Submitted URL: http://speedflow.io/adult/?a=rr
Effective URL: http://www.adzbux.com/mass.php
Submission Tags: demotag1 demotag2 Search All
Submission: On November 08 via api from US

Summary

This website contacted 16 IPs in 5 countries across 14 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3033::681f:4b20, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.adzbux.com.
This is the only time www.adzbux.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 198.54.116.135 22612 (NAMECHEAP...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 95.211.229.246 60781 (LEASEWEB-...)
1 162.213.255.36 22612 (NAMECHEAP...)
1 4 107.170.39.103 14061 (DIGITALOC...)
1 35.190.72.161 15169 (GOOGLE)
1 2a04:4e42:1b:... 54113 (FASTLY)
1 4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 62.210.110.189 12876 (Online SAS)
3 148.251.53.118 24940 (HETZNER-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
22 16
Domain Requested by
4 www.adzbux.com 1 redirects traffdaq.com
www.adzbux.com
4 traffdaq.com 1 redirects speedflow.io
traffdaq.com
3 ad.a-ads.com www.adzbux.com
2 moneyonlineinvestment.com 1 redirects www.adzbux.com
2 www.google-analytics.com www.adzbux.com
www.google-analytics.com
1 www.randomadz.com www.adzbux.com
1 www.epicrotator.com www.adzbux.com
1 www.globalrotator.com www.adzbux.com
1 surfujkase.pl www.adzbux.com
1 cdn.jsdelivr.net traffdaq.com
1 c.securepaths.com traffdaq.com
1 manyhit.com speedflow.io
1 syndication.realsrv.com a.realsrv.com
1 a.realsrv.com speedflow.io
1 speedflow.io
22 15

This site contains no links.

Subject Issuer Validity Valid
realsrv.com
Let's Encrypt Authority X3
2020-10-26 -
2021-01-24
3 months crt.sh
traffdaq.com
Let's Encrypt Authority X3
2020-10-31 -
2021-01-29
3 months crt.sh
*.securepaths.com
Let's Encrypt Authority X3
2020-09-22 -
2020-12-21
3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-10-26 -
2021-04-17
6 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-10-20 -
2021-01-12
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-06-07 -
2021-06-07
a year crt.sh
moneyonlineinvestment.com
Sectigo RSA Domain Validation Secure Server CA
2020-08-13 -
2021-08-27
a year crt.sh

This page contains 13 frames:

Primary Page: http://www.adzbux.com/mass.php
Frame ID: 19B6D8DAD73E4B1B1C77BC378E99DC0B
Requests: 10 HTTP requests in this frame

Frame: http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604794207656&sub=&tags=&screen_resolution=1600x1200&el=%22
Frame ID: 17937F1E16B6015247A54987681AEC85
Requests: 1 HTTP requests in this frame

Frame: http://manyhit.com/autosurf_if.php?user=speedflow
Frame ID: EAB40FE8D666ED1FE05A0CF34FACDABB
Requests: 1 HTTP requests in this frame

Frame: https://surfujkase.pl/promuj2.php?id=1
Frame ID: BFBCAD95C981DDA33228FE49407AE30E
Requests: 1 HTTP requests in this frame

Frame: https://moneyonlineinvestment.com/?a_aid=392367
Frame ID: 63016440B5103AC10E2E8036EFF05DE8
Requests: 1 HTTP requests in this frame

Frame: http://ad.a-ads.com/1267021?size=200x200
Frame ID: BFEF50AA5C7E718D8B63BE75B0E47A12
Requests: 1 HTTP requests in this frame

Frame: http://ad.a-ads.com/1302827?size=728x90
Frame ID: 6AA48194A90F25ED2B7A5EB3D03870EA
Requests: 1 HTTP requests in this frame

Frame: http://ad.a-ads.com/1267016?size=160x600
Frame ID: CADB406EE53FE8C993CA99932F40B083
Requests: 1 HTTP requests in this frame

Frame: https://www.globalrotator.com/rotate.php
Frame ID: 9B046E521390C8748A82EB33A89F4679
Requests: 1 HTTP requests in this frame

