urlscan.io logo urlscan.io
SecurityTrails logo

www.dailydeports.pw Open in urlscan Pro
2606:4700:30::681b:a5ad  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.dailydeports.pw/30.10/stream22.html
Submission: On October 31 via api from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 17 domains to perform 29 HTTP transactions. The main IP is 2606:4700:30::681b:a5ad, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.dailydeports.pw.
This is the only time www.dailydeports.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2606:4700:300... 13335 (CLOUDFLAR...)
2 2606:4700:30:... 13335 (CLOUDFLAR...)
1 185.225.208.133 13213 (UK2NET-AS)
1 185.59.220.13 60068 (CDN77)
1 193.124.183.237 48666 (AS-MAROSN...)
7 7 52.0.241.166 14618 (AMAZON-AES)
1 104.109.72.141 20940 (AKAMAI-ASN1)
1 67.202.94.86 32748 (STEADFAST)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 162.252.214.5 53334 (TUT-AS)
4 4 78.159.101.72 28753 (LEASEWEB-...)
4 2606:4700:30:... 13335 (CLOUDFLAR...)
2 104.18.18.49 13335 (CLOUDFLAR...)
4 4 173.239.53.18 27257 (WEBAIR-IN...)
4 188.72.203.236 35415 (WEBZILLA)
1 174.137.133.18 27257 (WEBAIR-IN...)
1 174.137.133.17 27257 (WEBAIR-IN...)
1 216.21.13.16 53334 (TUT-AS)
29 17
1    2606:4700:30::681b:a5ad (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.dailydeports.pw
1    2606:4700:300a::6813:c497 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
2    2606:4700:30::681b:a4ad (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
dailydeports.pw
1    185.225.208.133 (Germany)

ASN13213 (UK2NET-AS, GB)
waust.at
1    185.59.220.13 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: frankfurt-10.cdn77.com
c1.popads.net
1    193.124.183.237 (Russian Federation)

ASN48666 (AS-MAROSNET Moscow, Russia, RU)
PTR: ih1254818.vds.myihor.ru
nowlive.pro
7    52.0.241.166 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-0-241-166.compute-1.amazonaws.com
witalfieldt.com
1    104.109.72.141 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-72-141.deploy.static.akamaitechnologies.com
www.gearbest.com
1    67.202.94.86 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: amung.us
whos.amung.us
2    2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
c.adsco.re
6.adsco.re
1    162.252.214.5 (United States)

ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US)
adsco.re
4    78.159.101.72 (Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
eu1.evadavdsp.pro
4    2606:4700:30::6818:7099 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
istanbulescortbayann.com
2    104.18.18.49 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ketormanch.pro
4    173.239.53.18 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
xml.popunder.bid
4    188.72.203.236 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: stem.cetinjsd.net
t5ytz24c5.com
1    174.137.133.18 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
xml.popmonetizer.com
1    174.137.133.17 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
xml.adxnexus.com
1    216.21.13.16 (United States)

ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US)
serve.popads.net
Domain Requested by
7 witalfieldt.com 7 redirects www.dailydeports.pw
4 t5ytz24c5.com dailydeports.pw
4 xml.popunder.bid 4 redirects
4 istanbulescortbayann.com dailydeports.pw
4 eu1.evadavdsp.pro 4 redirects
2 ketormanch.pro dailydeports.pw
2 dailydeports.pw www.dailydeports.pw
1 serve.popads.net c1.popads.net
1 xml.adxnexus.com dailydeports.pw
1 xml.popmonetizer.com dailydeports.pw
1 adsco.re c.adsco.re
1 6.adsco.re www.dailydeports.pw
1 c.adsco.re c1.popads.net
1 whos.amung.us waust.at
1 www.gearbest.com www.dailydeports.pw
1 nowlive.pro www.dailydeports.pw
1 c1.popads.net www.dailydeports.pw
1 waust.at www.dailydeports.pw
1 cdnjs.cloudflare.com www.dailydeports.pw
1 www.dailydeports.pw
0 xml.revrtb.com Failed dailydeports.pw
29 21

This site contains links to these domains. Also see Links.

Domain
whos.amung.us
Subject Issuer Validity Valid
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
*.gearbest.com
DigiCert SHA2 Secure Server CA		 2019-02-09 -
2020-05-10		 a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-10-03 -
2020-10-02		 a year crt.sh
t5ytz24c5.com
Let's Encrypt Authority X3		 2019-09-06 -
2019-12-05		 3 months crt.sh
*.popmonetizer.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-24 -
2020-12-22		 a year crt.sh
*.adxnexus.com
Sectigo RSA Domain Validation Secure Server CA		 2019-04-13 -
2020-04-12		 a year crt.sh

This page contains 20 frames:

Primary Page: http://www.dailydeports.pw/30.10/stream22.html
Frame ID: 536EBFD020F1FF670DD2A961832A2FB3
Requests: 11 HTTP requests in this frame

Frame: http://nowlive.pro/1/112.html?id=112
Frame ID: 5DF67E0E68A53ADAC06F4F64C82B479C
Requests: 1 HTTP requests in this frame

Frame: http://dailydeports.pw/adss/myads.html
Frame ID: 7C78BBB0A0376E7F8744CADE873069DB
Requests: 1 HTTP requests in this frame

Frame: https://www.gearbest.com/?lkid=12144556
Frame ID: DD5CF28E5BC28FDE5DE103BA3A021259
Requests: 1 HTTP requests in this frame

Frame: https://witalfieldt.com/redirect?tid=646273&ref=dailydeportes.pw
Frame ID: C181614F1AFCCED2E07F2A8E8B82D770
Requests: 1 HTTP requests in this frame

Frame: https://witalfieldt.com/redirect?tid=646273&ref=dailydeportes.pw
Frame ID: AA8D5E50F0734808C7C21DB2B3D0035F
Requests: 1 HTTP requests in this frame

Frame: https://witalfieldt.com/redirect?tid=646273&ref=dailydeportes.pw
Frame ID: 5370D483B302659A97BE01FD816D3B1C
Requests: 1 HTTP requests in this frame

Frame: http://istanbulescortbayann.com/?amp
Frame ID: 785E196E67CCD1D8924C12163587CB15
Requests: 1 HTTP requests in this frame

Frame: https://ketormanch.pro/NBPRDYW?tag_id=698678&sub_id1=&sub_id2=6791843287720583139&cookie_id=0e76a590-df27-41ee-a6ec-e9e0bb983053&lp=no_internet&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fwitalfieldt.com%2F%3Ftid%3D698678%26noocp%3D1&hop=7&geo=DE
Frame ID: 739FD444AA9B368DE71F7B061F3C7056
Requests: 1 HTTP requests in this frame

Frame: https://t5ytz24c5.com/i/2960?nsid=111920&partner_subid=
Frame ID: 785C015E5606506A2FAD96CF79BD063C
Requests: 1 HTTP requests in this frame

Frame: https://t5ytz24c5.com/i/2960?nsid=108952&partner_subid=
Frame ID: ED0B7A4ABCB0DBB56B64C5FDB723E1EB
Requests: 1 HTTP requests in this frame

Frame: http://istanbulescortbayann.com/?amp
Frame ID: CC25DB0E5EBFB4521FDCC3FDBE94F6D3
Requests: 1 HTTP requests in this frame

Frame: http://istanbulescortbayann.com/?amp
Frame ID: F0FCD0150F9CE3B37587AF72D7F86135
Requests: 1 HTTP requests in this frame

Frame: https://t5ytz24c5.com/i/2960?nsid=111920&partner_subid=
Frame ID: 5DE71A561BE22F046B38438B74E91C4D
Requests: 1 HTTP requests in this frame

Frame: http://istanbulescortbayann.com/?amp
Frame ID: 856B158CC44647535C041DA349D12005
Requests: 1 HTTP requests in this frame

Frame: https://ketormanch.pro/IRPV?tag_id=698678&sub_id1=&sub_id2=2737762118448571715&cookie_id=510a0817-b5b7-4d3b-960f-6454aff3ea54&lp=download_file&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fwitalfieldt.com%2F%3Ftid%3D698678%26noocp%3D1&hop=7&geo=DE
Frame ID: 53BE090242BB7FD793664734AD58A94E
Requests: 1 HTTP requests in this frame

Frame: https://t5ytz24c5.com/i/2960?nsid=108952&partner_subid=
Frame ID: 85EBFF4AD2126BF6294E176BD4FDCA18
Requests: 1 HTTP requests in this frame

Frame: https://xml.popmonetizer.com/redirect?feed=184608&auth=02szyf&pubid=93422
Frame ID: 5859D5E9FE1AE92BFD037688C7BCED46
Requests: 1 HTTP requests in this frame

Frame: https://xml.adxnexus.com/redirect?feed=184609&auth=3IQfNU&pubid=95210
Frame ID: 5F39FC16B0218245ED8FD91826A23D71
Requests: 1 HTTP requests in this frame

Frame: https://xml.revrtb.com/redirect?feed=184607&auth=cOcGqf&pubid=95209
Frame ID: C7CF5E252DA6E681671AA605EADA45C4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

29
Requests

34 %
HTTPS

26 %
IPv6

17
Domains

21
Subdomains

17
IPs

4
Countries

89 kB
Transfer

206 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://witalfieldt.com/redirect?tid=646273&ref=dailydeportes.pw HTTP 302
  • https://www.gearbest.com/?lkid=12144556
Request Chain 14
  • http://witalfieldt.com/redirect?tid=698580&&ref=[URI_ENCODED_REFERER] HTTP 302
  • https://eu1.evadavdsp.pro/dsp/cu/clc?aid=17429110916230106382&t=1572493549&sid=338 HTTP 302
  • http://istanbulescortbayann.com/?amp
Request Chain 15
  • http://witalfieldt.com/redirect?tid=698678&&ref=[URI_ENCODED_REFERER] HTTP 302
  • https://ketormanch.pro/NBPRDYW?tag_id=698678&sub_id1=&sub_id2=6791843287720583139&cookie_id=0e76a590-df27-41ee-a6ec-e9e0bb983053&lp=no_internet&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fwitalfieldt.com%2F%3Ftid%3D698678%26noocp%3D1&hop=7&geo=DE
Request Chain 16
  • http://xml.popunder.bid/redirect?feed=111920&auth=2yHFJM HTTP 302
  • https://t5ytz24c5.com/i/2960?nsid=111920&partner_subid=
Request Chain 17
  • http://xml.popunder.bid/redirect?feed=108952&auth=Ou5t6d HTTP 302
  • https://t5ytz24c5.com/i/2960?nsid=108952&partner_subid=
Request Chain 18
  • http://witalfieldt.com/redirect?tid=758290&&ref=[URI_ENCODED_REFERER] HTTP 302
  • https://eu1.evadavdsp.pro/dsp/cu/clc?aid=13228235266708947329&t=1572493549&sid=338 HTTP 302
  • http://istanbulescortbayann.com/?amp
Request Chain 19
  • http://witalfieldt.com/redirect?tid=780714&&ref=[URI_ENCODED_REFERER] HTTP 302
  • https://eu1.evadavdsp.pro/dsp/cu/clc?aid=12412449134194609986&t=1572493549&sid=338 HTTP 302
  • http://istanbulescortbayann.com/?amp
Request Chain 20
  • http://xml.popunder.bid/redirect?feed=111920&auth=2yHFJM HTTP 302
  • https://t5ytz24c5.com/i/2960?nsid=111920&partner_subid=
Request Chain 21
  • http://witalfieldt.com/redirect?tid=698580&&ref=[URI_ENCODED_REFERER] HTTP 302
  • https://eu1.evadavdsp.pro/dsp/cu/clc?aid=104619677278422405&t=1572493549&sid=338 HTTP 302
  • http://istanbulescortbayann.com/?amp
Request Chain 22
  • http://witalfieldt.com/redirect?tid=698678&&ref=[URI_ENCODED_REFERER] HTTP 302
  • https://ketormanch.pro/IRPV?tag_id=698678&sub_id1=&sub_id2=2737762118448571715&cookie_id=510a0817-b5b7-4d3b-960f-6454aff3ea54&lp=download_file&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fwitalfieldt.com%2F%3Ftid%3D698678%26noocp%3D1&hop=7&geo=DE
Request Chain 23
  • http://xml.popunder.bid/redirect?feed=108952&auth=Ou5t6d HTTP 302
  • https://t5ytz24c5.com/i/2960?nsid=108952&partner_subid=

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set stream22.html
www.dailydeports.pw/30.10/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.dailydeports.pw/30.10/stream22.html
Protocol
HTTP/1.1
Server
2606:4700:30::681b:a5ad , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aeff96470f4718ea29148c8db70583de7e0f588404ce84440c34838a214dddf

Request headers

Host
www.dailydeports.pw
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Thu, 31 Oct 2019 03:45:49 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dc87ddea4c5007ff5972c6198b58d889d1572493549; expires=Fri, 30-Oct-20 03:45:49 GMT; path=/; domain=.dailydeports.pw; HttpOnly
Last-Modified
Sat, 19 Oct 2019 11:21:57 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
52e2a36a3f8ccbcc-VIE
Content-Encoding
gzip
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/30.10/stream22.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300a::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://www.dailydeports.pw/30.10/stream22.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 03:45:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
17127490
status
200
alt-svc
h3-23=":443"; ma=86400
served-in-seconds
0.022
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:21:00 GMT
server
cloudflare
etag
W/"5afd497c-1514f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
52e2a36b5debce87-LHR
expires
Tue, 20 Oct 2020 03:45:49 GMT
close.png
dailydeports.pw/pic/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dailydeports.pw/pic/close.png
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/30.10/stream22.html
Protocol
HTTP/1.1
Server
2606:4700:30::681b:a4ad , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
17e49ba3a2224aaa10c0eabf458c8f27479d80c46604de191c09c70432a19e5a

Request headers

Referer
http://www.dailydeports.pw/30.10/stream22.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Thu, 31 Oct 2019 03:45:49 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 26 Mar 2019 14:15:14 GMT
Server
cloudflare
Age
1041
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
private, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
52e2a36b79dfcba4-VIE
Content-Length
26279
d.js
waust.at/ 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://waust.at/d.js
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/30.10/stream22.html
Protocol
HTTP/1.1
Server
185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software
/
Resource Hash
9aef19b23a01bd96033bc1f1acb3da5e38dc54bcc4aa1972919c7b2b2a71e4aa

Request headers

Referer
http://www.dailydeports.pw/30.10/stream22.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Thu, 31 Oct 2019 03:45:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jul 2019 20:01:12 GMT
ETag
W/"5d279588-32b0"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, private
Connection
keep-alive
Expires
Fri, 01 Nov 2019 03:45:49 GMT
pop.js
c1.popads.net/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c1.popads.net/pop.js
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/30.10/stream22.html
Protocol
HTTP/1.1
Server
185.59.220.13 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-10.cdn77.com
Software
CDN77-Turbo /
Resource Hash
f305452ed13912ed36d9a1a0577b4211fd4e4cc6aea2a7d7a78ea1a601208a20

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Referer
http://www.dailydeports.pw/30.10/stream22.html
Origin
http://www.dailydeports.pw

Response headers

Date
Thu, 31 Oct 2019 03:45:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Jun 2019 22:20:49 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
W/"5d081241-79ce"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Edge-IP
185.59.220.10
Connection
keep-alive
X-Age
4024
alt-svc
quic="185.59.220.10:443"; ma=2592000; v="44,43,39"
112.html
nowlive.pro/1/ Frame 5DF6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://nowlive.pro/1/112.html?id=112
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/30.10/stream22.html
Protocol
HTTP/1.1
Server
193.124.183.237 , Russian Federation, ASN48666 (AS-MAROSNET Moscow, Russia, RU),
Reverse DNS
ih1254818.vds.myihor.ru
Software
nginx/1.2.1 /
Resource Hash

Request headers

Host
nowlive.pro
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://www.dailydeports.pw/30.10/stream22.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Referer
http://www.dailydeports.pw/30.10/stream22.html

Response headers

Server
nginx/1.2.1
Date
Thu, 31 Oct 2019 03:45:24 GMT
Content-Type
text/html
Last-Modified
Wed, 08 May 2019 20:39:07 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
myads.html
dailydeports.pw/adss/ Frame 7C78 		6 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://dailydeports.pw/adss/myads.html
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/30.10/stream22.html
Protocol
HTTP/1.1
Server
2606:4700:30::681b:a4ad , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
21fc0d7072efe4305add7117fa9835a106d263a4d128b7b985cae2cd734ae357

Request headers

Host
dailydeports.pw
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://www.dailydeports.pw/30.10/stream22.html
Accept-Encoding
gzip, deflate
Cookie
__cfduid=dc87ddea4c5007ff5972c6198b58d889d1572493549
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Referer
http://www.dailydeports.pw/30.10/stream22.html

Response headers

Date
Thu, 31 Oct 2019 03:45:49 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 07 May 2019 16:41:01 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
52e2a36b9a50cba4-VIE
Content-Encoding
gzip
/
www.gearbest.com/ Frame DD5C
Redirect Chain
  • https://witalfieldt.com/redirect?tid=646273&ref=dailydeportes.pw
  • https://www.gearbest.com/?lkid=12144556
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gearbest.com/?lkid=12144556
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/30.10/stream22.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.72.141 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-72-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
www.gearbest.com
:scheme
https
:path
/?lkid=12144556
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://www.dailydeports.pw/30.10/stream22.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://www.dailydeports.pw/30.10/stream22.html

Response headers

status
200
content-type
text/html; charset=utf-8
x-amz-id-2
R7bPtix3VFhbsh8NijaFBPwwrgQkbCrAWsTTUNxi4pbjNfYEOVeNU8y8WrVYMXVuBC+89b1Zuis=
x-amz-request-id
1492EFDBAC754B5E
last-modified
Thu, 31 Oct 2019 03:32:01 GMT
etag
W/"09dc3e4be024776e76e5eb3ab9e118c1"
access-control-allow-origin
*
access-control-allow-methods
GET, POST
ng-cache
HIT
content-encoding
gzip
content-length
36843
cache-control
max-age=60
expires
Thu, 31 Oct 2019 03:46:50 GMT
date
Thu, 31 Oct 2019 03:45:50 GMT
vary
Accept-Encoding User-Agent
set-cookie
AKAM_CLIENTID=3806fea248d539ab89e1d82bfb8c26d4; expires=Mon, 31-Dec-2038 23:59:59 GMT; path=/; domain=.gearbest.com AKA_A2=A; expires=Thu, 31-Oct-2019 04:45:50 GMT; path=/; domain=gearbest.com; secure; HttpOnly

Redirect headers

status
302
date
Thu, 31 Oct 2019 03:45:49 GMT
content-type
text/plain
content-length
0
location
https://www.gearbest.com?lkid=12144556
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=5b063b4d-60c0-4453-b9cd-858d93de5bcf fv=rjk6rTn4rHk9piEFqjCGqdUHqjn4vdw=; Expires=Fri, 30 Oct 2020 03:45:49 GMT; Max-Age=31536000; Domain=.witalfieldt.com; Path=/; Version=1
redirect
witalfieldt.com/ Frame C181 		0
0
redirect
witalfieldt.com/ Frame AA8D 		0
0
redirect
witalfieldt.com/ Frame 5370 		0
0
/
whos.amung.us/pingjs/ 		30 B
214 B 		Script
General
Check archive.org
Download Go to
Full URL
http://whos.amung.us/pingjs/?k=c4v0nfwsey&t=&c=d&y=&a=0&r=3510
Requested by
Host: waust.at
URL: http://waust.at/d.js
Protocol
HTTP/1.1
Server
67.202.94.86 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
amung.us
Software
/
Resource Hash
0d8ba7b73999ae87c18edbef6a610d60a605969fb04f26a92b5c60d4fdebeb90

Request headers

Referer
http://www.dailydeports.pw/30.10/stream22.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 03:45:49 GMT
content-encoding
gzip
transfer-encoding
chunked
content-type
text/javascript;charset=UTF-8
/
c.adsco.re/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c.adsco.re/
Requested by
Host: c1.popads.net
URL: http://c1.popads.net/pop.js
Protocol
HTTP/1.1
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eaf72909f5fdb91f51856e148c1deb0830ad30c8d14affa218a4433058c2ba0

Request headers

Referer
http://www.dailydeports.pw/30.10/stream22.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Thu, 31 Oct 2019 03:45:49 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Server
cloudflare
Age
36710
Vary
Accept-Encoding
Content-Type
text/html
Link
<//adsco.re>;rel=preconnect,<//6.adsco.re>;rel=prefetch
Cache-Control
max-age=43200,public,immutable,no-transform
Transfer-Encoding
chunked
Connection
keep-alive
CF-Cached-On
Sun, 27 Oct 2019 11:36:36 GMT
CF-RAY
52e2a36c0d76cbc0-VIE
Alt-Svc
h3-23=":443"; ma=86400
Expires
Sun, 27 Oct 2019 23:36:36 GMT
/
6.adsco.re/ 		0
560 B 		Other
General
Check archive.org
Download Go to
Full URL
http://6.adsco.re/
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/30.10/stream22.html
Protocol
HTTP/1.1
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.dailydeports.pw/30.10/stream22.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Thu, 31 Oct 2019 03:45:49 GMT
Content-Encoding
gzip
Server
cloudflare
Access-Control-Allow-Headers
Content-Type
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Max-Age
2592000
Cache-Control
max-age=600,public,immutable
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
52e2a36c29c3cbb8-VIE
Alt-Svc
h3-23=":443"; ma=86400
t
adsco.re/ 		259 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adsco.re/t
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Server
162.252.214.5 , United States, ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US),
Reverse DNS
Software
/
Resource Hash
6aa71121e2fe5584fbf962d3c36184953c5342dfa0890295bdce96ab62fb7c66

Request headers

Referer
http://www.dailydeports.pw/30.10/stream22.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Thu, 31 Oct 2019 03:45:49 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://www.dailydeports.pw
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Cookie set /
istanbulescortbayann.com/ Frame 785E
Redirect Chain
  • http://witalfieldt.com/redirect?tid=698580&&ref=[URI_ENCODED_REFERER]
  • https://eu1.evadavdsp.pro/dsp/cu/clc?aid=17429110916230106382&t=1572493549&sid=338
  • http://istanbulescortbayann.com/?amp
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://istanbulescortbayann.com/?amp
Requested by
Host: dailydeports.pw
URL: http://dailydeports.pw/adss/myads.html
Protocol
HTTP/1.1
Server
2606:4700:30::6818:7099 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
istanbulescortbayann.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://dailydeports.pw/adss/myads.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Referer
http://dailydeports.pw/adss/myads.html

Response headers

Date
Thu, 31 Oct 2019 03:45:50 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d2008c8aeaeb669db908078c2b97cf0181572493550; expires=Fri, 30-Oct-20 03:45:50 GMT; path=/; domain=.istanbulescortbayann.com; HttpOnly
Vary
Accept-Encoding,Cookie
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
52e2a370cefa59ca-VIE
Content-Encoding
gzip

Redirect headers

status
302
server
nginx/1.17.3
date
Thu, 31 Oct 2019 03:45:45 GMT
content-type
text/html; charset=utf-8
content-length
99
location
http://istanbulescortbayann.com/?amp
NBPRDYW
ketormanch.pro/ Frame 739F
Redirect Chain
  • http://witalfieldt.com/redirect?tid=698678&&ref=[URI_ENCODED_REFERER]
  • https://ketormanch.pro/NBPRDYW?tag_id=698678&sub_id1=&sub_id2=6791843287720583139&cookie_id=0e76a590-df27-41ee-a6ec-e9e0bb983053&lp=no_internet&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ketormanch.pro/NBPRDYW?tag_id=698678&sub_id1=&sub_id2=6791843287720583139&cookie_id=0e76a590-df27-41ee-a6ec-e9e0bb983053&lp=no_internet&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fwitalfieldt.com%2F%3Ftid%3D698678%26noocp%3D1&hop=7&geo=DE
Requested by
Host: dailydeports.pw
URL: http://dailydeports.pw/adss/myads.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.49 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

:method
GET
:authority
ketormanch.pro
:scheme
https
:path
/NBPRDYW?tag_id=698678&sub_id1=&sub_id2=6791843287720583139&cookie_id=0e76a590-df27-41ee-a6ec-e9e0bb983053&lp=no_internet&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fwitalfieldt.com%2F%3Ftid%3D698678%26noocp%3D1&hop=7&geo=DE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://dailydeports.pw/adss/myads.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Referer
http://dailydeports.pw/adss/myads.html

Response headers

status
200
date
Thu, 31 Oct 2019 03:45:50 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dd4d6db01aad95035d24faf1d5dd0d2641572493550; expires=Fri, 30-Oct-20 03:45:50 GMT; path=/; domain=.ketormanch.pro; HttpOnly; Secure
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET, POST
access-control-allow-headers
X-Requested-With,content-type
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
52e2a370986859b8-VIE
content-encoding
br

Redirect headers

Date
Thu, 31 Oct 2019 03:45:49 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
set-cookie
csu=0e76a590-df27-41ee-a6ec-e9e0bb983053
Set-Cookie
fv=rjk6rTn4rHk9piEFqjCGqdUHqjn4vdw=; Expires=Fri, 30 Oct 2020 03:45:49 GMT; Max-Age=31536000; Domain=.witalfieldt.com; Path=/; Version=1
Location
https://ketormanch.pro/NBPRDYW?tag_id=698678&sub_id1=&sub_id2=6791843287720583139&cookie_id=0e76a590-df27-41ee-a6ec-e9e0bb983053&lp=no_internet&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fwitalfieldt.com%2F%3Ftid%3D698678%26noocp%3D1&hop=7&geo=DE
2960
t5ytz24c5.com/i/ Frame 785C
Redirect Chain
  • http://xml.popunder.bid/redirect?feed=111920&auth=2yHFJM
  • https://t5ytz24c5.com/i/2960?nsid=111920&partner_subid=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t5ytz24c5.com/i/2960?nsid=111920&partner_subid=
Requested by
Host: dailydeports.pw
URL: http://dailydeports.pw/adss/myads.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.72.203.236 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
stem.cetinjsd.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
t5ytz24c5.com
:scheme
https
:path
/i/2960?nsid=111920&partner_subid=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://dailydeports.pw/adss/myads.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Referer
http://dailydeports.pw/adss/myads.html

Response headers

status
200
server
nginx
date
Thu, 31 Oct 2019 03:45:48 GMT
content-type
text/html; charset=utf8
vary
Accept-Encoding
set-cookie
aduuid=7d1641a8-24fc-43ed-aa8f-ad83cef4d9d5; max-age=2592000; path=/
strict-transport-security
max-age=15768000
content-encoding
gzip

Redirect headers

Location
https://t5ytz24c5.com/i/2960?nsid=111920&partner_subid=
Connection
keep-alive
Content-Length
0
2960
t5ytz24c5.com/i/ Frame ED0B
Redirect Chain
  • http://xml.popunder.bid/redirect?feed=108952&auth=Ou5t6d
  • https://t5ytz24c5.com/i/2960?nsid=108952&partner_subid=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t5ytz24c5.com/i/2960?nsid=108952&partner_subid=
Requested by
Host: dailydeports.pw
URL: http://dailydeports.pw/adss/myads.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.72.203.236 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
stem.cetinjsd.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
t5ytz24c5.com
:scheme
https
:path
/i/2960?nsid=108952&partner_subid=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://dailydeports.pw/adss/myads.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Referer
http://dailydeports.pw/adss/myads.html

Response headers

status
200
server
nginx
date
Thu, 31 Oct 2019 03:45:48 GMT
content-type
text/html; charset=utf8
vary
Accept-Encoding
set-cookie
aduuid=15d9e30e-7e97-45be-9e0e-3847a36864ef; max-age=2592000; path=/
strict-transport-security
max-age=15768000
content-encoding
gzip

Redirect headers

Location
https://t5ytz24c5.com/i/2960?nsid=108952&partner_subid=
Connection
keep-alive
Content-Length
0
Cookie set /
istanbulescortbayann.com/ Frame CC25
Redirect Chain
  • http://witalfieldt.com/redirect?tid=758290&&ref=[URI_ENCODED_REFERER]
  • https://eu1.evadavdsp.pro/dsp/cu/clc?aid=13228235266708947329&t=1572493549&sid=338
  • http://istanbulescortbayann.com/?amp
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://istanbulescortbayann.com/?amp
Requested by
Host: dailydeports.pw
URL: http://dailydeports.pw/adss/myads.html
Protocol
HTTP/1.1
Server
2606:4700:30::6818:7099 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
istanbulescortbayann.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://dailydeports.pw/adss/myads.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Referer
http://dailydeports.pw/adss/myads.html

Response headers

Date
Thu, 31 Oct 2019 03:45:50 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d63b594c78e6a2c109c5ed22ac291a2bf1572493550; expires=Fri, 30-Oct-20 03:45:50 GMT; path=/; domain=.istanbulescortbayann.com; HttpOnly
Vary
Accept-Encoding,Cookie
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
52e2a370ce7acba8-VIE
Content-Encoding
gzip

Redirect headers

status
302
server
nginx/1.17.3
date
Thu, 31 Oct 2019 03:45:45 GMT
content-type
text/html; charset=utf-8
content-length
99
location
http://istanbulescortbayann.com/?amp
Cookie set /
istanbulescortbayann.com/ Frame F0FC
Redirect Chain
  • http://witalfieldt.com/redirect?tid=780714&&ref=[URI_ENCODED_REFERER]
  • https://eu1.evadavdsp.pro/dsp/cu/clc?aid=12412449134194609986&t=1572493549&sid=338
  • http://istanbulescortbayann.com/?amp
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://istanbulescortbayann.com/?amp
Requested by
Host: dailydeports.pw
URL: http://dailydeports.pw/adss/myads.html
Protocol
HTTP/1.1
Server
2606:4700:30::6818:7099 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
istanbulescortbayann.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://dailydeports.pw/adss/myads.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Referer
http://dailydeports.pw/adss/myads.html

Response headers

Date
Thu, 31 Oct 2019 03:45:50 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=de0cd8d23d2889c18db2d8d4f89d10b8a1572493550; expires=Fri, 30-Oct-20 03:45:50 GMT; path=/; domain=.istanbulescortbayann.com; HttpOnly
Vary
Accept-Encoding,Cookie
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
52e2a370cb185940-VIE
Content-Encoding
gzip

Redirect headers

status
302
server
nginx/1.17.3
date
Thu, 31 Oct 2019 03:45:45 GMT
content-type
text/html; charset=utf-8
content-length
99
location
http://istanbulescortbayann.com/?amp
2960
t5ytz24c5.com/i/ Frame 5DE7
Redirect Chain
  • http://xml.popunder.bid/redirect?feed=111920&auth=2yHFJM
  • https://t5ytz24c5.com/i/2960?nsid=111920&partner_subid=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t5ytz24c5.com/i/2960?nsid=111920&partner_subid=
Requested by
Host: dailydeports.pw
URL: http://dailydeports.pw/adss/myads.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.72.203.236 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
stem.cetinjsd.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
t5ytz24c5.com
:scheme
https
:path
/i/2960?nsid=111920&partner_subid=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://dailydeports.pw/adss/myads.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Referer
http://dailydeports.pw/adss/myads.html

Response headers

status
200
server
nginx
date
Thu, 31 Oct 2019 03:45:48 GMT
content-type
text/html; charset=utf8
vary
Accept-Encoding
set-cookie
aduuid=433c3174-8cd7-476f-a082-fb7952710676; max-age=2592000; path=/
strict-transport-security
max-age=15768000
content-encoding
gzip

Redirect headers

Location
https://t5ytz24c5.com/i/2960?nsid=111920&partner_subid=
Connection
keep-alive
Content-Length
0
Cookie set /
istanbulescortbayann.com/ Frame 856B
Redirect Chain
  • http://witalfieldt.com/redirect?tid=698580&&ref=[URI_ENCODED_REFERER]
  • https://eu1.evadavdsp.pro/dsp/cu/clc?aid=104619677278422405&t=1572493549&sid=338
  • http://istanbulescortbayann.com/?amp
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://istanbulescortbayann.com/?amp
Requested by
Host: dailydeports.pw
URL: http://dailydeports.pw/adss/myads.html
Protocol
HTTP/1.1
Server
2606:4700:30::6818:7099 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
istanbulescortbayann.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://dailydeports.pw/adss/myads.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Referer
http://dailydeports.pw/adss/myads.html

Response headers

Date
Thu, 31 Oct 2019 03:45:50 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dfc7a3e24282027d7b436af191d285d7f1572493550; expires=Fri, 30-Oct-20 03:45:50 GMT; path=/; domain=.istanbulescortbayann.com; HttpOnly
Vary
Accept-Encoding,Cookie
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
52e2a370c85f8c6e-VIE
Content-Encoding
gzip

Redirect headers

status
302
server
nginx/1.17.3
date
Thu, 31 Oct 2019 03:45:45 GMT
content-type
text/html; charset=utf-8
content-length
99
location
http://istanbulescortbayann.com/?amp
IRPV
ketormanch.pro/ Frame 53BE
Redirect Chain
  • http://witalfieldt.com/redirect?tid=698678&&ref=[URI_ENCODED_REFERER]
  • https://ketormanch.pro/IRPV?tag_id=698678&sub_id1=&sub_id2=2737762118448571715&cookie_id=510a0817-b5b7-4d3b-960f-6454aff3ea54&lp=download_file&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ketormanch.pro/IRPV?tag_id=698678&sub_id1=&sub_id2=2737762118448571715&cookie_id=510a0817-b5b7-4d3b-960f-6454aff3ea54&lp=download_file&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fwitalfieldt.com%2F%3Ftid%3D698678%26noocp%3D1&hop=7&geo=DE
Requested by
Host: dailydeports.pw
URL: http://dailydeports.pw/adss/myads.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.49 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

:method
GET
:authority
ketormanch.pro
:scheme
https
:path
/IRPV?tag_id=698678&sub_id1=&sub_id2=2737762118448571715&cookie_id=510a0817-b5b7-4d3b-960f-6454aff3ea54&lp=download_file&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fwitalfieldt.com%2F%3Ftid%3D698678%26noocp%3D1&hop=7&geo=DE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://dailydeports.pw/adss/myads.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Referer
http://dailydeports.pw/adss/myads.html

Response headers

status
200
date
Thu, 31 Oct 2019 03:45:50 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dd4d6db01aad95035d24faf1d5dd0d2641572493550; expires=Fri, 30-Oct-20 03:45:50 GMT; path=/; domain=.ketormanch.pro; HttpOnly; Secure
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET, POST
access-control-allow-headers
X-Requested-With,content-type
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
52e2a370a86a59b8-VIE
content-encoding
br

Redirect headers

Date
Thu, 31 Oct 2019 03:45:49 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
set-cookie
csu=510a0817-b5b7-4d3b-960f-6454aff3ea54
Set-Cookie
fv=rjk6rTn4rHk9piEFqjCGqdUHqjn4vdw=; Expires=Fri, 30 Oct 2020 03:45:49 GMT; Max-Age=31536000; Domain=.witalfieldt.com; Path=/; Version=1
Location
https://ketormanch.pro/IRPV?tag_id=698678&sub_id1=&sub_id2=2737762118448571715&cookie_id=510a0817-b5b7-4d3b-960f-6454aff3ea54&lp=download_file&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fwitalfieldt.com%2F%3Ftid%3D698678%26noocp%3D1&hop=7&geo=DE
2960
t5ytz24c5.com/i/ Frame 85EB
Redirect Chain
  • http://xml.popunder.bid/redirect?feed=108952&auth=Ou5t6d
  • https://t5ytz24c5.com/i/2960?nsid=108952&partner_subid=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t5ytz24c5.com/i/2960?nsid=108952&partner_subid=
Requested by
Host: dailydeports.pw
URL: http://dailydeports.pw/adss/myads.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.72.203.236 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
stem.cetinjsd.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
t5ytz24c5.com
:scheme
https
:path
/i/2960?nsid=108952&partner_subid=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://dailydeports.pw/adss/myads.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Referer
http://dailydeports.pw/adss/myads.html

Response headers

status
200
server
nginx
date
Thu, 31 Oct 2019 03:45:48 GMT
content-type
text/html; charset=utf8
vary
Accept-Encoding
set-cookie
aduuid=dbe26357-bc8c-4a39-81a4-a216e99e5eb1; max-age=2592000; path=/
strict-transport-security
max-age=15768000
content-encoding
gzip

Redirect headers

Location
https://t5ytz24c5.com/i/2960?nsid=108952&partner_subid=
Connection
keep-alive
Content-Length
0
redirect
xml.popmonetizer.com/ Frame 5859 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.popmonetizer.com/redirect?feed=184608&auth=02szyf&pubid=93422
Requested by
Host: dailydeports.pw
URL: http://dailydeports.pw/adss/myads.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
xml.popmonetizer.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://dailydeports.pw/adss/myads.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://dailydeports.pw/adss/myads.html

Response headers

Server
nginx
Date
Thu, 31 Oct 2019 03:45:49 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store
Pragma
no-cache
Age
0
redirect
xml.adxnexus.com/ Frame 5F39 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.adxnexus.com/redirect?feed=184609&auth=3IQfNU&pubid=95210
Requested by
Host: dailydeports.pw
URL: http://dailydeports.pw/adss/myads.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.17 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
xml.adxnexus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://dailydeports.pw/adss/myads.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://dailydeports.pw/adss/myads.html

Response headers

Server
nginx
Date
Thu, 31 Oct 2019 03:45:49 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store
Pragma
no-cache
Age
0
redirect
xml.revrtb.com/ Frame C7CF 		0
0
c
serve.popads.net/ 		0
202 B 		Script
General
Check archive.org
Download Go to
Full URL
http://serve.popads.net/c?_=BAoAXbpR1wFduljtgAGBAcAAIHNmWmou_XbxhIt02BJVsv-MebiKeeGZMJ9Ze7Ne64TvwQAgRD_-auzVh2H9IURyZPiVae4CNzLu4siDBanyurcFpLDCACCJqjySZNWOoo0QXJvx3K392rOFfpTnmbDaIC8rMR9xV8QAECoBBPgBklQUAAAAAAAAAALFABCzCUkq63akD4KE5JTaIbQPwwAgwG2b0mV122XwUMFc7KBoT8D4v7Up0Q_XydoXdvosinQ&v=4&siteId=2408497&minBid=&popundersPerIP=&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200
Requested by
Host: c1.popads.net
URL: http://c1.popads.net/pop.js
Protocol
HTTP/1.1
Server
216.21.13.16 , United States, ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.dailydeports.pw/30.10/stream22.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 31 Oct 2019 03:45:49 GMT
PopAds-EC
ASB
Connection
Keep-Alive
Content-Length
0
PopAds-CI
89
Content-Type
text/html; charset=UTF-8
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Referer
http://www.dailydeports.pw/30.10/stream22.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
witalfieldt.com
URL
https://witalfieldt.com/redirect?tid=646273&ref=dailydeportes.pw
Domain
witalfieldt.com
URL
https://witalfieldt.com/redirect?tid=646273&ref=dailydeportes.pw
Domain
witalfieldt.com
URL
https://witalfieldt.com/redirect?tid=646273&ref=dailydeportes.pw
Domain
xml.revrtb.com
URL
https://xml.revrtb.com/redirect?feed=184607&auth=cOcGqf&pubid=95209

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _pop string| str object| popjs object| Base64 function| pafban object| detectZoom object| PopAds object| _pao function| $ function| jQuery string| iframe object| _wau string| wau_w_col string| wau_w_siz object| WAU_ren function| WAU_dynamic function| WAU_dynamic_request function| WAU_r_d function| WAU_insert function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_cps function| docReady function| AdscoreInit object| x string| x1 string| x2

11 Cookies

Domain/Path Name / Value
.revrtb.com/ Name: __cfduid
Value: d50ed5e1c679afd28fe831d97aad7629d1572493550
.ketormanch.pro/ Name: __cfduid
Value: dd4d6db01aad95035d24faf1d5dd0d2641572493550
.istanbulescortbayann.com/ Name: __cfduid
Value: d63b594c78e6a2c109c5ed22ac291a2bf1572493550
.gearbest.com/ Name: AKA_A2
Value: A
.mnoova.com/ Name: __cfduid
Value: d6b5ae2d59dd1511c6f5184e5eec46da01572493551
.witalfieldt.com/ Name: fv
Value: rjk6rTn4rHk9piEFqjCGqdUHqjkEvds=
.ufpcdn.com/ Name: __cfduid
Value: d8c5070b42bcff6e672daa45f260bb9501572493549
witalfieldt.com/ Name: csu
Value: 510a0817-b5b7-4d3b-960f-6454aff3ea54
.gearbest.com/ Name: AKAM_CLIENTID
Value: 3806fea248d539ab89e1d82bfb8c26d4
ufpcdn.com/ Name: adcashufpv3
Value: 351209417414161204593279715
.dailydeports.pw/ Name: __cfduid
Value: dc87ddea4c5007ff5972c6198b58d889d1572493549

1 Console Messages

Source Level URL
Text
console-api log URL: http://c1.popads.net/pop.js(Line 44)
Message:
CI BAoAXbpR1wFduljtgAGBAcAAIHNmWmou_XbxhIt02BJVsv-MebiKeeGZMJ9Ze7Ne64TvwQAgRD_-auzVh2H9IURyZPiVae4CNzLu4siDBanyurcFpLDCACCJqjySZNWOoo0QXJvx3K392rOFfpTnmbDaIC8rMR9xV8QAECoBBPgBklQUAAAAAAAAAALFABCzCUkq63akD4KE5JTaIbQPwwAgwG2b0mV122XwUMFc7KBoT8D4v7Up0Q_XydoXdvosinQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6.adsco.re
adsco.re
c.adsco.re
c1.popads.net
cdnjs.cloudflare.com
dailydeports.pw
eu1.evadavdsp.pro
istanbulescortbayann.com
ketormanch.pro
nowlive.pro
serve.popads.net
t5ytz24c5.com
waust.at
whos.amung.us
witalfieldt.com
www.dailydeports.pw
www.gearbest.com
xml.adxnexus.com
xml.popmonetizer.com
xml.popunder.bid
xml.revrtb.com
witalfieldt.com
xml.revrtb.com
104.109.72.141
104.18.18.49
162.252.214.5
173.239.53.18
174.137.133.17
174.137.133.18
185.225.208.133
185.59.220.13
188.72.203.236
193.124.183.237
216.21.13.16
2606:4700:300a::6813:c497
2606:4700:30::6818:7099
2606:4700:30::681b:a4ad
2606:4700:30::681b:a5ad
2606:4700::6811:a6ba
52.0.241.166
67.202.94.86
78.159.101.72
0d8ba7b73999ae87c18edbef6a610d60a605969fb04f26a92b5c60d4fdebeb90
17e49ba3a2224aaa10c0eabf458c8f27479d80c46604de191c09c70432a19e5a
21fc0d7072efe4305add7117fa9835a106d263a4d128b7b985cae2cd734ae357
6aa71121e2fe5584fbf962d3c36184953c5342dfa0890295bdce96ab62fb7c66
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
7eaf72909f5fdb91f51856e148c1deb0830ad30c8d14affa218a4433058c2ba0
8aeff96470f4718ea29148c8db70583de7e0f588404ce84440c34838a214dddf
9aef19b23a01bd96033bc1f1acb3da5e38dc54bcc4aa1972919c7b2b2a71e4aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f305452ed13912ed36d9a1a0577b4211fd4e4cc6aea2a7d7a78ea1a601208a20