www.armpitgirls.com Open in urlscan Pro
216.172.184.35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://speedflow.io/adult/?a=rr
Effective URL:
http://www.armpitgirls.com/?utm_source=traffdaq&utm_medium=popunder&utm_campaign=traffdaq-9-14-14
Submission Tags: demotag1 demotag2 Search All
Submission: On November 07 via api (November 7th 2020, 6:35:03 am UTC) from US

Summary HTTP 21 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 21 HTTP transactions. The main IP is 216.172.184.35, located in Houston, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.armpitgirls.com.

This is the only time www.armpitgirls.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	198.54.116.135 198.54.116.135	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	95.211.229.247 95.211.229.247	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	162.213.255.36 162.213.255.36	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 4	107.170.39.103 107.170.39.103	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	35.190.72.161 35.190.72.161	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
7	216.172.184.35 216.172.184.35	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	108.167.140.197 108.167.140.197	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1 2	91.216.104.91 91.216.104.91	25525 (REASONNET...) (REASONNET-AS Amsterdam)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
21	11

1 198.54.116.135 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server193-5.web-hosting.com

speedflow.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

a.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.229.247 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.213.255.36 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server145-4.web-hosting.com

manyhit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.170.39.103 (New York, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

traffdaq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.161 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com

c.securepaths.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.172.184.35 (Houston, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 216-172-184-35.unifiedlayer.com

www.armpitgirls.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.167.140.197 (Houston, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: mail.discovercit.com

www.ballbustingpornstars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.216.104.91 (Netherlands) 1 redirects

ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL)
PTR: am-lb-ext-001.funix.nl

www.freeones.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	armpitgirls.com www.armpitgirls.com	294 KB
4	traffdaq.com 1 redirects traffdaq.com	4 KB
2	google-analytics.com www.google-analytics.com	17 KB
2	freeones.com 1 redirects www.freeones.com	30 KB
2	ballbustingpornstars.com www.ballbustingpornstars.com	104 KB
2	realsrv.com a.realsrv.com syndication.realsrv.com	1 KB
1	jsdelivr.net cdn.jsdelivr.net	10 KB
1	securepaths.com c.securepaths.com
1	manyhit.com manyhit.com
1	speedflow.io speedflow.io	1 KB
21	10

	Domain	Requested by
7	www.armpitgirls.com	traffdaq.com www.armpitgirls.com
4	traffdaq.com	1 redirects speedflow.io traffdaq.com
2	www.google-analytics.com	www.armpitgirls.com
2	www.freeones.com	1 redirects www.armpitgirls.com
2	www.ballbustingpornstars.com	www.armpitgirls.com
1	cdn.jsdelivr.net	traffdaq.com
1	c.securepaths.com	traffdaq.com
1	manyhit.com	speedflow.io
1	syndication.realsrv.com	a.realsrv.com
1	a.realsrv.com	speedflow.io
1	speedflow.io
21	11

This site contains links to these domains. Also see Links.

Domain
www.ballbustingpornstars.com
www.dickflashvideos.com
www.trannyfacesitting.com
www.girlpits.com
www.porninspector.com
www.brutalfootdomination.com
www.freeones.com
www.fetishgirls.com

Subject Issuer	Validity	Valid
realsrv.com Let's Encrypt Authority X3	`2020-10-26` - `2021-01-24`	3 months	crt.sh
traffdaq.com Let's Encrypt Authority X3	`2020-10-31` - `2021-01-29`	3 months	crt.sh
*.securepaths.com Let's Encrypt Authority X3	`2020-09-22` - `2020-12-21`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
*.freeones.com RapidSSL TLS RSA CA G1	`2018-09-26` - `2020-11-24`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh

This page contains 3 frames:

Primary Page: http://www.armpitgirls.com/?utm_source=traffdaq&utm_medium=popunder&utm_campaign=traffdaq-9-14-14
Frame ID: F32D32C50337336A628BE8087A43050D
Requests: 19 HTTP requests in this frame

Frame: http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604730881217&sub=&tags=&screen_resolution=1600x1200&el=%22
Frame ID: 20A27D56E68AA7DC6B7E9B4EBAF36C12
Requests: 1 HTTP requests in this frame

