dz4link.com Open in urlscan Pro
2606:4700:3031::6812:2a08 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://speedflow.io/adult/?a=rr
Effective URL:
https://dz4link.com/redirect
Submission Tags: demotag1 demotag2 Search All
Submission: On November 08 via api (November 8th 2020, 12:11:46 am UTC) from US

Summary HTTP 53 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 19 domains to perform 53 HTTP transactions. The main IP is 2606:4700:3031::6812:2a08, located in United States and belongs to CLOUDFLARENET, US. The main domain is dz4link.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 6th 2020. Valid for: a year.

This is the only time dz4link.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	198.54.116.135 198.54.116.135	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	95.211.229.247 95.211.229.247	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	162.213.255.36 162.213.255.36	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 4	107.170.39.103 107.170.39.103	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	35.190.72.161 35.190.72.161	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1 1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
3 18	2606:4700:303... 2606:4700:3031::6812:2a08	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	51.178.170.179 51.178.170.179	16276 (OVH) (OVH)
4	139.45.196.11 139.45.196.11	9002 (RETN-AS) (RETN-AS)
1	52.216.138.251 52.216.138.251	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE)
53	21

1 198.54.116.135 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server193-5.web-hosting.com

speedflow.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

a.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.229.247 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.213.255.36 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server145-4.web-hosting.com

manyhit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.170.39.103 (New York, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

traffdaq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.161 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 161.72.190.35.bc.googleusercontent.com

c.securepaths.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

goo.gl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:3031::6812:2a08 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dz4link.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pourdear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.178.170.179 (France)

ASN16276 (OVH, FR)
PTR: ip179.ip-51-178-170.eu

setpadchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.196.11 (Ascension Island)

ASN9002 (RETN-AS, EU)

shorteh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.138.251 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

1001freedownloads.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	dz4link.com 3 redirects dz4link.com	709 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com ssl.gstatic.com	178 KB
7	google.com apis.google.com accounts.google.com www.google.com	110 KB
4	shorteh.com shorteh.com	22 KB
4	traffdaq.com 1 redirects traffdaq.com	4 KB
2	youtube.com www.youtube.com
2	realsrv.com a.realsrv.com syndication.realsrv.com	1 KB
1	recaptcha.net www.recaptcha.net	1023 B
1	amazonaws.com 1001freedownloads.s3.amazonaws.com	27 KB
1	setpadchat.com setpadchat.com	1 KB
1	pourdear.com pourdear.com
1	googleusercontent.com lh3.googleusercontent.com	175 KB
1	googleapis.com fonts.googleapis.com	590 B
1	goo.gl 1 redirects goo.gl	799 B
1	t.co t.co	484 B
1	jsdelivr.net cdn.jsdelivr.net	10 KB
1	securepaths.com c.securepaths.com
1	manyhit.com manyhit.com
1	speedflow.io speedflow.io	1 KB
53	19

	Domain	Requested by
18	dz4link.com	3 redirects t.co dz4link.com
5	ssl.gstatic.com	dz4link.com
4	shorteh.com	dz4link.com shorteh.com
4	apis.google.com	dz4link.com apis.google.com
4	traffdaq.com	1 redirects speedflow.io traffdaq.com
3	fonts.gstatic.com	fonts.googleapis.com
2	www.google.com	www.gstatic.com
2	www.youtube.com	apis.google.com
1	accounts.google.com	apis.google.com
1	www.gstatic.com	www.recaptcha.net
1	www.recaptcha.net	dz4link.com
1	1001freedownloads.s3.amazonaws.com	dz4link.com
1	setpadchat.com	dz4link.com
1	pourdear.com	dz4link.com
1	lh3.googleusercontent.com	dz4link.com
1	fonts.googleapis.com	dz4link.com
1	goo.gl	1 redirects
1	t.co	traffdaq.com
1	cdn.jsdelivr.net	traffdaq.com
1	c.securepaths.com	traffdaq.com
1	manyhit.com	speedflow.io
1	syndication.realsrv.com	a.realsrv.com
1	a.realsrv.com	speedflow.io
1	speedflow.io
53	24

This site contains links to these domains. Also see Links.

Domain
movierulzvip.com
zawajhalal.site
www.facebook.com

Subject Issuer	Validity	Valid
realsrv.com Let's Encrypt Authority X3	`2020-10-26` - `2021-01-24`	3 months	crt.sh
traffdaq.com Let's Encrypt Authority X3	`2020-10-31` - `2021-01-29`	3 months	crt.sh
*.securepaths.com Let's Encrypt Authority X3	`2020-09-22` - `2020-12-21`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-06` - `2021-07-06`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
pourdear.com Let's Encrypt Authority X3	`2020-09-22` - `2020-12-21`	3 months	crt.sh
setpadchat.com Let's Encrypt Authority X3	`2020-10-28` - `2021-01-26`	3 months	crt.sh
shorteh.com Let's Encrypt Authority X3	`2020-09-24` - `2020-12-23`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2021-03-12`	a year	crt.sh
misc.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://dz4link.com/redirect
Frame ID: 68E6C68CDB09BFF825FD9FA3A2F8E7DF
Requests: 44 HTTP requests in this frame

Frame: http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604794284424&sub=&tags=&screen_resolution=1600x1200&el=%22
Frame ID: FA3F376E5C801762C950474CBEB53381
Requests: 1 HTTP requests in this frame

Frame: http://manyhit.com/autosurf_if.php?user=speedflow
Frame ID: 56BA98BE36F1A54D17A4199B61AF4C15
Requests: 1 HTTP requests in this frame

Frame: https://shorteh.com/fac.php
Frame ID: 3C4463020B89795A790E4E8E5858436F
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCgtVe0mCzhxNCPBQy8T-zNw&layout=default&count=default&origin=https%3A%2F%2Fdz4link.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
Frame ID: 131BD8AB2E51815076C809F8EED12DBC
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fdz4link.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
Frame ID: B18CE26D03C6EDDFD175CCC37A0608B0
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf_OAoUAAAAABNtjQcMZMWKhARn24aVPh_vc_Wd&co=aHR0cHM6Ly9kejRsaW5rLmNvbTo0NDM.&hl=en&v=1AZgzF1o3OlP73CVr69UmL65&size=normal&cb=xdeef8x39jus
Frame ID: 3B4EDE04892407E1BC28B9A2A406970C
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCgtVe0mCzhxNCPBQy8T-zNw&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
Frame ID: D99ED4AE60FA78EC7EF59A8865AD5CA0
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=1AZgzF1o3OlP73CVr69UmL65&k=6Lf_OAoUAAAAABNtjQcMZMWKhARn24aVPh_vc_Wd&cb=gv7o3ljqzks7
Frame ID: 3D6554648E5885269EFC32A1A0E2BC49
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://speedflow.io/adult/?a=rr Page URL
http://traffdaq.com/delivery/dl/47382?category=women_dating HTTP 301
https://traffdaq.com/delivery/dl/47382?category=women_dating Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlwvdjU0cFY2ckFONTgwdXZkdjY5VkFBPT0iL... Page URL
https://t.co/751ppyfSpM Page URL
https://goo.gl/mN5kyr HTTP 302
http://dz4link.com/uNxw2tQa HTTP 301
https://dz4link.com/uNxw2tQa HTTP 302
http://dz4link.com/redirect HTTP 301
https://dz4link.com/redirect Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

Page Statistics

53
Requests

94 %
HTTPS

55 %
IPv6

19
Domains

24
Subdomains

21
IPs

5
Countries

1240 kB
Transfer

2013 kB
Size

9
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://movierulzvip.com/
Title:

Search URL Search Domain Scan URL

URL: https://zawajhalal.site/
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DZ4TeamSupport/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://speedflow.io/adult/?a=rr Page URL
http://traffdaq.com/delivery/dl/47382?category=women_dating HTTP 301
https://traffdaq.com/delivery/dl/47382?category=women_dating Page URL
https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlwvdjU0cFY2ckFONTgwdXZkdjY5VkFBPT0iLCJ2YWx1ZSI6ImlpQkFrY1E3TnBLclZHZU9EbDhGV0tvZmhyNzdhYk9XV3BmRm1UY2owVksrU3YrVlRuSGNJRXVkUzJ4RjJjZnRuenlMeHVrNVEweEZiNWhJOThEMG1lS0VwZm1OTkZyWms5THhZYjJGa2hXWGRDc2NCekNMODRLNk8wRTBXbEpqbWVsNWRSdEwyN3FGaU1sZGgwdDlNaTh6amVDV0I2XC96VkpDOXdpclNTRnRsMENxanh2dzV1ZzhRUGtZZlE1ZVFKNWZPZEtKUUlCb2hIWFoydENnV1NcL3ZHeGNweWxpalNXRGxFZjNZVXlZd0pIWnhQbUFiR2tuT0E1R1czZmRCbUZOSjJLUmdxNDk4cmVCS28zYzNic2hueklvWlwvZDJOUUpOZXIzcGxGM2NXUFE1NUNUTXVuWFRWdDZrQkZcL3pObCIsIm1hYyI6ImVhMzFmZDZiYTk2OWQ2M2FkZDhkMTZlMzlmYzg5Y2Y2NmM4NTVhMzA2NGM5YjQzOTNjZDRjZTg2ZjMxYmRhM2IifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8 Page URL
https://t.co/751ppyfSpM Page URL
https://goo.gl/mN5kyr HTTP 302
http://dz4link.com/uNxw2tQa HTTP 301
https://dz4link.com/uNxw2tQa HTTP 302
http://dz4link.com/redirect HTTP 301
https://dz4link.com/redirect Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://traffdaq.com/delivery/dl/47382?category=women_dating HTTP 301
https://traffdaq.com/delivery/dl/47382?category=women_dating

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
speedflow.io/adult/ 1 KB
1 KB 203ms
202ms Document
text/html 198.54.116.135
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Server: 198.54.116.135 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server193-5.web-hosting.com
Software: Apache / PHP/7.1.33
Resource Hash: 49561ab51b3b8cd3a009e8304ddc6196109b4be7505614f34a8037208fc70dec

Request headers

Host: speedflow.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr

Response headers

date: Sun, 08 Nov 2020 00:11:24 GMT
server: Apache
x-powered-by: PHP/7.1.33
set-cookie: visits_todaya=1; expires=Sun, 08-Nov-2020 22:59:00 GMT; Max-Age=82056; path=/ time_start=1604794284.3135; expires=Sun, 08-Nov-2020 22:59:00 GMT; Max-Age=82056; path=/ ip=185.216.34.99 mobile=0 country=++ visits_todayi=0; expires=Sun, 08-Nov-2020 22:59:00 GMT; Max-Age=82056; path=/
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
content-length: 547
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK ads.js Show response
a.realsrv.com/ 2 KB
1 KB 18ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://a.realsrv.com/ads.js
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: d3f814d49049b29143de2fccdbd97d0a1f0739e2554c482684c7c906b535ea43

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 00:11:24 GMT
Content-Encoding: gzip
X-HW: 1604794284.dop240.fr8.shc,1604794284.dop240.fr8.t,1604794284.cds129.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 928

GET
H/1.1 200
OK Cookie set ads-iframe-display.php
syndication.realsrv.com/ Frame FA3F 0
0 101ms
82ms Document
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.realsrv.com/ads-iframe-display.php?idzone=4053336&type=900x250&p=http%3A//speedflow.io/adult/%3Fa%3Drr&dt=1604794284424&sub=&tags=&screen_resolution=1600x1200&el=%22
Requested by: Host: a.realsrv.com
URL: https://a.realsrv.com/ads.js
Protocol: HTTP/1.1
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: syndication.realsrv.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

Server: nginx
Date: Sun, 08 Nov 2020 00:11:24 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225fa737ac799080.425565793530439483%22%3B%7D; expires=Tue, 08 Nov 2022 00:11:24 GMT; path=; domain=.realsrv.com;
Content-Encoding: gzip

GET
H/1.1 200
OK autosurf_if.php
manyhit.com/ Frame 56BA 0
0 214ms
213ms Document
text/html 162.213.255.36
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://manyhit.com/autosurf_if.php?user=speedflow
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Server: 162.213.255.36 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server145-4.web-hosting.com
Software: Apache / PHP/5.4.45
Resource Hash

Request headers

Host: manyhit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/

Response headers

date: Sun, 08 Nov 2020 00:11:24 GMT
server: Apache
x-powered-by: PHP/5.4.45
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=38d3d31050e62b5e7cb714f4f0ff6c08; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 1271
content-type: text/html

GET
H/1.1

200
OK

47382 Show response
traffdaq.com/delivery/dl/
Redirect Chain

http://traffdaq.com/delivery/dl/47382?category=women_dating
https://traffdaq.com/delivery/dl/47382?category=women_dating

3 KB
2 KB

554ms
320ms

Document
text/html

107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/dl/47382?category=women_dating
Requested by: Host: speedflow.io
URL: http://speedflow.io/adult/?a=rr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: ad383188637ca54985f98800ee8544fb555dbb5900191be50863590c46886780

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://speedflow.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: http://speedflow.io/adult/?a=rr

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Sun, 08 Nov 2020 00:11:25 GMT
Content-Encoding: gzip

Redirect headers

Content-length: 0
Location: https://traffdaq.com/delivery/dl/47382?category=women_dating
Connection: close

GET
H/1.1 200
OK eyJpdiI6ImQ0cGY1R3VHbjRENEZrQ054SXBKRUE9PSIsInZhbHVlIjoiMGdBNWxMRjBmQnJhaktodVZNR3lkc2FQWnFZNnp3d3ZPcWlNUXFKdEUrVTA4d01pZWdmeWFEMkZCVTIrNG5nb1BiMFpkeUFpY2VFTktPU1V1Yko0ZHc9PSIsIm1hYyI6ImRjMTllNWZlO...
traffdaq.com/users/track/ 0
854 B 459ms
240ms Image
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffdaq.com/users/track/eyJpdiI6ImQ0cGY1R3VHbjRENEZrQ054SXBKRUE9PSIsInZhbHVlIjoiMGdBNWxMRjBmQnJhaktodVZNR3lkc2FQWnFZNnp3d3ZPcWlNUXFKdEUrVTA4d01pZWdmeWFEMkZCVTIrNG5nb1BiMFpkeUFpY2VFTktPU1V1Yko0ZHc9PSIsIm1hYyI6ImRjMTllNWZlODVkYWZmMjI5NmQ2NjE0OTE4NTNmZWU3N2I3MmRkMTBkMjEzZDIzZmQ0YWZmMWIyMTA2MzViMDYifQ%3D%3D
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=women_dating
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 00:11:25 GMT
Cache-Control: no-cache
Server: nginx/1.16.1 (Ubuntu)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 401 implement.js
c.securepaths.com/js/ 0
0 43ms
42ms Script
application/javascript 35.190.72.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c.securepaths.com/js/implement.js?org=FziBhN0qA1aE5tBQrQLl&s=5fa737ad0f079&p=TDQ47382&a=47382&cmp=47382&rd=http%3A%2F%2Fspeedflow.io%2F&rt=click&sl=0&stId=0&ty=l

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=women_dating

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

161.72.190.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Nov 2020 00:11:25 GMT
via: 1.1 google
status: 401
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
x-xss-protection: 0
expires: 0

GET
H2 200 fingerprint2.min.js Show response
cdn.jsdelivr.net/fingerprintjs2/1.4.0/ 33 KB
10 KB 6ms
5ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/fingerprintjs2/1.4.0/fingerprint2.min.js

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=women_dating

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 878274
x-cache: HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 10191
etag: W/"83f3-ijg3WuTgKQH1Hch06eHdIajrA24"
x-served-by: cache-fra19164-FRA
date: Sun, 08 Nov 2020 00:11:25 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 47382 Show response
traffdaq.com/delivery/directlink/ 2 KB
1 KB 2575ms
2356ms Document
text/html 107.170.39.103
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlwvdjU0cFY2ckFONTgwdXZkdjY5VkFBPT0iLCJ2YWx1ZSI6ImlpQkFrY1E3TnBLclZHZU9EbDhGV0tvZmhyNzdhYk9XV3BmRm1UY2owVksrU3YrVlRuSGNJRXVkUzJ4RjJjZnRuenlMeHVrNVEweEZiNWhJOThEMG1lS0VwZm1OTkZyWms5THhZYjJGa2hXWGRDc2NCekNMODRLNk8wRTBXbEpqbWVsNWRSdEwyN3FGaU1sZGgwdDlNaTh6amVDV0I2XC96VkpDOXdpclNTRnRsMENxanh2dzV1ZzhRUGtZZlE1ZVFKNWZPZEtKUUlCb2hIWFoydENnV1NcL3ZHeGNweWxpalNXRGxFZjNZVXlZd0pIWnhQbUFiR2tuT0E1R1czZmRCbUZOSjJLUmdxNDk4cmVCS28zYzNic2hueklvWlwvZDJOUUpOZXIzcGxGM2NXUFE1NUNUTXVuWFRWdDZrQkZcL3pObCIsIm1hYyI6ImVhMzFmZDZiYTk2OWQ2M2FkZDhkMTZlMzlmYzg5Y2Y2NmM4NTVhMzA2NGM5YjQzOTNjZDRjZTg2ZjMxYmRhM2IifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
Requested by: Host: traffdaq.com
URL: https://traffdaq.com/delivery/dl/47382?category=women_dating
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.170.39.103 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: 85daac6c74886d6b53b02a604d962b1435cd4c611573c15eab8af1415dbaeef7

Request headers

Host: traffdaq.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://traffdaq.com/delivery/dl/47382?category=women_dating
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tdqct=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://traffdaq.com/delivery/dl/47382?category=women_dating

Response headers

Server: nginx/1.16.1 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Date: Sun, 08 Nov 2020 00:11:28 GMT
Content-Encoding: gzip

GET
H2 200 751ppyfSpM Show response
t.co/ 218 B
484 B 242ms
163ms Document
text/html 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/751ppyfSpM

Requested by

Host: traffdaq.com
URL: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlwvdjU0cFY2ckFONTgwdXZkdjY5VkFBPT0iLCJ2YWx1ZSI6ImlpQkFrY1E3TnBLclZHZU9EbDhGV0tvZmhyNzdhYk9XV3BmRm1UY2owVksrU3YrVlRuSGNJRXVkUzJ4RjJjZnRuenlMeHVrNVEweEZiNWhJOThEMG1lS0VwZm1OTkZyWms5THhZYjJGa2hXWGRDc2NCekNMODRLNk8wRTBXbEpqbWVsNWRSdEwyN3FGaU1sZGgwdDlNaTh6amVDV0I2XC96VkpDOXdpclNTRnRsMENxanh2dzV1ZzhRUGtZZlE1ZVFKNWZPZEtKUUlCb2hIWFoydENnV1NcL3ZHeGNweWxpalNXRGxFZjNZVXlZd0pIWnhQbUFiR2tuT0E1R1czZmRCbUZOSjJLUmdxNDk4cmVCS28zYzNic2hueklvWlwvZDJOUUpOZXIzcGxGM2NXUFE1NUNUTXVuWFRWdDZrQkZcL3pObCIsIm1hYyI6ImVhMzFmZDZiYTk2OWQ2M2FkZDhkMTZlMzlmYzg5Y2Y2NmM4NTVhMzA2NGM5YjQzOTNjZDRjZTg2ZjMxYmRhM2IifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

67a6a82bb08fd5dd240a7352bf485693573d957745d33e9ee201d8e65ea6c9b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

:method: GET
:authority: t.co
:scheme: https
:path: /751ppyfSpM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlwvdjU0cFY2ckFONTgwdXZkdjY5VkFBPT0iLCJ2YWx1ZSI6ImlpQkFrY1E3TnBLclZHZU9EbDhGV0tvZmhyNzdhYk9XV3BmRm1UY2owVksrU3YrVlRuSGNJRXVkUzJ4RjJjZnRuenlMeHVrNVEweEZiNWhJOThEMG1lS0VwZm1OTkZyWms5THhZYjJGa2hXWGRDc2NCekNMODRLNk8wRTBXbEpqbWVsNWRSdEwyN3FGaU1sZGgwdDlNaTh6amVDV0I2XC96VkpDOXdpclNTRnRsMENxanh2dzV1ZzhRUGtZZlE1ZVFKNWZPZEtKUUlCb2hIWFoydENnV1NcL3ZHeGNweWxpalNXRGxFZjNZVXlZd0pIWnhQbUFiR2tuT0E1R1czZmRCbUZOSjJLUmdxNDk4cmVCS28zYzNic2hueklvWlwvZDJOUUpOZXIzcGxGM2NXUFE1NUNUTXVuWFRWdDZrQkZcL3pObCIsIm1hYyI6ImVhMzFmZDZiYTk2OWQ2M2FkZDhkMTZlMzlmYzg5Y2Y2NmM4NTVhMzA2NGM5YjQzOTNjZDRjZTg2ZjMxYmRhM2IifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://traffdaq.com/delivery/directlink/47382?hash=eyJpdiI6IlwvdjU0cFY2ckFONTgwdXZkdjY5VkFBPT0iLCJ2YWx1ZSI6ImlpQkFrY1E3TnBLclZHZU9EbDhGV0tvZmhyNzdhYk9XV3BmRm1UY2owVksrU3YrVlRuSGNJRXVkUzJ4RjJjZnRuenlMeHVrNVEweEZiNWhJOThEMG1lS0VwZm1OTkZyWms5THhZYjJGa2hXWGRDc2NCekNMODRLNk8wRTBXbEpqbWVsNWRSdEwyN3FGaU1sZGgwdDlNaTh6amVDV0I2XC96VkpDOXdpclNTRnRsMENxanh2dzV1ZzhRUGtZZlE1ZVFKNWZPZEtKUUlCb2hIWFoydENnV1NcL3ZHeGNweWxpalNXRGxFZjNZVXlZd0pIWnhQbUFiR2tuT0E1R1czZmRCbUZOSjJLUmdxNDk4cmVCS28zYzNic2hueklvWlwvZDJOUUpOZXIzcGxGM2NXUFE1NUNUTXVuWFRWdDZrQkZcL3pObCIsIm1hYyI6ImVhMzFmZDZiYTk2OWQ2M2FkZDhkMTZlMzlmYzg5Y2Y2NmM4NTVhMzA2NGM5YjQzOTNjZDRjZTg2ZjMxYmRhM2IifQ%3D%3D&fp=66abd220fd1aeed21a48c2d9b60f0bf8

Response headers

status: 200
cache-control: private,max-age=300
content-encoding: gzip
content-length: 174
content-type: text/html; charset=utf-8
date: Sun, 08 Nov 2020 00:11:28 GMT
expires: Sun, 08 Nov 2020 00:16:28 GMT
server: tsa_o
set-cookie: muc=6379014e-a844-4eff-8cc6-3e357d125552; Max-Age=63072000; Expires=Tue, 08 Nov 2022 00:11:28 GMT; Domain=t.co; Secure; SameSite=None
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: e4fd06b308e746620f5768217f2b801f
x-response-time: 126
x-xss-protection: 0

GET
H2

200

Primary Request redirect Show response
dz4link.com/
Redirect Chain

https://goo.gl/mN5kyr
http://dz4link.com/uNxw2tQa
https://dz4link.com/uNxw2tQa
http://dz4link.com/redirect
https://dz4link.com/redirect

12 KB
4 KB

214ms
213ms

Document
text/html

2606:4700:3031::6812:2a08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dz4link.com/redirect

Requested by

Host: t.co
URL: https://t.co/751ppyfSpM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6812:2a08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.2.29

Resource Hash

825987cddfe0ad5ab32e1f759fa8883e4384f3e03f9e556ef12827dfa553966b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: dz4link.com
:scheme: https
:path: /redirect
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d168e374b2de04b602c8b739ce2ae12d81604794288; AppSession=ps3r1n3st6o6v52ufv1lvf5j91
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://t.co/751ppyfSpM

Response headers

status: 200
date: Sun, 08 Nov 2020 00:11:29 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.29
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
set-cookie: csrfToken=c9cac797f1ce6e90a72cedce42782cecfee48ef736ffae4381403aab5695994a8273404639c62f87b2aeb031a156e14ca3d58fa07fefdd16b33022c45b5656ae; path=/; HttpOnly
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-request-id: 0646caa2a600002c3a91879000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qryoxditLbbqoUNTiwQl30YmZnf13yt6VbT9cWgYBLowikszj2NfUKnRdt6YIJfKzNmFwsmFCfg9TMxmcvyC9htFzAM%2BWuH0DMVDJfrDpj1d63yr68MLJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5eeb13b10f682c3a-FRA
content-encoding: br

Redirect headers

Date: Sun, 08 Nov 2020 00:11:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 08 Nov 2020 01:11:28 GMT
Location: https://dz4link.com/redirect
cf-request-id: 0646caa29c0000647f0b82d000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=udJGRVWaxVzvGLmhvaGEdW7K486dgNCjD0rhFE5KaEnZK0ZR9eg2AhlxNfM6rTxpruGdiDoEzPEE%2Fv8WodulEqpZXuDeseUO%2F%2BbfBGS7kabvuTG7RNiV3g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 5eeb13b0fe3f647f-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
590 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: dz4link.com
URL: https://dz4link.com/redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

550aefc454b2a6bd34a31c5e83de5266c41510f702dbdf9f87ab3b25649a4741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 08 Nov 2020 00:01:17 GMT
server: ESF
date: Sun, 08 Nov 2020 00:11:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Nov 2020 00:11:29 GMT

GET
H2 200 styles.min.css
dz4link.com/cloud_theme/build/css/ 189 KB
31 KB 17ms
17ms Stylesheet
text/css 2606:4700:3031::6812:2a08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dz4link.com/cloud_theme/build/css/styles.min.css?ver=6.4.0

Requested by

Host: dz4link.com
URL: https://dz4link.com/redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6812:2a08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 00:11:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 58570
status: 200
vary: Accept-Encoding,User-Agent
cf-request-id: 0646caa38a00002c3a91249000000001
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
etag: W/"2f202-5919a47413480-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mTzkULH2vf3LGmoRbZhTa6bWctSx16oKu3bpJUOWJLrfDs1AlSWt6PQMVS3gNDzv2r8g3PZ3QLtEolmCzZfEwfP%2BNtSicjyChWONErxfYIGg%2BHo%2F4zwCYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cf-ray: 5eeb13b279522c3a-FRA
expires: Mon, 07 Dec 2020 07:55:19 GMT

GET
H2 200 logo.png
dz4link.com/img/ 6 KB
6 KB 19ms
12ms Image
image/png 2606:4700:3031::6812:2a08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dz4link.com/img/logo.png

Requested by

Host: dz4link.com
URL: https://dz4link.com/redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6812:2a08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

663720d9a5abf39f36e7796014baa70524816f5d56d21366edef8926a2fd6ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 00:11:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5292777
status: 200
content-length: 5790
cf-request-id: 0646caa3aa00002c3ab822e000000001
last-modified: Thu, 23 Apr 2020 01:56:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "169e-5a3eb8f37e3c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2gYmEs%2FcwzuXZNNSgOHpqyFjQv6u23YLDM1crC2TTiNipZCicmRbDjasJgIGMD9B4Gbt81%2Fa5sAuaK7%2BhPVgXDhA%2B6qFjHc7D%2B0BWi%2BzSktIXgYOvQTyTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5eeb13b2a9a12c3a-FRA
expires: Tue, 07 Sep 2021 17:58:32 GMT

GET
H2 200 10.png
dz4link.com/ 66 KB
66 KB 27ms
20ms Image
image/png 2606:4700:3031::6812:2a08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dz4link.com/10.png

Requested by

Host: dz4link.com
URL: https://dz4link.com/redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6812:2a08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a75b43af05873dd2f3ebdaca29df906c5405076bf83c03978c13610f8d68bc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 00:11:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 149877
status: 200
content-length: 67254
cf-request-id: 0646caa3ab00002c3ad9b28000000001
last-modified: Mon, 12 Oct 2020 10:22:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "106b6-5b176ae31f331"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lkTbNV3F6mfyWGKM6eFTD5a%2FAAcWojPl9SFjX38AF%2BSc0kpp0XAEBE06vj4RcSLGbQLlrqUfP2eeU%2B3Fmybh0Vwfcs5D1rmY7BDKoc25eatTyHcd008Q0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5eeb13b2a9a22c3a-FRA
expires: Sat, 06 Nov 2021 06:33:32 GMT

GET
H2 200 h.png
dz4link.com/ 72 KB
73 KB 24ms
18ms Image
image/png 2606:4700:3031::6812:2a08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dz4link.com/h.png

Requested by

Host: dz4link.com
URL: https://dz4link.com/redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6812:2a08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36bd31c6ff1dd5685133867ca87f3225070662814f5c63b7e44ff15755e9f341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 00:11:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 245996
status: 200
content-length: 74055
cf-request-id: 0646caa3ab00002c3afc0d1000000001
last-modified: Mon, 12 Oct 2020 10:22:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "12147-5b176ad2e98f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3NOVf14YtW8hq3q%2FBH%2BFy5yG7tWJrrHPA6idAIM0tzpPxZtiPeN%2F7ofkxxoJlmd2s65TX%2BV59POx82CLJpB6itjXIZv6e5m891oOTyI%2FoSIf8hWfcM%2BFZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5eeb13b2a9a32c3a-FRA
expires: Fri, 05 Nov 2021 03:51:33 GMT

GET
H2 200 a.png
dz4link.com/ 97 KB
97 KB 19ms
13ms Image
image/png 2606:4700:3031::6812:2a08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dz4link.com/a.png

Requested by

Host: dz4link.com
URL: https://dz4link.com/redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6812:2a08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5687b9ce18493f73b35f84b4d642a7649440faa338d9649629d5e2fdddffe4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 00:11:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2294541
status: 200
content-length: 99152
cf-request-id: 0646caa3ab00002c3ab1980000000001
last-modified: Mon, 12 Oct 2020 10:22:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "18350-5b176ad0097ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7nOkw6eQEVyzoKV7jdkca3a6CoIP9XWn59a81ww55eFvpPkdjsycXyRivYjHYN5IOs0nLcBCYlsCoNPHpUNHdTbXS1aX8Ysx7aomolndQaYdblR%2BG%2BpsGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5eeb13b2a9a42c3a-FRA
expires: Tue, 12 Oct 2021 10:49:08 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 49 KB
19 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: dz4link.com
URL: https://dz4link.com/redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c564509a50ce9ef93a1776a41576d7dd965955bf216655bf76ecd145317bae39

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-r/xcOOdsV0yVNNu0Y1NUQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 00:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "478becd38df1f23e8f5a6406e5f41416"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-r/xcOOdsV0yVNNu0Y1NUQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sun, 08 Nov 2020 00:11:29 GMT

GET
H2 200 otI43YsnCcOu1Lh2W6KBKTrslkAWexJZaHAzmkngBGBtrGlHJfCriGbERkXeW9w1bAgS=w720-h310
lh3.googleusercontent.com/ 175 KB
175 KB 37ms
7ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/otI43YsnCcOu1Lh2W6KBKTrslkAWexJZaHAzmkngBGBtrGlHJfCriGbERkXeW9w1bAgS=w720-h310

Requested by

Host: dz4link.com
URL: https://dz4link.com/redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c9b6371623eb67f833b378a3f3019bbaf02365a942ed1e14b4751b34800fb928

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 20:12:00 GMT
x-content-type-options: nosniff
age: 14369
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 179065
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 03 Nov 2020 01:37:48 GMT

GET
H2 200 zawaj_320x50.png
dz4link.com/ads/ 4 KB
4 KB 25ms
19ms Image
image/png 2606:4700:3031::6812:2a08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dz4link.com/ads/zawaj_320x50.png

Requested by

Host: dz4link.com
URL: https://dz4link.com/redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6812:2a08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20cd1d7ee2276deb6220e4b40d853a1b24e95859b7cbfdbeaa857880f61570d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 00:11:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 251697
status: 200
content-length: 3905
cf-request-id: 0646caa3ab00002c3a00044000000001
last-modified: Mon, 07 Sep 2020 17:38:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "f41-5aebcae37c8e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xsJ3qbBDhW7QzjoVxS%2BxW30eCYhWIVMW%2BkXYxb%2FYPCoo%2BpNzggrvcXB0sJE0lj8k%2BLldPPQEywyiJF%2FkZB95N5CklrNSS0G8LrgI5cfQ%2B%2FwV%2FprJmL0ACA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5eeb13b2a9a72c3a-FRA
expires: Fri, 05 Nov 2021 02:16:32 GMT

GET
H/1.1 403
Forbidden 506ee5ddd70f6cc4a0bf05a0b6bdc5a7.js
pourdear.com/50/6e/e5/ 0
0 376ms
123ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pourdear.com/50/6e/e5/506ee5ddd70f6cc4a0bf05a0b6bdc5a7.js
Requested by: Host: dz4link.com
URL: https://dz4link.com/redirect
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 08 Nov 2020 00:11:29 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK 16195 Show response
setpadchat.com/ruYTVZ6CWCp8Qm/ 0
1 KB 159ms
38ms Script
application/javascript 51.178.170.179
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://setpadchat.com/ruYTVZ6CWCp8Qm/16195
Requested by: Host: dz4link.com
URL: https://dz4link.com/redirect
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 51.178.170.179 , France, ASN16276 (OVH, FR),
Reverse DNS: ip179.ip-51-178-170.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 00:11:29 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Keep-Alive: timeout=20

GET
H/1.1 200
OK apu.php Show response
shorteh.com/ 61 KB
22 KB 216ms
72ms Script
application/javascript 139.45.196.11
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://shorteh.com/apu.php?zoneid=718367

Requested by

Host: dz4link.com
URL: https://dz4link.com/redirect

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.11 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

0da262e4c7330b19e7ac1610e391e7c2d9643bf737040e207b6dc99ff4a768ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 00:11:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 53cad7297c14107fa0249ceb93975239
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK green_download_button.png
1001freedownloads.s3.amazonaws.com/vector/thumb/83198/ 27 KB
27 KB 506ms
135ms Image
application/octet-stream 52.216.138.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1001freedownloads.s3.amazonaws.com/vector/thumb/83198/green_download_button.png
Requested by: Host: dz4link.com
URL: https://dz4link.com/redirect
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.138.251 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ed3b613430a4ae99d12fe639bf923f3c5fba787f006b9c15afe92fc077d7bc2d

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 00:11:30 GMT
Last-Modified: Wed, 02 Jul 2014 11:33:23 GMT
Server: AmazonS3
x-amz-request-id: 55D0EE2CD955572F
ETag: "ea8e1e75beed7634a1c82c604f7317c6"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 27786
x-amz-id-2: jIhlRl1xiaLErGVnD0C0ekiMCXd1XDaVy6uwblSANAOdh0evls2g2nOFpWWU1CtOyOFsqsXExEQ=

GET
H2 200 l.png
dz4link.com/ 51 KB
52 KB 23ms
18ms Image
image/png 2606:4700:3031::6812:2a08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dz4link.com/l.png

Requested by

Host: dz4link.com
URL: https://dz4link.com/redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6812:2a08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55d0066acdfbcb88588959cc6006c421338cb329a5ff11ee8dd932983a2adf5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 00:11:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2294543
status: 200
content-length: 52415
cf-request-id: 0646caa3ab00002c3a8ea7a000000001
last-modified: Mon, 12 Oct 2020 09:53:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "ccbf-5b17643ecc7ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MpxWGBM1ei1yVvMZyqanXPURr23zat%2BQPdazUp3YZ28I%2BvmYmhfbd%2FILZjIR08ZTe65t8iGTjdfA9jgN5ugfTaReLnXiH%2BjAlZpNkmA1FvWsSqncEby4cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5eeb13b2a9a82c3a-FRA
expires: Tue, 12 Oct 2021 10:49:06 GMT

GET
H2 200 c.png
dz4link.com/ 61 KB
61 KB 25ms
20ms Image
image/png 2606:4700:3031::6812:2a08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dz4link.com/c.png

Requested by

Host: dz4link.com
URL: https://dz4link.com/redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6812:2a08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f4d42af461fe7de99c0c52289eec3a4aaf3e589075bd37d27ce650c0278fa69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 00:11:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 413618
status: 200
content-length: 62181
cf-request-id: 0646caa3ac00002c3af43ec000000001
last-modified: Mon, 12 Oct 2020 09:53:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "f2e5-5b17643ecaca7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vl12CXM0%2FCtwdVdO6L6eXqqzYMYAjc2P16n8DOaGTuZQ54I%2FLA%2FFWHIoXtQFAnH%2FGfFXisw8kAm7k6sXR9PSVM3UsG6LcvFZnYCH6Q9rV1fdZqpZCuySlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5eeb13b2a9a92c3a-FRA
expires: Wed, 03 Nov 2021 05:17:51 GMT

GET
H2 200 n.png
dz4link.com/ 60 KB
61 KB 25ms
21ms Image
image/png 2606:4700:3031::6812:2a08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dz4link.com/n.png

Requested by

Host: dz4link.com
URL: https://dz4link.com/redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6812:2a08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22fed677e0b7c4788d4a1fc03b4347165f8029e5567bba023effedfeba6a7cb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 00:11:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 425084
status: 200
content-length: 61918
cf-request-id: 0646caa3ac00002c3ae6a18000000001
last-modified: Mon, 12 Oct 2020 09:48:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "f1de-5b17632b08623"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=N8H6A1pt9LzFZTfeSFXq5m5inyUw7o5tLIKMvn1rfEQhEjeSPdHERfRby1iZdxAogdwi7w8Ipee5OxCwCnCFkiSqAHdCLfeJUKRrUzI5pSrcNvRG3UDBJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5eeb13b2a9aa2c3a-FRA
expires: Wed, 03 Nov 2021 02:06:45 GMT

GET
H2 200 ads.js Show response
dz4link.com/js/ 191 B
492 B 18ms
11ms Script
application/javascript 2606:4700:3031::6812:2a08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dz4link.com/js/ads.js

Requested by

Host: dz4link.com
URL: https://dz4link.com/redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6812:2a08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 00:11:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 413618
status: 200
vary: Accept-Encoding,User-Agent
cf-request-id: 0646caa3a900002c3a0fbc9000000001
last-modified: Mon, 02 Sep 2019 23:24:48 GMT
server: cloudflare
etag: W/"bf-5919a4722b000-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rHUupNMQJQEXz%2Bb17X1uAYp7d2sBnw%2FmDBJv4bvcYK%2Bg0HD%2Fu3v7hNjnlMv%2BkTzHEeCgSjuZfUwsH03s3BydIJ3%2Bj%2BsRHklAvMsmYTD8Xt%2BW37Qc4lZWgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cf-ray: 5eeb13b2a99c2c3a-FRA
expires: Thu, 03 Dec 2020 05:17:51 GMT

GET
H2 200 script.min.js Show response
dz4link.com/cloud_theme/build/js/ 202 KB
58 KB 30ms
23ms Script
application/javascript 2606:4700:3031::6812:2a08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dz4link.com/cloud_theme/build/js/script.min.js?ver=6.4.0

Requested by

Host: dz4link.com
URL: https://dz4link.com/redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6812:2a08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 00:11:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 232764
status: 200
vary: Accept-Encoding,User-Agent
cf-request-id: 0646caa3aa00002c3af8af2000000001
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
etag: W/"32956-5919a47413480-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RA9Dz7D7jomynwTSnKHzJVvFKtaAxuInCEBY0y%2FebnWjeToRE2KD2sxz7lRgFu7JCGr6LdmwYle%2B9T3ZjfMgZnhXSgUg6QBuMlAPNyqTKMm3ixoyJYGn1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cf-ray: 5eeb13b2a99d2c3a-FRA
expires: Sat, 05 Dec 2020 07:32:05 GMT

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 918 B
1023 B 47ms
19ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Requested by

Host: dz4link.com
URL: https://dz4link.com/redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b174ad10911ff58ee7665242f5a21c1ccd28763dcddb2838f957d809fe591169

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 00:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 585
x-xss-protection: 1; mode=block
expires: Sun, 08 Nov 2020 00:11:29 GMT

GET
H2 200 header.jpg
dz4link.com/cloud_theme/build/img/ 110 KB
111 KB 22ms
20ms Image
image/jpeg 2606:4700:3031::6812:2a08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dz4link.com/cloud_theme/build/img/header.jpg

Requested by

Host: dz4link.com
URL: https://dz4link.com/cloud_theme/build/css/styles.min.css?ver=6.4.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6812:2a08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de64b3a393f109bb7d59b836c7cb1b690b031e1da1bf442181cef25487296629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 00:11:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 107791
status: 200
content-length: 113002
cf-request-id: 0646caa3ac00002c3aa7123000000001
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1b96a-5919a47413480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iA5O1uKkVxTQjahR8GzFWHQtW62tyIERDOEz%2FgN8W8mHlPY6tyeBzuGAOjeAxXIlinadff0Q0sR7esFPduwFA0pugCs04a747%2FO7LQPPBPR2Uy%2BIJ8P92A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5eeb13b2a9ab2c3a-FRA
expires: Sat, 06 Nov 2021 18:14:58 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://dz4link.com
Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 04:50:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:25 GMT
server: sffe
age: 69644
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Sun, 07 Nov 2021 04:50:45 GMT

GET
H2 200 fontawesome-webfont.woff2
dz4link.com/cloud_theme/build/fonts/ 75 KB
76 KB 16ms
16ms Font
font/woff2 2606:4700:3031::6812:2a08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dz4link.com/cloud_theme/build/fonts/fontawesome-webfont.woff2

Requested by

Host: dz4link.com
URL: https://dz4link.com/cloud_theme/build/css/styles.min.css?ver=6.4.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6812:2a08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://dz4link.com
Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 00:11:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3458
status: 200
content-length: 77160
cf-request-id: 0646caa3af00002c3ad2b1a000000001
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "12d68-5919a47413480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3J%2BkR6klujARy44T3Vog2GA4fIQziGEkJWQSczppJyqB8axFzHgbhs8L2Tf3aDIq8tCviGW4RxwoWZHm5HT8fnJAgYs%2F6hdeFdIWAzFypsWf5SdS12lqfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5eeb13b2b9b42c3a-FRA

GET
H3-Q050 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 34ms
20ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://dz4link.com
Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 11:20:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 132652
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Sat, 06 Nov 2021 11:20:37 GMT

GET
H2 200 footer.jpg
dz4link.com/cloud_theme/build/img/ 6 KB
6 KB 11ms
10ms Image
image/jpeg 2606:4700:3031::6812:2a08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dz4link.com/cloud_theme/build/img/footer.jpg

Requested by

Host: dz4link.com
URL: https://dz4link.com/cloud_theme/build/css/styles.min.css?ver=6.4.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6812:2a08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d9018c96cf959a5b64d9df4dedd97b52e6078ac75d0771e34cbeea89ef19ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 00:11:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5293560
status: 200
content-length: 6152
cf-request-id: 0646caa51700002c3afd044000000001
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1808-5919a47413480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HqqYT7x3isGV2t3PPOnA6smdqWw93N3rymAdqQzT7hwDnTnOauhOUF2U72r2ISuLibxO3h49bEYQNJVPxeDyYInW%2FPwajSOpB3I5jG1%2Fc79wsF9Nh7RzhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5eeb13b4fe582c3a-FRA
expires: Tue, 07 Sep 2021 17:45:29 GMT

GET
H3-Q050 200 S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 13 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://dz4link.com
Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 11:21:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:30 GMT
server: sffe
age: 132619
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13732
x-xss-protection: 0
expires: Sat, 06 Nov 2021 11:21:10 GMT

GET
H/1.1 200
OK fac.php
shorteh.com/ Frame 3C44 0
0 58ms
58ms Document
text/html 139.45.196.11
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://shorteh.com/fac.php

Requested by

Host: shorteh.com
URL: https://shorteh.com/apu.php?zoneid=718367

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.11 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: shorteh.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://dz4link.com/redirect
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: OAID=2ba2c145793e40428d073181f9e82735; oaidts=1604794289
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://dz4link.com/redirect

Response headers

Server: nginx
Date: Sun, 08 Nov 2020 00:11:29 GMT
Content-Type: text/html; charset=utf8
Content-Length: 203
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
X-Trace-Id: e3c435701f48f555589ea9e195c933cb
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/ 114 KB
40 KB 38ms
23ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df1a864eb139f7b83e359441a65279606060e7849312d1124f854628c31eb14c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 22:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 17:38:50 GMT
server: sffe
age: 438979
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41221
x-xss-protection: 0
expires: Tue, 02 Nov 2021 22:15:10 GMT

GET
H3-Q050 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/ 120 KB
41 KB 32ms
20ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66897be078be4f7ceb97fed6611f98f7e47a0245e45fe0e39a8a7ae258231323

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 22:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 17:38:50 GMT
server: sffe
age: 438971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41449
x-xss-protection: 0
expires: Tue, 02 Nov 2021 22:15:18 GMT

GET
H2 200 subscribe_embed
www.youtube.com/ Frame 131B 0
0 83ms
64ms Document
text/html 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCgtVe0mCzhxNCPBQy8T-zNw&layout=default&count=default&origin=https%3A%2F%2Fdz4link.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /subscribe_embed?usegapi=1&channelid=UCgtVe0mCzhxNCPBQy8T-zNw&layout=default&count=default&origin=https%3A%2F%2Fdz4link.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dz4link.com/redirect
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://dz4link.com/redirect

Response headers

status: 200
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
expires: Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options: nosniff
cache-control: no-cache
content-length: 1627
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
date: Sun, 08 Nov 2020 00:11:29 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: YSC=EYbpurKxf0k; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=NTZ7cTU76vU; path=/; domain=.youtube.com; secure; expires=Fri, 07-May-2021 00:11:29 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sun, 08-Nov-2020 00:41:29 GMT
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/1AZgzF1o3OlP73CVr69UmL65/ 344 KB
136 KB 48ms
28ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1AZgzF1o3OlP73CVr69UmL65/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd828162a2e54e24de6f167733fea047e61317ac2f573b83b75589bcbe00e6af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://dz4link.com
Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 23:50:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1256
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138367
x-xss-protection: 0
last-modified: Mon, 02 Nov 2020 19:55:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Nov 2021 23:50:33 GMT

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame B18C 0
0 94ms
73ms Document
text/html 2a00:1450:4001:808::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fdz4link.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Tai0xN+bNcXy3yZC36G3Nw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fdz4link.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dz4link.com/redirect
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=204=QFatC_d-ZOdOZkYhfiFHr-pAfjuSj3MM6OIIZ9qYtIwybfuidR7t9k1wwd_cjDF4JnnSqScmhlNnyO3P_RAofcbbOwUPr_XcOpV871J1yaxPG4oZrRV3vUh2H7FGKY068Y803xNCRy74_txHnUX2E3uH9sGcZypNH82Me6SNOCw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://dz4link.com/redirect

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 08 Nov 2020 00:11:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-Tai0xN+bNcXy3yZC36G3Nw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 3B4E 0
0 35ms
34ms Document
text/html 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf_OAoUAAAAABNtjQcMZMWKhARn24aVPh_vc_Wd&co=aHR0cHM6Ly9kejRsaW5rLmNvbTo0NDM.&hl=en&v=1AZgzF1o3OlP73CVr69UmL65&size=normal&cb=xdeef8x39jus

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1AZgzF1o3OlP73CVr69UmL65/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cTBrTUtx8DgSUtFd56Xm8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Lf_OAoUAAAAABNtjQcMZMWKhARn24aVPh_vc_Wd&co=aHR0cHM6Ly9kejRsaW5rLmNvbTo0NDM.&hl=en&v=1AZgzF1o3OlP73CVr69UmL65&size=normal&cb=xdeef8x39jus
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dz4link.com/redirect
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=204=QFatC_d-ZOdOZkYhfiFHr-pAfjuSj3MM6OIIZ9qYtIwybfuidR7t9k1wwd_cjDF4JnnSqScmhlNnyO3P_RAofcbbOwUPr_XcOpV871J1yaxPG4oZrRV3vUh2H7FGKY068Y803xNCRy74_txHnUX2E3uH9sGcZypNH82Me6SNOCw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://dz4link.com/redirect

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 08 Nov 2020 00:11:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-cTBrTUtx8DgSUtFd56Xm8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 11050
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H/1.1 204
No Content options
shorteh.com/ Frame 0
0 179ms
43ms Other 139.45.196.11
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://shorteh.com/options?option_args=CJ_sKxIgMmJhMmMxNDU3OTNlNDA0MjhkMDczMTgxZjllODI3MzUaKGh0dHA6Ly9zaG9ydGVoLmNvbS9hcHUucGhwP3pvbmVpZD03MTgzNjciHmh0dHA6Ly9zcGVlZGZsb3cuaW8vYWR1bHQvYT1ycjIkYjU5ZWQwMDUtN2U0NS00Mzk2LTgzNWQtMDcyM2FlYWIzN2Jh

Protocol

HTTP/1.1

Server

139.45.196.11 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://dz4link.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sun, 08 Nov 2020 00:11:29 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://dz4link.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

POST
H/1.1 200
OK options Show response
shorteh.com/ 0
678 B 46ms
46ms XHR
text/html 139.45.196.11
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: shorteh.com
URL: https://shorteh.com/apu.php?zoneid=718367

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.11 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

Date: Sun, 08 Nov 2020 00:11:29 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 0
X-Trace-Id: 2bd53d183919b1f212ac903cc88cd3f7
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=utf8
Access-Control-Allow-Origin: https://dz4link.com
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3-Q050 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/ 27 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_2

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72e7061b2fead0aa3c75037191d060ca98f532e0745eb5cfd2f9e02c6d863c71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 22:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 17:38:50 GMT
server: sffe
age: 438949
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9266
x-xss-protection: 0
expires: Tue, 02 Nov 2021 22:15:40 GMT

GET
H3-Q050 200 subscribe_embed
www.youtube.com/ Frame D99E 0
0 67ms
66ms Document
text/html 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCgtVe0mCzhxNCPBQy8T-zNw&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /subscribe_embed?action_card=1&channelid=UCgtVe0mCzhxNCPBQy8T-zNw&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dz4link.com/redirect
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=EYbpurKxf0k; VISITOR_INFO1_LIVE=NTZ7cTU76vU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://dz4link.com/redirect

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache
content-encoding: br
x-content-type-options: nosniff
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-length: 327
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
strict-transport-security: max-age=31536000
date: Sun, 08 Nov 2020 00:11:29 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: GPS=1; path=/; domain=.youtube.com; expires=Sun, 08-Nov-2020 00:41:29 GMT
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
152 B 7ms
6ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Requested by

Host: dz4link.com
URL: https://dz4link.com/redirect

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 13:00:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 126638
content-type: image/gif
status: 200
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sat, 06 Nov 2021 13:00:51 GMT

GET
H3-Q050 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
118 B 8ms
7ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Requested by

Host: dz4link.com
URL: https://dz4link.com/redirect

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 11:21:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 132613
content-type: image/gif
status: 200
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sat, 06 Nov 2021 11:21:16 GMT

GET
H3-Q050 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
345 B 7ms
6ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Requested by

Host: dz4link.com
URL: https://dz4link.com/redirect

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 11:21:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 132613
content-type: image/png
status: 200
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
expires: Sat, 06 Nov 2021 11:21:16 GMT

GET
H3-Q050 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
141 B 9ms
8ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Requested by

Host: dz4link.com
URL: https://dz4link.com/redirect

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 11:21:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 132613
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116
x-xss-protection: 0
expires: Sat, 06 Nov 2021 11:21:16 GMT

GET
H3-Q050 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
193 B 9ms
9ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Requested by

Host: dz4link.com
URL: https://dz4link.com/redirect

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://speedflow.io/adult/a=rr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 22:11:25 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 93604
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
expires: Sat, 06 Nov 2021 22:11:25 GMT

GET
H3-Q050 200 bframe
www.google.com/recaptcha/api2/ Frame 3D65 0
0 18ms
17ms Document
text/html 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=1AZgzF1o3OlP73CVr69UmL65&k=6Lf_OAoUAAAAABNtjQcMZMWKhARn24aVPh_vc_Wd&cb=gv7o3ljqzks7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1AZgzF1o3OlP73CVr69UmL65/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vmsyGqFTCdrHQ9Nq3SBc/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=1AZgzF1o3OlP73CVr69UmL65&k=6Lf_OAoUAAAAABNtjQcMZMWKhARn24aVPh_vc_Wd&cb=gv7o3ljqzks7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dz4link.com/redirect
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=204=QFatC_d-ZOdOZkYhfiFHr-pAfjuSj3MM6OIIZ9qYtIwybfuidR7t9k1wwd_cjDF4JnnSqScmhlNnyO3P_RAofcbbOwUPr_XcOpV871J1yaxPG4oZrRV3vUh2H7FGKY068Y803xNCRy74_txHnUX2E3uH9sGcZypNH82Me6SNOCw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
referer: http://speedflow.io/adult/a=rr
Referer: https://dz4link.com/redirect

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 08 Nov 2020 00:11:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-vmsyGqFTCdrHQ9Nq3SBc/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1172
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: EYbpurKxf0k
.google.com/	1970-01-19 18:10:05	Name: NID Value: 204=QFatC_d-ZOdOZkYhfiFHr-pAfjuSj3MM6OIIZ9qYtIwybfuidR7t9k1wwd_cjDF4JnnSqScmhlNnyO3P_RAofcbbOwUPr_XcOpV871J1yaxPG4oZrRV3vUh2H7FGKY068Y803xNCRy74_txHnUX2E3uH9sGcZypNH82Me6SNOCw
shorteh.com/	1970-01-19 22:32:10	Name: oaidts Value: 1604794289
shorteh.com/	1970-01-19 22:32:10	Name: OAID Value: 2ba2c145793e40428d073181f9e82735
dz4link.com/	1969-12-31 23:59:59	Name: AppSession Value: ps3r1n3st6o6v52ufv1lvf5j91
.youtube.com/	1970-01-19 18:05:46	Name: VISITOR_INFO1_LIVE Value: NTZ7cTU76vU
dz4link.com/	1969-12-31 23:59:59	Name: ab Value: 2
dz4link.com/	1969-12-31 23:59:59	Name: csrfToken Value: c9cac797f1ce6e90a72cedce42782cecfee48ef736ffae4381403aab5695994a8273404639c62f87b2aeb031a156e14ca3d58fa07fefdd16b33022c45b5656ae
.dz4link.com/	1970-01-19 14:29:46	Name: __cfduid Value: d168e374b2de04b602c8b739ce2ae12d81604794288

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1001freedownloads.s3.amazonaws.com
a.realsrv.com
accounts.google.com
apis.google.com
c.securepaths.com
cdn.jsdelivr.net
dz4link.com
fonts.googleapis.com
fonts.gstatic.com
goo.gl
lh3.googleusercontent.com
manyhit.com
pourdear.com
setpadchat.com
shorteh.com
speedflow.io
ssl.gstatic.com
syndication.realsrv.com
t.co
traffdaq.com
www.google.com
www.gstatic.com
www.recaptcha.net
www.youtube.com
104.244.42.5
107.170.39.103
139.45.196.11
162.213.255.36
192.243.59.20
198.54.116.135
2001:4de0:ac19::1:b:3a
2606:4700:3031::6812:2a08
2a00:1450:4001:800::200e
2a00:1450:4001:802::2003
2a00:1450:4001:806::2001
2a00:1450:4001:806::200e
2a00:1450:4001:808::200d
2a00:1450:4001:814::2003
2a00:1450:4001:819::200e
2a00:1450:4001:820::2004
2a00:1450:4001:825::200a
2a04:4e42:3::621
35.190.72.161
51.178.170.179
52.216.138.251
95.211.229.247
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0da262e4c7330b19e7ac1610e391e7c2d9643bf737040e207b6dc99ff4a768ce
20cd1d7ee2276deb6220e4b40d853a1b24e95859b7cbfdbeaa857880f61570d9
22fed677e0b7c4788d4a1fc03b4347165f8029e5567bba023effedfeba6a7cb7
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
36bd31c6ff1dd5685133867ca87f3225070662814f5c63b7e44ff15755e9f341
3f4d42af461fe7de99c0c52289eec3a4aaf3e589075bd37d27ce650c0278fa69
49561ab51b3b8cd3a009e8304ddc6196109b4be7505614f34a8037208fc70dec
4d9018c96cf959a5b64d9df4dedd97b52e6078ac75d0771e34cbeea89ef19ce0
4ef071f26a6a95d20498fa67e78856aebf65e9e06d46046604acac1ac3e87033
550aefc454b2a6bd34a31c5e83de5266c41510f702dbdf9f87ab3b25649a4741
55d0066acdfbcb88588959cc6006c421338cb329a5ff11ee8dd932983a2adf5c
663720d9a5abf39f36e7796014baa70524816f5d56d21366edef8926a2fd6ec2
66897be078be4f7ceb97fed6611f98f7e47a0245e45fe0e39a8a7ae258231323
67a6a82bb08fd5dd240a7352bf485693573d957745d33e9ee201d8e65ea6c9b8
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
72e7061b2fead0aa3c75037191d060ca98f532e0745eb5cfd2f9e02c6d863c71
7a75b43af05873dd2f3ebdaca29df906c5405076bf83c03978c13610f8d68bc1
825987cddfe0ad5ab32e1f759fa8883e4384f3e03f9e556ef12827dfa553966b
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
85daac6c74886d6b53b02a604d962b1435cd4c611573c15eab8af1415dbaeef7
90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
ad383188637ca54985f98800ee8544fb555dbb5900191be50863590c46886780
b174ad10911ff58ee7665242f5a21c1ccd28763dcddb2838f957d809fe591169
b5687b9ce18493f73b35f84b4d642a7649440faa338d9649629d5e2fdddffe4b
c564509a50ce9ef93a1776a41576d7dd965955bf216655bf76ecd145317bae39
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
c9b6371623eb67f833b378a3f3019bbaf02365a942ed1e14b4751b34800fb928
d3f814d49049b29143de2fccdbd97d0a1f0739e2554c482684c7c906b535ea43
dd828162a2e54e24de6f167733fea047e61317ac2f573b83b75589bcbe00e6af
de64b3a393f109bb7d59b836c7cb1b690b031e1da1bf442181cef25487296629
df1a864eb139f7b83e359441a65279606060e7849312d1124f854628c31eb14c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ed3b613430a4ae99d12fe639bf923f3c5fba787f006b9c15afe92fc077d7bc2d

dz4link.com Open in urlscan Pro 2606:4700:3031::6812:2a08 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

94 %HTTPS

55 %IPv6

19 Domains

24 Subdomains

21 IPs

5 Countries

1240 kBTransfer

2013 kBSize

9 Cookies

3 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

dz4link.com Open in urlscan Pro
2606:4700:3031::6812:2a08 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

94 %
HTTPS

55 %
IPv6

19
Domains

24
Subdomains

21
IPs

5
Countries

1240 kB
Transfer

2013 kB
Size

9
Cookies

53 HTTP transactions
0 data transactions