Frame: https://www.epicrotator.com/rotate.php
Frame ID: FD5E3B6B99D6FE48EC045C280AFD5577
Requests: 1 HTTP requests in this frame

Frame: https://www.randomadz.com/rotate.php
Frame ID: 3557708FA5AC6E136C963B61D4586DB9
Requests: 1 HTTP requests in this frame

Frame: https://www.adzbux.com/mass1.php
Frame ID: 002802022F24F907C4D48625C6865A34
Requests: 1 HTTP requests in this frame

Frame: https://www.adzbux.com/mass1.php
Frame ID: 93BE0BEE15CC4E68F53F6885C0DCC13A
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://speedflow.io/adult/?a=rr Page URL
  2. http://traffdaq.com/delivery/dl/47382?category=bbw HTTP 301
    https://traffdaq.com/delivery/dl/47382?category=bbw Page URL
  3. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InRpTDl5TjBvcVBiR3gwVGxNNVZSK2c9PSIsI... Page URL
  4. http://www.adzbux.com/promote7.php?ref=nikolos1 HTTP 302
    http://www.adzbux.com/mass.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

22
Requests

68 %
HTTPS

56 %
IPv6

14
Domains

15
Subdomains

16
IPs

5
Countries

37 kB
Transfer

91 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://speedflow.io/adult/?a=rr Page URL
  2. http://traffdaq.com/delivery/dl/47382?category=bbw HTTP 301
    https://traffdaq.com/delivery/dl/47382?category=bbw Page URL
  3. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InRpTDl5TjBvcVBiR3gwVGxNNVZSK2c9PSIsInZhbHVlIjoieFZQYzdpR2xrSXpwc1NTU3VcL0cxZDNkNVVVUkdmTEZWYldpTWxONGVaY0l5S3AzWXFaamxuaFdBTHdlb09hWUpSM3NoU3laVWpEUlprMUhwRW5Uc3dFRkpnKzF3ZW5OZjhJUzBFWHRoRVNqaHNmZzlFQ3VxeEVqajI1ZEJCc093WTRySG8zSXdCUUdjXC9ubnFGb25rOHNBN3k3WWZjY1lzemdIUzdoWm9TRnI4UDRyd1RzOWNcLzEyY3RLVmxRQW5vRkt5OVcyNTBVc0xXTkNNa0tJU2lobTlZQWZsUERSQ215K0ZzRnJWcm9UeXlTa25YaHBreHRnRmpRVXFPblwva1pVVG1uTldDSjluRzhSTmdKbU01NjVYSmZ5VHNrb3k1TmI1Q0JWUDVCZ3E0PSIsIm1hYyI6IjcxNTBlZmJjODk0Mzk0MGM0NWE2M2MwODdhNmMwYzA1MTAxMTVmOWJkMzEyOGVlZWQwYjQ0OGI1Yjc3YzVlYmYifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8 Page URL
  4. http://www.adzbux.com/promote7.php?ref=nikolos1 HTTP 302
    http://www.adzbux.com/mass.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://traffdaq.com/delivery/dl/47382?category=bbw HTTP 301
  • https://traffdaq.com/delivery/dl/47382?category=bbw
Request Chain 11
  • https://moneyonlineinvestment.com/r/392367 HTTP 301
  • https://moneyonlineinvestment.com/?a_aid=392367

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
speedflow.io/adult/
1017 B
1 KB
Document
General
Full URL
http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Server
198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server193-5.web-hosting.com
Software
Apache / PHP/7.1.33
Resource Hash