Frame: http://manyhit.com/autosurf_if.php?user=speedflow
Frame ID: 5FC7A8EDF0937CD8A66199FBDAA5AB4A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://speedflow.io/adult/?a=rr Page URL
http://traffdaq.com/delivery/dl/47382?category=gay_dating HTTP 301
https://traffdaq.com/delivery/dl/47382?category=gay_dating Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InBNTDE1bzhNQk52dWZzNyt0Yzh0VWc9PSIsI... Page URL
http://www.armpitgirls.com/?utm_source=traffdaq&utm_medium=popunder&utm_campaign=traffdaq-9-14-14 Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

21
Requests

43 %
HTTPS

27 %
IPv6

10
Domains

11
Subdomains

11
IPs

4
Countries

461 kB
Transfer

524 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://www.ballbustingpornstars.com/femdom-ballbusting.html
Title: Ballbusting Pornstars

Search URL Search Domain Scan URL

URL: http://www.dickflashvideos.com/

Search URL Search Domain Scan URL

URL: http://www.trannyfacesitting.com/?nats=MTgzLjQwLjE1NS41NDkuMC4wLjAuMC4w
Title: Tranny Facesitting

Search URL Search Domain Scan URL

URL: http://www.girlpits.com/?utm_source=armpitgirls&utm_medium=affiliate&utm_content=front-page-banner&utm_campaign=armpitgirls-link-trade-10-13-13
Title: Girlpits.com - Armpit Fetish Forums

Search URL Search Domain Scan URL

URL: http://www.porninspector.com/reviews/review/armpit-girls/
Title: Porn Inspector ArmpitGirls.com Website Review

Search URL Search Domain Scan URL

URL: http://www.trannyfacesitting.com/
Title: Tranny Facesitting and Shemale Domination

Search URL Search Domain Scan URL

URL: http://www.brutalfootdomination.com/
Title: Brutal Foot Domination

Search URL Search Domain Scan URL

URL: http://www.freeones.com/
Title: Freeones - Free Sex Photos

Search URL Search Domain Scan URL

URL: http://www.fetishgirls.com/custom-fetish-videos

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://speedflow.io/adult/?a=rr Page URL
http://traffdaq.com/delivery/dl/47382?category=gay_dating HTTP 301
https://traffdaq.com/delivery/dl/47382?category=gay_dating Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InBNTDE1bzhNQk52dWZzNyt0Yzh0VWc9PSIsInZhbHVlIjoiZXllY0VWcTNaK3luWEZZRUM0VjNuSWZrblhMYWZLTVp2dndzUHZQRFl0dTQ0T0pUWGtrSmhYam4rQkVEMllUbmZwQmZxb1RtXC9DTlJESEZQQitiaXFGeGFscWcyWktwNktNRTZPZHR5WUxMc2FweG1XVFlBMFMzc0FDOVlaVVkxaGFNTGNlNE9ESm8weEwxUXFIR3k5SFJQa29pTW0wZ3M4aHNRTHNmeVA3alA2QWFaMEFZUFE0SUV1anhMVzViQjJPNFZNakgrNzNwTWZNZ3hrZlQrQmNLaUhiQzNtZmpSQ0tCQm02ZENCNU5GNWU2ejVxSXg3djJZSHpvdlwvZUZsdkFXU0dPOXFcL0NmdTdIRGhXS1k3dEs4dUQ2RjBcL0J3SGFpZ0VwUytQQWNVQkFDYlR2SUhkaUpEUk4zRURZQWJIIiwibWFjIjoiM2MwN2NlZjJkMDc5NzkyNzZmOWVkZWM5MTg4NmUzNzM5NDE5ZTgxNTgwZTg1MTgyZGVmYzhkNGI3MWI5MDA1NyJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8 Page URL
http://www.armpitgirls.com/?utm_source=traffdaq&utm_medium=popunder&utm_campaign=traffdaq-9-14-14 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://traffdaq.com/delivery/dl/47382?category=gay_dating HTTP 301
https://traffdaq.com/delivery/dl/47382?category=gay_dating

