traffic2bitcoin.com Open in urlscan Pro
23.95.12.219 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://speedflow.io/adult/?a=rr
Effective URL:
http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_con...
Submission Tags: demotag1 demotag2 Search All
Submission: On November 07 via api (November 7th 2020, 5:27:33 am UTC) from US

Summary HTTP 65 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 26 domains to perform 65 HTTP transactions. The main IP is 23.95.12.219, located in Buffalo, United States and belongs to AS-COLOCROSSING, US. The main domain is traffic2bitcoin.com.

This is the only time traffic2bitcoin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	198.54.116.135 198.54.116.135	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	95.211.229.245 95.211.229.245	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 4	107.170.39.103 107.170.39.103	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	35.190.72.161 35.190.72.161	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
4	2606:4700:303... 2606:4700:3032::681b:a2f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
4	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE)
3	23.95.12.219 23.95.12.219	36352 (AS-COLOCR...) (AS-COLOCROSSING)
1	104.22.6.169 104.22.6.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6810:e633	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	51.210.112.130 51.210.112.130	16276 (OVH) (OVH)
1	2606:4700:303... 2606:4700:3036::681b:9074	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::6812:29ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4526	13335 (CLOUDFLAR...) (CLOUDFLARENET)
65	27

3 198.54.116.135 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server193-5.web-hosting.com

speedflow.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

a.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.229.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.170.39.103 (New York, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

traffdaq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.161 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com

c.securepaths.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3032::681b:a2f8 (United States)

ASN13335 (CLOUDFLARENET, US)

tr.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

399aba6bddef5cfe855941e2db9855ce.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.95.12.219 (Buffalo, United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: 23-95-12-219-host.colocrossing.com

traffic2bitcoin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad2bitcoin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.6.169 (United States)

ASN13335 (CLOUDFLARENET, US)

static1.freebitco.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:e633 (United States)

ASN13335 (CLOUDFLARENET, US)

banners.mellowads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mellowads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 51.210.112.130 (France)

ASN16276 (OVH, FR)
PTR: i.ibb.co

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::681b:9074 (United States)

ASN13335 (CLOUDFLARENET, US)

bitfun.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lovemetome123456789.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6812:29ac (United States)

ASN13335 (CLOUDFLARENET, US)

www.qtrex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4526 (United States)

ASN13335 (CLOUDFLARENET, US)

www.gab.ag	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	ibb.co i.ibb.co	1019 KB
9	googlesyndication.com pagead2.googlesyndication.com 399aba6bddef5cfe855941e2db9855ce.safeframe.googlesyndication.com tpc.googlesyndication.com	144 KB
7	mellowads.com banners.mellowads.com mellowads.com	584 KB
5	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	119 KB
4	tr.im tr.im	23 KB
4	traffdaq.com 1 redirects traffdaq.com	4 KB
3	speedflow.io speedflow.io	2 KB
2	traffic2bitcoin.com traffic2bitcoin.com	12 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	gstatic.com fonts.gstatic.com	15 KB
2	realsrv.com a.realsrv.com syndication.realsrv.com	1 KB
1	gab.ag www.gab.ag Failed
1	qtrex.io www.qtrex.io
1	blogspot.com lovemetome123456789.blogspot.com
1	ad2bitcoin.com ad2bitcoin.com
1	bitfun.co bitfun.co	49 KB
1	freebitco.in static1.freebitco.in	43 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	168 B
1	google.de adservice.google.de	168 B
1	googleadservices.com partner.googleadservices.com	402 B
1	googleapis.com fonts.googleapis.com	624 B
1	bootstrapcdn.com stackpath.bootstrapcdn.com	23 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	jsdelivr.net cdn.jsdelivr.net	10 KB
1	securepaths.com c.securepaths.com
65	26

	Domain	Requested by
10	i.ibb.co	traffic2bitcoin.com
6	banners.mellowads.com	traffic2bitcoin.com
4	pagead2.googlesyndication.com	tr.im pagead2.googlesyndication.com
4	tr.im	traffdaq.com tr.im
4	traffdaq.com	1 redirects speedflow.io traffdaq.com
3	399aba6bddef5cfe855941e2db9855ce.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	securepubads.g.doubleclick.net	tr.im securepubads.g.doubleclick.net
3	speedflow.io	speedflow.io
2	traffic2bitcoin.com	tr.im traffic2bitcoin.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
1	www.gab.ag	traffic2bitcoin.com
1	www.qtrex.io	traffic2bitcoin.com
1	lovemetome123456789.blogspot.com	traffic2bitcoin.com
1	ad2bitcoin.com	traffic2bitcoin.com
1	bitfun.co	traffic2bitcoin.com
1	mellowads.com	traffic2bitcoin.com
1	static1.freebitco.in	traffic2bitcoin.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	tr.im
1	stackpath.bootstrapcdn.com	tr.im
1	www.googletagmanager.com	tr.im
1	cdn.jsdelivr.net	traffdaq.com
1	c.securepaths.com	traffdaq.com
1	syndication.realsrv.com	a.realsrv.com
1	a.realsrv.com	speedflow.io
65	31

This site contains links to these domains. Also see Links.

Domain
freebitco.in
beebitcoin.info
refbitcoin.com
mariobtc.com
file2btc.com
btcfox.info
digimonbtc.com
simbabtc.com
tiggercoin.com
ad2bitcoin.com
bitfun.co
hash512.com
1ink.cc
farmbtc.info
bit.ly
www.easyhits4u.com
www.ebesucher.com
smurfgo.com
bandirun.com
tomygame.com
bitcoincrack.org

Subject Issuer	Validity	Valid
realsrv.com Let's Encrypt Authority X3	`2020-10-26` - `2021-01-24`	3 months	crt.sh
traffdaq.com Let's Encrypt Authority X3	`2020-10-31` - `2021-01-29`	3 months	crt.sh
*.securepaths.com Let's Encrypt Authority X3	`2020-09-22` - `2020-12-21`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-10` - `2021-07-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
freebitco.in Cloudflare Inc ECC CA-3	`2020-09-05` - `2021-09-05`	a year	crt.sh
ibb.co Let's Encrypt Authority X3	`2020-10-02` - `2020-12-31`	3 months	crt.sh
ad2bitcoin.com cPanel, Inc. Certification Authority	`2020-10-18` - `2021-01-16`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
gab.ag Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh

This page contains 15 frames:

Primary Page: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Frame ID: 815C9B5D04D0481C52CFFD937A25D3E5
Requests: 51 HTTP requests in this frame

Frame: http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604726831261&sub=&tags=&screen_resolution=1600x1200&el=%22
Frame ID: 0097820B145BA7E3163A9FB41944C2E2
Requests: 1 HTTP requests in this frame

Frame: http://speedflow.io/adult/%3C?echo%20$mh;?%3E
Frame ID: 4F1843815A3587909110D2B1D54F0F69
Requests: 1 HTTP requests in this frame

Frame: http://speedflow.io/adult/%3C?echo%20$hloc1;?%3E
Frame ID: 6957359710ABD5C88BD46161F6D892F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/zrt_lookup.html
Frame ID: ADC7B4D4D56D68378044EB51B9A2000F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1229858928340193&output=html&adk=1812271804&adf=3025194257&lmt=1604726837&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Ftr.im%2F1Smrx&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604726837434&bpp=12&bdt=93&idt=121&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6510210023332&frm=20&pv=2&ga_vid=61910540.1604726837&ga_sid=1604726838&ga_hid=1344574179&ga_fc=0&iag=0&icsg=10410&dssz=17&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068434%2C21066706&oid=3&pvsid=3925707520373841&pem=781&ref=https%3A%2F%2Ftraffdaq.com%2Fdelivery%2Fdirectlink%2F47382%3Fhash%3DeyJpdiI6IkVCYWpKa0thN0xmYURMYkNxSTRQb1E9PSIsInZhbHVlIjoieVhFZkVQXC92Znl3NVwvbHVHYmZGQ3V4RFhhSDlFT1lNMDk1NDk5YVBNazZRUWE0MUVGZjdVTVJlUlp5NUVWRFRKanNRcDZSc1JWNXpaa3dENzBwdnhJakp4a29zU2xwcjZzNjBwU0N6SEYzODRjY0R1eXVJamFpOFhXTG9HY2tlV2lNZEhvaUVON1JkdDhTajBYTEFHWXE0eElXamZDZnVtNFcyZitCY3NRdWJrZ0ZodWRoMHdCaDJYSFByemFjYkZwWWp3QTIrc2hiS0oxakpxSjlqTDN2R3I5c2dlVlpPYlZnVkhnWlNQeU5KTTkyZHB3VE4yVkdkUUpFVEh6N3pLemRDQUMzem8xVUF4dllNY3JDdGtncGpLdUs0dTZLZ0w0d2c4WlFtY1lNRW0yaTFcL2NiK0E0RFlBMGcrMnlFZFoiLCJtYWMiOiI4ODM0NWEyNjA5OWFmOTExNWQzOTFlOGFiNTMyMjQ3MGRkZjFmZjIyN2MzN2U5MzVlYmJiZGI2NGE3MDk2NDI1In0%253D%26fp%3D66abd220fd1aeed21a48c2d9b60f0bf8&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=138
Frame ID: E5744F762D9F13E76E9F251894E55F40
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: D9842297ABB0EDC808041B2DE9377DD7
Requests: 1 HTTP requests in this frame

Frame: https://399aba6bddef5cfe855941e2db9855ce.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: B7EE0C8583699BF597125B164E1D8438
Requests: 1 HTTP requests in this frame