Request headers

Host
speedflow.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr

Response headers

date
Sun, 08 Nov 2020 00:10:07 GMT
server
Apache
x-powered-by
PHP/7.1.33
set-cookie
visits_todaya=1; expires=Sun, 08-Nov-2020 22:59:00 GMT; Max-Age=82133; path=/ time_start=1604794207.53; expires=Sun, 08-Nov-2020 22:59:00 GMT; Max-Age=82133; path=/ ip=82.102.18.235 mobile=0 country=PT visits_todayi=0; expires=Sun, 08-Nov-2020 22:59:00 GMT; Max-Age=82133; path=/
vary
Accept-Encoding
content-encoding
gzip
content-length
542
content-type
text/html; charset=UTF-8
ads.js
a.realsrv.com/
2 KB
1 KB
Script
General
Full URL
https://a.realsrv.com/ads.js
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 00:10:07 GMT
Content-Encoding
gzip
X-HW
1604794207.dop216.fr8.shc,1604794207.dop216.fr8.t,1604794207.cds129.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
928
Cookie set ads-iframe-display.php
syndication.realsrv.com/ Frame 1793
0
0
Document
General
Full URL
http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604794207656&sub=&tags=&screen_resolution=1600x1200&el=%22
Requested by
Host: a.realsrv.com
URL: https://a.realsrv.com/ads.js
Protocol
HTTP/1.1
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
syndication.realsrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/

Response headers

Server
nginx
Date
Sun, 08 Nov 2020 00:10:07 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225fa7375fb97240.484026511347551158%22%3B%7D; expires=Tue, 08 Nov 2022 00:10:07 GMT; path=; domain=.realsrv.com;
Content-Encoding
gzip
autosurf_if.php
manyhit.com/ Frame EAB4
0
0
Document
General
Full URL
http://manyhit.com/autosurf_if.php?user=speedflow
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Server
162.213.255.36 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server145-4.web-hosting.com
Software
Apache / PHP/5.4.45
Resource Hash

Request headers

Host
manyhit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/

Response headers

date
Sun, 08 Nov 2020 00:10:07 GMT
server
Apache
x-powered-by
PHP/5.4.45
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
set-cookie
PHPSESSID=3a3fdb7d29af967fa1e7ad43c2d66495; path=/
vary
Accept-Encoding
content-encoding
gzip
content-length
1265
content-type
text/html
47382
traffdaq.com/delivery/dl/
Redirect Chain
  • http://traffdaq.com/delivery/dl/47382?category=bbw
  • https://traffdaq.com/delivery/dl/47382?category=bbw
3 KB
2 KB
Document
General
Full URL
https://traffdaq.com/delivery/dl/47382?category=bbw
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash
c5ad23349a7d6944ff4df7bb8f8faa3a117fa9a5c20f4e9543e467e42d48a80b

Request headers

Host
traffdaq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/adult/?a=rr

Response headers

Server
nginx/1.16.1 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Cache-Control
no-cache
Date
Sun, 08 Nov 2020 00:10:08 GMT
Content-Encoding
gzip