Request Chain 16

http://www.freeones.com/webmasters/banners/freeones2.png HTTP 302
https://www.freeones.com/webmasters/banners/freeones2.png

Request Chain 17

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 19

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=935672767&utmhn=www.armpitgirls.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Armpit%20Licking%2C%20Smelling%2C%20and%20Underarm%20Cumshots%20-%20Armpit%20Fetish%20Videos%20and%20Photos&utmhid=1527025274&utmr=-&utmp=%2F%3Futm_source%3Dtraffdaq%26utm_medium%3Dpopunder%26utm_campaign%3Dtraffdaq-9-14-14&utmht=1604730885684&utmac=UA-2468350-14&utmcc=__utma%3D261828573.1425355705.1604730886.1604730886.1604730886.1%3B%2B__utmz%3D261828573.1604730886.1.1.utmcsr%3Dtraffdaq%7Cutmccn%3Dtraffdaq-9-14-14%7Cutmcmd%3Dpopunder%3B&utmjid=861884256&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=935672767&utmhn=www.armpitgirls.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Armpit%20Licking%2C%20Smelling%2C%20and%20Underarm%20Cumshots%20-%20Armpit%20Fetish%20Videos%20and%20Photos&utmhid=1527025274&utmr=-&utmp=%2F%3Futm_source%3Dtraffdaq%26utm_medium%3Dpopunder%26utm_campaign%3Dtraffdaq-9-14-14&utmht=1604730885684&utmac=UA-2468350-14&utmcc=__utma%3D261828573.1425355705.1604730886.1604730886.1604730886.1%3B%2B__utmz%3D261828573.1604730886.1.1.utmcsr%3Dtraffdaq%7Cutmccn%3Dtraffdaq-9-14-14%7Cutmcmd%3Dpopunder%3B&utmjid=861884256&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
speedflow.io/adult/ 1 KB
1 KB 215ms
214ms Document
text/html 198.54.116.135
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Server: 198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server193-5.web-hosting.com
Software: Apache / PHP/7.1.33
Resource Hash: 7afb38c473556d432997a7618c2e2eb307204c6b91f417adda265e6259ad9df8

Request headers

Host: speedflow.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr

Response headers

date: Sat, 07 Nov 2020 06:34:41 GMT
server: Apache
x-powered-by: PHP/7.1.33
set-cookie: visits_todaya=1; expires=Sat, 07-Nov-2020 22:59:00 GMT; Max-Age=59059; path=/ time_start=1604730881.0906; expires=Sat, 07-Nov-2020 22:59:00 GMT; Max-Age=59059; path=/ ip=185.156.175.187 mobile=0 country=GB visits_todayi=0; expires=Sat, 07-Nov-2020 22:59:00 GMT; Max-Age=59059; path=/
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
content-length: 547
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK ads.js Show response
a.realsrv.com/ 2 KB
1 KB 19ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://a.realsrv.com/ads.js
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: d3f814d49049b29143de2fccdbd97d0a1f0739e2554c482684c7c906b535ea43

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 06:34:41 GMT
Content-Encoding: gzip
X-HW: 1604730881.dop235.fr8.shc,1604730881.dop235.fr8.t,1604730881.cds129.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 928

GET
H/1.1 200
OK Cookie set ads-iframe-display.php
syndication.realsrv.com/ Frame 20A2 0
0 114ms
76ms Document
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604730881217&sub=&tags=&screen_resolution=1600x1200&el=%22
Requested by: Host: a.realsrv.com
URL: https://a.realsrv.com/ads.js
Protocol: HTTP/1.1
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: syndication.realsrv.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

Server: nginx
Date: Sat, 07 Nov 2020 06:34:41 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225fa640014a9820.901581282527336170%22%3B%7D; expires=Mon, 07 Nov 2022 06:34:41 GMT; path=; domain=.realsrv.com;
Content-Encoding: gzip

