urlscan.io logo urlscan.io
SecurityTrails logo

tr.im Open in urlscan Pro
2606:4700:3032::681b:a2f8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://speedflow.io/adult/?a=rr
Effective URL: https://tr.im/1wkLT
Submission Tags: demotag1 demotag2 Search All
Submission: On November 10 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3032::681b:a2f8, located in United States and belongs to CLOUDFLARENET, US. The main domain is tr.im.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 10th 2020. Valid for: a year.
This is the only time tr.im was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 198.54.116.135 22612 (NAMECHEAP...)
2 6 107.170.39.103 14061 (DIGITALOC...)
1 162.213.255.36 22612 (NAMECHEAP...)
1 54.211.44.226 14618 (AMAZON-AES)
1 35.190.72.161 15169 (GOOGLE)
1 2a04:4e42:1b:... 54113 (FASTLY)
1 7 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
21 11
1    198.54.116.135 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server193-5.web-hosting.com
speedflow.io
6    107.170.39.103 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
traffdaq.com
1    162.213.255.36 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server145-4.web-hosting.com
manyhit.com
1    54.211.44.226 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-44-226.compute-1.amazonaws.com
cors-anywhere.herokuapp.com
1    35.190.72.161 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com
c.securepaths.com
1    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
7    2606:4700:3032::681b:a2f8 (United States)

ASN13335 (CLOUDFLARENET, US)
tr.im
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
7 tr.im 1 redirects traffdaq.com
tr.im
6 traffdaq.com 2 redirects speedflow.io
traffdaq.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com tr.im
www.google-analytics.com
1 fonts.googleapis.com tr.im
1 cdn.jsdelivr.net traffdaq.com
1 c.securepaths.com traffdaq.com
1 cors-anywhere.herokuapp.com speedflow.io
1 manyhit.com speedflow.io
1 speedflow.io
21 10

This site contains no links.

Subject Issuer Validity Valid
traffdaq.com
Let's Encrypt Authority X3		 2020-10-31 -
2021-01-29		 3 months crt.sh
*.securepaths.com
Let's Encrypt Authority X3		 2020-09-22 -
2020-12-21		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-10 -
2021-07-10		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://tr.im/1wkLT
Frame ID: D3C91F579BBA3361515AA883791F6E5C
Requests: 19 HTTP requests in this frame

Frame: http://manyhit.com/autosurf_if.php?user=woowy
Frame ID: 3A407D4EDF41793F5B05F494F6C3CFA0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://speedflow.io/adult/?a=rr Page URL
  2. http://traffdaq.com/delivery/dl/47382?category=general HTTP 301
    https://traffdaq.com/delivery/dl/47382?category=general Page URL
  3. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik1NVU5ER0k0empqeWlmY1Q2MFwvR2FnPT0iL... Page URL
  4. http://tr.im/1wkLT HTTP 308
    https://tr.im/1wkLT Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

21
Requests

86 %
HTTPS

50 %
IPv6

10
Domains

10
Subdomains

11
IPs

3
Countries

139 kB
Transfer

495 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://speedflow.io/adult/?a=rr Page URL
  2. http://traffdaq.com/delivery/dl/47382?category=general HTTP 301
    https://traffdaq.com/delivery/dl/47382?category=general Page URL
  3. https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik1NVU5ER0k0empqeWlmY1Q2MFwvR2FnPT0iLCJ2YWx1ZSI6IjFUbzlxU2F1QjJ1T2h5YkhLbTFmMm90MUFRdE5pSndhdVFmWkF2MVpBNmZ5MzdQQnBMdVRpZUJ1alFDanlHSUJUTHBHOVZoTHhPOEttdGtUYXlNMDlLRFp3WU9Ba2wxeUhWYzdBTHJTTnV2bFB1eXlZWnBTQkhPNUdUV3VqZ0VpSXVJcGt4ZVNIT1BCbFJTRWl5c0JBUGlPK2czZmdUdXRWYkUzcmgwb1QzdEdMbzhnNUdmUHNjRVdqeFJxVE5sSllIcFBsdndzVG9qTW1WZ2o2VlUwRmtwQXllWlc1bUdnU1wvcFF5Z29md3FOQmRWR0E3YlJsZWV1RVBvNWZVQ3BPZzRadmo2YVVBMTM1MTEwVlh3cHJ6Qk5aSE5aWDVGK3phemg1M0lcL2ZzUUNzemtBMFJpUEFCZE1BVkJCN0FUbDQiLCJtYWMiOiJhY2E5YjgwNTNlZDhjOTFhOGFiM2E2NWE3ZTNjZGE3YWMzZGUwNmM3YmMxYmQ2ZmI1YjM0M2ZiN2ViZjhkN2IzIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8 Page URL
  4. http://tr.im/1wkLT HTTP 308
    https://tr.im/1wkLT Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://traffdaq.com/delivery/pu/47382?category=general HTTP 301
  • https://traffdaq.com/delivery/pu/47382?category=general
Request Chain 5
  • http://traffdaq.com/delivery/dl/47382?category=general HTTP 301
  • https://traffdaq.com/delivery/dl/47382?category=general