Redirect headers

Content-length
0
Location
https://traffdaq.com/delivery/dl/47382?category=bbw
Connection
close
eyJpdiI6IkV4S1lQejhCZjROVDZxK2VhSktnZHc9PSIsInZhbHVlIjoiSkZRWmhIUWJVUThDZVM4WTQ4cGdUeXNIZnFCSk9PZjNMZVNxXC9VYit2OHB2SUpLYWZjZTRXVlFDZ1BmSWZPUjhyblZ0MHV4enpaUWl1NDVxc20yOWtnPT0iLCJtYWMiOiI4N2NiZjE2Z...
traffdaq.com/users/track/
0
854 B
Image
General
Full URL
https://traffdaq.com/users/track/eyJpdiI6IkV4S1lQejhCZjROVDZxK2VhSktnZHc9PSIsInZhbHVlIjoiSkZRWmhIUWJVUThDZVM4WTQ4cGdUeXNIZnFCSk9PZjNMZVNxXC9VYit2OHB2SUpLYWZjZTRXVlFDZ1BmSWZPUjhyblZ0MHV4enpaUWl1NDVxc20yOWtnPT0iLCJtYWMiOiI4N2NiZjE2ZDUzZDA0NjRiMzlhMzI2MDE5NTU2MjQ4ZTVkZWQyN2Q3ZTM3N2MzYTViZDI4ZTM5MWVjNWVjNmVhIn0%3D
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=bbw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 08 Nov 2020 00:10:09 GMT
Cache-Control
no-cache
Server
nginx/1.16.1 (Ubuntu)
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
implement.js
c.securepaths.com/js/
0
0
Script
General
Full URL
https://c.securepaths.com/js/implement.js?org=FziBhN0qA1aE5tBQrQLl&s=5fa737602cae1&p=TDQ47382&a=47382&cmp=47382&rd=http%3A%2F%2Fspeedflow.io%2F&rt=click&sl=0&stId=0&ty=l
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=bbw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Nov 2020 00:10:08 GMT
via
1.1 google
status
401
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
x-xss-protection
0
expires
0
fingerprint2.min.js
cdn.jsdelivr.net/fingerprintjs2/1.4.0/
33 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/fingerprintjs2/1.4.0/fingerprint2.min.js
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=bbw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
878197
x-cache
HIT, HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
10191
etag
W/"83f3-ijg3WuTgKQH1Hch06eHdIajrA24"
x-served-by
cache-fra19149-FRA, cache-hhn4060-HHN
date
Sun, 08 Nov 2020 00:10:08 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
47382
traffdaq.com/delivery/directlink/
2 KB
1 KB
Document
General
Full URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InRpTDl5TjBvcVBiR3gwVGxNNVZSK2c9PSIsInZhbHVlIjoieFZQYzdpR2xrSXpwc1NTU3VcL0cxZDNkNVVVUkdmTEZWYldpTWxONGVaY0l5S3AzWXFaamxuaFdBTHdlb09hWUpSM3NoU3laVWpEUlprMUhwRW5Uc3dFRkpnKzF3ZW5OZjhJUzBFWHRoRVNqaHNmZzlFQ3VxeEVqajI1ZEJCc093WTRySG8zSXdCUUdjXC9ubnFGb25rOHNBN3k3WWZjY1lzemdIUzdoWm9TRnI4UDRyd1RzOWNcLzEyY3RLVmxRQW5vRkt5OVcyNTBVc0xXTkNNa0tJU2lobTlZQWZsUERSQ215K0ZzRnJWcm9UeXlTa25YaHBreHRnRmpRVXFPblwva1pVVG1uTldDSjluRzhSTmdKbU01NjVYSmZ5VHNrb3k1TmI1Q0JWUDVCZ3E0PSIsIm1hYyI6IjcxNTBlZmJjODk0Mzk0MGM0NWE2M2MwODdhNmMwYzA1MTAxMTVmOWJkMzEyOGVlZWQwYjQ0OGI1Yjc3YzVlYmYifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=bbw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Host
traffdaq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://traffdaq.com/delivery/dl/47382?category=bbw
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://traffdaq.com/delivery/dl/47382?category=bbw

Response headers

Server
nginx/1.16.1 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Cache-Control
no-cache
Date
Sun, 08 Nov 2020 00:10:14 GMT
Content-Encoding
gzip
Primary Request Cookie set mass.php
www.adzbux.com/
Redirect Chain
  • http://www.adzbux.com/promote7.php?ref=nikolos1
  • http://www.adzbux.com/mass.php
4 KB
2 KB
Document
General
Full URL
http://www.adzbux.com/mass.php
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InRpTDl5TjBvcVBiR3gwVGxNNVZSK2c9PSIsInZhbHVlIjoieFZQYzdpR2xrSXpwc1NTU3VcL0cxZDNkNVVVUkdmTEZWYldpTWxONGVaY0l5S3AzWXFaamxuaFdBTHdlb09hWUpSM3NoU3laVWpEUlprMUhwRW5Uc3dFRkpnKzF3ZW5OZjhJUzBFWHRoRVNqaHNmZzlFQ3VxeEVqajI1ZEJCc093WTRySG8zSXdCUUdjXC9ubnFGb25rOHNBN3k3WWZjY1lzemdIUzdoWm9TRnI4UDRyd1RzOWNcLzEyY3RLVmxRQW5vRkt5OVcyNTBVc0xXTkNNa0tJU2lobTlZQWZsUERSQ215K0ZzRnJWcm9UeXlTa25YaHBreHRnRmpRVXFPblwva1pVVG1uTldDSjluRzhSTmdKbU01NjVYSmZ5VHNrb3k1TmI1Q0JWUDVCZ3E0PSIsIm1hYyI6IjcxNTBlZmJjODk0Mzk0MGM0NWE2M2MwODdhNmMwYzA1MTAxMTVmOWJkMzEyOGVlZWQwYjQ0OGI1Yjc3YzVlYmYifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Protocol
HTTP/1.1
Server
2606:4700:3033::681f:4b20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dd3caea64e2c76f7fff01762cf593ca0f18c32d786a5ff02e32b13796639f53