Frame: https://399aba6bddef5cfe855941e2db9855ce.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: E156BDA9EAB66EEC56BCAED4AAA5FEB8
Requests: 1 HTTP requests in this frame

Frame: https://ad2bitcoin.com/adincm.php?ref=ad2btc&width=728
Frame ID: 2635382891DE0AB6EF72E6FA5A9EDEDB
Requests: 1 HTTP requests in this frame

Frame: http://traffic2bitcoin.com/qlt.php?ref=lamyaeA&keycode=7402&type=
Frame ID: 61AF24B3A1BE353EF3B948817CC73BE7
Requests: 1 HTTP requests in this frame

Frame: https://lovemetome123456789.blogspot.com/
Frame ID: A2D621F1397C8EBCF6A618C2399F2ECA
Requests: 1 HTTP requests in this frame

Frame: https://www.qtrex.io/?easymoney
Frame ID: ADA1783D2FE388D9040DD1BB16425D3F
Requests: 1 HTTP requests in this frame

Frame: https://www.gab.ag/
Frame ID: DCD6027FA3CD5388647DA30C4152667D
Requests: 1 HTTP requests in this frame

Frame: https://www.gab.ag/
Frame ID: 635A5FAD4090C645911935669CDE6EB3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://speedflow.io/adult/?a=rr Page URL
http://traffdaq.com/delivery/dl/47382?category=general HTTP 301
https://traffdaq.com/delivery/dl/47382?category=general Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkVCYWpKa0thN0xmYURMYkNxSTRQb1E9PSIsI... Page URL
https://tr.im/1Smrx Page URL
http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=t... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

65
Requests

89 %
HTTPS

69 %
IPv6

26
Domains

31
Subdomains

27
IPs

5
Countries

2136 kB
Transfer

2882 kB
Size

7
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://freebitco.in/?r=1208998

Search URL Search Domain Scan URL

URL: https://beebitcoin.info/index.php?bitcoinwallet=1PLBNcu3tHv7LXKa77QcVLQpU7RPMtTDdU&ref=

Search URL Search Domain Scan URL

URL: https://refbitcoin.com/index.php?ref=coinmedia

Search URL Search Domain Scan URL

URL: https://mariobtc.com/?ref=Referrer

Search URL Search Domain Scan URL

URL: https://file2btc.com/?ref=cDF1dfWoFFHrjeZ61UZs

Search URL Search Domain Scan URL

URL: https://btcfox.info/?ref=tony69

Search URL Search Domain Scan URL

URL: https://digimonbtc.com/?ref=Referrer

Search URL Search Domain Scan URL

URL: https://simbabtc.com/?ref=t2btc

Search URL Search Domain Scan URL

URL: https://tiggercoin.com/?ref=1PLBNcu3tHv7LXKa77QcVLQpU7RPMtTDdU

Search URL Search Domain Scan URL

URL: https://ad2bitcoin.com/index.php?ref=freebtc

Search URL Search Domain Scan URL

URL: http://bitfun.co/?ref=E5B9AF032A39

Search URL Search Domain Scan URL

URL: https://hash512.com/?ref=tony81

Search URL Search Domain Scan URL

URL: http://1ink.cc/?r=amfreeb

Search URL Search Domain Scan URL

URL: https://farmbtc.info/?ref=henryw82

Search URL Search Domain Scan URL

URL: http://bit.ly/traffic2btc

Search URL Search Domain Scan URL

URL: https://www.easyhits4u.com/?ref=markabi
Title: easyhits4u

Search URL Search Domain Scan URL

URL: http://www.ebesucher.com/?ref=markabi
Title: ebesucher

Search URL Search Domain Scan URL

URL: http://smurfgo.com/?r=amfreeb

Search URL Search Domain Scan URL

URL: http://bandirun.com/?r=amfreeb

Search URL Search Domain Scan URL

URL: http://tomygame.com/?r=amfreeb

Search URL Search Domain Scan URL

URL: https://bitcoincrack.org/

Search URL Search Domain Scan URL

URL: http://bit.ly/TopList09
Title: Insert Your Ad to Our List

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://speedflow.io/adult/?a=rr Page URL
http://traffdaq.com/delivery/dl/47382?category=general HTTP 301
https://traffdaq.com/delivery/dl/47382?category=general Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkVCYWpKa0thN0xmYURMYkNxSTRQb1E9PSIsInZhbHVlIjoieVhFZkVQXC92Znl3NVwvbHVHYmZGQ3V4RFhhSDlFT1lNMDk1NDk5YVBNazZRUWE0MUVGZjdVTVJlUlp5NUVWRFRKanNRcDZSc1JWNXpaa3dENzBwdnhJakp4a29zU2xwcjZzNjBwU0N6SEYzODRjY0R1eXVJamFpOFhXTG9HY2tlV2lNZEhvaUVON1JkdDhTajBYTEFHWXE0eElXamZDZnVtNFcyZitCY3NRdWJrZ0ZodWRoMHdCaDJYSFByemFjYkZwWWp3QTIrc2hiS0oxakpxSjlqTDN2R3I5c2dlVlpPYlZnVkhnWlNQeU5KTTkyZHB3VE4yVkdkUUpFVEh6N3pLemRDQUMzem8xVUF4dllNY3JDdGtncGpLdUs0dTZLZ0w0d2c4WlFtY1lNRW0yaTFcL2NiK0E0RFlBMGcrMnlFZFoiLCJtYWMiOiI4ODM0NWEyNjA5OWFmOTExNWQzOTFlOGFiNTMyMjQ3MGRkZjFmZjIyN2MzN2U5MzVlYmJiZGI2NGE3MDk2NDI1In0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8 Page URL
https://tr.im/1Smrx Page URL
http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://traffdaq.com/delivery/dl/47382?category=general HTTP 301
https://traffdaq.com/delivery/dl/47382?category=general

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
speedflow.io/adult/ 1 KB
1 KB 370ms
350ms Document
text/html 198.54.116.135
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Server: 198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server193-5.web-hosting.com
Software: Apache / PHP/7.1.33
Resource Hash: 1beb66b991b5c3969319e77b3adc1242300fe43ae26c61d1f384d7c60b153b28

Request headers

Host: speedflow.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr

Response headers

date: Sat, 07 Nov 2020 05:27:11 GMT
server: Apache
x-powered-by: PHP/7.1.33
set-cookie: visits_todaya=1; expires=Sat, 07-Nov-2020 22:59:00 GMT; Max-Age=63109; path=/ time_start=1604726831.1314; expires=Sat, 07-Nov-2020 22:59:00 GMT; Max-Age=63109; path=/ ip=185.156.175.107 mobile=0 country=GB visits_todayi=0; expires=Sat, 07-Nov-2020 22:59:00 GMT; Max-Age=63109; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 530
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK ads.js Show response
a.realsrv.com/ 2 KB
1 KB 24ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://a.realsrv.com/ads.js
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: d3f814d49049b29143de2fccdbd97d0a1f0739e2554c482684c7c906b535ea43

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 05:27:11 GMT
Content-Encoding: gzip
X-HW: 1604726831.dop129.fr8.shc,1604726831.dop129.fr8.t,1604726831.cds129.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 928

GET
H/1.1 200
OK Cookie set ads-iframe-display.php
syndication.realsrv.com/ Frame 0097 0
0 137ms
113ms Document
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604726831261&sub=&tags=&screen_resolution=1600x1200&el=%22
Requested by: Host: a.realsrv.com
URL: https://a.realsrv.com/ads.js
Protocol: HTTP/1.1
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: syndication.realsrv.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

Server: nginx
Date: Sat, 07 Nov 2020 05:27:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225fa6302f550325.614300723045588504%22%3B%7D; expires=Mon, 07 Nov 2022 05:27:11 GMT; path=; domain=.realsrv.com;
Content-Encoding: gzip

GET
H/1.1 404
Not Found %3C
speedflow.io/adult/ Frame 4F18 315 B
460 B 187ms
186ms Document
text/html 198.54.116.135
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://speedflow.io/adult/%3C?echo%20$mh;?%3E
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Server: 198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server193-5.web-hosting.com
Software: Apache /
Resource Hash

Request headers

Host: speedflow.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ip=185.156.175.107; mobile=0; country=GB; visits_todaya=1; time_start=1604726831.1314; visits_todayi=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

date: Sat, 07 Nov 2020 05:27:11 GMT
server: Apache
content-length: 315
content-type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found %3C
speedflow.io/adult/ Frame 6957 315 B
460 B 367ms
347ms Document
text/html 198.54.116.135
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://speedflow.io/adult/%3C?echo%20$hloc1;?%3E
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Server: 198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server193-5.web-hosting.com
Software: Apache /
Resource Hash

Request headers

Host: speedflow.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ip=185.156.175.107; mobile=0; country=GB; visits_todaya=1; time_start=1604726831.1314; visits_todayi=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

date: Sat, 07 Nov 2020 05:27:11 GMT
server: Apache
content-length: 315
content-type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

47382 Show response
traffdaq.com/delivery/dl/
Redirect Chain

http://traffdaq.com/delivery/dl/47382?category=general
https://traffdaq.com/delivery/dl/47382?category=general

3 KB
2 KB

527ms
289ms

Document
text/html

107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/dl/47382?category=general
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: 75f1bf9b3498254922933f1f596891d8ba0061d15e450e9dbdae5282a9707ce6

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/adult/?a=rr

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Sat, 07 Nov 2020 05:27:11 GMT
Content-Encoding: gzip

Redirect headers

Content-length: 0
Location: https://traffdaq.com/delivery/dl/47382?category=general
Connection: close

