.236.136
192.229.233.220
198.54.116.135
2600:9000:2156:aa00:1c:e067:200:93a1
2a00:1450:4001:806::200a
2a00:1450:4001:81b::2003
2a00:1450:4001:81f::200a
2a04:4e42:1b::621
35.190.72.161
52.6.203.110
69.165.107.69
88.212.232.188
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2ec70b80e9aa655ef32e072f3f3823332914856659d636b6d24923851165beee
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
397eb1c0aac253e26a31ab73a8d105eeee0d5356366b418d44bcaa82d6f0b995
4ad97ae7123617cd0647990012f72c56c489da67295b7eaa1fc9e7d4176a5b71
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
55ba92fbf4d0c1cab9bb1a1567edf6e3599a2ed17630270b70cd1370f2c4f7aa
5970265baad138586a80f10ae2a655c08596685c297ebb841f45b4234d0c8bca
5eb910ed495510072ff0dcb6da3f6a198edff7d88a9a456aa6356f98ea96b732
628ec72607434db08a24eb1148d6173a71ff9385ff91c7a9ecd884ebe0b0a144
8b8ddee9bf1e3c9ec91342ba6fe4210d91e38bd3d94f93b265fcb45c08b04e43
9636b99bef2ae06bd2e79a4dbe90143db6dec3eeb8070e603745ca569a9b957c
af2419dd15e09ea913cfe94d130f9870486732e57764e0f02ea3846f204146ee
b95bb2845a1ea6f282b49bcfb3844b7e494a549ab17d14ff8bd160cbdc1fe691
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
d4fe1303c3df69465ec3ad9f544c264d4771faa2bc4c8e09a6b8cbea5e644c7e
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
f4d43ef3d82f98eb2a0831e67b318daaf5e84e7c31eca81e21c10dcd846a5d19
f6e43907a75f2d7ad44d2646b7023dba3d630617ae7470a188dfdc1f9833f075
fd0cc5a82092ac4cdd7483271024ea5c45762e6c90e7907eb6eecde56539d743