Request headers

Host
www.adzbux.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=dcbdd3cc8a88c86da757f6c828ee1c6e61604794214
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InRpTDl5TjBvcVBiR3gwVGxNNVZSK2c9PSIsInZhbHVlIjoieFZQYzdpR2xrSXpwc1NTU3VcL0cxZDNkNVVVUkdmTEZWYldpTWxONGVaY0l5S3AzWXFaamxuaFdBTHdlb09hWUpSM3NoU3laVWpEUlprMUhwRW5Uc3dFRkpnKzF3ZW5OZjhJUzBFWHRoRVNqaHNmZzlFQ3VxeEVqajI1ZEJCc093WTRySG8zSXdCUUdjXC9ubnFGb25rOHNBN3k3WWZjY1lzemdIUzdoWm9TRnI4UDRyd1RzOWNcLzEyY3RLVmxRQW5vRkt5OVcyNTBVc0xXTkNNa0tJU2lobTlZQWZsUERSQ215K0ZzRnJWcm9UeXlTa25YaHBreHRnRmpRVXFPblwva1pVVG1uTldDSjluRzhSTmdKbU01NjVYSmZ5VHNrb3k1TmI1Q0JWUDVCZ3E0PSIsIm1hYyI6IjcxNTBlZmJjODk0Mzk0MGM0NWE2M2MwODdhNmMwYzA1MTAxMTVmOWJkMzEyOGVlZWQwYjQ0OGI1Yjc3YzVlYmYifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Response headers

Date
Sun, 08 Nov 2020 00:10:16 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
cf-request-id
0646c9800e0000bebfd8be7000000001
Set-Cookie
__cf_bm=c96bde4c091ad41e4fe439164642f28cab4d3c75-1604794216-1800-AdJ5T3kwudkMwBPvzuDwb7WwYELqY9pgKS6DHibOvTrWVtKBWgEBd8HgaG771mmQsf9h/BhzXjGC5VRFBrueOF0=; path=/; expires=Sun, 08-Nov-20 00:40:16 GMT; domain=.adzbux.com; HttpOnly; SameSite=None
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xAiHdILufRnX3hye4kIThCAlkCcLu6PefimAjMlrSKz%2FzCo7mRQnaWvrJJ7Rs3mBVR8RvwZR%2FysClogolsksJ%2FEe6KCf2qu354WCcJOkZ5zEws4299fuCkGFJA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
5eeb11e01ca9bebf-FRA
Content-Encoding
gzip

Redirect headers

Date
Sun, 08 Nov 2020 00:10:14 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dcbdd3cc8a88c86da757f6c828ee1c6e61604794214; expires=Tue, 08-Dec-20 00:10:14 GMT; path=/; domain=.adzbux.com; HttpOnly; SameSite=Lax __cf_bm=20cf062db83ab314bc118c4af1b3454aa36ad1b8-1604794214-1800-AZ8n5er662GfeN5Zu8L/129IM9eDHaht+Pzn0gXoVCWYckcy/SlsWC+NUhd1fKfzY3Rr4vtWKcl7wZd5gUJgLzs=; path=/; expires=Sun, 08-Nov-20 00:40:14 GMT; domain=.adzbux.com; HttpOnly; SameSite=None
Location
../mass.php
Vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
cf-request-id
0646c97f190000bebfc72e5000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yGb2bT96imR7WMqZlLeC%2FX2sBKgJXxlO1OjcMltYs%2B2q8KmTZ2e9AmDbI1nzzPyF3rwYhv3Sxg%2B9VM7FFc99QArl%2BD%2BFUujr3BRhrDPb0DdVeVolRGcBYv8A5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
5eeb11de8c1dbebf-FRA
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.adzbux.com
URL: http://www.adzbux.com/mass.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
1251
date
Sat, 07 Nov 2020 23:49:25 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sun, 08 Nov 2020 01:49:25 GMT
promuj2.php
surfujkase.pl/ Frame BFBC
0
0
Document
General
Full URL
https://surfujkase.pl/promuj2.php?id=1
Requested by
Host: www.adzbux.com
URL: http://www.adzbux.com/mass.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:b3db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
surfujkase.pl
:scheme
https
:path
/promuj2.php?id=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.adzbux.com/mass.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://www.adzbux.com/mass.php