GET
H/1.1 200
OK eyJpdiI6InBjU3JWK0k1bEdReWd0VHhTV3pjSnc9PSIsInZhbHVlIjoiVjdqNGFHdGg5am9RZVBcL0ZHUFBhckU5VEVvV3BDSzdFaTdUeUFcL081Q2cwakJzSnFQWXBzanBRYk5UY3dianFNcWR2TGtMR014UjhIVWM1djI2VTNWUT09IiwibWFjIjoiOWQzZTkwM...
traffdaq.com/users/track/ 0
860 B 500ms
268ms Image
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffdaq.com/users/track/eyJpdiI6InBjU3JWK0k1bEdReWd0VHhTV3pjSnc9PSIsInZhbHVlIjoiVjdqNGFHdGg5am9RZVBcL0ZHUFBhckU5VEVvV3BDSzdFaTdUeUFcL081Q2cwakJzSnFQWXBzanBRYk5UY3dianFNcWR2TGtMR014UjhIVWM1djI2VTNWUT09IiwibWFjIjoiOWQzZTkwMjZmNDg4ZjE2ZDIwNTFhMTA2ODU2OTljYjAzZGY0MDU0NGIxNzljY2ZhMGVmOWE0ZWFiZmUyZmEzOSJ9
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=general
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 05:27:12 GMT
Cache-Control: no-cache
Server: nginx/1.16.1 (Ubuntu)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 401 implement.js
c.securepaths.com/js/ 0
0 35ms
35ms Script
application/javascript 35.190.72.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c.securepaths.com/js/implement.js?org=FziBhN0qA1aE5tBQrQLl&s=5fa6302fcc914&p=TDQ47382&a=47382&cmp=47382&rd=http%3A%2F%2Fspeedflow.io%2F&rt=click&sl=0&stId=0&ty=l

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=general

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

161.72.190.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Nov 2020 05:27:12 GMT
via: 1.1 google
status: 401
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
x-xss-protection: 0
expires: 0

GET
H2 200 fingerprint2.min.js Show response
cdn.jsdelivr.net/fingerprintjs2/1.4.0/ 33 KB
10 KB 6ms
5ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/fingerprintjs2/1.4.0/fingerprint2.min.js

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=general

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 810821
x-cache: HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 10191
etag: W/"83f3-ijg3WuTgKQH1Hch06eHdIajrA24"
x-served-by: cache-fra19177-FRA
date: Sat, 07 Nov 2020 05:27:12 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 47382 Show response
traffdaq.com/delivery/directlink/ 2 KB
1 KB 2556ms
2323ms Document
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkVCYWpKa0thN0xmYURMYkNxSTRQb1E9PSIsInZhbHVlIjoieVhFZkVQXC92Znl3NVwvbHVHYmZGQ3V4RFhhSDlFT1lNMDk1NDk5YVBNazZRUWE0MUVGZjdVTVJlUlp5NUVWRFRKanNRcDZSc1JWNXpaa3dENzBwdnhJakp4a29zU2xwcjZzNjBwU0N6SEYzODRjY0R1eXVJamFpOFhXTG9HY2tlV2lNZEhvaUVON1JkdDhTajBYTEFHWXE0eElXamZDZnVtNFcyZitCY3NRdWJrZ0ZodWRoMHdCaDJYSFByemFjYkZwWWp3QTIrc2hiS0oxakpxSjlqTDN2R3I5c2dlVlpPYlZnVkhnWlNQeU5KTTkyZHB3VE4yVkdkUUpFVEh6N3pLemRDQUMzem8xVUF4dllNY3JDdGtncGpLdUs0dTZLZ0w0d2c4WlFtY1lNRW0yaTFcL2NiK0E0RFlBMGcrMnlFZFoiLCJtYWMiOiI4ODM0NWEyNjA5OWFmOTExNWQzOTFlOGFiNTMyMjQ3MGRkZjFmZjIyN2MzN2U5MzVlYmJiZGI2NGE3MDk2NDI1In0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=general
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: cf790a72c84b2fa4c7329a4fb2fce74fc0766dc0280344ca67e77b8e7457f1cd

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://traffdaq.com/delivery/dl/47382?category=general
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tdqct=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://traffdaq.com/delivery/dl/47382?category=general

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Sat, 07 Nov 2020 05:27:14 GMT
Content-Encoding: gzip

GET
H2 200 1Smrx Show response
tr.im/ 9 KB
3 KB 2321ms
2321ms Document
text/html 2606:4700:3032::681b:a2f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.im/1Smrx

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkVCYWpKa0thN0xmYURMYkNxSTRQb1E9PSIsInZhbHVlIjoieVhFZkVQXC92Znl3NVwvbHVHYmZGQ3V4RFhhSDlFT1lNMDk1NDk5YVBNazZRUWE0MUVGZjdVTVJlUlp5NUVWRFRKanNRcDZSc1JWNXpaa3dENzBwdnhJakp4a29zU2xwcjZzNjBwU0N6SEYzODRjY0R1eXVJamFpOFhXTG9HY2tlV2lNZEhvaUVON1JkdDhTajBYTEFHWXE0eElXamZDZnVtNFcyZitCY3NRdWJrZ0ZodWRoMHdCaDJYSFByemFjYkZwWWp3QTIrc2hiS0oxakpxSjlqTDN2R3I5c2dlVlpPYlZnVkhnWlNQeU5KTTkyZHB3VE4yVkdkUUpFVEh6N3pLemRDQUMzem8xVUF4dllNY3JDdGtncGpLdUs0dTZLZ0w0d2c4WlFtY1lNRW0yaTFcL2NiK0E0RFlBMGcrMnlFZFoiLCJtYWMiOiI4ODM0NWEyNjA5OWFmOTExNWQzOTFlOGFiNTMyMjQ3MGRkZjFmZjIyN2MzN2U5MzVlYmJiZGI2NGE3MDk2NDI1In0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:a2f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.28-1+deb.sury.org~xenial+1

Resource Hash

e64fa64dd0085dcef2835f8c502ff22a9852e0f4a51f079fe5b5dbadd4cba4b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: tr.im
:scheme: https
:path: /1Smrx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkVCYWpKa0thN0xmYURMYkNxSTRQb1E9PSIsInZhbHVlIjoieVhFZkVQXC92Znl3NVwvbHVHYmZGQ3V4RFhhSDlFT1lNMDk1NDk5YVBNazZRUWE0MUVGZjdVTVJlUlp5NUVWRFRKanNRcDZSc1JWNXpaa3dENzBwdnhJakp4a29zU2xwcjZzNjBwU0N6SEYzODRjY0R1eXVJamFpOFhXTG9HY2tlV2lNZEhvaUVON1JkdDhTajBYTEFHWXE0eElXamZDZnVtNFcyZitCY3NRdWJrZ0ZodWRoMHdCaDJYSFByemFjYkZwWWp3QTIrc2hiS0oxakpxSjlqTDN2R3I5c2dlVlpPYlZnVkhnWlNQeU5KTTkyZHB3VE4yVkdkUUpFVEh6N3pLemRDQUMzem8xVUF4dllNY3JDdGtncGpLdUs0dTZLZ0w0d2c4WlFtY1lNRW0yaTFcL2NiK0E0RFlBMGcrMnlFZFoiLCJtYWMiOiI4ODM0NWEyNjA5OWFmOTExNWQzOTFlOGFiNTMyMjQ3MGRkZjFmZjIyN2MzN2U5MzVlYmJiZGI2NGE3MDk2NDI1In0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IkVCYWpKa0thN0xmYURMYkNxSTRQb1E9PSIsInZhbHVlIjoieVhFZkVQXC92Znl3NVwvbHVHYmZGQ3V4RFhhSDlFT1lNMDk1NDk5YVBNazZRUWE0MUVGZjdVTVJlUlp5NUVWRFRKanNRcDZSc1JWNXpaa3dENzBwdnhJakp4a29zU2xwcjZzNjBwU0N6SEYzODRjY0R1eXVJamFpOFhXTG9HY2tlV2lNZEhvaUVON1JkdDhTajBYTEFHWXE0eElXamZDZnVtNFcyZitCY3NRdWJrZ0ZodWRoMHdCaDJYSFByemFjYkZwWWp3QTIrc2hiS0oxakpxSjlqTDN2R3I5c2dlVlpPYlZnVkhnWlNQeU5KTTkyZHB3VE4yVkdkUUpFVEh6N3pLemRDQUMzem8xVUF4dllNY3JDdGtncGpLdUs0dTZLZ0w0d2c4WlFtY1lNRW0yaTFcL2NiK0E0RFlBMGcrMnlFZFoiLCJtYWMiOiI4ODM0NWEyNjA5OWFmOTExNWQzOTFlOGFiNTMyMjQ3MGRkZjFmZjIyN2MzN2U5MzVlYmJiZGI2NGE3MDk2NDI1In0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Response headers

status: 200
date: Sat, 07 Nov 2020 05:27:17 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d1dbf4c07f61c49c6d26374872f8dc08f1604726835; expires=Mon, 07-Dec-20 05:27:15 GMT; path=/; domain=.tr.im; HttpOnly; SameSite=Lax __cf_bm=0b1af9f5c71ac4ebe106921dd8994b192a1a5e76-1604726837-1800-AWKur1UzzqtCCYt7iu32/fMW00U6RP/QHwe3yutFyH2eYrh1sN+X0xqlW68LVhPnMp+L8Y5TB5MSbFDICI/irbo=; path=/; expires=Sat, 07-Nov-20 05:57:17 GMT; domain=.tr.im; HttpOnly; Secure; SameSite=None
x-powered-by: PHP/5.6.28-1+deb.sury.org~xenial+1
cache-control: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
cf-request-id: 0642c55f430000c2ae1b049000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5LCD26Qvz5gUIxnGEHDXLZi0DmLIGSrtZUcbxnIFUQP%2BTCp6GS664U21dZvsjQo9i5amHNACWRF0jOd10tXpHwI5w63oYf6bAF8ThWtqVcxSyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5ee4a4ded981c2ae-FRA
content-encoding: br

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 131 KB
44 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: tr.im
URL: https://tr.im/1Smrx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e83b2cdd58cbb5bc2b28882b64aa965231f491804d497999763ba8df84282910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45426
x-xss-protection: 0
server: cafe
etag: 10562869928832476540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 07 Nov 2020 05:27:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 16ms
13ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-139146315-9

Requested by

Host: tr.im
URL: https://tr.im/1Smrx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6d00421703479478838ab557ed3ed0785c83227cbd7a2e1528f347c752b9180

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:17 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38327
x-xss-protection: 0
last-modified: Sat, 07 Nov 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 07 Nov 2020 05:27:17 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 55 KB
18 KB 112ms
50ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tr.im
URL: https://tr.im/1Smrx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

6c7f29acf469b827458ac06df9770566acd39457fad216b391a15d4c8c7c8663

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "686 / 503 of 1000 / last-modified: 1604704676"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18262
x-xss-protection: 0
expires: Sat, 07 Nov 2020 05:27:17 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/ 157 KB
23 KB 10ms
7ms Stylesheet
text/css 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css

Requested by

Host: tr.im
URL: https://tr.im/1Smrx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://tr.im
Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 May 2020 17:29:51 GMT
status: 200
etag: "1589304591"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 23841

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
624 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;500&display=swap

Requested by

Host: tr.im
URL: https://tr.im/1Smrx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a3120d4bddcbcde8e4f0e0088646c6ab2c06e11d21257d238748f6ac76c51417

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 07 Nov 2020 05:27:17 GMT
server: ESF
date: Sat, 07 Nov 2020 05:27:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 Nov 2020 05:27:17 GMT

GET
H2 200 style.css
tr.im/bundles/trim/ad-page-072020/css/ 2 KB
888 B 13ms
11ms Stylesheet
text/css 2606:4700:3032::681b:a2f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.im/bundles/trim/ad-page-072020/css/style.css

Requested by

Host: tr.im
URL: https://tr.im/1Smrx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:a2f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8234f5e5b2933912bf30cbcff6aade9d5f5a2dbe15d44937c13b46090d1f1498

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5314
status: 200
cf-request-id: 0642c568780000c2aeeca21000000001
last-modified: Tue, 06 Oct 2020 07:24:41 GMT
server: cloudflare
etag: W/"5f7c1bb9-813"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ThEUftAHVRc7uaQzIMm4lNm%2BxdIeaaz%2Bfxxj0gMrU%2B2otYprX0VL8bMuTemzdWK%2FQgqwhnlJoxQjyRgQvHVevfZ0FvLdtuqOCLVb7YadgZb9kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 5ee4a4ed8809c2ae-FRA

GET
H2 200 logo.png
tr.im/bundles/trim/ad-page-072020/images/ 5 KB
5 KB 17ms
16ms Image
image/png 2606:4700:3032::681b:a2f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.im/bundles/trim/ad-page-072020/images/logo.png

Requested by

Host: tr.im
URL: https://tr.im/1Smrx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:a2f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

317b57b8207135b3223181d14cf2e213bf0b7a0050a3e2f92a48c26f13703365

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:17 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5314
status: 200
content-length: 4650
cf-request-id: 0642c568790000c2aee0939000000001
last-modified: Tue, 06 Oct 2020 07:24:41 GMT
server: cloudflare
etag: "5f7c1bb9-122a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5TS9X%2BiB%2FTsLcpQO6etwZ1SMqZOMplIdQk0KkmCUu735G4ZHFeFvSShWnt6P8deAOWkRkBZVBod4QYybZQLtFvfg4hVw2Ehi1iY6nTI2mMfIUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ee4a4ed880bc2ae-FRA

GET
H2 200 feature.png
tr.im/bundles/trim/ad-page-072020/images/ 14 KB
15 KB 12ms
11ms Image
image/png 2606:4700:3032::681b:a2f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.im/bundles/trim/ad-page-072020/images/feature.png

Requested by

Host: tr.im
URL: https://tr.im/1Smrx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:a2f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3a2ed372eb25f036218e1cf130657ba79eff86384c1292bb16c95e4d34af5d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:17 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5314
status: 200
content-length: 14664
cf-request-id: 0642c568790000c2ae059fa000000001
last-modified: Tue, 06 Oct 2020 07:24:41 GMT
server: cloudflare
etag: "5f7c1bb9-3948"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IsYfXvsF%2Bjb8nNAxG6ZG6GX9CF5mN4M%2BrmTkr0xYrzkuWTZ0c6bXDLQSUZjhiafECb5md%2FutS1xAbfi1Iz0hkVIN9xoePgv5qarTsrxtwLOXXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ee4a4ed880cc2ae-FRA

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tr.im
Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 22:12:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:01:44 GMT
server: sffe
age: 112472
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
expires: Fri, 05 Nov 2021 22:12:45 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tr.im
Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 22:12:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:01:13 GMT
server: sffe
age: 112472
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
expires: Fri, 05 Nov 2021 22:12:45 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/ 230 KB
87 KB 57ms
42ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22f38713e3cb086adc05ce7b3f126b1a3c18d0bd120bafd17c85117de81741b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88225
x-xss-protection: 0
server: cafe
etag: 10001109163846534958
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 Nov 2020 05:27:17 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/ Frame ADC7 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201104/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tr.im/1Smrx
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://tr.im/1Smrx

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Fri, 06 Nov 2020 18:54:19 GMT
expires: Fri, 20 Nov 2020 18:54:19 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 37978
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-139146315-9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 5872
date: Sat, 07 Nov 2020 03:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sat, 07 Nov 2020 05:49:25 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
401 B 47ms
13ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1344574179&t=pageview&_s=1&dl=https%3A%2F%2Ftr.im%2F1Smrx&dr=https%3A%2F%2Ftraffdaq.com%2Fdelivery%2Fdirectlink%2F47382%3Fhash%3DeyJpdiI6IkVCYWpKa0thN0xmYURMYkNxSTRQb1E9PSIsInZhbHVlIjoieVhFZkVQXC92Znl3NVwvbHVHYmZGQ3V4RFhhSDlFT1lNMDk1NDk5YVBNazZRUWE0MUVGZjdVTVJlUlp5NUVWRFRKanNRcDZSc1JWNXpaa3dENzBwdnhJakp4a29zU2xwcjZzNjBwU0N6SEYzODRjY0R1eXVJamFpOFhXTG9HY2tlV2lNZEhvaUVON1JkdDhTajBYTEFHWXE0eElXamZDZnVtNFcyZitCY3NRdWJrZ0ZodWRoMHdCaDJYSFByemFjYkZwWWp3QTIrc2hiS0oxakpxSjlqTDN2R3I5c2dlVlpPYlZnVkhnWlNQeU5KTTkyZHB3VE4yVkdkUUpFVEh6N3pLemRDQUMzem8xVUF4dllNY3JDdGtncGpLdUs0dTZLZ0w0d2c4WlFtY1lNRW0yaTFcL2NiK0E0RFlBMGcrMnlFZFoiLCJtYWMiOiI4ODM0NWEyNjA5OWFmOTExNWQzOTFlOGFiNTMyMjQ3MGRkZjFmZjIyN2MzN2U5MzVlYmJiZGI2NGE3MDk2NDI1In0%253D%26fp%3D66abd220fd1aeed21a48c2d9b60f0bf8&ul=en-us&de=UTF-8&dt=tr.im%20-%20url%20shortener&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=528727491&gjid=1937108857&cid=61910540.1604726837&tid=UA-139146315-9&_gid=575121098.1604726837&_r=1&gtm=2ouas1&z=1497043212

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 07 Nov 2020 05:27:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://tr.im
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2020110401.js Show response
securepubads.g.doubleclick.net/gpt/ 277 KB
98 KB 83ms
49ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110401.js?21068461

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

9008854b291ccca39167cc572535eb078a759ce6f2b20d55bfaf7d3b66f993ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99491
x-xss-protection: 0
last-modified: Wed, 04 Nov 2020 09:40:09 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Nov 2020 05:27:17 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 195 B
402 B 37ms
36ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tr.im&callback=_gfp_s_&client=ca-pub-1229858928340193

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

08ee9fe6bbc56c2b3339a6e3c3f1a6cd8e4b6d749108418935896fbdedae3abd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 187
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tr.im

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 07 Nov 2020 05:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tr.im

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 07 Nov 2020 05:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame E574 0
0 27ms
26ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1229858928340193&output=html&adk=1812271804&adf=3025194257&lmt=1604726837&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Ftr.im%2F1Smrx&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604726837434&bpp=12&bdt=93&idt=121&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6510210023332&frm=20&pv=2&ga_vid=61910540.1604726837&ga_sid=1604726838&ga_hid=1344574179&ga_fc=0&iag=0&icsg=10410&dssz=17&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068434%2C21066706&oid=3&pvsid=3925707520373841&pem=781&ref=https%3A%2F%2Ftraffdaq.com%2Fdelivery%2Fdirectlink%2F47382%3Fhash%3DeyJpdiI6IkVCYWpKa0thN0xmYURMYkNxSTRQb1E9PSIsInZhbHVlIjoieVhFZkVQXC92Znl3NVwvbHVHYmZGQ3V4RFhhSDlFT1lNMDk1NDk5YVBNazZRUWE0MUVGZjdVTVJlUlp5NUVWRFRKanNRcDZSc1JWNXpaa3dENzBwdnhJakp4a29zU2xwcjZzNjBwU0N6SEYzODRjY0R1eXVJamFpOFhXTG9HY2tlV2lNZEhvaUVON1JkdDhTajBYTEFHWXE0eElXamZDZnVtNFcyZitCY3NRdWJrZ0ZodWRoMHdCaDJYSFByemFjYkZwWWp3QTIrc2hiS0oxakpxSjlqTDN2R3I5c2dlVlpPYlZnVkhnWlNQeU5KTTkyZHB3VE4yVkdkUUpFVEh6N3pLemRDQUMzem8xVUF4dllNY3JDdGtncGpLdUs0dTZLZ0w0d2c4WlFtY1lNRW0yaTFcL2NiK0E0RFlBMGcrMnlFZFoiLCJtYWMiOiI4ODM0NWEyNjA5OWFmOTExNWQzOTFlOGFiNTMyMjQ3MGRkZjFmZjIyN2MzN2U5MzVlYmJiZGI2NGE3MDk2NDI1In0%253D%26fp%3D66abd220fd1aeed21a48c2d9b60f0bf8&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=138

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1229858928340193&output=html&adk=1812271804&adf=3025194257&lmt=1604726837&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Ftr.im%2F1Smrx&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604726837434&bpp=12&bdt=93&idt=121&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6510210023332&frm=20&pv=2&ga_vid=61910540.1604726837&ga_sid=1604726838&ga_hid=1344574179&ga_fc=0&iag=0&icsg=10410&dssz=17&mdo=0&mso=0&u_tz=60&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068434%2C21066706&oid=3&pvsid=3925707520373841&pem=781&ref=https%3A%2F%2Ftraffdaq.com%2Fdelivery%2Fdirectlink%2F47382%3Fhash%3DeyJpdiI6IkVCYWpKa0thN0xmYURMYkNxSTRQb1E9PSIsInZhbHVlIjoieVhFZkVQXC92Znl3NVwvbHVHYmZGQ3V4RFhhSDlFT1lNMDk1NDk5YVBNazZRUWE0MUVGZjdVTVJlUlp5NUVWRFRKanNRcDZSc1JWNXpaa3dENzBwdnhJakp4a29zU2xwcjZzNjBwU0N6SEYzODRjY0R1eXVJamFpOFhXTG9HY2tlV2lNZEhvaUVON1JkdDhTajBYTEFHWXE0eElXamZDZnVtNFcyZitCY3NRdWJrZ0ZodWRoMHdCaDJYSFByemFjYkZwWWp3QTIrc2hiS0oxakpxSjlqTDN2R3I5c2dlVlpPYlZnVkhnWlNQeU5KTTkyZHB3VE4yVkdkUUpFVEh6N3pLemRDQUMzem8xVUF4dllNY3JDdGtncGpLdUs0dTZLZ0w0d2c4WlFtY1lNRW0yaTFcL2NiK0E0RFlBMGcrMnlFZFoiLCJtYWMiOiI4ODM0NWEyNjA5OWFmOTExNWQzOTFlOGFiNTMyMjQ3MGRkZjFmZjIyN2MzN2U5MzVlYmJiZGI2NGE3MDk2NDI1In0%253D%26fp%3D66abd220fd1aeed21a48c2d9b60f0bf8&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=138
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tr.im/1Smrx
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://tr.im/1Smrx

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 07 Nov 2020 05:27:17 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 07-Nov-2020 05:42:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sat, 07 Nov 2020 05:27:17 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b67b0772cddf8915ec85788e361a4331fbdcc4bcf7656b9d6aa4299b5b470f9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604665402527796"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27920
x-xss-protection: 0
expires: Sat, 07 Nov 2020 05:27:17 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 82ms
81ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3925707520373841&correlator=2760249124213223&output=ldjh&impl=fifs&adsid=NT&eid=21068461%2C21067448%2C21068031%2C21068418%2C21068441%2C21066706&vrg=2020110401&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201107&iu_parts=7421032%2Ctr.im_top_banner%2Ctr.im_300x250%2Ctr.im_intermediary_ad_unit&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x100%7C728x90%7C320x50%2C300x250%2C1x1&cookie=ID%3D8fe9c02ad9b5e326-222aff381eb9000a%3AT%3D1604726837%3ART%3D1604726837%3AS%3DALNI_MbSgDKxz2z4ovWeXnsJk9sOdt5wOw&bc=31&abxe=1&lmt=1604726837&dt=1604726837663&dlt=1604726837341&idt=305&frm=20&biw=1600&bih=1200&oid=3&adxs=640%2C650%2C0&adys=128%2C326%2C1473&adks=3911691608%2C2859235672%2C716300676&ucis=1%7C2%7C3&ifi=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftr.im%2F1Smrx&ref=https%3A%2F%2Ftraffdaq.com%2Fdelivery%2Fdirectlink%2F47382%3Fhash%3DeyJpdiI6IkVCYWpKa0thN0xmYURMYkNxSTRQb1E9PSIsInZhbHVlIjoieVhFZkVQXC92Znl3NVwvbHVHYmZGQ3V4RFhhSDlFT1lNMDk1NDk5YVBNazZRUWE0MUVGZjdVTVJlUlp5NUVWRFRKanNRcDZSc1JWNXpaa3dENzBwdnhJakp4a29zU2xwcjZzNjBwU0N6SEYzODRjY0R1eXVJamFpOFhXTG9HY2tlV2lNZEhvaUVON1JkdDhTajBYTEFHWXE0eElXamZDZnVtNFcyZitCY3NRdWJrZ0ZodWRoMHdCaDJYSFByemFjYkZwWWp3QTIrc2hiS0oxakpxSjlqTDN2R3I5c2dlVlpPYlZnVkhnWlNQeU5KTTkyZHB3VE4yVkdkUUpFVEh6N3pLemRDQUMzem8xVUF4dllNY3JDdGtncGpLdUs0dTZLZ0w0d2c4WlFtY1lNRW0yaTFcL2NiK0E0RFlBMGcrMnlFZFoiLCJtYWMiOiI4ODM0NWEyNjA5OWFmOTExNWQzOTFlOGFiNTMyMjQ3MGRkZjFmZjIyN2MzN2U5MzVlYmJiZGI2NGE3MDk2NDI1In0%253D%26fp%3D66abd220fd1aeed21a48c2d9b60f0bf8&dssz=18&icsg=534698&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x100%7C300x250%7C1600x1473&msz=1600x100%7C300x-1%7C1x-1&ga_vid=61910540.1604726837&ga_sid=1604726838&ga_hid=1344574179&fws=0%2C0%2C0&ohw=0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110401.js?21068461

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

fe1a5dbb8603ec4f9e887b96e10623d8163669abcbe89a08eabc91a303c7e15b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3122
x-xss-protection: 0
google-lineitem-id: 5459744855,5448126947,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138321056366,138319698993,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tr.im
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
399aba6bddef5cfe855941e2db9855ce.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 55ms
14ms Other
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://399aba6bddef5cfe855941e2db9855ce.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110401.js?21068461
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 45ms
32ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201104&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e5a174cc29ec4aae009ad041c97102dae4c9416b8e1db09ccf9a96c6d8d85be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 07 Nov 2020 05:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6419
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Sat, 07 Nov 2020 05:27:17 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame D984 0
0 34ms
20ms Document
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tr.im/1Smrx
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://tr.im/1Smrx

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Fri, 06 Nov 2020 23:42:10 GMT
expires: Sat, 06 Nov 2021 23:42:10 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 20707
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 container.html
399aba6bddef5cfe855941e2db9855ce.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame B7EE 0
0 35ms
21ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://399aba6bddef5cfe855941e2db9855ce.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110401.js?21068461

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 399aba6bddef5cfe855941e2db9855ce.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tr.im/1Smrx
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://tr.im/1Smrx

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sat, 07 Nov 2020 05:27:17 GMT
expires: Sun, 07 Nov 2021 05:27:17 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 container.html
399aba6bddef5cfe855941e2db9855ce.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame E156 0
0 31ms
21ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://399aba6bddef5cfe855941e2db9855ce.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110401.js?21068461

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 399aba6bddef5cfe855941e2db9855ce.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tr.im/1Smrx
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://tr.im/1Smrx

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sat, 07 Nov 2020 05:27:17 GMT
expires: Sun, 07 Nov 2021 05:27:17 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
87 B 15ms
15ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201104&jk=3925707520373841&bg=!lZallrbNAAXuKKZk7ljQWhDbPHz1sQIAAAB9UgAAABJoAQcKAQteWhDNQl5LBCwzMbabk422mnU3DE_0tfpmAY_WEtaC29ce28JsTt5ly4GpbXSyu6KCFXiREse43eWTKWg9jCvl6ZqXVwSEOzyIWnamxDhLJSlSJovVeCBCgNUtEFZYsu6Y-C-WZj2nXt_poZIMb8XP3YdJt4gt5TEFBqOtRsUzqwKBdNTVtjr5qUmUBfHblgbSnmm6YUIm3EWnTlBjqWe-aKpT8_tg5_R2OgFUryK13eUnZCCy3n8JK2iylwB4eJIppDblWSkG9tz5Kzf4cWIxgNOX7pfNVB1jhvwWDcxFgojLItfgHwwPC9G2vfwTQ7XJukgAgkWMQyhnZxts72ofS0Ggo1ocW3dOCcaZAa5CCPsTKcPirh1pZOm0r4IXPIgrst4ddwGK6nKo37SLNtzWOe4PmWIAClXft9-Oz2c0X4_swV3PDmaYcuRm0uixDg4KsWJhfa9GF52hsBTlrThuq9yTZ79SMOsfZxPrSYco3R5N7fAeu7Te8UONZvNc6aiU7lrRKGbROCK7jF7ISBZvzWvWHUiqht0Ct9o_G1IZmsparE4yQSSPaZ1-FJS-60a8BxNPDMa0RO2vhrJtGh0rA85IcvXYTGw08kcQA_aGNXq6NYYp4mci5GqHd-QcRM9_49xBQJjLhwgMl3iiiQuLKSJjW0WQxEVEH47-YP7nX7knzEZx5XrHmvGrQwC15L8mrU0sxzRzoK5zyK6ZXb0VLvgNRsGRm1nczVd0R05kc4d_6UVZR9f8BGQxRSX5XForOJbzQbAkQCPy9cDRN2yMKngK6F3duNvcWwfWffKx-78wkeddHQ3MqoPU3epSfrYgKGo5Te3G6pgs806ftaBhhmLfDNtHY5VVtoFOKHc97QiPu12P7v629a6Zmo6XR0n5VTDTn90lx1tLBEPQ3RRJ_UZSpJ78ptTCU7u_

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Nov 2020 05:27:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Primary Request ptp2.php Show response
traffic2bitcoin.com/ 11 KB
11 KB 294ms
274ms Document
text/html 23.95.12.219
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Requested by: Host: tr.im
URL: https://tr.im/1Smrx
Protocol: HTTP/1.1
Server: 23.95.12.219 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-95-12-219-host.colocrossing.com
Software: Apache /
Resource Hash: 821cdd9684fb5a7f7441199d77649a04288e77b21364ef00ae21eda2d665b379

Request headers

Host: traffic2bitcoin.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr

Response headers

Date: Sat, 07 Nov 2020 05:27:24 GMT
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 728x90-3.png
static1.freebitco.in/banners/ 43 KB
43 KB 113ms
41ms Image
image/webp 104.22.6.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.freebitco.in/banners/728x90-3.png
Requested by: Host: traffic2bitcoin.com
URL: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.6.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34058509083c58fb56d9130725742277e9afa612a4ed4eeafe0af53aa3fe9dda

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:27 GMT
cf-cache-status: HIT
age: 38923
cf-polished: origFmt=png, origSize=60358
status: 200
content-disposition: inline; filename="728x90-3.webp"
content-length: 43660
cf-request-id: 0642c5913a00009ca53b053000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 5ee4a52ece719ca5-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK E2791A0E3A08.gif
banners.mellowads.com/ads/ 70 KB
70 KB 30ms
10ms Image
image/gif 2606:4700::6810:e633
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.mellowads.com/ads/E2791A0E3A08.gif
Requested by: Host: traffic2bitcoin.com
URL: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78a627b0dfba71a9809353f0850d48f14b3ae2cde3740bf4f67af03189ab40e2

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 05:27:27 GMT
CF-Cache-Status: HIT
Age: 1028866
Cf-Polished: origSize=74392
Connection: keep-alive
Content-Length: 71407
cf-request-id: 0642c590f700002bf6b9a87000000001
Last-Modified: Sat, 23 May 2020 07:31:58 GMT
Server: cloudflare
ETag: "fd13ae3dd430d61:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
Expires: Tue, 08 Dec 2020 05:27:27 GMT
Cache-Control: public, max-age=2678400
Accept-Ranges: bytes
CF-RAY: 5ee4a52e59b12bf6-FRA
Cf-Bgj: imgq:100,h2pri

GET
H2 200 r728x90.png
i.ibb.co/cL9mYG1/ 76 KB
77 KB 111ms
32ms Image
image/png 51.210.112.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/cL9mYG1/r728x90.png
Requested by: Host: traffic2bitcoin.com
URL: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.210.112.130 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: 6603c538109d3bced0bce88937706f7ab8e0ca92da7f80b7cf7d67ac7da3f75b

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:27 GMT
last-modified: Wed, 29 Jul 2020 07:43:17 GMT
server: nginx
status: 200
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 78312
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 m728x90.png
i.ibb.co/BBkXQrR/ 108 KB
109 KB 141ms
63ms Image
image/png 51.210.112.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/BBkXQrR/m728x90.png
Requested by: Host: traffic2bitcoin.com
URL: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.210.112.130 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: e2a7eb82e4780a6b5698f54e07fd301c1caff62648ebae0eb859e25f7edc26f4

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:27 GMT
last-modified: Tue, 13 Oct 2020 09:03:37 GMT
server: nginx
status: 200
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 111057
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 f728x90.png
i.ibb.co/0XjNB78/ 50 KB
50 KB 154ms
76ms Image
image/png 51.210.112.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/0XjNB78/f728x90.png
Requested by: Host: traffic2bitcoin.com
URL: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.210.112.130 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: 741af75872947d598b9a5ae84d26dc28012f1292dd6d1515228804120c8dbbc9

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:27 GMT
last-modified: Mon, 15 Jun 2020 10:00:53 GMT
server: nginx
status: 200
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 50794
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 11DB7BDB82DF.gif
banners.mellowads.com/ads/ 136 KB
137 KB 31ms
13ms Image
image/gif 2606:4700::6810:e633
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.mellowads.com/ads/11DB7BDB82DF.gif
Requested by: Host: traffic2bitcoin.com
URL: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1e7d115e8b004c6840297a24d6440ef8900fbbef612317fb7ada5dabd5fb9a9

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 05:27:27 GMT
CF-Cache-Status: HIT
Age: 1547559
Cf-Polished: origSize=144866
Connection: keep-alive
Content-Length: 139227
cf-request-id: 0642c590f70000befba215d000000001
Last-Modified: Sat, 23 May 2020 07:27:30 GMT
Server: cloudflare
ETag: "e1164b9ed330d61:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
Expires: Tue, 08 Dec 2020 05:27:27 GMT
Cache-Control: public, max-age=2678400
Accept-Ranges: bytes
CF-RAY: 5ee4a52e5abfbefb-FRA
Cf-Bgj: imgq:100,h2pri

GET
H2 200 d728x90b.png
i.ibb.co/jzJztRZ/ 107 KB
108 KB 154ms
76ms Image
image/png 51.210.112.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/jzJztRZ/d728x90b.png
Requested by: Host: traffic2bitcoin.com
URL: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.210.112.130 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: cb131bb62e2ccf8ee990eaa4d51b7a9510e10197cac137dcd0064b9007cf9b8e

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:27 GMT
last-modified: Tue, 13 Oct 2020 09:05:11 GMT
server: nginx
status: 200
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 109953
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 s728x90.png
i.ibb.co/Qv2jnyJ/ 102 KB
103 KB 155ms
77ms Image
image/png 51.210.112.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/Qv2jnyJ/s728x90.png
Requested by: Host: traffic2bitcoin.com
URL: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.210.112.130 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: c37e694d627db379afc564ea410ee322898ecf835d5d4da2f1d30ab9d59caab4

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:27 GMT
last-modified: Thu, 06 Aug 2020 10:21:39 GMT
server: nginx
status: 200
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 104940
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 60FA6DE30174.png
mellowads.com/ads/ 80 KB
81 KB 29ms
11ms Image
image/png 2606:4700::6810:e633
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mellowads.com/ads/60FA6DE30174.png
Requested by: Host: traffic2bitcoin.com
URL: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 803f4072269cdbaa340393862990b7107b65244a18fb7cd3cb6247d8dc8ad0d1

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 05:27:27 GMT
CF-Cache-Status: HIT
Age: 261170
Cf-Polished: origSize=102299
Connection: keep-alive
Content-Length: 81957
cf-request-id: 0642c590f60000177214b66000000001
Last-Modified: Sat, 23 May 2020 07:33:39 GMT
Server: cloudflare
ETag: "9649377ad430d61:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Expires: Tue, 08 Dec 2020 05:27:27 GMT
Cache-Control: public, max-age=2678400
Accept-Ranges: bytes
CF-RAY: 5ee4a52e5b4c1772-FRA
Cf-Bgj: imgq:100,h2pri

GET
H2 200 ad728x90.png
i.ibb.co/9pcHHqk/ 65 KB
65 KB 154ms
77ms Image
image/png 51.210.112.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/9pcHHqk/ad728x90.png
Requested by: Host: traffic2bitcoin.com
URL: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.210.112.130 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: e2be08c73296f0105502da8b4aa47ba088693953e5370ac65ab324485f1273ce

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:27 GMT
last-modified: Mon, 15 Jun 2020 10:06:47 GMT
server: nginx
status: 200
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 66356
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 728x90.gif
bitfun.co/img/ 49 KB
49 KB 29ms
13ms Image
image/gif 2606:4700:3036::681b:9074
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bitfun.co/img/728x90.gif
Requested by: Host: traffic2bitcoin.com
URL: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:9074 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5868bd0130f58ea07ba254dbd66bd8d3d371c569dea8b214fb9676f57de7693d

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:27 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4946
x-powered-by: ASP.NET
status: 200
content-length: 49843
cf-request-id: 0642c59118000005bf42191000000001
last-modified: Wed, 13 Mar 2019 03:58:26 GMT
server: cloudflare
etag: "9f1ccb251d9d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NycaQ9eKzNOARBdZifA%2B1Cdb47NNUi3mFTZcdi4N77sDbYv4isCHmgfLZ%2BFdSZrZc9GdEAkAuoOEV7OT4YGS6Oc1dc8HpZfn3Cs4fVTdP1A9Bt7RX80%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ee4a52e883505bf-FRA

GET
H2 200 h728x90.gif
i.ibb.co/g9sBN6W/ 141 KB
142 KB 61ms
60ms Image
image/gif 51.210.112.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/g9sBN6W/h728x90.gif
Requested by: Host: traffic2bitcoin.com
URL: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.210.112.130 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: 84546f0ab3f5f7da3ebb16f73f622abae6a7699dc94ff5449f70b3c8cf41f78d

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:27 GMT
last-modified: Mon, 15 Jun 2020 10:08:17 GMT
server: nginx
status: 200
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 144565
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 link728x90.png
i.ibb.co/bJ5C1wZ/ 102 KB
102 KB 61ms
60ms Image
image/png 51.210.112.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/bJ5C1wZ/link728x90.png
Requested by: Host: traffic2bitcoin.com
URL: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.210.112.130 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: 2db6b5b91ca781cd9ba4a99b281e7b75e66c8a5778e3b8c130c1a62869bd8b25

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:27 GMT
last-modified: Mon, 15 Jun 2020 10:09:07 GMT
server: nginx
status: 200
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 104584
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 f728x90.png
i.ibb.co/Fgv9sbb/ 132 KB
132 KB 61ms
60ms Image
image/png 51.210.112.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/Fgv9sbb/f728x90.png
Requested by: Host: traffic2bitcoin.com
URL: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.210.112.130 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: 4e0e4ad5094039227b091cbb9403e792df4f500276f5835f3adf8c50148430ec

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:27 GMT
last-modified: Mon, 15 Jun 2020 10:09:50 GMT
server: nginx
status: 200
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 134886
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 t728.png
i.ibb.co/YjYhhkC/ 131 KB
132 KB 61ms
60ms Image
image/png 51.210.112.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/YjYhhkC/t728.png
Requested by: Host: traffic2bitcoin.com
URL: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.210.112.130 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: f04a2f3be7e93f3ab8ac0bcf917c4c756f7b4457b91c7d929f0c7ff73817b6e6

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 05:27:27 GMT
last-modified: Mon, 15 Jun 2020 09:54:21 GMT
server: nginx
status: 200
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 134485
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK E9F8C9437515.png
banners.mellowads.com/ads/ 74 KB
74 KB 13ms
12ms Image
image/png 2606:4700::6810:e633
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.mellowads.com/ads/E9F8C9437515.png
Requested by: Host: traffic2bitcoin.com
URL: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d84cca4c9100653c313a5671f77ac2a8ed93d1001c6d87b0cc0c74ad55f86af

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 05:27:27 GMT
CF-Cache-Status: HIT
Age: 353952
Cf-Polished: origSize=90060
Connection: keep-alive
Content-Length: 75471
cf-request-id: 0642c5910800002bf6d200e000000001
Last-Modified: Sat, 23 May 2020 07:42:01 GMT
Server: cloudflare
ETag: "21d88fa5d530d61:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Expires: Tue, 08 Dec 2020 05:27:27 GMT
Cache-Control: public, max-age=2678400
Accept-Ranges: bytes
CF-RAY: 5ee4a52e79cc2bf6-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK 6C1CEBEAA0D2.png
banners.mellowads.com/ads/ 85 KB
86 KB 23ms
15ms Image
image/png 2606:4700::6810:e633
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.mellowads.com/ads/6C1CEBEAA0D2.png
Requested by: Host: traffic2bitcoin.com
URL: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 268cf95764841def3077f478f57796f09e8cfc099254164ae107867753bbe551

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 05:27:27 GMT
CF-Cache-Status: HIT
Age: 57
Cf-Polished: origSize=101603
Connection: keep-alive
Content-Length: 87534
cf-request-id: 0642c5910f0000befbbb960000000001
Last-Modified: Sat, 23 May 2020 07:42:53 GMT
Server: cloudflare
ETag: "d3617c4d530d61:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Expires: Tue, 08 Dec 2020 05:27:27 GMT
Cache-Control: public, max-age=2678400
Accept-Ranges: bytes
CF-RAY: 5ee4a52e7ac4befb-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK 96BAD57AE947.png
banners.mellowads.com/ads/ 95 KB
96 KB 27ms
15ms Image
image/png 2606:4700::6810:e633
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.mellowads.com/ads/96BAD57AE947.png
Requested by: Host: traffic2bitcoin.com
URL: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb646fb5f3f6645b828c86273daccbba656cc5b178ea931314e08814d888ee50

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 05:27:27 GMT
CF-Cache-Status: HIT
Age: 98285
Cf-Polished: origSize=124153
Connection: keep-alive
Content-Length: 97266
cf-request-id: 0642c591130000073e5081f000000001
Last-Modified: Sat, 23 May 2020 07:42:44 GMT
Server: cloudflare
ETag: "7c86f5bed530d61:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Expires: Tue, 08 Dec 2020 05:27:27 GMT
Cache-Control: public, max-age=2678400
Accept-Ranges: bytes
CF-RAY: 5ee4a52e8c38073e-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK A6BCB68E783C.png
banners.mellowads.com/ads/ 39 KB
40 KB 26ms
13ms Image
image/png 2606:4700::6810:e633
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.mellowads.com/ads/A6BCB68E783C.png
Requested by: Host: traffic2bitcoin.com
URL: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 252a09ec0e87fbd4430d70fa7b4bd17d9860b945cda93e257ba1725c1993f3c4

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 05:27:27 GMT
CF-Cache-Status: HIT
Age: 57
Cf-Polished: origSize=50114
Connection: keep-alive
Content-Length: 40142
cf-request-id: 0642c591140000dfe78c930000000001
Last-Modified: Sat, 23 May 2020 07:53:58 GMT
Server: cloudflare
ETag: "be71ed50d730d61:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Expires: Tue, 08 Dec 2020 05:27:27 GMT
Cache-Control: public, max-age=2678400
Accept-Ranges: bytes
CF-RAY: 5ee4a52e8abfdfe7-FRA
Cf-Bgj: imgq:100,h2pri

GET
H/1.1 200
OK adincm.php
ad2bitcoin.com/ Frame 2635 0
0 424ms
146ms Document
text/html 23.95.12.219
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2bitcoin.com/adincm.php?ref=ad2btc&width=728
Requested by: Host: traffic2bitcoin.com
URL: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.95.12.219 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-95-12-219-host.colocrossing.com
Software: Apache /
Resource Hash

Request headers

Host: ad2bitcoin.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click

Response headers

Date: Sat, 07 Nov 2020 05:27:25 GMT
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK qlt.php Show response
traffic2bitcoin.com/ Frame 61AF 1 KB
1 KB 342ms
323ms Document
text/html 23.95.12.219
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: http://traffic2bitcoin.com/qlt.php?ref=lamyaeA&keycode=7402&type=
Requested by: Host: traffic2bitcoin.com
URL: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Protocol: HTTP/1.1
Server: 23.95.12.219 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-95-12-219-host.colocrossing.com
Software: Apache /
Resource Hash: 6dc31224cc1913cb4c9ab3d6e136ea03da2e6c26b40bcbdd8828073fa488e1b3

Request headers

Host: traffic2bitcoin.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://traffic2bitcoin.com/ptp2.php?ref=lamyaeA&utm_source=tr.im&utm_medium=traffdaq.com&utm_campaign=tr.im%2F1Smrx&utm_content=link_click

Response headers

Date: Sat, 07 Nov 2020 05:27:24 GMT
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 /
lovemetome123456789.blogspot.com/ Frame A2D6 0
0 167ms
148ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lovemetome123456789.blogspot.com/

Requested by

Host: traffic2bitcoin.com
URL: http://traffic2bitcoin.com/qlt.php?ref=lamyaeA&keycode=7402&type=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: lovemetome123456789.blogspot.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://traffic2bitcoin.com/qlt.php?ref=lamyaeA&keycode=7402&type=
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://traffic2bitcoin.com/qlt.php?ref=lamyaeA&keycode=7402&type=

Response headers

status: 200
content-type: text/html; charset=UTF-8
expires: Sat, 07 Nov 2020 05:27:28 GMT
date: Sat, 07 Nov 2020 05:27:28 GMT
cache-control: private, max-age=0
last-modified: Fri, 06 Nov 2020 04:59:06 GMT
etag: W/"46268744ba4ecc22a68bf14d9eb91139998f786fa38bfd9b303f9bc953b520c9"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 25417
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.qtrex.io/ Frame ADA1 0
0 391ms
367ms Document
text/html 2606:4700:3036::6812:29ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.qtrex.io/?easymoney
Requested by: Host: traffic2bitcoin.com
URL: http://traffic2bitcoin.com/qlt.php?ref=lamyaeA&keycode=7402&type=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:29ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: www.qtrex.io
:scheme: https
:path: /?easymoney
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://traffic2bitcoin.com/qlt.php?ref=lamyaeA&keycode=7402&type=
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://traffic2bitcoin.com/qlt.php?ref=lamyaeA&keycode=7402&type=

Response headers

status: 200
date: Sat, 07 Nov 2020 05:27:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d360df81299b4d735b2c20300ebe0931b1604726848; expires=Mon, 07-Dec-20 05:27:28 GMT; path=/; domain=.qtrex.io; HttpOnly; SameSite=Lax PHPSESSID=km3ka0a1gvqfqlcv7tjeo36o01; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 0642c5925e00001456bf32a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9Jg5DkHXCICy8ErfRRoCy2lRv9w6Wi22EdUB0nUmP8huC5OsMqf0OPV8lzKO6sZPk1%2FFyxztd2qPOqODB%2Bd4z2KKyktoHggSdvFE%2B2L2ZpBinH6BW74KqJI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5ee4a53098801456-FRA
content-encoding: br

GET /
www.gab.ag/ Frame DCD6 0
0

GET
H2 200 /
www.gab.ag/ Frame 635A 0
0 194ms
174ms Document
text/html 2606:4700:20::ac43:4526
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gab.ag/
Requested by: Host: traffic2bitcoin.com
URL: http://traffic2bitcoin.com/qlt.php?ref=lamyaeA&keycode=7402&type=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: www.gab.ag
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://traffic2bitcoin.com/qlt.php?ref=lamyaeA&keycode=7402&type=
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://traffic2bitcoin.com/qlt.php?ref=lamyaeA&keycode=7402&type=

Response headers

status: 200
date: Sat, 07 Nov 2020 05:27:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=da680a8cd28ece338badf6732bd98ce401604726848; expires=Mon, 07-Dec-20 05:27:28 GMT; path=/; domain=.gab.ag; HttpOnly; SameSite=Lax evo_session=9vdl6e8v3jlilefb0vot8hriqgdqcv1o; expires=Sat, 07-Nov-2020 07:27:28 GMT; Max-Age=7200; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 0642c5925d00002b12e9be1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gj9jKkgO5kj7Grm5X2RY36sVGlFlFOcN3QFD%2Few3TNHTL%2BukuOCZUUOmCtUWD%2Fn%2BUwONxaRqrpQ%2B6qB5c97dqH%2Bktdd%2Fr0LR8VLQ3Zve7rvRJlGnCD%2Bb"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5ee4a53099622b12-FRA
content-encoding: br

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.gab.ag
URL: https://www.gab.ag/

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| trustedTypes

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tr.im/	1970-01-19 23:07:02	Name: __gads Value: ID=8fe9c02ad9b5e326-222aff381eb9000a:T=1604726837:RT=1604726837:S=ALNI_MbSgDKxz2z4ovWeXnsJk9sOdt5wOw
.tr.im/	1970-01-19 13:45:26	Name: _gat_gtag_UA_139146315_9 Value: 1
.doubleclick.net/	1970-01-19 13:45:27	Name: test_cookie Value: CheckForPermission
.tr.im/	1970-01-19 13:46:53	Name: _gid Value: GA1.2.575121098.1604726837
.tr.im/	1970-01-19 13:45:28	Name: __cf_bm Value: 0b1af9f5c71ac4ebe106921dd8994b192a1a5e76-1604726837-1800-AWKur1UzzqtCCYt7iu32/fMW00U6RP/QHwe3yutFyH2eYrh1sN+X0xqlW68LVhPnMp+L8Y5TB5MSbFDICI/irbo=
.tr.im/	1970-01-20 07:16:38	Name: _ga Value: GA1.2.61910540.1604726837
.tr.im/	1970-01-19 14:28:38	Name: __cfduid Value: d1dbf4c07f61c49c6d26374872f8dc08f1604726835

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

399aba6bddef5cfe855941e2db9855ce.safeframe.googlesyndication.com
a.realsrv.com
ad2bitcoin.com
adservice.google.com
adservice.google.de
banners.mellowads.com
bitfun.co
c.securepaths.com
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ibb.co
lovemetome123456789.blogspot.com
mellowads.com
pagead2.googlesyndication.com
partner.googleadservices.com
securepubads.g.doubleclick.net
speedflow.io
stackpath.bootstrapcdn.com
static1.freebitco.in
syndication.realsrv.com
tpc.googlesyndication.com
tr.im
traffdaq.com
traffic2bitcoin.com
www.gab.ag
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.qtrex.io
www.gab.ag
104.22.6.169
107.170.39.103
198.54.116.135
2001:4de0:ac19::1:b:1b
2001:4de0:ac19::1:b:2a
216.58.212.130
23.95.12.219
2606:4700:20::ac43:4526
2606:4700:3032::681b:a2f8
2606:4700:3036::6812:29ac
2606:4700:3036::681b:9074
2606:4700::6810:e633
2a00:1450:4001:802::2001
2a00:1450:4001:803::2008
2a00:1450:4001:803::200e
2a00:1450:4001:806::2001
2a00:1450:4001:814::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:81f::2002
2a00:1450:4001:820::200a
2a00:1450:4001:821::2001
2a00:1450:4001:825::2001
2a04:4e42:3::621
35.190.72.161
51.210.112.130
95.211.229.245
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08ee9fe6bbc56c2b3339a6e3c3f1a6cd8e4b6d749108418935896fbdedae3abd
1beb66b991b5c3969319e77b3adc1242300fe43ae26c61d1f384d7c60b153b28
22f38713e3cb086adc05ce7b3f126b1a3c18d0bd120bafd17c85117de81741b8
252a09ec0e87fbd4430d70fa7b4bd17d9860b945cda93e257ba1725c1993f3c4
268cf95764841def3077f478f57796f09e8cfc099254164ae107867753bbe551
2db6b5b91ca781cd9ba4a99b281e7b75e66c8a5778e3b8c130c1a62869bd8b25
317b57b8207135b3223181d14cf2e213bf0b7a0050a3e2f92a48c26f13703365
34058509083c58fb56d9130725742277e9afa612a4ed4eeafe0af53aa3fe9dda
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4e0e4ad5094039227b091cbb9403e792df4f500276f5835f3adf8c50148430ec
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
5868bd0130f58ea07ba254dbd66bd8d3d371c569dea8b214fb9676f57de7693d
6603c538109d3bced0bce88937706f7ab8e0ca92da7f80b7cf7d67ac7da3f75b
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7f29acf469b827458ac06df9770566acd39457fad216b391a15d4c8c7c8663
6dc31224cc1913cb4c9ab3d6e136ea03da2e6c26b40bcbdd8828073fa488e1b3
741af75872947d598b9a5ae84d26dc28012f1292dd6d1515228804120c8dbbc9
75f1bf9b3498254922933f1f596891d8ba0061d15e450e9dbdae5282a9707ce6
78a627b0dfba71a9809353f0850d48f14b3ae2cde3740bf4f67af03189ab40e2
803f4072269cdbaa340393862990b7107b65244a18fb7cd3cb6247d8dc8ad0d1
821cdd9684fb5a7f7441199d77649a04288e77b21364ef00ae21eda2d665b379
8234f5e5b2933912bf30cbcff6aade9d5f5a2dbe15d44937c13b46090d1f1498
84546f0ab3f5f7da3ebb16f73f622abae6a7699dc94ff5449f70b3c8cf41f78d
8d84cca4c9100653c313a5671f77ac2a8ed93d1001c6d87b0cc0c74ad55f86af
8e5a174cc29ec4aae009ad041c97102dae4c9416b8e1db09ccf9a96c6d8d85be
9008854b291ccca39167cc572535eb078a759ce6f2b20d55bfaf7d3b66f993ff
a3120d4bddcbcde8e4f0e0088646c6ab2c06e11d21257d238748f6ac76c51417
a6d00421703479478838ab557ed3ed0785c83227cbd7a2e1528f347c752b9180
b67b0772cddf8915ec85788e361a4331fbdcc4bcf7656b9d6aa4299b5b470f9e
c37e694d627db379afc564ea410ee322898ecf835d5d4da2f1d30ab9d59caab4
cb131bb62e2ccf8ee990eaa4d51b7a9510e10197cac137dcd0064b9007cf9b8e
cb646fb5f3f6645b828c86273daccbba656cc5b178ea931314e08814d888ee50
cf790a72c84b2fa4c7329a4fb2fce74fc0766dc0280344ca67e77b8e7457f1cd
d3f814d49049b29143de2fccdbd97d0a1f0739e2554c482684c7c906b535ea43
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
e2a7eb82e4780a6b5698f54e07fd301c1caff62648ebae0eb859e25f7edc26f4
e2be08c73296f0105502da8b4aa47ba088693953e5370ac65ab324485f1273ce
e3a2ed372eb25f036218e1cf130657ba79eff86384c1292bb16c95e4d34af5d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e64fa64dd0085dcef2835f8c502ff22a9852e0f4a51f079fe5b5dbadd4cba4b8
e83b2cdd58cbb5bc2b28882b64aa965231f491804d497999763ba8df84282910
f04a2f3be7e93f3ab8ac0bcf917c4c756f7b4457b91c7d929f0c7ff73817b6e6
f1e7d115e8b004c6840297a24d6440ef8900fbbef612317fb7ada5dabd5fb9a9
fe1a5dbb8603ec4f9e887b96e10623d8163669abcbe89a08eabc91a303c7e15b

traffic2bitcoin.com Open in urlscan Pro 23.95.12.219 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

89 %HTTPS

69 %IPv6

26 Domains

31 Subdomains

27 IPs

5 Countries

2136 kBTransfer

2882 kBSize

7 Cookies

22 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

traffic2bitcoin.com Open in urlscan Pro
23.95.12.219 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

89 %
HTTPS

69 %
IPv6

26
Domains

31
Subdomains

27
IPs

5
Countries

2136 kB
Transfer

2882 kB
Size

7
Cookies

65 HTTP transactions
0 data transactions