GET
H/1.1 200
OK autosurf_if.php
manyhit.com/ Frame 5FC7 0
0 218ms
218ms Document
text/html 162.213.255.36
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://manyhit.com/autosurf_if.php?user=speedflow
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Server: 162.213.255.36 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server145-4.web-hosting.com
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Host: manyhit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

date: Sat, 07 Nov 2020 06:34:41 GMT
server: Apache
x-powered-by: PHP/5.4.45
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=911cb01530c45f6f7dcb7f2d2751c31d; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 1210
content-type: text/html

GET
H/1.1

200
OK

47382 Show response
traffdaq.com/delivery/dl/
Redirect Chain

http://traffdaq.com/delivery/dl/47382?category=gay_dating
https://traffdaq.com/delivery/dl/47382?category=gay_dating

3 KB
2 KB

528ms
250ms

Document
text/html

107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/dl/47382?category=gay_dating
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: b620124e6ae3f331a989b2090f827bbe8a944774184542e989db083b42f3de1b

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/adult/?a=rr

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Sat, 07 Nov 2020 06:34:41 GMT
Content-Encoding: gzip

Redirect headers

Content-length: 0
Location: https://traffdaq.com/delivery/dl/47382?category=gay_dating
Connection: close

GET
H/1.1 200
OK eyJpdiI6ImQxeDVZakRSRjJJTnJvazhCM1lScFE9PSIsInZhbHVlIjoiTzhKaGpOc2haZHhZR0xEK1h0TWlRZ0FRNEUwNVwvTTltUTdDOTB3MjlWVWFnaXo1bVdEM3dNMUpRTFlzakVpaVl0U2xjcUpTcTRvdk5ydURJYlBKQzd3PT0iLCJtYWMiOiJjZDc4ZWE3N...
traffdaq.com/users/track/ 0
856 B 806ms
247ms Image
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffdaq.com/users/track/eyJpdiI6ImQxeDVZakRSRjJJTnJvazhCM1lScFE9PSIsInZhbHVlIjoiTzhKaGpOc2haZHhZR0xEK1h0TWlRZ0FRNEUwNVwvTTltUTdDOTB3MjlWVWFnaXo1bVdEM3dNMUpRTFlzakVpaVl0U2xjcUpTcTRvdk5ydURJYlBKQzd3PT0iLCJtYWMiOiJjZDc4ZWE3N2E2ZTBlY2U5ZDlmNGE1OTU2ZDVlNGJlYmU0NDQ1Nzk2ZDMyZjE0MDM5Yzc4ZjFkYjdlZWRkMzBjIn0%3D
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=gay_dating
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 06:34:42 GMT
Cache-Control: no-cache
Server: nginx/1.16.1 (Ubuntu)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 401 implement.js
c.securepaths.com/js/ 0
0 60ms
59ms Script
application/javascript 35.190.72.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c.securepaths.com/js/implement.js?org=FziBhN0qA1aE5tBQrQLl&s=5fa64001d502e&p=TDQ47382&a=47382&cmp=47382&rd=http%3A%2F%2Fspeedflow.io%2F&rt=click&sl=0&stId=0&ty=l

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=gay_dating

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

161.72.190.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Nov 2020 06:34:42 GMT
via: 1.1 google
status: 401
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
x-xss-protection: 0
expires: 0

GET
H2 200 fingerprint2.min.js Show response
cdn.jsdelivr.net/fingerprintjs2/1.4.0/ 33 KB
10 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/fingerprintjs2/1.4.0/fingerprint2.min.js