Response headers

status
200
date
Sun, 08 Nov 2020 00:10:16 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=de29a3c426204cca0b7dae2f8b71021421604794216; expires=Tue, 08-Dec-20 00:10:16 GMT; path=/; domain=.surfujkase.pl; HttpOnly; SameSite=Lax PHPSESSID=te02eoq86epmtnfrftbemtrg7n; path=/; HttpOnly
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
0646c98832000006295f381000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TkasXthw3sFcbcKFgLgKCVXmHtc8AF%2F3qPgi5e6LYpHM7amEFo0d1WQy8CGWch8PM%2FFZ%2FY3bwIBo86%2FgSFP3p9dXvA56sq61eFLJptCFwXwdt%2B%2F0sHXgPJNI"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5eeb11ed1c5f0629-FRA
content-encoding
br
Cookie set /
moneyonlineinvestment.com/ Frame 6301
Redirect Chain
  • https://moneyonlineinvestment.com/r/392367
  • https://moneyonlineinvestment.com/?a_aid=392367
0
0
Document
General
Full URL
https://moneyonlineinvestment.com/?a_aid=392367
Requested by
Host: www.adzbux.com
URL: http://www.adzbux.com/mass.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.210.110.189 , France, ASN12876 (Online SAS, FR),
Reverse DNS
62-210-110-189.rev.poneytelecom.eu
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

Host
moneyonlineinvestment.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.adzbux.com/mass.php
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://www.adzbux.com/mass.php

Response headers

Date
Sun, 08 Nov 2020 00:10:17 GMT
Server
Apache/2.4.18 (Ubuntu)
Set-Cookie
PHPSESSID=b3gg21dt6k7p2ivongkucoqgh5; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
25267
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sun, 08 Nov 2020 00:10:16 GMT
Server
Apache/2.4.18 (Ubuntu)
Location
https://moneyonlineinvestment.com/?a_aid=392367
Set-Cookie
track_referrer=type%3DC%26banner%3D0%26user%3D392367; expires=Mon, 08-Nov-2021 00:10:16 GMT; Max-Age=31536000; path=/ came_from_domain=adzbux.com; expires=Wed, 18-Nov-2020 00:10:16 GMT; Max-Age=864000; path=/
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
1267021
ad.a-ads.com/ Frame BFEF
0
0
Document
General
Full URL
http://ad.a-ads.com/1267021?size=200x200
Requested by
Host: www.adzbux.com
URL: http://www.adzbux.com/mass.php
Protocol
HTTP/1.1
Server
148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.118.53.251.148.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.adzbux.com/mass.php
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://www.adzbux.com/mass.php

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 08 Nov 2020 00:10:16 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger
X-Original-Referer
http://www.adzbux.com/mass.php
Content-Encoding
gzip
1302827
ad.a-ads.com/ Frame 6AA4
0
0
Document
General
Full URL
http://ad.a-ads.com/1302827?size=728x90
Requested by
Host: www.adzbux.com
URL: http://www.adzbux.com/mass.php
Protocol
HTTP/1.1
Server
148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.118.53.251.148.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.adzbux.com/mass.php
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://www.adzbux.com/mass.php

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 08 Nov 2020 00:10:16 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger
X-Original-Referer
http://www.adzbux.com/mass.php
Content-Encoding
gzip
1267016
ad.a-ads.com/ Frame CADB
0
0
Document
General
Full URL
http://ad.a-ads.com/1267016?size=160x600
Requested by
Host: www.adzbux.com
URL: http://www.adzbux.com/mass.php
Protocol
HTTP/1.1
Server
148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.118.53.251.148.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.adzbux.com/mass.php
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://www.adzbux.com/mass.php

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 08 Nov 2020 00:10:16 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger
X-Original-Referer
http://www.adzbux.com/mass.php
Content-Encoding
gzip
rotate.php
www.globalrotator.com/ Frame 9B04
0
0
Document
General
Full URL
https://www.globalrotator.com/rotate.php
Requested by
Host: www.adzbux.com
URL: http://www.adzbux.com/mass.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
www.globalrotator.com
:scheme
https
:path
/rotate.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.adzbux.com/mass.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://www.adzbux.com/mass.php

Response headers

status
200
date
Sun, 08 Nov 2020 00:10:18 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dcbc8fe82ef51466b6a3a0d99ec16fa7d1604794216; expires=Tue, 08-Dec-20 00:10:16 GMT; path=/; domain=.globalrotator.com; HttpOnly; SameSite=Lax
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0646c9897900003260861c7000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GNb0IECYSyEeH0RKx9BeZ17CAC2Ynjqg2n3IlPyUeuZqhpP8I%2BtJvqYkmknp%2Fcht1CW4rRS9%2B0hFvp7LxwnJiTfRdZyq6PdXCSdOrZyMNlX1LkD23fb%2BE2pO885m4lWSXB0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5eeb11ef2e3a3260-FRA
content-encoding
br
rotate.php
www.epicrotator.com/ Frame FD5E
0
0
Document
General
Full URL
https://www.epicrotator.com/rotate.php
Requested by
Host: www.adzbux.com
URL: http://www.adzbux.com/mass.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:2688 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
www.epicrotator.com
:scheme
https
:path
/rotate.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.adzbux.com/mass.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://www.adzbux.com/mass.php

Response headers

status
200
date
Sun, 08 Nov 2020 00:10:20 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d85f9d1dd3350041bfe002ff0365a722e1604794216; expires=Tue, 08-Dec-20 00:10:16 GMT; path=/; domain=.epicrotator.com; HttpOnly; SameSite=Lax __cf_bm=2ba39f25356ff9f1562b9ead56760258849c76e7-1604794220-1800-AeieB7rY59OSacfFjk/tRF8XoJF+qnv3f8zU74bFFRPD1QEPDkMICmdxqqVJ7KxHNKgHnWQnjJlcPnP7Jh5ViNo=; path=/; expires=Sun, 08-Nov-20 00:40:20 GMT; domain=.epicrotator.com; HttpOnly; Secure; SameSite=None
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0646c989e90000d72160861000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e%2BiInDtd8OI9hNk5V1SdoRjppR18Xqs1W%2Fbipe%2FqvnaQSIDEH9%2BQ4MNoJ3iBSJwQ7tp41DgGlOiGP6w1DL70xWr68J5NmCh0zyavrUOF0jgXD318acWaKkieHxz3wGKJ"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5eeb11efde98d721-FRA
content-encoding
br
rotate.php
www.randomadz.com/ Frame 3557
0
0
Document
General
Full URL
https://www.randomadz.com/rotate.php
Requested by
Host: www.adzbux.com
URL: http://www.adzbux.com/mass.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:393d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
www.randomadz.com
:scheme
https
:path
/rotate.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.adzbux.com/mass.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://www.adzbux.com/mass.php

Response headers

status
200
date
Sun, 08 Nov 2020 00:10:22 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d619c2437d57dda8f6b2661ac6a068d281604794217; expires=Tue, 08-Dec-20 00:10:17 GMT; path=/; domain=.randomadz.com; HttpOnly; SameSite=Lax __cf_bm=951b449bbf2972dbfa63b2c7d3796f0edbe5a962-1604794222-1800-AWwcRJQhOSDTdEiJQNbyjfVc7tYifO74UeWxx3pGQPPJnUokkxofuPPkgOlb+39vdvyGtLVWL0wuYRs6ZXSU3Os=; path=/; expires=Sun, 08-Nov-20 00:40:22 GMT; domain=.randomadz.com; HttpOnly; Secure; SameSite=None
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0646c98a90000005b3bbb3d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5JPd1YNTpHJLBuPap%2ByY5%2Bn4zYw44qKgqck6lyHZyhoP6z2Z2G%2BIYLCnQHTpHKbUstHrBHhm4HVmBRc9qxMiGH7xOeVbjYKcnzAdffVb3kvr%2FeWo8BA%2FY9RDDhGoEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5eeb11f0e95405b3-FRA
content-encoding
br
mass1.php
www.adzbux.com/ Frame 0028
0
0
Document
General
Full URL
https://www.adzbux.com/mass1.php
Requested by
Host: www.adzbux.com
URL: http://www.adzbux.com/mass.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:4b20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.adzbux.com
:scheme
https
:path
/mass1.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.adzbux.com/mass.php
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=dcbdd3cc8a88c86da757f6c828ee1c6e61604794214
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://www.adzbux.com/mass.php

Response headers

status
520
date
Sun, 08 Nov 2020 00:10:17 GMT
content-type
text/html; charset=UTF-8
set-cookie
cf_ob_info=520:5eeb11f23f000746:FRA; path=/; expires=Sun, 08-Nov-20 00:10:47 GMT cf_use_ob=443; path=/; expires=Sun, 08-Nov-20 00:10:47 GMT
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-ray
5eeb11f23f000746-FRA
server
cloudflare
mass1.php
www.adzbux.com/ Frame 93BE
0
0
Document
General
Full URL
https://www.adzbux.com/mass1.php
Requested by
Host: www.adzbux.com
URL: http://www.adzbux.com/mass.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:4b20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.adzbux.com
:scheme
https
:path
/mass1.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.adzbux.com/mass.php
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=dcbdd3cc8a88c86da757f6c828ee1c6e61604794214
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://www.adzbux.com/mass.php

Response headers

status
520
date
Sun, 08 Nov 2020 00:10:17 GMT
content-type
text/html; charset=UTF-8
set-cookie
cf_ob_info=520:5eeb11f29f6c0746:FRA; path=/; expires=Sun, 08-Nov-20 00:10:47 GMT cf_use_ob=443; path=/; expires=Sun, 08-Nov-20 00:10:47 GMT
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-ray
5eeb11f29f6c0746-FRA
server
cloudflare
collect
www.google-analytics.com/j/
2 B
65 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=856247198&t=pageview&_s=1&dl=http%3A%2F%2Fwww.adzbux.com%2Fmass.php&ul=en-us&de=UTF-8&dt=Adzbux%20PTP!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2128537690&gjid=1436902704&cid=348378299.1604794218&tid=UA-73762604-1&_gid=1760760129.1604794218&_r=1&_slc=1&z=1403521817
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Nov 2020 00:10:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
http://www.adzbux.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| trustedTypes string| GoogleAnalyticsObject function| ga object| a string| b string| c string| f string| g string| h function| j undefined| k object| google_tag_data object| gaplugins object| gaGlobal object| gaData

7 Cookies

Domain/Path Name / Value
sonar.semantiqo.com/ Name: semantiqo_a
Value: 5efaf5c40e55403faa614826d54ac6fc
.livechatinc.com/licence/4817491 Name: __livechat
Value: lc_all_invitation%3D0%26lc_auto_invites_shown%3D%26lc_chat_number%3D0%26lc_client_version%3D%26lc_goals_achieved%3D%26lc_integration_params%3D%26lc_lang%3Den%26lc_last_chat_start_time%3D0%26lc_last_conference_id%3D%26lc_last_operator_id%3D%26lc_last_operator_key%3D%26lc_last_operator_key_per_skill%3D%26lc_last_operator_per_skill%3D%26lc_last_visit%3D1604794232%26lc_nick%3D%26lc_ok_invitation%3D0%26lc_page_view%3D0%26lc_session%3DS1604794232.ef33a89cca%26lc_visit_number%3D0%26mcid%3D%26mcid_done%3D0
.bizoninvest.com/ Name: _ym_visorc_34419845
Value: w
.facebook.com/ Name: fr
Value: 0Y7XBs4N1BRpb1KPI..Bfpzd4...1.0.Bfpzd4.
.bizoninvest.com/ Name: _ym_isad
Value: 2
.bizoninvest.com/ Name: _ym_d
Value: 1604794228
.bizoninvest.com/ Name: _ym_uid
Value: 1604794228463571048