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
speedflow.io/adult/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Server
198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server193-5.web-hosting.com
Software
Apache / PHP/7.1.33
Resource Hash
ae85b3da5e53be3dbb9919cda18c74932f7a48c93a72d30d78b0c2b5a78426ed

Request headers

Host
speedflow.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr

Response headers

date
Tue, 10 Nov 2020 08:26:13 GMT
server
Apache
x-powered-by
PHP/7.1.33
set-cookie
visits_todaya=1; expires=Tue, 10-Nov-2020 22:59:00 GMT; Max-Age=52367; path=/ time_start=1604996773.1997; expires=Tue, 10-Nov-2020 22:59:00 GMT; Max-Age=52367; path=/ ip=185.156.175.107 mobile=0 country=GB visits_todayi=0; expires=Tue, 10-Nov-2020 22:59:00 GMT; Max-Age=52367; path=/
accept-ranges
none
vary
Accept-Encoding
content-encoding
gzip
content-length
650
content-type
text/html; charset=UTF-8
47382
traffdaq.com/delivery/pu/
Redirect Chain
  • http://traffdaq.com/delivery/pu/47382?category=general
  • https://traffdaq.com/delivery/pu/47382?category=general
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://traffdaq.com/delivery/pu/47382?category=general
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash
b4bc83c7560c3c5746407a26fd0045bc6f25cb0f77125257c013193a02334276

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 10 Nov 2020 08:26:14 GMT
Content-Encoding
gzip
Server
nginx/1.16.1 (Ubuntu)
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Location
https://traffdaq.com/delivery/pu/47382?category=general
Connection
close
Content-length
0
autosurf_if.php
manyhit.com/ Frame 3A40 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://manyhit.com/autosurf_if.php?user=woowy
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Server
162.213.255.36 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server145-4.web-hosting.com
Software
Apache / PHP/5.4.45
Resource Hash

Request headers

Host
manyhit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/

Response headers

date
Tue, 10 Nov 2020 08:26:14 GMT
server
Apache
x-powered-by
PHP/5.4.45
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
set-cookie
PHPSESSID=225e5b9085beb83282914282029e1268; path=/
vary
Accept-Encoding
content-encoding
gzip
content-length
1267
content-type
text/html
47382
cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/47382?category=general
Protocol
HTTP/1.1
Server
54.211.44.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-44-226.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-requested-with
Origin
http://speedflow.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
Cowboy
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Access-Control-Allow-Headers
x-requested-with
Access-Control-Expose-Headers
access-control-allow-origin,access-control-allow-methods,access-control-allow-headers
Date
Tue, 10 Nov 2020 08:26:14 GMT
Transfer-Encoding
chunked
Via
1.1 vegur
47382
cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/ 		0
0
47382
traffdaq.com/delivery/dl/
Redirect Chain
  • http://traffdaq.com/delivery/dl/47382?category=general
  • https://traffdaq.com/delivery/dl/47382?category=general
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://traffdaq.com/delivery/dl/47382?category=general
Requested by
Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash
bd1eabe0acbacac01eeaeac10d2d6b9624a481e89d4a2fab3cfef7c35471c8d2

Request headers

Host
traffdaq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://speedflow.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
http://speedflow.io/adult/?a=rr

Response headers

Server
nginx/1.16.1 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Cache-Control
no-cache
Date
Tue, 10 Nov 2020 08:26:17 GMT
Content-Encoding
gzip

Redirect headers

Content-length
0
Location
https://traffdaq.com/delivery/dl/47382?category=general
Connection
close
eyJpdiI6IkkrTHNnd1IydnNkNmgzOXl4SXp0c0E9PSIsInZhbHVlIjoiXC83UVNsVWZ3OEtXdzJ5STFJeUVSNzVQdnR0QXN6S3JIZDNvVUR2ZjFmbXFHWlI4VmZVK2RPKzVRanFqXC9LTjR1dVdCZGNpb3F0YmdudlpqN0tMOXl0QT09IiwibWFjIjoiZDM1NTFkM...
traffdaq.com/users/track/ 		0
860 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://traffdaq.com/users/track/eyJpdiI6IkkrTHNnd1IydnNkNmgzOXl4SXp0c0E9PSIsInZhbHVlIjoiXC83UVNsVWZ3OEtXdzJ5STFJeUVSNzVQdnR0QXN6S3JIZDNvVUR2ZjFmbXFHWlI4VmZVK2RPKzVRanFqXC9LTjR1dVdCZGNpb3F0YmdudlpqN0tMOXl0QT09IiwibWFjIjoiZDM1NTFkMjYxZmZjMTY1MTBiYjUzYzBiZDc1NWFlMzI1ZGU4MTJmNGVlZDBkYTYxYjgyMWEwNjMyMGIxNGIzYyJ9
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=general
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 10 Nov 2020 08:26:18 GMT
Cache-Control
no-cache
Server
nginx/1.16.1 (Ubuntu)
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
implement.js
c.securepaths.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://c.securepaths.com/js/implement.js?org=FziBhN0qA1aE5tBQrQLl&s=5faa4ea9a09fd&p=TDQ47382&a=47382&cmp=47382&rd=http%3A%2F%2Fspeedflow.io%2F&rt=click&sl=0&stId=0&ty=l
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=general
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Nov 2020 08:26:17 GMT
via
1.1 google
status
401
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
x-xss-protection
0
expires
0
fingerprint2.min.js
cdn.jsdelivr.net/fingerprintjs2/1.4.0/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/fingerprintjs2/1.4.0/fingerprint2.min.js
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=general
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1080766
x-cache
HIT, HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
10191
etag
W/"83f3-ijg3WuTgKQH1Hch06eHdIajrA24"
x-served-by
cache-fra19149-FRA, cache-hhn4071-HHN
date
Tue, 10 Nov 2020 08:26:17 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
47382
traffdaq.com/delivery/directlink/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik1NVU5ER0k0empqeWlmY1Q2MFwvR2FnPT0iLCJ2YWx1ZSI6IjFUbzlxU2F1QjJ1T2h5YkhLbTFmMm90MUFRdE5pSndhdVFmWkF2MVpBNmZ5MzdQQnBMdVRpZUJ1alFDanlHSUJUTHBHOVZoTHhPOEttdGtUYXlNMDlLRFp3WU9Ba2wxeUhWYzdBTHJTTnV2bFB1eXlZWnBTQkhPNUdUV3VqZ0VpSXVJcGt4ZVNIT1BCbFJTRWl5c0JBUGlPK2czZmdUdXRWYkUzcmgwb1QzdEdMbzhnNUdmUHNjRVdqeFJxVE5sSllIcFBsdndzVG9qTW1WZ2o2VlUwRmtwQXllWlc1bUdnU1wvcFF5Z29md3FOQmRWR0E3YlJsZWV1RVBvNWZVQ3BPZzRadmo2YVVBMTM1MTEwVlh3cHJ6Qk5aSE5aWDVGK3phemg1M0lcL2ZzUUNzemtBMFJpUEFCZE1BVkJCN0FUbDQiLCJtYWMiOiJhY2E5YjgwNTNlZDhjOTFhOGFiM2E2NWE3ZTNjZGE3YWMzZGUwNmM3YmMxYmQ2ZmI1YjM0M2ZiN2ViZjhkN2IzIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=general
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 (Ubuntu) /
Resource Hash
35697021a64bb71150c400e0f948a546db35d047d105fa53b5349214597d7780

Request headers

Host
traffdaq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://traffdaq.com/delivery/dl/47382?category=general
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
tdqct=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://traffdaq.com/delivery/dl/47382?category=general

Response headers

Server
nginx/1.16.1 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Cache-Control
no-cache
Date
Tue, 10 Nov 2020 08:26:20 GMT
Content-Encoding
gzip
Primary Request 1wkLT
tr.im/
Redirect Chain
  • http://tr.im/1wkLT
  • https://tr.im/1wkLT
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.im/1wkLT
Requested by
Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik1NVU5ER0k0empqeWlmY1Q2MFwvR2FnPT0iLCJ2YWx1ZSI6IjFUbzlxU2F1QjJ1T2h5YkhLbTFmMm90MUFRdE5pSndhdVFmWkF2MVpBNmZ5MzdQQnBMdVRpZUJ1alFDanlHSUJUTHBHOVZoTHhPOEttdGtUYXlNMDlLRFp3WU9Ba2wxeUhWYzdBTHJTTnV2bFB1eXlZWnBTQkhPNUdUV3VqZ0VpSXVJcGt4ZVNIT1BCbFJTRWl5c0JBUGlPK2czZmdUdXRWYkUzcmgwb1QzdEdMbzhnNUdmUHNjRVdqeFJxVE5sSllIcFBsdndzVG9qTW1WZ2o2VlUwRmtwQXllWlc1bUdnU1wvcFF5Z29md3FOQmRWR0E3YlJsZWV1RVBvNWZVQ3BPZzRadmo2YVVBMTM1MTEwVlh3cHJ6Qk5aSE5aWDVGK3phemg1M0lcL2ZzUUNzemtBMFJpUEFCZE1BVkJCN0FUbDQiLCJtYWMiOiJhY2E5YjgwNTNlZDhjOTFhOGFiM2E2NWE3ZTNjZGE3YWMzZGUwNmM3YmMxYmQ2ZmI1YjM0M2ZiN2ViZjhkN2IzIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:a2f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.28-1+deb.sury.org~xenial+1
Resource Hash
afb79eb0874c33dae4508faf17cadbcb83642caf24252d75567d92020675b966
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
tr.im
:scheme
https
:path
/1wkLT
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=df8621b4bc25ef1b77ea7ff7d3202d7d21604996781
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer
http://speedflow.io/adult/a=rr
Referer
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6Ik1NVU5ER0k0empqeWlmY1Q2MFwvR2FnPT0iLCJ2YWx1ZSI6IjFUbzlxU2F1QjJ1T2h5YkhLbTFmMm90MUFRdE5pSndhdVFmWkF2MVpBNmZ5MzdQQnBMdVRpZUJ1alFDanlHSUJUTHBHOVZoTHhPOEttdGtUYXlNMDlLRFp3WU9Ba2wxeUhWYzdBTHJTTnV2bFB1eXlZWnBTQkhPNUdUV3VqZ0VpSXVJcGt4ZVNIT1BCbFJTRWl5c0JBUGlPK2czZmdUdXRWYkUzcmgwb1QzdEdMbzhnNUdmUHNjRVdqeFJxVE5sSllIcFBsdndzVG9qTW1WZ2o2VlUwRmtwQXllWlc1bUdnU1wvcFF5Z29md3FOQmRWR0E3YlJsZWV1RVBvNWZVQ3BPZzRadmo2YVVBMTM1MTEwVlh3cHJ6Qk5aSE5aWDVGK3phemg1M0lcL2ZzUUNzemtBMFJpUEFCZE1BVkJCN0FUbDQiLCJtYWMiOiJhY2E5YjgwNTNlZDhjOTFhOGFiM2E2NWE3ZTNjZGE3YWMzZGUwNmM3YmMxYmQ2ZmI1YjM0M2ZiN2ViZjhkN2IzIn0%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Response headers

status
200
date
Tue, 10 Nov 2020 08:26:22 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/5.6.28-1+deb.sury.org~xenial+1
cache-control
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
cf-request-id
0652dc6d6c000017826ab6c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie
__cf_bm=9d01a849a4a41d8b98b04d3a5bbadc967945fdc4-1604996782-1800-ARO+b5fR7qFRT/n5okPwC2qLQxqW17hGM+jERYXGRMg/e3GBWUUodHd/lGu3mBCiovRh0NA7KB2Xv2vwSES3Xbc=; path=/; expires=Tue, 10-Nov-20 08:56:22 GMT; domain=.tr.im; HttpOnly; Secure; SameSite=None
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1R9wQfuQXEAVu2KALiBm4GuxN3%2Fvjd710tn0CEyJfzUdPbEV69hvTMIUA74PocHDRY%2FCifqtdNLq3VxLTNCdnwpPmQDOwFKdORxa2bQn0icg0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5efe635bda991782-FRA
content-encoding
br

Redirect headers

Date
Tue, 10 Nov 2020 08:26:21 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=df8621b4bc25ef1b77ea7ff7d3202d7d21604996781; expires=Thu, 10-Dec-20 08:26:21 GMT; path=/; domain=.tr.im; HttpOnly; SameSite=Lax __cf_bm=2d65b3e84c76bb8cf9be19068d489932a821ba9a-1604996781-1800-AVnZ/fOfJfmARuBpoC1GtlxTK+7zsYwN/LHi6fpRxv1/GTMfo8z/fXp3J8SxdR+wDNhZBHZNMKwCY2YFxfVSQKc=; path=/; expires=Tue, 10-Nov-20 08:56:21 GMT; domain=.tr.im; HttpOnly; SameSite=None
Location
https://tr.im/1wkLT
CF-Cache-Status
DYNAMIC
cf-request-id
0652dc6bf5000005c8b00e6000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mei9ZdkeJ2onY1DA%2Bu9X4PPIQQU55Wxk%2BW%2FV%2BJ30Qacyy0S0zTXk%2Blnn2ADLbIpNbdBmS18JoLV7mhMzGpPlqb6s8tH8xsYa%2F7bQMYHNISzg5g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
5efe63598cbc05c8-FRA
8071973.css
tr.im/css/ 		213 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tr.im/css/8071973.css
Requested by
Host: tr.im
URL: https://tr.im/1wkLT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:a2f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90ea5a12c33365f2484fa2ba5aecf9a6747dd5eda95766bb353f330199617652
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 10 Nov 2020 08:26:22 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6819
status
200
cf-request-id
0652dc70810000178214a41000000001
last-modified
Tue, 06 Oct 2020 07:24:41 GMT
server
cloudflare
etag
W/"5f7c1bb9-352e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cMnC4eUx%2BbMSF2rJD8l3o1qEITKAD4yMBUZyhkGhhlhxQiaBkoQiEmp3Lrlgay1QKbL0KKCbn7eq05aWENF0d%2FHqVnIJ%2BUOnoyVbnGCCxq6p8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
5efe6360cc9c1782-FRA
4e08afe.js
tr.im/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.im/js/4e08afe.js
Requested by
Host: tr.im
URL: https://tr.im/1wkLT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:a2f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 10 Nov 2020 08:26:22 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6819
status
200
cf-request-id
0652dc707e00001782428b4000000001
last-modified
Tue, 06 Oct 2020 07:24:41 GMT
server
cloudflare
etag
W/"5f7c1bb9-1499c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cERqvlH3OQ51P4MYeJXl%2FWwUrLtVr6rGAZMuh4qa75sMf3t4Kwnfq4El%2BjV8C%2FwluKdoDS8N9JGhf8Drq5hW%2F5Q8RQXgx4CJSvK5BHTwVyYGfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
5efe6360cc9e1782-FRA
email-decode.min.js
tr.im/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.im/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tr.im
URL: https://tr.im/1wkLT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:a2f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 10 Nov 2020 08:26:22 GMT
content-encoding
gzip
vary
Accept-Encoding
nel
{"report_to":"cf-nel","max_age":604800}
status
200
cf-request-id
0652dc707e000017829dba0000000001
last-modified
Tue, 27 Oct 2020 17:31:31 GMT
server
cloudflare
etag
W/"5f985973-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2YnxvvVcWrQa1JY4rMZHCqxUdvcfUHieOgpmMJUCAvra3%2BYyCjR3MDk8WWhovCT4os6a6pLH792ujqqKHKPNUi5Umcoz8fsBwFbsv1s5%2BOie%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
5efe6360cca01782-FRA
expires
Thu, 12 Nov 2020 08:26:22 GMT
9d6ca1d.js
tr.im/js/ 		67 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.im/js/9d6ca1d.js
Requested by
Host: tr.im
URL: https://tr.im/1wkLT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:a2f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 10 Nov 2020 08:26:22 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6819
status
200
cf-request-id
0652dc707e000017827d84f000000001
last-modified
Tue, 06 Oct 2020 07:24:41 GMT
server
cloudflare
etag
W/"5f7c1bb9-10d1a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IvMD4XppB2e%2FtOOQd89sKdarTCtwQ7rAvvQGiageVe36KLVNVx6QDBixB%2FEoTlDzdoHVzwe2TOd83k1kl505SNk8y8dE6XYXNpfS21YHR%2FuznA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
5efe6360cca51782-FRA
css
fonts.googleapis.com/ 		5 KB
679 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,600,700
Requested by
Host: tr.im
URL: https://tr.im/css/8071973.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7ac41264b13d9dfb5023c05c698d475c6e3bd60b5dbcf55e3da4ef17d4e69234
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 10 Nov 2020 08:04:36 GMT
server
ESF
date
Tue, 10 Nov 2020 08:26:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 10 Nov 2020 08:26:22 GMT
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tr.im
URL: https://tr.im/1wkLT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
4234
date
Tue, 10 Nov 2020 07:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Tue, 10 Nov 2020 09:15:48 GMT
glyphicons-halflings-regular.woff2
tr.im/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tr.im/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: tr.im
URL: https://tr.im/css/8071973.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:a2f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Origin
https://tr.im
Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 10 Nov 2020 08:26:22 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6819
status
200
cf-request-id
0652dc70c10000178230bd1000000001
last-modified
Sun, 01 Jul 2018 20:16:31 GMT
server
cloudflare
etag
W/"5b39369f-466c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iVf6VjZaxCAIOxIsd%2B9BWzf82iSdXv7u%2BzCUQG4r8ASMa6ZddkgVU57KiAQA6g%2BiUgmYBR1Mya6FLuuRpLy2Z9cn9u5OTY%2Bb2rDMEOElHbEI3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
cache-control
max-age=14400
cf-ray
5efe63613d9a1782-FRA
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://tr.im
Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 22:12:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:13 GMT
server
sffe
age
382407
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
expires
Fri, 05 Nov 2021 22:12:55 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://tr.im
Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 22:12:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:44 GMT
server
sffe
age
382407
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
expires
Fri, 05 Nov 2021 22:12:55 GMT
collect
www.google-analytics.com/j/ 		2 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1609739317&t=pageview&_s=1&dl=https%3A%2F%2Ftr.im%2F1wkLT&dp=%2Funsafe-link-click&ul=en-us&de=UTF-8&dt=Alert!%20The%20link%20you%20have%20just%20clicked%20might%20be%20unsafe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=217083224&gjid=1082420775&cid=957314312.1604996782&tid=UA-47358447-3&_gid=2085174522.1604996782&_r=1&_slc=1&z=364552497
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://speedflow.io/adult/a=rr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Nov 2020 08:26:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://tr.im
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cors-anywhere.herokuapp.com
URL
https://cors-anywhere.herokuapp.com///traffdaq.com/delivery/pu/47382?category=general

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

5 Cookies

Domain/Path Name / Value
.tr.im/ Name: _gid
Value: GA1.2.2085174522.1604996782
.tr.im/ Name: __cf_bm
Value: 9d01a849a4a41d8b98b04d3a5bbadc967945fdc4-1604996782-1800-ARO+b5fR7qFRT/n5okPwC2qLQxqW17hGM+jERYXGRMg/e3GBWUUodHd/lGu3mBCiovRh0NA7KB2Xv2vwSES3Xbc=
.tr.im/ Name: _gat
Value: 1
.tr.im/ Name: _ga
Value: GA1.2.957314312.1604996782
.tr.im/ Name: __cfduid
Value: df8621b4bc25ef1b77ea7ff7d3202d7d21604996781

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.securepaths.com
cdn.jsdelivr.net
cors-anywhere.herokuapp.com
fonts.googleapis.com
fonts.gstatic.com
manyhit.com
speedflow.io
tr.im
traffdaq.com
www.google-analytics.com
cors-anywhere.herokuapp.com
107.170.39.103
162.213.255.36
198.54.116.135
2606:4700:3032::681b:a2f8
2a00:1450:4001:801::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:81a::200e
2a04:4e42:1b::621
35.190.72.161
54.211.44.226
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
35697021a64bb71150c400e0f948a546db35d047d105fa53b5349214597d7780
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
7ac41264b13d9dfb5023c05c698d475c6e3bd60b5dbcf55e3da4ef17d4e69234
90ea5a12c33365f2484fa2ba5aecf9a6747dd5eda95766bb353f330199617652
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
ae85b3da5e53be3dbb9919cda18c74932f7a48c93a72d30d78b0c2b5a78426ed
afb79eb0874c33dae4508faf17cadbcb83642caf24252d75567d92020675b966
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b4bc83c7560c3c5746407a26fd0045bc6f25cb0f77125257c013193a02334276
bd1eabe0acbacac01eeaeac10d2d6b9624a481e89d4a2fab3cfef7c35471c8d2
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c