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=gay_dating

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 814870
x-cache: HIT, HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 10191
etag: W/"83f3-ijg3WuTgKQH1Hch06eHdIajrA24"
x-served-by: cache-fra19149-FRA, cache-hhn4068-HHN
date: Sat, 07 Nov 2020 06:34:42 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 47382 Show response
traffdaq.com/delivery/directlink/ 2 KB
1 KB 2393ms
2388ms Document
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InBNTDE1bzhNQk52dWZzNyt0Yzh0VWc9PSIsInZhbHVlIjoiZXllY0VWcTNaK3luWEZZRUM0VjNuSWZrblhMYWZLTVp2dndzUHZQRFl0dTQ0T0pUWGtrSmhYam4rQkVEMllUbmZwQmZxb1RtXC9DTlJESEZQQitiaXFGeGFscWcyWktwNktNRTZPZHR5WUxMc2FweG1XVFlBMFMzc0FDOVlaVVkxaGFNTGNlNE9ESm8weEwxUXFIR3k5SFJQa29pTW0wZ3M4aHNRTHNmeVA3alA2QWFaMEFZUFE0SUV1anhMVzViQjJPNFZNakgrNzNwTWZNZ3hrZlQrQmNLaUhiQzNtZmpSQ0tCQm02ZENCNU5GNWU2ejVxSXg3djJZSHpvdlwvZUZsdkFXU0dPOXFcL0NmdTdIRGhXS1k3dEs4dUQ2RjBcL0J3SGFpZ0VwUytQQWNVQkFDYlR2SUhkaUpEUk4zRURZQWJIIiwibWFjIjoiM2MwN2NlZjJkMDc5NzkyNzZmOWVkZWM5MTg4NmUzNzM5NDE5ZTgxNTgwZTg1MTgyZGVmYzhkNGI3MWI5MDA1NyJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=gay_dating
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: 3e40b6f3bfb92a7109a6f556cd169de8a2449a3dfea7d2c9de9a13efb4d3008f

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://traffdaq.com/delivery/dl/47382?category=gay_dating
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tdqct=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://traffdaq.com/delivery/dl/47382?category=gay_dating

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Sat, 07 Nov 2020 06:34:44 GMT
Content-Encoding: gzip

GET
H/1.1 200
OK Primary Request / Show response
www.armpitgirls.com/ 7 KB
3 KB 721ms
303ms Document
text/html 216.172.184.35
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.armpitgirls.com/?utm_source=traffdaq&utm_medium=popunder&utm_campaign=traffdaq-9-14-14
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6InBNTDE1bzhNQk52dWZzNyt0Yzh0VWc9PSIsInZhbHVlIjoiZXllY0VWcTNaK3luWEZZRUM0VjNuSWZrblhMYWZLTVp2dndzUHZQRFl0dTQ0T0pUWGtrSmhYam4rQkVEMllUbmZwQmZxb1RtXC9DTlJESEZQQitiaXFGeGFscWcyWktwNktNRTZPZHR5WUxMc2FweG1XVFlBMFMzc0FDOVlaVVkxaGFNTGNlNE9ESm8weEwxUXFIR3k5SFJQa29pTW0wZ3M4aHNRTHNmeVA3alA2QWFaMEFZUFE0SUV1anhMVzViQjJPNFZNakgrNzNwTWZNZ3hrZlQrQmNLaUhiQzNtZmpSQ0tCQm02ZENCNU5GNWU2ejVxSXg3djJZSHpvdlwvZUZsdkFXU0dPOXFcL0NmdTdIRGhXS1k3dEs4dUQ2RjBcL0J3SGFpZ0VwUytQQWNVQkFDYlR2SUhkaUpEUk4zRURZQWJIIiwibWFjIjoiM2MwN2NlZjJkMDc5NzkyNzZmOWVkZWM5MTg4NmUzNzM5NDE5ZTgxNTgwZTg1MTgyZGVmYzhkNGI3MWI5MDA1NyJ9&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Protocol: HTTP/1.1
Server: 216.172.184.35 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-184-35.unifiedlayer.com
Software: Apache /
Resource Hash: 72a5bcc0e376520c0170c2497ab92c90da80675ddc33fce89e469a17b9bd01d5

Request headers

Host: www.armpitgirls.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr

Response headers

Date: Sat, 07 Nov 2020 06:34:45 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 08 Sep 2018 06:47:44 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2662
Keep-Alive: timeout=5, max=75
Content-Type: text/html

GET
H/1.1 200
OK piggybear.css
www.armpitgirls.com/ 11 KB
4 KB 183ms
182ms Stylesheet
text/css 216.172.184.35
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.armpitgirls.com/piggybear.css
Requested by: Host: www.armpitgirls.com
URL: http://www.armpitgirls.com/?utm_source=traffdaq&utm_medium=popunder&utm_campaign=traffdaq-9-14-14
Protocol: HTTP/1.1
Server: 216.172.184.35 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-184-35.unifiedlayer.com
Software: Apache /
Resource Hash: b8087c72e4f29d29b42f807e87727d73b17a8272027d00c24860723bc45bde0b

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 06:34:45 GMT
Content-Encoding: gzip
Last-Modified: Sat, 28 Mar 2015 22:13:03 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 3398

GET
H/1.1 200
OK armpit-girls-header.jpg
www.armpitgirls.com/images/ 115 KB
115 KB 376ms
339ms Image
image/jpeg 216.172.184.35
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.armpitgirls.com/images/armpit-girls-header.jpg
Requested by: Host: www.armpitgirls.com
URL: http://www.armpitgirls.com/?utm_source=traffdaq&utm_medium=popunder&utm_campaign=traffdaq-9-14-14
Protocol: HTTP/1.1
Server: 216.172.184.35 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-184-35.unifiedlayer.com
Software: Apache /
Resource Hash: 785c26080ddd074f138ce22f6251ea14a2f24679ce25ee8a8e4cbf85db61827c

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 06:34:45 GMT
Last-Modified: Sat, 28 Mar 2015 22:13:17 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=75
Content-Length: 117562

GET
H/1.1 200
OK ballbusting-banner.gif
www.ballbustingpornstars.com/photos/ 15 KB
16 KB 613ms
316ms Image
image/gif 108.167.140.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.ballbustingpornstars.com/photos/ballbusting-banner.gif
Requested by: Host: www.armpitgirls.com
URL: http://www.armpitgirls.com/?utm_source=traffdaq&utm_medium=popunder&utm_campaign=traffdaq-9-14-14
Protocol: HTTP/1.1
Server: 108.167.140.197 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mail.discovercit.com
Software: Apache /
Resource Hash: ec473aa4dd118b4b3d9c4997f0909c8a569d29854234214bd03aaed5e940bd26

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 06:34:45 GMT
Last-Modified: Tue, 24 Feb 2009 09:26:30 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=5, max=75
Content-Length: 15781

GET
H/1.1 200
OK dick-flash-videos-banner1.jpg
www.ballbustingpornstars.com/ 88 KB
88 KB 599ms
302ms Image
image/jpeg 108.167.140.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.ballbustingpornstars.com/dick-flash-videos-banner1.jpg
Requested by: Host: www.armpitgirls.com
URL: http://www.armpitgirls.com/?utm_source=traffdaq&utm_medium=popunder&utm_campaign=traffdaq-9-14-14
Protocol: HTTP/1.1
Server: 108.167.140.197 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: mail.discovercit.com
Software: Apache /
Resource Hash: cc74daf8709e536cc27558014d97e996fa79707bd305766aeadcd56cd32a665e

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 06:34:45 GMT
Last-Modified: Sat, 08 Sep 2018 06:43:06 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=75
Content-Length: 89787

GET
H/1.1 200
OK tf-800x200.jpg
www.armpitgirls.com/images/ 89 KB
89 KB 335ms
296ms Image
image/jpeg 216.172.184.35
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.armpitgirls.com/images/tf-800x200.jpg
Requested by: Host: www.armpitgirls.com
URL: http://www.armpitgirls.com/?utm_source=traffdaq&utm_medium=popunder&utm_campaign=traffdaq-9-14-14
Protocol: HTTP/1.1
Server: 216.172.184.35 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-184-35.unifiedlayer.com
Software: Apache /
Resource Hash: d5cc0d27ae9eb49fc24f4b3ad2a4b5d0940eefa94bd6718965123fde3484e3c0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 06:34:45 GMT
Last-Modified: Mon, 16 Nov 2015 03:32:54 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=75
Content-Length: 91132

GET
H/1.1 200
OK girlpits-banner1.jpg
www.armpitgirls.com/images/ 37 KB
38 KB 372ms
334ms Image
image/jpeg 216.172.184.35
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.armpitgirls.com/images/girlpits-banner1.jpg
Requested by: Host: www.armpitgirls.com
URL: http://www.armpitgirls.com/?utm_source=traffdaq&utm_medium=popunder&utm_campaign=traffdaq-9-14-14
Protocol: HTTP/1.1
Server: 216.172.184.35 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-184-35.unifiedlayer.com
Software: Apache /
Resource Hash: ac27f0eabf9dd194ba9a659cb1b2c5b8815cab70b814f2fda47bcaca4001da8e

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 06:34:45 GMT
Last-Modified: Sat, 28 Mar 2015 22:13:25 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=75
Content-Length: 38300

GET
H/1.1 200
OK porninspector.gif
www.armpitgirls.com/images/ 3 KB
3 KB 364ms
326ms Image
image/gif 216.172.184.35
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.armpitgirls.com/images/porninspector.gif
Requested by: Host: www.armpitgirls.com
URL: http://www.armpitgirls.com/?utm_source=traffdaq&utm_medium=popunder&utm_campaign=traffdaq-9-14-14
Protocol: HTTP/1.1
Server: 216.172.184.35 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-184-35.unifiedlayer.com
Software: Apache /
Resource Hash: ca34c476b08aafc2331f6d181d756ef5fce4bd3860f6ef6cbcdc6a71744c7b17

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 06:34:45 GMT
Last-Modified: Sat, 28 Mar 2015 22:13:27 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=5, max=75
Content-Length: 2732

GET
H2

200

freeones2.png
www.freeones.com/webmasters/banners/
Redirect Chain

http://www.freeones.com/webmasters/banners/freeones2.png
https://www.freeones.com/webmasters/banners/freeones2.png

30 KB
30 KB

396ms
250ms

Image
image/png

91.216.104.91
REASONNET-AS Amst...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freeones.com/webmasters/banners/freeones2.png
Requested by: Host: www.armpitgirls.com
URL: http://www.armpitgirls.com/?utm_source=traffdaq&utm_medium=popunder&utm_campaign=traffdaq-9-14-14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.216.104.91 , Netherlands, ASN25525 (REASONNET-AS Amsterdam, the Netherlands, NL),
Reverse DNS: am-lb-ext-001.funix.nl
Software: Apache /
Resource Hash: 5371b092275355841ad61155455c4eb0591937dc411a220a2f7551a0ffaeb2ef

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 06:34:45 GMT
last-modified: Wed, 09 Mar 2011 10:02:43 GMT
server: Apache
etag: "15b8385-76e4-49e09d47256c0"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 30436

Redirect headers

Location: https://www.freeones.com/webmasters/banners/freeones2.png
Cache-Control: no-cache
Content-length: 0

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: www.armpitgirls.com
URL: http://www.armpitgirls.com/?utm_source=traffdaq&utm_medium=popunder&utm_campaign=traffdaq-9-14-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4847
date: Sat, 07 Nov 2020 05:13:58 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 07 Nov 2020 07:13:58 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK armpitgirls-background.jpg
www.armpitgirls.com/images/ 43 KB
43 KB 845ms
577ms Image
image/jpeg 216.172.184.35
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.armpitgirls.com/images/armpitgirls-background.jpg
Requested by: Host: www.armpitgirls.com
URL: http://www.armpitgirls.com/?utm_source=traffdaq&utm_medium=popunder&utm_campaign=traffdaq-9-14-14
Protocol: HTTP/1.1
Server: 216.172.184.35 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 216-172-184-35.unifiedlayer.com
Software: Apache /
Resource Hash: 4167ceff7aa3046359c046dcdc2770a153d11cc35a8e887727ff965ccb2db30e

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 07 Nov 2020 06:34:46 GMT
Last-Modified: Sat, 28 Mar 2015 22:13:19 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=75
Content-Length: 43619

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=935672767&utmhn=www.armpitgirls.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&u...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=935672767&utmhn=www.armpitgirls.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&...

35 B
135 B

14ms
13ms

Image
image/gif

2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=935672767&utmhn=www.armpitgirls.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Armpit%20Licking%2C%20Smelling%2C%20and%20Underarm%20Cumshots%20-%20Armpit%20Fetish%20Videos%20and%20Photos&utmhid=1527025274&utmr=-&utmp=%2F%3Futm_source%3Dtraffdaq%26utm_medium%3Dpopunder%26utm_campaign%3Dtraffdaq-9-14-14&utmht=1604730885684&utmac=UA-2468350-14&utmcc=__utma%3D261828573.1425355705.1604730886.1604730886.1604730886.1%3B%2B__utmz%3D261828573.1604730886.1.1.utmcsr%3Dtraffdaq%7Cutmccn%3Dtraffdaq-9-14-14%7Cutmcmd%3Dpopunder%3B&utmjid=861884256&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.armpitgirls.com
URL: http://www.armpitgirls.com/?utm_source=traffdaq&utm_medium=popunder&utm_campaign=traffdaq-9-14-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Nov 2020 06:34:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=935672767&utmhn=www.armpitgirls.com&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Armpit%20Licking%2C%20Smelling%2C%20and%20Underarm%20Cumshots%20-%20Armpit%20Fetish%20Videos%20and%20Photos&utmhid=1527025274&utmr=-&utmp=%2F%3Futm_source%3Dtraffdaq%26utm_medium%3Dpopunder%26utm_campaign%3Dtraffdaq-9-14-14&utmht=1604730885684&utmac=UA-2468350-14&utmcc=__utma%3D261828573.1425355705.1604730886.1604730886.1604730886.1%3B%2B__utmz%3D261828573.1604730886.1.1.utmcsr%3Dtraffdaq%7Cutmccn%3Dtraffdaq-9-14-14%7Cutmcmd%3Dpopunder%3B&utmjid=861884256&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.realsrv.com
c.securepaths.com
cdn.jsdelivr.net
manyhit.com
speedflow.io
syndication.realsrv.com
traffdaq.com
www.armpitgirls.com
www.ballbustingpornstars.com
www.freeones.com
www.google-analytics.com
107.170.39.103
108.167.140.197
162.213.255.36
198.54.116.135
2001:4de0:ac19::1:b:3a
216.172.184.35
2a00:1450:4001:803::200e
2a04:4e42:1b::621
35.190.72.161
91.216.104.91
95.211.229.247
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
3e40b6f3bfb92a7109a6f556cd169de8a2449a3dfea7d2c9de9a13efb4d3008f
4167ceff7aa3046359c046dcdc2770a153d11cc35a8e887727ff965ccb2db30e
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
5371b092275355841ad61155455c4eb0591937dc411a220a2f7551a0ffaeb2ef
72a5bcc0e376520c0170c2497ab92c90da80675ddc33fce89e469a17b9bd01d5
785c26080ddd074f138ce22f6251ea14a2f24679ce25ee8a8e4cbf85db61827c
7afb38c473556d432997a7618c2e2eb307204c6b91f417adda265e6259ad9df8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
ac27f0eabf9dd194ba9a659cb1b2c5b8815cab70b814f2fda47bcaca4001da8e
b620124e6ae3f331a989b2090f827bbe8a944774184542e989db083b42f3de1b
b8087c72e4f29d29b42f807e87727d73b17a8272027d00c24860723bc45bde0b
ca34c476b08aafc2331f6d181d756ef5fce4bd3860f6ef6cbcdc6a71744c7b17
cc74daf8709e536cc27558014d97e996fa79707bd305766aeadcd56cd32a665e
d3f814d49049b29143de2fccdbd97d0a1f0739e2554c482684c7c906b535ea43
d5cc0d27ae9eb49fc24f4b3ad2a4b5d0940eefa94bd6718965123fde3484e3c0
ec473aa4dd118b4b3d9c4997f0909c8a569d29854234214bd03aaed5e940bd26

www.armpitgirls.com Open in urlscan Pro 216.172.184.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

43 %HTTPS

27 %IPv6

10 Domains

11 Subdomains

11 IPs

4 Countries

461 kBTransfer

524 kBSize

0 Cookies

9 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

Indicators

www.armpitgirls.com Open in urlscan Pro
216.172.184.35 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

43 %
HTTPS

27 %
IPv6

10
Domains

11
Subdomains

11
IPs

4
Countries

461 kB
Transfer

524 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions