urlscan.io logo urlscan.io
SecurityTrails logo

cpxtri.com Open in urlscan Pro
50.28.0.84  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://speedflow.io/adult/?a=rr
Effective URL: http://cpxtri.com/redirect?sid=77836
Submission Tags: demotag1 demotag2 Search All
Submission: On November 15 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 6 countries across 14 domains to perform 21 HTTP transactions. The main IP is 50.28.0.84, located in Lansing, United States and belongs to LIQUIDWEB, US. The main domain is cpxtri.com.
This is the only time cpxtri.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 198.54.116.135 22612 (NAMECHEAP...)
2 7 107.170.39.103 14061 (DIGITALOC...)
1 3 185.94.236.21 42567 (MOJHOST-EU)
1 5.9.10.165 24940 (HETZNER-AS)
2 52.86.12.80 14618 (AMAZON-AES)
1 35.190.72.161 15169 (GOOGLE)
1 2a04:4e42:3::621 54113 (FASTLY)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 95.179.157.240 20473 (AS-CHOOPA)
2 3 77.222.40.109 44112 (SWEB-AS)
1 2 51.15.144.21 12876 (Online SAS)
2 51.15.144.27 12876 (Online SAS)
3 50.28.0.84 32244 (LIQUIDWEB)
21 12
1    198.54.116.135 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server193-5.web-hosting.com
speedflow.io
7    107.170.39.103 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
traffdaq.com
3    185.94.236.21 (Netherlands)

ASN42567 (MOJHOST-EU, NL)
poweredby.jads.co
1    5.9.10.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.10.9.5.clients.your-server.de
acceptable.a-ads.com
2    52.86.12.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-12-80.compute-1.amazonaws.com
cors-anywhere.herokuapp.com
1    35.190.72.161 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com
c.securepaths.com
1    2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700:3035::ac43:88d2 (United States)

ASN13335 (CLOUDFLARENET, US)
ptp.party
1    95.179.157.240 (Amsterdam, Netherlands)

ASN20473 (AS-CHOOPA, US)
neon.today
3    77.222.40.109 (Russian Federation)

ASN44112 (SWEB-AS, RU)
PTR: vh286.sweb.ru
egorgolf.online
2    51.15.144.21 (France)

ASN12876 (Online SAS, FR)
di7stero.com
2    51.15.144.27 (France)

ASN12876 (Online SAS, FR)
co1linesu.ru
3    50.28.0.84 (Lansing, United States)

ASN32244 (LIQUIDWEB, US)
adskpak.com
cpxtri.com
Domain Requested by
7 traffdaq.com 2 redirects speedflow.io
traffdaq.com
3 egorgolf.online 2 redirects traffdaq.com
3 poweredby.jads.co 1 redirects poweredby.jads.co
2 cpxtri.com adskpak.com
2 co1linesu.ru di7stero.com
2 di7stero.com 1 redirects egorgolf.online
2 cors-anywhere.herokuapp.com speedflow.io
1 adskpak.com di7stero.com
1 neon.today 1 redirects
1 ptp.party 1 redirects
1 cdn.jsdelivr.net traffdaq.com
1 c.securepaths.com traffdaq.com
1 acceptable.a-ads.com speedflow.io
1 speedflow.io
21 14

This site contains no links.

Subject Issuer Validity Valid
traffdaq.com
Let's Encrypt Authority X3		 2020-10-31 -
2021-01-29		 3 months crt.sh
*.jads.co
Sectigo RSA Domain Validation Secure Server CA		 2019-12-01 -
2020-11-30		 a year crt.sh
*.herokuapp.com
DigiCert SHA2 High Assurance Server CA		 2020-06-15 -
2021-07-07		 a year crt.sh
*.securepaths.com
Let's Encrypt Authority X3		 2020-09-22 -
2020-12-21		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh
egorgolf.online
Encryption Everywhere DV TLS CA - G1		 2020-04-30 -
2021-05-01		 a year crt.sh

This page contains 5 frames:

Frame: http://cpxtri.com/redirect?cid=iZfhKwWkJa&http_referer=&sid=77836&subid=&s3=&299e3c81bf2c2443dfd9662ca4050d19=1&rr=1&id=&t=1605398428&hrf=MKJe9NgaU5gWhUEovFC9WSJ6ysu3rEvPHBVlRDbwqNyKqKoyW8Q%3D&iwx=1600&iwy=1200&owx=1600&owy=1200&isph=1&pbc=0&fp=null&hf=1&op=1&pd=24&tp=%3F&xd=%3F&yd=%3F&pl=0&mt=0&sw=1600&sh=1200&fw=1600&fh=1200&pw=0&ph=0&ow=1600x1200&iw=1600x1200&sd=24&ifr=0&coo=1&m=0&hr=3&ab=1&ua=%257B%2522ef%2522%253A%25224g%2522%252C%2522rtt%2522%253A0%252C%2522down%2522%253A10%252C%2522save%2522%253Afalse%257D&npl=Linux+x86_64&ncpu=%3F&nhc=16&gtz=-60&nba=1&nbt=0&nve=Google+Inc.&vapp=Netscape&napv=5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&ss=1&ls=1&bl=en-US&sl=undefined&dr=%3F&is=-1608825996&wc=undefined&msy=undefined&ddm=undefined&ps=20030107&st=1&sp=undefined&mob=0&ifp1=0&ifp2=0&wn=&nap=0&ind=1&opd=1&dab=0&nsb=1&chk1=0&chk2=1&chk3=0&chk4=0
Frame ID: 8B0308985ADA5768874C1EC12E531B53
Requests: 16 HTTP requests in this frame

Frame: http://acceptable.a-ads.com/1508167
Frame ID: 55F428399E797DFC4928B35034CB1868
Requests: 1 HTTP requests in this frame

Frame: https://traffdaq.com/delivery/dl/47382?category=general
Frame ID: 19A8804AEF971F1DA06435E10D5678BD
Requests: 1 HTTP requests in this frame

Frame: http://poweredby.jads.co/adshow.php?adzone=880307
Frame ID: AB9FD4C10B8329C685C42FA47B191BA2
Requests: 1 HTTP requests in this frame

Frame: http://poweredby.jads.co/adshow.php?adzone=880307
Frame ID: 9243D95BE58BFEA3C2C9775604F14C79
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://speedflow.io/adult/?a=rr Page URL
  2. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkFBbGtwRkV2VWk0OXFrbldWQ1AyN2c9PSIsI... Page URL
  3. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkpRalQ3cDh6OWxubVh6dGE5bFdwQmc9PSIsI... Page URL
  4. https://ptp.party/13039 HTTP 301
    https://neon.today/ptp/i/13039 HTTP 302
    https://egorgolf.online/x HTTP 301
    http://egorgolf.online/x/ HTTP 301
    https://egorgolf.online/x/ Page URL
  5. http://di7stero.com/cs?wsa=5f3acdcf4cc03124827530 Page URL
  6. http://di7stero.com/rs?tmp_uid=fb8b3d5d0a5cfcb8a105bc59e960c49b&wsa=5f3acdcf4cc03124827530&r=js&... HTTP 302
    http://adskpak.com/redirect?sid=77836 Page URL
  7. http://cpxtri.com/redirect?sid=77836 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

21
Requests

52 %
HTTPS

15 %
IPv6

14
Domains

14
Subdomains

12
IPs

6
Countries

68 kB
Transfer

101 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://speedflow.io/adult/?a=rr Page URL
  2. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkFBbGtwRkV2VWk0OXFrbldWQ1AyN2c9PSIsInZhbHVlIjoiMWJKM29rbE1oaDluRTZHUXloeGx3S0xjSWRsM3dSXC90MTVpQkRNUEpjQzRST0FoNUNzNWcwNnI4SjZLMkxJREVVVTFQaWRoVGlvaWNJZHZGVHl1NHpoRUxkZkJoMVNmXC9iRVRoalk4cFI3aERhZXNzWFRqcHVWdnlMQXB4N3BHaWN3QVBzek83NWJcL3JWcFJUYTRLU202ZDkwVWtONFloZzA4TmxhTnp5OEpTSUtnRkZVM0pWamZ6WllWS3ZYOGdBZzhGcEhcL0NMOXRcLzJaQnVqQUFTaklnPT0iLCJtYWMiOiJhMTBiMzZmZjlmNzhkNzNjZGFlNjFhZjFmMTVkNzUzY2UzMDAyNzQwMDczNTEzZTU5Y2M1YjczODlkMjlmYWU1In0%3D Page URL
  3. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkpRalQ3cDh6OWxubVh6dGE5bFdwQmc9PSIsInZhbHVlIjoiM2xHQmh2aXdZTThRVjJkWktkK0lrcDVMUkNybzhBTXh5XC9DeTBLMFZyS21ZVHFvUnlvdGtlQ0FSN05NSmpxWnc4NUF3NTg2Nlcrb05rU1k5RFJGZGEyMVZwYWJnTmNTTGMzUk44eXkyY2c0Rnp6TDF5VUt5cjZudVQ0aE9QVzdjdmFSK2pWc3l4b2k2Z0MybE9MUzVTaDBrRFFzXC9PTVBwQWN3eTVqZFhxejQyM1Y4N3hGRkhiWWFvUmkzMkNBSVRuV3kyNXNYZzNcL3p5WFNPcllhSGw5Y1RXMWozdHBpU01kM29Jck5pbzhxNFN0UklVbTRpeHlSMmxrRHE2dExFdVBZdElXV1NzQmIyVVdka2tNZnVXXC9qaFZUa0RFNXlQYkQyaTR0Q0lSVU9NSWUrWGg4YU1Bc3oxXC9TXC9MN0JwTHMiLCJtYWMiOiJhZWU1MGNiNWFiY2RkMDdhMjJkYzU0Y2ZlODVlYzE2NDc1MzQ4OTc2YWU4YWFlY2U4MTY5MDhiYTdlYTg1ZGUyIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8 Page URL
  4. https://ptp.party/13039 HTTP 301
    https://neon.today/ptp/i/13039 HTTP 302
    https://egorgolf.online/x HTTP 301
    http://egorgolf.online/x/ HTTP 301
    https://egorgolf.online/x/ Page URL
  5. http://di7stero.com/cs?wsa=5f3acdcf4cc03124827530 Page URL
  6. http://di7stero.com/rs?tmp_uid=fb8b3d5d0a5cfcb8a105bc59e960c49b&wsa=5f3acdcf4cc03124827530&r=js&utm_source=script HTTP 302
    http://adskpak.com/redirect?sid=77836 Page URL
  7. http://cpxtri.com/redirect?sid=77836 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://traffdaq.com/delivery/pu/47382?category=bbw HTTP 301
  • https://traffdaq.com/delivery/pu/47382?category=bbw
Request Chain 2
  • https://poweredby.jads.co/js/jads.js HTTP 301
  • https://poweredby.jads.co/js/jads2.js
Request Chain 5
  • http://traffdaq.com/delivery/dl/47382?category=general HTTP 301
  • https://traffdaq.com/delivery/dl/47382?category=general
Request Chain 14
  • https://ptp.party/13039 HTTP 301
  • https://neon.today/ptp/i/13039 HTTP 302
  • https://egorgolf.online/x HTTP 301
  • http://egorgolf.online/x/ HTTP 301
  • https://egorgolf.online/x/
Request Chain 18
  • http://di7stero.com/rs?tmp_uid=fb8b3d5d0a5cfcb8a105bc59e960c49b&wsa=5f3acdcf4cc03124827530&r=js&utm_source=script HTTP 302
  • http://adskpak.com/redirect?sid=77836

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
speedflow.io/adult/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Server
198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server193-5.web-hosting.com
Software
Apache / PHP/7.1.33
Resource Hash
bd68392e97d662d3eab1b5afc1731cae8e1c48091dc9632c50c34e470d159745

Request headers

Host
speedflow.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr

Response headers

date
Sun, 15 Nov 2020 00:00:18 GMT
server
Apache
x-powered-by
PHP/7.1.33
set-cookie
visits_todaya=1; expires=Sun, 15-Nov-2020 22:59:00 GMT; Max-Age=82722; path=/ country=++ visits_todayi=0; expires=Sun, 15-Nov-2020 22:59:00 GMT; Max-Age=82722; path=/
vary
Accept-Encoding
content-encoding
gzip
content-length
857
content-type
text/html; charset=UTF-8
47382
traffdaq.com/delivery/pu/
Redirect Chain
  • http://traffdaq.com/delivery/pu/47382?category=bbw
  • https://traffdaq.com/delivery/pu/47382?category=bbw
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://traffdaq.com/delivery/pu/47382?category=bbw
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash
44f46a62b51c4e0590466e8f25d510d33b75775627775430f03b274f222eead2

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:20 GMT
Content-Encoding
gzip
Server
nginx/1.16.1 (Ubuntu)
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Location
https://traffdaq.com/delivery/pu/47382?category=bbw
Connection
close
Content-length
0
jads2.js
poweredby.jads.co/js/
Redirect Chain
  • https://poweredby.jads.co/js/jads.js
  • https://poweredby.jads.co/js/jads2.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/js/jads2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.21 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Dec 2019 19:07:38 GMT
Server
nginx
ETag
W/"5e0261fa-eae"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
close

Redirect headers

Location
jads2.js
Date
Sun, 15 Nov 2020 00:00:20 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
1508167
acceptable.a-ads.com/ Frame 55F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://acceptable.a-ads.com/1508167
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
acceptable.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 15 Nov 2020 00:00:20 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger
X-Original-Referer
http://speedflow.io/
Content-Encoding
gzip
47382
cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/47382?category=bbw
Protocol
HTTP/1.1
Server
52.86.12.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-12-80.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-requested-with
Origin
http://speedflow.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
Cowboy
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Access-Control-Allow-Headers
x-requested-with
Access-Control-Expose-Headers
access-control-allow-origin,access-control-allow-methods,access-control-allow-headers
Date
Sun, 15 Nov 2020 00:00:20 GMT
Transfer-Encoding
chunked
Via
1.1 vegur
47382
traffdaq.com/delivery/dl/ Frame 19A8
Redirect Chain
  • http://traffdaq.com/delivery/dl/47382?category=general
  • https://traffdaq.com/delivery/dl/47382?category=general
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://traffdaq.com/delivery/dl/47382?category=general
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Host
traffdaq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/

Response headers

Server
nginx/1.16.1 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Cache-Control
no-cache
Date
Sun, 15 Nov 2020 00:00:21 GMT
Content-Encoding
gzip

Redirect headers

Content-length
0
Location
https://traffdaq.com/delivery/dl/47382?category=general
Connection
close
47382
cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/47382?category=bbw
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.12.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-12-80.compute-1.amazonaws.com
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With
XMLHttpRequest

Response headers

Date
Sun, 15 Nov 2020 00:00:20 GMT
Content-Encoding
gzip
Server
nginx/1.16.1 (Ubuntu)
X-Request-Url
http://traffdaq.com/delivery/pu/47382?category=bbw
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
server,date,content-type,transfer-encoding,connection,content-encoding,x-final-url,access-control-allow-origin
Connection
keep-alive
X-Cors-Redirect-1
301 https://traffdaq.com/delivery/pu/47382?category=bbw
X-Final-Url
https://traffdaq.com/delivery/pu/47382?category=bbw
Via
1.1 vegur
47382
traffdaq.com/delivery/directlink/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkFBbGtwRkV2VWk0OXFrbldWQ1AyN2c9PSIsInZhbHVlIjoiMWJKM29rbE1oaDluRTZHUXloeGx3S0xjSWRsM3dSXC90MTVpQkRNUEpjQzRST0FoNUNzNWcwNnI4SjZLMkxJREVVVTFQaWRoVGlvaWNJZHZGVHl1NHpoRUxkZkJoMVNmXC9iRVRoalk4cFI3aERhZXNzWFRqcHVWdnlMQXB4N3BHaWN3QVBzek83NWJcL3JWcFJUYTRLU202ZDkwVWtONFloZzA4TmxhTnp5OEpTSUtnRkZVM0pWamZ6WllWS3ZYOGdBZzhGcEhcL0NMOXRcLzJaQnVqQUFTaklnPT0iLCJtYWMiOiJhMTBiMzZmZjlmNzhkNzNjZGFlNjFhZjFmMTVkNzUzY2UzMDAyNzQwMDczNTEzZTU5Y2M1YjczODlkMjlmYWU1In0%3D
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash
ab579fdb72e099ed44b245fc67d0ff0b741b540b2b219b95d123e7d218780d81

Request headers

Host
traffdaq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
laravel_session=eyJpdiI6IjJcL3MzRTdLdmNFTExIT1krVU1WY3lnPT0iLCJ2YWx1ZSI6IjZMN0tCQUxxRlVlbXFMdDdhSitqTXdFZXlQMWtMdjQwcmpjUzJobFcwSUxRdkJOWExPQ0tubnRiWHFZRnJCZHZIb2ZLS3ZUYVdSMDN1NW8yM1V3WXZBPT0iLCJtYWMiOiJjMjEwN2I4NjE1MmVhNmJiM2UzNjhiZmE3ZGEyZjNiYjQ0MGRkZThkZGE1NjI3Mzc0ZGZmY2E2OTQzN2Q5Y2RhIn0%3D; referrer=eyJpdiI6Ilp3Y1VMUXpRUEZXR0ZHR3V6eDNYNnc9PSIsInZhbHVlIjoiQU05WnNNaGVHaEJPSVhsTTQzald5Y2ZBR1Nnc2xnaitrcjRyRDZOZERQSXRpdFRLTVNYS1kya1FIOFB3ekZMTiIsIm1hYyI6IjI5YmQ3NjI3ZmU0MTY5MTYxMjY3NDE4N2NkMTIxMDc1MmZlYzk0NzRmOWRmY2I4OTA0NTMwMWVkYWZmNzkyNTIifQ%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/

Response headers

Server
nginx/1.16.1 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Cache-Control
no-cache
Date
Sun, 15 Nov 2020 00:00:21 GMT
Content-Encoding
gzip
adshow.php
poweredby.jads.co/ Frame AB9F 		0
0
Cookie set adshow.php
poweredby.jads.co/ Frame 9243 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://poweredby.jads.co/adshow.php?adzone=880307
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol
HTTP/1.1
Server
185.94.236.21 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.38
Resource Hash

Request headers

Host
poweredby.jads.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/

Response headers

Server
nginx
Date
Sun, 15 Nov 2020 00:00:21 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.38
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie
surferid=4e1cfbfc553a16d8f272f1459e1b583e; expires=Mon, 15-Nov-2021 00:00:21 GMT; Max-Age=31536000; path=/; domain=.juicyads.com imps8915=1; expires=Mon, 16-Nov-2020 00:00:21 GMT; Max-Age=86400; path=/; domain=.juicyads.com juicy_data_1=YToxOntpOjEwODI3MDM7aToxNjA1NjU3NjIxO30%3D; expires=Wed, 18-Nov-2020 00:00:21 GMT; Max-Age=259200; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 18-Nov-2020 00:00:21 GMT; Max-Age=259200; domain=juicyads.com
Content-Encoding
gzip
eyJpdiI6IkVoOGEweHYyejJmWng3RGdKbVBWMkE9PSIsInZhbHVlIjoiZDU5OUN5Y2dvaTBFVThuN0dVam14c1U2aUxnZkhBdlFYS1ZVaXdtUGc3VkJDTzVkOG5Kc1QyWEdWZDVEWFBoQlpMYkJGSUF4SUE5Y25DQ0Z0SUVKZVE9PSIsIm1hYyI6Ijk2N2Q0ZDAyZ...
traffdaq.com/users/track/ 		0
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://traffdaq.com/users/track/eyJpdiI6IkVoOGEweHYyejJmWng3RGdKbVBWMkE9PSIsInZhbHVlIjoiZDU5OUN5Y2dvaTBFVThuN0dVam14c1U2aUxnZkhBdlFYS1ZVaXdtUGc3VkJDTzVkOG5Kc1QyWEdWZDVEWFBoQlpMYkJGSUF4SUE5Y25DQ0Z0SUVKZVE9PSIsIm1hYyI6Ijk2N2Q0ZDAyZDA1YzYwNGZmODhlYzkxMThiMGQ2MTQ4YzZhNTMwOTU0ZDBhMTA3YzhkZDAyNDVhNGU4MGQxZmMifQ%3D%3D
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkFBbGtwRkV2VWk0OXFrbldWQ1AyN2c9PSIsInZhbHVlIjoiMWJKM29rbE1oaDluRTZHUXloeGx3S0xjSWRsM3dSXC90MTVpQkRNUEpjQzRST0FoNUNzNWcwNnI4SjZLMkxJREVVVTFQaWRoVGlvaWNJZHZGVHl1NHpoRUxkZkJoMVNmXC9iRVRoalk4cFI3aERhZXNzWFRqcHVWdnlMQXB4N3BHaWN3QVBzek83NWJcL3JWcFJUYTRLU202ZDkwVWtONFloZzA4TmxhTnp5OEpTSUtnRkZVM0pWamZ6WllWS3ZYOGdBZzhGcEhcL0NMOXRcLzJaQnVqQUFTaklnPT0iLCJtYWMiOiJhMTBiMzZmZjlmNzhkNzNjZGFlNjFhZjFmMTVkNzUzY2UzMDAyNzQwMDczNTEzZTU5Y2M1YjczODlkMjlmYWU1In0%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:22 GMT
Cache-Control
no-cache
Server
nginx/1.16.1 (Ubuntu)
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
implement.js
c.securepaths.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://c.securepaths.com/js/implement.js?org=FziBhN0qA1aE5tBQrQLl&s=5fb06f949fb93&p=TDQ47382&a=47382&cmp=47382&rd=http%3A%2F%2Fspeedflow.io%2F&rt=click&sl=0&stId=0&ty=l
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkFBbGtwRkV2VWk0OXFrbldWQ1AyN2c9PSIsInZhbHVlIjoiMWJKM29rbE1oaDluRTZHUXloeGx3S0xjSWRsM3dSXC90MTVpQkRNUEpjQzRST0FoNUNzNWcwNnI4SjZLMkxJREVVVTFQaWRoVGlvaWNJZHZGVHl1NHpoRUxkZkJoMVNmXC9iRVRoalk4cFI3aERhZXNzWFRqcHVWdnlMQXB4N3BHaWN3QVBzek83NWJcL3JWcFJUYTRLU202ZDkwVWtONFloZzA4TmxhTnp5OEpTSUtnRkZVM0pWamZ6WllWS3ZYOGdBZzhGcEhcL0NMOXRcLzJaQnVqQUFTaklnPT0iLCJtYWMiOiJhMTBiMzZmZjlmNzhkNzNjZGFlNjFhZjFmMTVkNzUzY2UzMDAyNzQwMDczNTEzZTU5Y2M1YjczODlkMjlmYWU1In0%3D
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Nov 2020 00:00:21 GMT
via
1.1 google
status
401
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
x-xss-protection
0
expires
0
fingerprint2.min.js
cdn.jsdelivr.net/fingerprintjs2/1.4.0/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/fingerprintjs2/1.4.0/fingerprint2.min.js
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkFBbGtwRkV2VWk0OXFrbldWQ1AyN2c9PSIsInZhbHVlIjoiMWJKM29rbE1oaDluRTZHUXloeGx3S0xjSWRsM3dSXC90MTVpQkRNUEpjQzRST0FoNUNzNWcwNnI4SjZLMkxJREVVVTFQaWRoVGlvaWNJZHZGVHl1NHpoRUxkZkJoMVNmXC9iRVRoalk4cFI3aERhZXNzWFRqcHVWdnlMQXB4N3BHaWN3QVBzek83NWJcL3JWcFJUYTRLU202ZDkwVWtONFloZzA4TmxhTnp5OEpTSUtnRkZVM0pWamZ6WllWS3ZYOGdBZzhGcEhcL0NMOXRcLzJaQnVqQUFTaklnPT0iLCJtYWMiOiJhMTBiMzZmZjlmNzhkNzNjZGFlNjFhZjFmMTVkNzUzY2UzMDAyNzQwMDczNTEzZTU5Y2M1YjczODlkMjlmYWU1In0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1482411
x-cache
HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
10191
etag
W/"83f3-ijg3WuTgKQH1Hch06eHdIajrA24"
x-served-by
cache-fra19142-FRA
date
Sun, 15 Nov 2020 00:00:21 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
47382
traffdaq.com/delivery/directlink/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkpRalQ3cDh6OWxubVh6dGE5bFdwQmc9PSIsInZhbHVlIjoiM2xHQmh2aXdZTThRVjJkWktkK0lrcDVMUkNybzhBTXh5XC9DeTBLMFZyS21ZVHFvUnlvdGtlQ0FSN05NSmpxWnc4NUF3NTg2Nlcrb05rU1k5RFJGZGEyMVZwYWJnTmNTTGMzUk44eXkyY2c0Rnp6TDF5VUt5cjZudVQ0aE9QVzdjdmFSK2pWc3l4b2k2Z0MybE9MUzVTaDBrRFFzXC9PTVBwQWN3eTVqZFhxejQyM1Y4N3hGRkhiWWFvUmkzMkNBSVRuV3kyNXNYZzNcL3p5WFNPcllhSGw5Y1RXMWozdHBpU01kM29Jck5pbzhxNFN0UklVbTRpeHlSMmxrRHE2dExFdVBZdElXV1NzQmIyVVdka2tNZnVXXC9qaFZUa0RFNXlQYkQyaTR0Q0lSVU9NSWUrWGg4YU1Bc3oxXC9TXC9MN0JwTHMiLCJtYWMiOiJhZWU1MGNiNWFiY2RkMDdhMjJkYzU0Y2ZlODVlYzE2NDc1MzQ4OTc2YWU4YWFlY2U4MTY5MDhiYTdlYTg1ZGUyIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkFBbGtwRkV2VWk0OXFrbldWQ1AyN2c9PSIsInZhbHVlIjoiMWJKM29rbE1oaDluRTZHUXloeGx3S0xjSWRsM3dSXC90MTVpQkRNUEpjQzRST0FoNUNzNWcwNnI4SjZLMkxJREVVVTFQaWRoVGlvaWNJZHZGVHl1NHpoRUxkZkJoMVNmXC9iRVRoalk4cFI3aERhZXNzWFRqcHVWdnlMQXB4N3BHaWN3QVBzek83NWJcL3JWcFJUYTRLU202ZDkwVWtONFloZzA4TmxhTnp5OEpTSUtnRkZVM0pWamZ6WllWS3ZYOGdBZzhGcEhcL0NMOXRcLzJaQnVqQUFTaklnPT0iLCJtYWMiOiJhMTBiMzZmZjlmNzhkNzNjZGFlNjFhZjFmMTVkNzUzY2UzMDAyNzQwMDczNTEzZTU5Y2M1YjczODlkMjlmYWU1In0%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Host
traffdaq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkFBbGtwRkV2VWk0OXFrbldWQ1AyN2c9PSIsInZhbHVlIjoiMWJKM29rbE1oaDluRTZHUXloeGx3S0xjSWRsM3dSXC90MTVpQkRNUEpjQzRST0FoNUNzNWcwNnI4SjZLMkxJREVVVTFQaWRoVGlvaWNJZHZGVHl1NHpoRUxkZkJoMVNmXC9iRVRoalk4cFI3aERhZXNzWFRqcHVWdnlMQXB4N3BHaWN3QVBzek83NWJcL3JWcFJUYTRLU202ZDkwVWtONFloZzA4TmxhTnp5OEpTSUtnRkZVM0pWamZ6WllWS3ZYOGdBZzhGcEhcL0NMOXRcLzJaQnVqQUFTaklnPT0iLCJtYWMiOiJhMTBiMzZmZjlmNzhkNzNjZGFlNjFhZjFmMTVkNzUzY2UzMDAyNzQwMDczNTEzZTU5Y2M1YjczODlkMjlmYWU1In0%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
referrer=eyJpdiI6Ilp3Y1VMUXpRUEZXR0ZHR3V6eDNYNnc9PSIsInZhbHVlIjoiQU05WnNNaGVHaEJPSVhsTTQzald5Y2ZBR1Nnc2xnaitrcjRyRDZOZERQSXRpdFRLTVNYS1kya1FIOFB3ekZMTiIsIm1hYyI6IjI5YmQ3NjI3ZmU0MTY5MTYxMjY3NDE4N2NkMTIxMDc1MmZlYzk0NzRmOWRmY2I4OTA0NTMwMWVkYWZmNzkyNTIifQ%3D%3D; tdqct=1; laravel_session=eyJpdiI6IlBTNGswK0dnREdKR3U5eWNYcjE4R2c9PSIsInZhbHVlIjoiYXZFek12K0Nldmg0WWpYbVJvN0w2OGptRzRyRFdlcDFnSmNLMGg2R1NhZkxPd1RtUzd3YjB2SnRyN3pTWER1YzRQYjc1Mlwvd3RQTnFQbEQrYThUYkpnPT0iLCJtYWMiOiI3YWQ3ZjE2ZmZkODBlOGUxOTliMDc1NzkwZjhiY2Q0MDc3NzJmMzQxNmYzMDhlYmI5NmY1MDI5MGY3YzRmMmUxIn0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkFBbGtwRkV2VWk0OXFrbldWQ1AyN2c9PSIsInZhbHVlIjoiMWJKM29rbE1oaDluRTZHUXloeGx3S0xjSWRsM3dSXC90MTVpQkRNUEpjQzRST0FoNUNzNWcwNnI4SjZLMkxJREVVVTFQaWRoVGlvaWNJZHZGVHl1NHpoRUxkZkJoMVNmXC9iRVRoalk4cFI3aERhZXNzWFRqcHVWdnlMQXB4N3BHaWN3QVBzek83NWJcL3JWcFJUYTRLU202ZDkwVWtONFloZzA4TmxhTnp5OEpTSUtnRkZVM0pWamZ6WllWS3ZYOGdBZzhGcEhcL0NMOXRcLzJaQnVqQUFTaklnPT0iLCJtYWMiOiJhMTBiMzZmZjlmNzhkNzNjZGFlNjFhZjFmMTVkNzUzY2UzMDAyNzQwMDczNTEzZTU5Y2M1YjczODlkMjlmYWU1In0%3D

Response headers

Server
nginx/1.16.1 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Cache-Control
no-cache
Date
Sun, 15 Nov 2020 00:00:25 GMT
Content-Encoding
gzip
/
egorgolf.online/x/
Redirect Chain
  • https://ptp.party/13039
  • https://neon.today/ptp/i/13039
  • https://egorgolf.online/x
  • http://egorgolf.online/x/
  • https://egorgolf.online/x/
101 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://egorgolf.online/x/
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkpRalQ3cDh6OWxubVh6dGE5bFdwQmc9PSIsInZhbHVlIjoiM2xHQmh2aXdZTThRVjJkWktkK0lrcDVMUkNybzhBTXh5XC9DeTBLMFZyS21ZVHFvUnlvdGtlQ0FSN05NSmpxWnc4NUF3NTg2Nlcrb05rU1k5RFJGZGEyMVZwYWJnTmNTTGMzUk44eXkyY2c0Rnp6TDF5VUt5cjZudVQ0aE9QVzdjdmFSK2pWc3l4b2k2Z0MybE9MUzVTaDBrRFFzXC9PTVBwQWN3eTVqZFhxejQyM1Y4N3hGRkhiWWFvUmkzMkNBSVRuV3kyNXNYZzNcL3p5WFNPcllhSGw5Y1RXMWozdHBpU01kM29Jck5pbzhxNFN0UklVbTRpeHlSMmxrRHE2dExFdVBZdElXV1NzQmIyVVdka2tNZnVXXC9qaFZUa0RFNXlQYkQyaTR0Q0lSVU9NSWUrWGg4YU1Bc3oxXC9TXC9MN0JwTHMiLCJtYWMiOiJhZWU1MGNiNWFiY2RkMDdhMjJkYzU0Y2ZlODVlYzE2NDc1MzQ4OTc2YWU4YWFlY2U4MTY5MDhiYTdlYTg1ZGUyIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
77.222.40.109 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh286.sweb.ru
Software
nginx/1.19.1 / PHP/7.1.33
Resource Hash

Request headers

:method
GET
:authority
egorgolf.online
:scheme
https
:path
/x/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkpRalQ3cDh6OWxubVh6dGE5bFdwQmc9PSIsInZhbHVlIjoiM2xHQmh2aXdZTThRVjJkWktkK0lrcDVMUkNybzhBTXh5XC9DeTBLMFZyS21ZVHFvUnlvdGtlQ0FSN05NSmpxWnc4NUF3NTg2Nlcrb05rU1k5RFJGZGEyMVZwYWJnTmNTTGMzUk44eXkyY2c0Rnp6TDF5VUt5cjZudVQ0aE9QVzdjdmFSK2pWc3l4b2k2Z0MybE9MUzVTaDBrRFFzXC9PTVBwQWN3eTVqZFhxejQyM1Y4N3hGRkhiWWFvUmkzMkNBSVRuV3kyNXNYZzNcL3p5WFNPcllhSGw5Y1RXMWozdHBpU01kM29Jck5pbzhxNFN0UklVbTRpeHlSMmxrRHE2dExFdVBZdElXV1NzQmIyVVdka2tNZnVXXC9qaFZUa0RFNXlQYkQyaTR0Q0lSVU9NSWUrWGg4YU1Bc3oxXC9TXC9MN0JwTHMiLCJtYWMiOiJhZWU1MGNiNWFiY2RkMDdhMjJkYzU0Y2ZlODVlYzE2NDc1MzQ4OTc2YWU4YWFlY2U4MTY5MDhiYTdlYTg1ZGUyIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Response headers

status
200
server
nginx/1.19.1
date
Sun, 15 Nov 2020 00:00:27 GMT
content-type
text/html; charset=UTF-8
content-length
101
x-powered-by
PHP/7.1.33

Redirect headers

Server
nginx/1.19.1
Date
Sun, 15 Nov 2020 00:00:26 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
340
Connection
keep-alive
Keep-Alive
timeout=10
Location
https://egorgolf.online/x/
Cookie set cs
di7stero.com/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://di7stero.com/cs?wsa=5f3acdcf4cc03124827530
Requested by
Host: egorgolf.online
URL: https://egorgolf.online/x/
Protocol
HTTP/1.1
Server
51.15.144.21 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
/
Resource Hash
8ea80f64cc3b072948f71525ae7119f7a0d14b8eaa4f18fcf74b91718328e459
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Host
di7stero.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr

Response headers

Date
Sun, 15 Nov 2020 00:00:27 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Referrer-Policy
unsafe-url
Set-Cookie
_mycpm_vid=v2_e51a395398ba1a36c994c1603f63246e; Path=/; Expires=Wed, 13 Nov 2030 00:00:27 GMT
X-Frame-Options
DENY
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Encoding
gzip
cookie.js
co1linesu.ru/ 		74 B
626 B 		Script
General
Check archive.org
Download Go to
Full URL
http://co1linesu.ru/cookie.js?callback=__MYCPM.onNewCookie
Requested by
Host: di7stero.com
URL: http://di7stero.com/cs?wsa=5f3acdcf4cc03124827530
Protocol
HTTP/1.1
Server
51.15.144.27 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 15 Nov 2020 00:00:27 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
sticky.gif
co1linesu.ru/ 		35 B
522 B 		Other
General
Check archive.org
Download Go to
Full URL
http://co1linesu.ru/sticky.gif?vid=v2_e51a395398ba1a36c994c1603f63246e
Requested by
Host: di7stero.com
URL: http://di7stero.com/cs?wsa=5f3acdcf4cc03124827530
Protocol
HTTP/1.1
Server
51.15.144.27 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 15 Nov 2020 00:00:27 GMT
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
redirect
adskpak.com/
Redirect Chain
  • http://di7stero.com/rs?tmp_uid=fb8b3d5d0a5cfcb8a105bc59e960c49b&wsa=5f3acdcf4cc03124827530&r=js&utm_source=script
  • http://adskpak.com/redirect?sid=77836
21 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://adskpak.com/redirect?sid=77836
Requested by
Host: di7stero.com
URL: http://di7stero.com/cs?wsa=5f3acdcf4cc03124827530
Protocol
HTTP/1.1
Server
50.28.0.84 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Server /
Resource Hash

Request headers

Host
adskpak.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://di7stero.com/cs?wsa=5f3acdcf4cc03124827530
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://di7stero.com/cs?wsa=5f3acdcf4cc03124827530

Response headers

Server
Server
Date
Sun, 15 Nov 2020 00:00:27 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
21811
Cache-Control
no-transform,no-cache
Connection
Keep-Alive
Pragma
no-cache

Redirect headers

Date
Sun, 15 Nov 2020 00:00:27 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
4
Connection
keep-alive
Location
http://adskpak.com/redirect?sid=77836
Referrer-Policy
unsafe-url
X-Frame-Options
DENY
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Primary Request redirect
cpxtri.com/ 		21 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cpxtri.com/redirect?sid=77836
Requested by
Host: adskpak.com
URL: http://adskpak.com/redirect?sid=77836
Protocol
HTTP/1.1
Server
50.28.0.84 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Server /
Resource Hash

Request headers

Host
cpxtri.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://adskpak.com/redirect?sid=77836
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://adskpak.com/redirect?sid=77836

Response headers

Server
Server
Date
Sun, 15 Nov 2020 00:00:28 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
21811
Cache-Control
no-transform,no-cache
Connection
Keep-Alive
Pragma
no-cache
redirect
cpxtri.com/ 		0
210 B 		Document
General
Check archive.org
Download Go to
Full URL
http://cpxtri.com/redirect?cid=iZfhKwWkJa&http_referer=&sid=77836&subid=&s3=&299e3c81bf2c2443dfd9662ca4050d19=1&rr=1&id=&t=1605398428&hrf=MKJe9NgaU5gWhUEovFC9WSJ6ysu3rEvPHBVlRDbwqNyKqKoyW8Q%3D&iwx=1600&iwy=1200&owx=1600&owy=1200&isph=1&pbc=0&fp=null&hf=1&op=1&pd=24&tp=%3F&xd=%3F&yd=%3F&pl=0&mt=0&sw=1600&sh=1200&fw=1600&fh=1200&pw=0&ph=0&ow=1600x1200&iw=1600x1200&sd=24&ifr=0&coo=1&m=0&hr=3&ab=1&ua=%257B%2522ef%2522%253A%25224g%2522%252C%2522rtt%2522%253A0%252C%2522down%2522%253A10%252C%2522save%2522%253Afalse%257D&npl=Linux+x86_64&ncpu=%3F&nhc=16&gtz=-60&nba=1&nbt=0&nve=Google+Inc.&vapp=Netscape&napv=5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36&ss=1&ls=1&bl=en-US&sl=undefined&dr=%3F&is=-1608825996&wc=undefined&msy=undefined&ddm=undefined&ps=20030107&st=1&sp=undefined&mob=0&ifp1=0&ifp2=0&wn=&nap=0&ind=1&opd=1&dab=0&nsb=1&chk1=0&chk2=1&chk3=0&chk4=0
Protocol
HTTP/1.1
Server
50.28.0.84 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
cpxtri.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://cpxtri.com/redirect?sid=77836
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://cpxtri.com/redirect?sid=77836

Response headers

Server
Server
Date
Sun, 15 Nov 2020 00:00:28 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
0
Cache-Control
no-transform,no-cache
Connection
Keep-Alive
Pragma
no-cache

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
poweredby.jads.co
URL
http://poweredby.jads.co/adshow.php?adzone=880307

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes

0 Cookies

1 Console Messages

Source Level URL
Text
console-api debug URL: http://cpxtri.com/redirect?sid=77836(Line 111)
Message: