urlscan.io logo urlscan.io
SecurityTrails logo

haramikutta.us Open in urlscan Pro
103.194.169.88  Public Scan

Go To Rescan Add Verdict Report
URL: http://haramikutta.us/kutta/kutta33.php
Submission: On April 18 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 11 countries across 25 domains to perform 49 HTTP transactions. The main IP is 103.194.169.88, located in Rotterdam, Netherlands and belongs to HOSTPALACE-EU HostPalace Web Solution Private Limited, NL. The main domain is haramikutta.us.
This is the only time haramikutta.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 103.194.169.88 134512 (HOSTPALAC...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2604:9e00:1:1... 27257 (WEBAIR-IN...)
1 185.225.208.133 13213 (UK2NET-AS)
1 193.124.183.237 48666 (AS-MAROSN...)
3 11 173.239.53.18 27257 (WEBAIR-IN...)
2 2 91.92.196.190 49882 (SKRILL)
1 2 94.125.61.194 14537 (CL-1379-1...)
1 54.210.104.147 14618 (AMAZON-AES)
1 1 198.134.116.30 27257 (WEBAIR-IN...)
1 1 37.187.75.92 16276 (OVH)
1 104.31.65.141 13335 (CLOUDFLAR...)
1 4 54.85.142.120 14618 (AMAZON-AES)
1 195.181.170.18 60068 (CDN77)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 3.92.103.120 14618 (AMAZON-AES)
1 1 151.106.13.29 29066 (VELIANET-...)
1 194.127.139.104 43916 (INTERWETT...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 162.252.214.5 53334 (TUT-AS)
1 35.190.64.167 15169 (GOOGLE)
1 46.105.201.240 16276 (OVH)
1 107.182.233.217 29854 (WESTHOST)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 185.200.118.90 9009 (M247)
1 38.132.109.186 9009 (M247)
1 185.200.116.90 9009 (M247)
1 67.202.94.86 32748 (STEADFAST)
1 192.99.5.78 16276 (OVH)
1 104.16.88.26 13335 (CLOUDFLAR...)
7 208.100.17.183 32748 (STEADFAST)
1 208.100.17.187 32748 (STEADFAST)
1 216.21.13.17 53334 (TUT-AS)
49 30
2    103.194.169.88 (Rotterdam, Netherlands)

ASN134512 (HOSTPALACE-EU HostPalace Web Solution Private Limited, NL)
PTR: hosted-by.hostspicy.com
haramikutta.us
1    2a00:1450:4001:81a::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
1.bp.blogspot.com
1    2604:9e00:1:138::11 (United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
jolic2.com
1    185.225.208.133 (None, )

ASN13213 (UK2NET-AS, GB)
waust.at
1    193.124.183.237 (Moscow, Russian Federation)

ASN48666 (AS-MAROSNET Moscow, Russia, RU)
PTR: ih1254818.vds.myihor.ru
nowlive.pro
11    173.239.53.18 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
xml.popunder.bid
2    91.92.196.190 (Bulgaria)

ASN49882 (SKRILL, GB)
wlbetclic.adsrv.eacdn.com
2    94.125.61.194 (Isle Of Man)

ASN14537 (CL-1379-14537 - Continent 8 LLC, US)
de.betclic.com
1    54.210.104.147 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-210-104-147.compute-1.amazonaws.com
rensovetors.info
1    198.134.116.30 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
mob.kaipirinhaloka.xyz
1    37.187.75.92 (France)

ASN16276 (OVH, FR)
PTR: ns3365200.ip-37-187-75.eu
track4.highseas.xyz
1    104.31.65.141 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
sls.wordingpressure.club
4    54.85.142.120 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-85-142-120.compute-1.amazonaws.com
witalfieldt.com
1    195.181.170.18 (United Kingdom)

ASN60068 (CDN77, GB)
PTR: frankfurt-15.cdn77.com
c1.popads.net
2    2606:4700::6811:c46b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
celeritascdn.com
1    3.92.103.120 (Fairfield, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-92-103-120.compute-1.amazonaws.com
usd.photios-raj.com
1    151.106.13.29 (Milwaukee, United States)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
go2linkfast.com
1    194.127.139.104 (Austria)

ASN43916 (INTERWETTEN-AT-AS, AT)
lp.interwetten.com
1    2606:4700:30::6812:3647 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ufpcdn.com
3    2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
c.adsco.re
6.adsco.re
2    162.252.214.5 (None, )

ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US)
adsco.re
1    35.190.64.167 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 167.64.190.35.bc.googleusercontent.com
onclickmega.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    107.182.233.217 (Providence, United States)

ASN29854 (WESTHOST - WestHost, Inc., US)
PTR: 6bb6e9d9.setaptr.net
t.dtscout.com
1    2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
6.adsco.re
1    185.200.118.90 (None, )

ASN9009 (M247, GB)
PTR: adscore.com
30.l.adsco.re
1    38.132.109.186 (United States)

ASN9009 (M247, GB)
30.n.adsco.re
1    185.200.116.90 (None, )

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com
30.s.adsco.re
1    67.202.94.86 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: amung.us
whos.amung.us
1    192.99.5.78 (Montréal, Canada)

ASN16276 (OVH, FR)
PTR: ns558046.ip-192-99-5.net
s4.histats.com
1    104.16.88.26 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.tynt.com
7    208.100.17.183 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip183.208-100-17.static.steadfastdns.net
ic.tynt.com
1    208.100.17.187 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip187.208-100-17.static.steadfastdns.net
de.tynt.com
1    216.21.13.17 (United States)

ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US)
serve.popads.net
Domain Requested by
11 xml.popunder.bid 3 redirects haramikutta.us
7 ic.tynt.com haramikutta.us
4 witalfieldt.com 1 redirects haramikutta.us
2 adsco.re c.adsco.re
2 6.adsco.re haramikutta.us
c.adsco.re
2 c.adsco.re c1.popads.net
c.adsco.re
2 celeritascdn.com haramikutta.us
2 de.betclic.com 1 redirects haramikutta.us
2 wlbetclic.adsrv.eacdn.com 2 redirects
2 haramikutta.us haramikutta.us
1 serve.popads.net c1.popads.net
1 de.tynt.com cdn.tynt.com
1 cdn.tynt.com waust.at
1 s4.histats.com s10.histats.com
1 whos.amung.us waust.at
1 30.s.adsco.re c.adsco.re
1 30.n.adsco.re c.adsco.re
1 30.l.adsco.re c.adsco.re
1 t.dtscout.com waust.at
1 s10.histats.com haramikutta.us
1 onclickmega.com haramikutta.us
1 ufpcdn.com haramikutta.us
1 lp.interwetten.com haramikutta.us
1 go2linkfast.com 1 redirects
1 usd.photios-raj.com 1 redirects
1 c1.popads.net haramikutta.us
1 sls.wordingpressure.club haramikutta.us
1 track4.highseas.xyz 1 redirects
1 mob.kaipirinhaloka.xyz 1 redirects
1 rensovetors.info haramikutta.us
1 nowlive.pro haramikutta.us
1 waust.at haramikutta.us
1 jolic2.com haramikutta.us
1 1.bp.blogspot.com haramikutta.us
49 34

This site contains links to these domains. Also see Links.

Domain
adsco.re
whos.amung.us
Subject Issuer Validity Valid
*.betclic.com
Network Solutions OV Server CA 2		 2016-08-31 -
2019-10-05		 3 years crt.sh
sni166153.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-03-21 -
2019-09-27		 6 months crt.sh
witalfieldt.com
Amazon		 2018-07-30 -
2019-08-30		 a year crt.sh
*.interwetten.com
Thawte TLS RSA CA G1		 2018-01-05 -
2019-05-30		 a year crt.sh
*.l.adsco.re
COMODO RSA Domain Validation Secure Server CA		 2018-07-14 -
2020-07-13		 2 years crt.sh
*.n.adsco.re
COMODO RSA Domain Validation Secure Server CA		 2018-07-30 -
2020-07-29		 2 years crt.sh
*.s.adsco.re
COMODO RSA Domain Validation Secure Server CA		 2018-07-30 -
2020-07-29		 2 years crt.sh

This page contains 20 frames:

Primary Page: http://haramikutta.us/kutta/kutta33.php
Frame ID: 63E36BF88B79DAE2A68CD2D03D524626
Requests: 31 HTTP requests in this frame

Frame: http://nowlive.pro/1/123.html?id=123
Frame ID: DB9264A69646A373797F09F4554EE382
Requests: 1 HTTP requests in this frame

Frame: http://haramikutta.us/kutta/300.php
Frame ID: E2755BC9897E4ACD2A300CA85460ABEB
Requests: 1 HTTP requests in this frame

Frame: https://de.betclic.com/casino/register?p=INAC4&z=a_23246b_14519c_d_122605.175845&zone=a_23246b_14519c_d_122605.175845&utm_medium=affiliate&affid=15799&siteid=23246&utm_source=15799&utm_campaign=23246
Frame ID: 8C612DB97AC521E24524564DABA2FC70
Requests: 1 HTTP requests in this frame

Frame: http://rensovetors.info/?tid=715844&red=1&cs=a0Q2eThacQVACVpyAR0PXycHQAhb&abt=0&v=1.10.80.0&sm=16&k=earn_money_short_links&sts=16&prn=0&emb=0&u=&fs=1&ref=&jst=0&enr=0&lcua=&tzd=2&uloc=&if=0&ct=7&ctc=9&_IZhL=1529272693128
Frame ID: 7DCC8607D044A1EB6D06313B069CB596
Requests: 1 HTTP requests in this frame

Frame: http://xml.popunder.bid/redirect?feed=149001&auth=gNqIKG
Frame ID: 14D3A60E787BC92D43E971BDB0C2FBE3
Requests: 1 HTTP requests in this frame

Frame: https://sls.wordingpressure.club/phenomenal/?click_id=5cb7db375f5f904a572a283b
Frame ID: 86EEC389522CFFFAC588D320A82CED5D
Requests: 1 HTTP requests in this frame

Frame: http://xml.popunder.bid/redirect?feed=174511&auth=gNqIKG
Frame ID: D37903BF1EAEE56AC8FD2F40BF1410AD
Requests: 1 HTTP requests in this frame

Frame: http://xml.popunder.bid/redirect?feed=174511&auth=gNqIKG
Frame ID: 31B6D876C47153E0BFC0141D0B790451
Requests: 1 HTTP requests in this frame

Frame: https://witalfieldt.com/redirect?tid=772286&ref=soccerlive.uk
Frame ID: 4BF496494397B04DA036D349F54A27C6
Requests: 1 HTTP requests in this frame

Frame: https://witalfieldt.com/redirect?tid=772286&ref=soccerlive.uk
Frame ID: 4F50CE59FE934D43BD6B29707F176CCA
Requests: 1 HTTP requests in this frame

Frame: http://xml.popunder.bid/redirect?feed=149001&auth=gNqIKG
Frame ID: 008CC22E013953327FDF32D783D45DC1
Requests: 1 HTTP requests in this frame

Frame: http://xml.popunder.bid/redirect?feed=149001&auth=gNqIKG
Frame ID: FD76482C5948974D638541A456FC4CCB
Requests: 1 HTTP requests in this frame

Frame: http://xml.popunder.bid/redirect?feed=149001&auth=gNqIKG
Frame ID: D5EB1973F27B14D1DBF7FA017AABA60A
Requests: 1 HTTP requests in this frame

Frame: http://xml.popunder.bid/redirect?feed=174511&auth=gNqIKG
Frame ID: 95E2DB9A73593BC814D159456E1D510E
Requests: 1 HTTP requests in this frame

Frame: http://xml.popunder.bid/redirect?feed=174511&auth=gNqIKG
Frame ID: F1163E89FAC37F83FD2F074820C52CFA
Requests: 1 HTTP requests in this frame

Frame: https://witalfieldt.com/redirect?tid=772286&ref=soccerlive.uk
Frame ID: 3487FE568F1940AE53B5B3FC8404DCE8
Requests: 1 HTTP requests in this frame

Frame: https://lp.interwetten.com/NKBEURDE?bn=PopUnder-SB-Text-Default-DE-text-6807-popAds-sportradar
Frame ID: 73E899C8CD14E15F7CF311B5FDCF54BE
Requests: 1 HTTP requests in this frame

Frame: http://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 63203FCEBB13B14F890D078C223B1166
Requests: 1 HTTP requests in this frame

Frame: http://c.adsco.re/
Frame ID: A6D64154311E12B6020852D1A2A62D30
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

49
Requests

18 %
HTTPS

18 %
IPv6

25
Domains

34
Subdomains

30
IPs

11
Countries

71 kB
Transfer

153 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://xml.popunder.bid/redirect?feed=149001&auth=gNqIKG HTTP 302
  • https://wlbetclic.adsrv.eacdn.com/C.ashx?btag=a_23246b_14519c_&affid=15799&siteid=23246&adid=14519&c=d_122605.175845 HTTP 302
  • https://wlbetclic.adsrv.eacdn.com/C.ashx?btag=a_23246b_14519c_&affid=15799&siteid=23246&adid=14519&c=d_122605.175845&AutoR=1 HTTP 302
  • https://de.betclic.com/partner.aspx?p=INAC4&z=a_23246b_14519c_d_122605.175845&zone=a_23246b_14519c_d_122605.175845&utm_medium=affiliate&affid=15799&siteid=23246&utm_source=15799&utm_campaign=23246 HTTP 302
  • https://de.betclic.com/casino/register?p=INAC4&z=a_23246b_14519c_d_122605.175845&zone=a_23246b_14519c_d_122605.175845&utm_medium=affiliate&affid=15799&siteid=23246&utm_source=15799&utm_campaign=23246
Request Chain 6
  • http://xml.popunder.bid/redirect?feed=149001&auth=gNqIKG HTTP 302
  • http://rensovetors.info/?tid=715844&red=1&cs=a0Q2eThacQVACVpyAR0PXycHQAhb&abt=0&v=1.10.80.0&sm=16&k=earn_money_short_links&sts=16&prn=0&emb=0&u=&fs=1&ref=&jst=0&enr=0&lcua=&tzd=2&uloc=&if=0&ct=7&ctc=9&_IZhL=1529272693128
Request Chain 8
  • http://xml.popunder.bid/redirect?feed=172714&auth=gNqIKG HTTP 302
  • https://mob.kaipirinhaloka.xyz/redirect?feed=165208&auth=ebuQy0&url=http%3A%2F%2Fharamikutta.us%2Fkutta%2Fkutta33.php&subid=161759_169180_172714_&query= HTTP 302
  • http://track4.highseas.xyz/a.php?trf=m&d=5c5972bd5f5f907778568dbb&portal=custom_86680exp&source=165208 HTTP 302
  • https://sls.wordingpressure.club/phenomenal/?click_id=5cb7db375f5f904a572a283b
Request Chain 21
  • https://witalfieldt.com/redirect?tid=772286&ref=soccerlive.uk HTTP 302
  • http://usd.photios-raj.com/zcvisitor/62c3230a-617e-11e9-aef6-122f6a68bf46?campaignid=21b48ef0-44a3-11e9-9fa7-0a157bfa6bfc&__id__=21b48ef0-44a3-11e9-9fa7-0a157bfa6bfc HTTP 302
  • https://go2linkfast.com/i/11411?var1=november-hun-vNpOUg2H HTTP 302
  • https://lp.interwetten.com/NKBEURDE?bn=PopUnder-SB-Text-Default-DE-text-6807-popAds-sportradar

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request kutta33.php
haramikutta.us/kutta/ 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Server
103.194.169.88 Rotterdam, Netherlands, ASN134512 (HOSTPALACE-EU HostPalace Web Solution Private Limited, NL),
Reverse DNS
hosted-by.hostspicy.com
Software
nginx /
Resource Hash
6aa12f096d1a1ceea49ad2560640baaf7d1ada288e50f2eaf9a6d8210d7339e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
haramikutta.us
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Thu, 18 Apr 2019 01:58:29 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Nginx-Cache-Status
EXPIRED
X-Server-Powered-By
Engintron
Content-Encoding
gzip
closeButton.gif
1.bp.blogspot.com/-1CSgNBJaCJ0/VEvBgUPsIeI/AAAAAAAAAxM/CvwQXvX-Vsk/s1600/ 		1013 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://1.bp.blogspot.com/-1CSgNBJaCJ0/VEvBgUPsIeI/AAAAAAAAAxM/CvwQXvX-Vsk/s1600/closeButton.gif
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Server
2a00:1450:4001:81a::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
4e9df74a2654e54242ac36f10826cba1261c1f9152da9ff7504b2248c42463ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://haramikutta.us/kutta/kutta33.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 17 Apr 2019 22:06:19 GMT
X-Content-Type-Options
nosniff
Server
fife
Age
14326
ETag
"v314"
Vary
Origin
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=86400, no-transform
Content-Disposition
inline;filename="closeButton.gif"
Timing-Allow-Origin
*
Content-Length
1013
X-XSS-Protection
0
Expires
Fri, 12 Apr 2019 13:45:04 GMT
30e97f111a146cba32474771fd39d154.js
jolic2.com/30/e9/7f/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://jolic2.com/30/e9/7f/30e97f111a146cba32474771fd39d154.js
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Server
2604:9e00:1:138::11 , United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
nginx/1.15.1 /
Resource Hash

Request headers

Referer
http://haramikutta.us/kutta/kutta33.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 18 Apr 2019 02:05:06 GMT
Server
nginx/1.15.1
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Length
0
Content-Type
application/javascript
d.js
waust.at/ 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://waust.at/d.js
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Server
185.225.208.133 -, , ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software
/
Resource Hash
1d5befe8d12c77118b010f0079a340181e809be1b0bc6952756ab812dec98df2

Request headers

Referer
http://haramikutta.us/kutta/kutta33.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 18 Apr 2019 02:05:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Mar 2019 20:11:35 GMT
ETag
W/"5c8963f7-3286"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, private
Connection
keep-alive
Expires
Fri, 19 Apr 2019 02:05:05 GMT
123.html
nowlive.pro/1/ Frame DB92 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://nowlive.pro/1/123.html?id=123
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Server
193.124.183.237 Moscow, Russian Federation, ASN48666 (AS-MAROSNET Moscow, Russia, RU),
Reverse DNS
ih1254818.vds.myihor.ru
Software
nginx/1.2.1 /
Resource Hash

Request headers

Host
nowlive.pro
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://haramikutta.us/kutta/kutta33.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/kutta33.php

Response headers

Server
nginx/1.2.1
Date
Thu, 18 Apr 2019 02:01:01 GMT
Content-Type
text/html
Last-Modified
Thu, 14 Mar 2019 20:12:09 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
300.php
haramikutta.us/kutta/ Frame E275 		2 KB
616 B 		Document
General
Check archive.org
Download Go to
Full URL
http://haramikutta.us/kutta/300.php
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Server
103.194.169.88 Rotterdam, Netherlands, ASN134512 (HOSTPALACE-EU HostPalace Web Solution Private Limited, NL),
Reverse DNS
hosted-by.hostspicy.com
Software
nginx /
Resource Hash
f99b828572cc85990b4e209512ec7d90c03cbd1d4e1c625f35d308f442abeeab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
haramikutta.us
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://haramikutta.us/kutta/kutta33.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/kutta33.php

Response headers

Server
nginx
Date
Thu, 18 Apr 2019 01:58:29 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Nginx-Cache-Status
EXPIRED
X-Server-Powered-By
Engintron
Content-Encoding
gzip
Cookie set register
de.betclic.com/casino/ Frame 8C61
Redirect Chain
  • http://xml.popunder.bid/redirect?feed=149001&auth=gNqIKG
  • https://wlbetclic.adsrv.eacdn.com/C.ashx?btag=a_23246b_14519c_&affid=15799&siteid=23246&adid=14519&c=d_122605.175845
  • https://wlbetclic.adsrv.eacdn.com/C.ashx?btag=a_23246b_14519c_&affid=15799&siteid=23246&adid=14519&c=d_122605.175845&AutoR=1
  • https://de.betclic.com/partner.aspx?p=INAC4&z=a_23246b_14519c_d_122605.175845&zone=a_23246b_14519c_d_122605.175845&utm_medium=affiliate&affid=15799&siteid=23246&utm_source=15799&utm_campaign=23246
  • https://de.betclic.com/casino/register?p=INAC4&z=a_23246b_14519c_d_122605.175845&zone=a_23246b_14519c_d_122605.175845&utm_medium=affiliate&affid=15799&siteid=23246&utm_source=15799&utm_campaign=23246
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://de.betclic.com/casino/register?p=INAC4&z=a_23246b_14519c_d_122605.175845&zone=a_23246b_14519c_d_122605.175845&utm_medium=affiliate&affid=15799&siteid=23246&utm_source=15799&utm_campaign=23246
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.125.61.194 , Isle Of Man, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
de.betclic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://haramikutta.us/kutta/kutta33.php
Accept-Encoding
gzip, deflate, br
Cookie
ASP.NET_SessionId=in5awc0mmjznfh0xbw4grbi4; GS=Site=dede&Universe=casino&HasLanguageSet=True; GSko=Partner=INAC4&Area=139&SiteCode=dede&PlacementId=0&AdId=0&UniversCode=casino&AffID=15799&SubID=&MtsID=&CountryAllowed=True&HasNewsletter=False&HeaderId=&AffiliateId=15799&AffiliateSiteId=23246; ASP.NET_SessionId=in5awc0mmjznfh0xbw4grbi4; NSC_cfudmjd.dpn=ffffffff098d9b0c45525d5f4f58455e445a4a4229a5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/kutta33.php

Response headers

Cache-Control
private, s-maxage=0
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Set-Cookie
GS=Site=dede&Universe=casino&HasLanguageSet=True; domain=.betclic.com; expires=Sat, 18-Apr-2020 02:05:06 GMT; path=/; secure; HttpOnly
Date
Thu, 18 Apr 2019 02:05:06 GMT
Content-Length
19437

Redirect headers

Cache-Control
private, s-maxage=0
Content-Type
text/html; charset=utf-8
Location
https://de.betclic.com/casino/register?p=INAC4&z=a_23246b_14519c_d_122605.175845&zone=a_23246b_14519c_d_122605.175845&utm_medium=affiliate&affid=15799&siteid=23246&utm_source=15799&utm_campaign=23246
Set-Cookie
ASP.NET_SessionId=in5awc0mmjznfh0xbw4grbi4; path=/; secure; HttpOnly GS=Site=dede&Universe=casino&HasLanguageSet=True; domain=.betclic.com; expires=Sat, 18-Apr-2020 02:05:06 GMT; path=/; secure; HttpOnly GSko=Partner=INAC4&Area=139&SiteCode=dede&PlacementId=0&AdId=0&UniversCode=casino&AffID=15799&SubID=&MtsID=&CountryAllowed=True&HasNewsletter=False&HeaderId=&AffiliateId=15799&AffiliateSiteId=23246; domain=.betclic.com; expires=Sat, 18-Apr-2020 02:05:06 GMT; path=/; secure; HttpOnly ASP.NET_SessionId=in5awc0mmjznfh0xbw4grbi4; domain=.betclic.com; path=/; secure; HttpOnly GS=Site=dede&Universe=casino&HasLanguageSet=True; domain=.betclic.com; expires=Sat, 18-Apr-2020 02:05:06 GMT; path=/; secure; HttpOnly GSko=Partner=INAC4&Area=139&SiteCode=dede&PlacementId=0&AdId=0&UniversCode=casino&AffID=15799&SubID=&MtsID=&CountryAllowed=True&HasNewsletter=False&HeaderId=&AffiliateId=15799&AffiliateSiteId=23246; domain=.betclic.com; expires=Sat, 18-Apr-2020 02:05:06 GMT; path=/; secure; HttpOnly NSC_cfudmjd.dpn=ffffffff098d9b0c45525d5f4f58455e445a4a4229a5;path=/;domain=betclic.com;httponly
X-Robots-Tag
none
Date
Thu, 18 Apr 2019 02:05:06 GMT
Content-Length
344
Cookie set /
rensovetors.info/ Frame 7DCC
Redirect Chain
  • http://xml.popunder.bid/redirect?feed=149001&auth=gNqIKG
  • http://rensovetors.info/?tid=715844&red=1&cs=a0Q2eThacQVACVpyAR0PXycHQAhb&abt=0&v=1.10.80.0&sm=16&k=earn_money_short_links&sts=16&prn=0&emb=0&u=&fs=1&ref=&jst=0&enr=0&lcua=&tzd=2&uloc=&if=0&ct=7&ct...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://rensovetors.info/?tid=715844&red=1&cs=a0Q2eThacQVACVpyAR0PXycHQAhb&abt=0&v=1.10.80.0&sm=16&k=earn_money_short_links&sts=16&prn=0&emb=0&u=&fs=1&ref=&jst=0&enr=0&lcua=&tzd=2&uloc=&if=0&ct=7&ctc=9&_IZhL=1529272693128
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Server
54.210.104.147 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-210-104-147.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Host
rensovetors.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://haramikutta.us/kutta/kutta33.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/kutta33.php

Response headers

Date
Thu, 18 Apr 2019 02:05:06 GMT
Content-Type
text/plain
Connection
keep-alive
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
set-cookie
csu=15904087-335d-407e-b3c7-dcb4b002d4d5
Set-Cookie
fv=rjk8qjk8rHwEqSEFqjk8qjkHrja7vdw=; Expires=Fri, 17 Apr 2020 02:05:06 GMT; Max-Age=31536000; Domain=.rensovetors.info; Path=/; Version=1

Redirect headers

Location
http://rensovetors.info/?tid=715844&red=1&cs=a0Q2eThacQVACVpyAR0PXycHQAhb&abt=0&v=1.10.80.0&sm=16&k=earn_money_short_links&sts=16&prn=0&emb=0&u=&fs=1&ref=&jst=0&enr=0&lcua=&tzd=2&uloc=&if=0&ct=7&ctc=9&_IZhL=1529272693128
Connection
keep-alive
Content-Length
0
redirect
xml.popunder.bid/ Frame 14D3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://xml.popunder.bid/redirect?feed=149001&auth=gNqIKG
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Server
173.239.53.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
xml.popunder.bid
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://haramikutta.us/kutta/kutta33.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/kutta33.php

Response headers

Cache-Control
no-store
Pragma
no-cache
Age
0
Connection
keep-alive
Content-Length
0
/
sls.wordingpressure.club/phenomenal/ Frame 86EE
Redirect Chain
  • http://xml.popunder.bid/redirect?feed=172714&auth=gNqIKG
  • https://mob.kaipirinhaloka.xyz/redirect?feed=165208&auth=ebuQy0&url=http%3A%2F%2Fharamikutta.us%2Fkutta%2Fkutta33.php&subid=161759_169180_172714_&query=
  • http://track4.highseas.xyz/a.php?trf=m&d=5c5972bd5f5f907778568dbb&portal=custom_86680exp&source=165208
  • https://sls.wordingpressure.club/phenomenal/?click_id=5cb7db375f5f904a572a283b
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sls.wordingpressure.club/phenomenal/?click_id=5cb7db375f5f904a572a283b
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.65.141 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
sls.wordingpressure.club
:scheme
https
:path
/phenomenal/?click_id=5cb7db375f5f904a572a283b
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://haramikutta.us/kutta/kutta33.php
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/kutta33.php

Response headers

status
200
date
Thu, 18 Apr 2019 02:05:14 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d8906de3bdc015891e32e03422c0c208f1555553113; expires=Fri, 17-Apr-20 02:05:13 GMT; path=/; domain=.wordingpressure.club; HttpOnly
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4c931291d9e927a4-FRA
content-encoding
br

Redirect headers

Server
nginx/1.14.0
Date
Thu, 18 Apr 2019 02:04:39 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Round
5c59d11f5f5f905929738efd
Raund
102c3nnw5r
Location
https://sls.wordingpressure.club/phenomenal/?click_id=5cb7db375f5f904a572a283b
redirect
xml.popunder.bid/ Frame D379 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://xml.popunder.bid/redirect?feed=174511&auth=gNqIKG
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Server
173.239.53.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
xml.popunder.bid
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://haramikutta.us/kutta/kutta33.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/kutta33.php

Response headers

Cache-Control
no-store
Pragma
no-cache
Age
0
Connection
keep-alive
Content-Length
0
redirect
xml.popunder.bid/ Frame 31B6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://xml.popunder.bid/redirect?feed=174511&auth=gNqIKG
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Server
173.239.53.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
xml.popunder.bid
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://haramikutta.us/kutta/kutta33.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/kutta33.php

Response headers

Cache-Control
no-store
Pragma
no-cache
Age
0
Connection
keep-alive
Content-Length
0
redirect
witalfieldt.com/ Frame 4BF4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://witalfieldt.com/redirect?tid=772286&ref=soccerlive.uk
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.142.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-85-142-120.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
witalfieldt.com
:scheme
https
:path
/redirect?tid=772286&ref=soccerlive.uk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://haramikutta.us/kutta/kutta33.php
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/kutta33.php

Response headers

status
204
date
Thu, 18 Apr 2019 02:05:06 GMT
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=369af706-8503-4784-82ac-49c233519dca fv=rjk8qjk8rHwEqSEFqjk8qjkHrja7vdw=; Expires=Fri, 17 Apr 2020 02:05:06 GMT; Max-Age=31536000; Domain=.witalfieldt.com; Path=/; Version=1
redirect
witalfieldt.com/ Frame 4F50 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://witalfieldt.com/redirect?tid=772286&ref=soccerlive.uk
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.142.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-85-142-120.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
witalfieldt.com
:scheme
https
:path
/redirect?tid=772286&ref=soccerlive.uk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://haramikutta.us/kutta/kutta33.php
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/kutta33.php

Response headers

status
204
date
Thu, 18 Apr 2019 02:05:06 GMT
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=497753f0-2df8-4047-8951-e579862fe9f6 fv=rjk8qjk8rHwEqSEFqjk8qjkHrja7vdw=; Expires=Fri, 17 Apr 2020 02:05:06 GMT; Max-Age=31536000; Domain=.witalfieldt.com; Path=/; Version=1
pop.js
c1.popads.net/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c1.popads.net/pop.js
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Server
195.181.170.18 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-15.cdn77.com
Software
CDN77-Turbo /
Resource Hash
e159e76420409e0334f23b7544ecbfb68ee3195e2ddb4cd6c19e4d97cee32521

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/kutta33.php
Origin
http://haramikutta.us

Response headers

Date
Thu, 18 Apr 2019 02:05:05 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Mar 2019 23:13:39 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
W/"5c8c31a3-7a70"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Edge-IP
195.181.170.15
Connection
keep-alive
X-Age
10066
compatibility.js
celeritascdn.com/script/ 		12 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://celeritascdn.com/script/compatibility.js
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Server
2606:4700::6811:c46b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8dd6c33eb19d66432b2884e9ee165cf081899298638b9173170096019e63a6a

Request headers

Referer
http://haramikutta.us/kutta/kutta33.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 18 Apr 2019 02:05:05 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
X-GUploader-UploadID
AEnB2UrZPrwBRvC9BUtZT6oSZBZgyvskdNN5glRXOasjS55_UCn0M8O-G1zItugGiDq08oW9ef4YIPCCie62XzVarEMTTt-5cA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Last-Modified
Wed, 16 Jan 2019 14:39:22 GMT
Server
cloudflare
ETag
W/"aadae2f2d2a476416ec73a180887cb35"
Vary
Accept-Encoding
x-goog-hash
crc32c=xMdS3w==, md5=qtri8tKkdkFuxzoYCIfLNQ==
Content-Type
application/javascript
x-goog-generation
1547649562896856
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
x-goog-stored-content-length
12076
CF-RAY
4c93126058eb96be-FRA
Expires
Thu, 18 Apr 2019 06:05:05 GMT
redirect
xml.popunder.bid/ Frame 008C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://xml.popunder.bid/redirect?feed=149001&auth=gNqIKG
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/300.php
Protocol
HTTP/1.1
Server
173.239.53.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
xml.popunder.bid
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://haramikutta.us/kutta/300.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/300.php

Response headers

Cache-Control
no-store
Pragma
no-cache
Age
0
Connection
keep-alive
Content-Length
0
redirect
xml.popunder.bid/ Frame FD76 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://xml.popunder.bid/redirect?feed=149001&auth=gNqIKG
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/300.php
Protocol
HTTP/1.1
Server
173.239.53.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
xml.popunder.bid
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://haramikutta.us/kutta/300.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/300.php

Response headers

Cache-Control
no-store
Pragma
no-cache
Age
0
Connection
keep-alive
Content-Length
0
redirect
xml.popunder.bid/ Frame D5EB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://xml.popunder.bid/redirect?feed=149001&auth=gNqIKG
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/300.php
Protocol
HTTP/1.1
Server
173.239.53.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
xml.popunder.bid
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://haramikutta.us/kutta/300.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/300.php

Response headers

Cache-Control
no-store
Pragma
no-cache
Age
0
Connection
keep-alive
Content-Length
0
redirect
xml.popunder.bid/ Frame 95E2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://xml.popunder.bid/redirect?feed=174511&auth=gNqIKG
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/300.php
Protocol
HTTP/1.1
Server
173.239.53.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
xml.popunder.bid
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://haramikutta.us/kutta/300.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/300.php

Response headers

Cache-Control
no-store
Pragma
no-cache
Age
0
Connection
keep-alive
Content-Length
0
redirect
xml.popunder.bid/ Frame F116 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://xml.popunder.bid/redirect?feed=174511&auth=gNqIKG
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/300.php
Protocol
HTTP/1.1
Server
173.239.53.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
xml.popunder.bid
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://haramikutta.us/kutta/300.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/300.php

Response headers

Cache-Control
no-store
Pragma
no-cache
Age
0
Connection
keep-alive
Content-Length
0
redirect
witalfieldt.com/ Frame 3487 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://witalfieldt.com/redirect?tid=772286&ref=soccerlive.uk
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/300.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.142.120 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-85-142-120.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
witalfieldt.com
:scheme
https
:path
/redirect?tid=772286&ref=soccerlive.uk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://haramikutta.us/kutta/300.php
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/300.php

Response headers

status
204
date
Thu, 18 Apr 2019 02:05:06 GMT
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=712fb163-4813-4277-b9c4-071dde5bf5b1 fv=rjk8qjk8rHwEqSEFqjk8qjkHrja7vdw=; Expires=Fri, 17 Apr 2020 02:05:06 GMT; Max-Age=31536000; Domain=.witalfieldt.com; Path=/; Version=1
Cookie set NKBEURDE
lp.interwetten.com/ Frame 73E8
Redirect Chain
  • https://witalfieldt.com/redirect?tid=772286&ref=soccerlive.uk
  • http://usd.photios-raj.com/zcvisitor/62c3230a-617e-11e9-aef6-122f6a68bf46?campaignid=21b48ef0-44a3-11e9-9fa7-0a157bfa6bfc&__id__=21b48ef0-44a3-11e9-9fa7-0a157bfa6bfc
  • https://go2linkfast.com/i/11411?var1=november-hun-vNpOUg2H
  • https://lp.interwetten.com/NKBEURDE?bn=PopUnder-SB-Text-Default-DE-text-6807-popAds-sportradar
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://lp.interwetten.com/NKBEURDE?bn=PopUnder-SB-Text-Default-DE-text-6807-popAds-sportradar
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/300.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.127.139.104 , Austria, ASN43916 (INTERWETTEN-AT-AS, AT),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Host
lp.interwetten.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://haramikutta.us/kutta/300.php
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/300.php

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Server
Microsoft-IIS/10.0
Set-Cookie
ASP.NET_SessionId=5dlqasp4ru1msc4sauepqd0w; path=/; HttpOnly __IW_OPERT_BANNER=OPBANNERNAME=PopUnder-SB-Text-Default-DE-text-6807-popAds-sportradar; domain=interwetten.com; expires=Sat, 18-May-2019 02:05:08 GMT; path=/
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Thu, 18 Apr 2019 02:05:08 GMT
Content-Length
1475

Redirect headers

Server
nginx
Date
Thu, 18 Apr 2019 02:05:08 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
Set-Cookie
TRK_TRG=eJxjYGBgEmEXZMosEOQztDDVMzQ11DO10DM0tBRkTk%2FNF2RycRXkLkpNz8zPi0%2FOT0llEORMziyphLKZM4sLBDk98otLDANySosF%2BfJSS%2BKLC1JTU8AK2JgFOTKL4wuK8isq2RgBPJIcpQ%3D%3D; expires=Fri, 19-Apr-2019 02:05:08 GMT; Max-Age=86400; path=/ TRK_TRU2=eJxjYGBgEuEQZC5NNBVUSEozsTBLM05MSjRJNjE2MjM2SkpJTTFIs7RMNE9KMTESZE0qSsxL4RVkzc1PSc3hFeRKKsovL04tis9MYWMU5IfxylKLijPz83gcAg4wgIAga34xSAm7IBeQAZdVceqP0fh6WJA7JbUsMzk1vqSyIJWNEQAVJioV; expires=Fri, 19-Apr-2019 02:05:08 GMT; Max-Age=86400; path=/ trk_cpa_pixel=64061a10-617e-11e9-b746-f93c44f5e583; expires=Mon, 17-Jun-2019 02:05:08 GMT; Max-Age=5184000; path=/
Location
https://lp.interwetten.com/NKBEURDE?bn=PopUnder-SB-Text-Default-DE-text-6807-popAds-sportradar
Content-Encoding
gzip
Vary
Accept-Encoding
Cookie set identify.html
ufpcdn.com/script/ Frame 6320 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Server
2606:4700:30::6812:3647 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
ufpcdn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://haramikutta.us/kutta/kutta33.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/kutta33.php

Response headers

Date
Thu, 18 Apr 2019 02:05:06 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d87427608f4d013274a199e3b98db551a1555553106; expires=Fri, 17-Apr-20 02:05:06 GMT; path=/; domain=.ufpcdn.com; HttpOnly
Last-Modified
Tue, 15 May 2018 06:39:25 GMT
Server
cloudflare
CF-RAY
4c931260aaca96f4-FRA
Content-Encoding
gzip
/
c.adsco.re/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c.adsco.re/
Requested by
Host: c1.popads.net
URL: http://c1.popads.net/pop.js
Protocol
HTTP/1.1
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1edee80b7b61b0c5e2e0f00242c19b2f0e04c1517a9097d0769659425eaf0725

Request headers

Referer
http://haramikutta.us/kutta/kutta33.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 18 Apr 2019 02:05:06 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Accept-CH
DPR, Viewport-Width, Width, Device-Memory, Save-Data, RTT, Downlink, ECT
ETag
"REC+IpT/LibVVrVYYZtWKg=="
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
max-age=10800,public,immutable,no-transform
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4c9312614d22c274-FRA
Link
<//adsco.re>;rel=preconnect,<//6.adsco.re>;rel=prefetch
Server
cloudflare
Expires
Sat, 30 Mar 2019 01:03:50 GMT
/
6.adsco.re/ 		0
469 B 		Other
General
Check archive.org
Download Go to
Full URL
http://6.adsco.re/
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Purpose
prefetch
Referer
http://haramikutta.us/kutta/kutta33.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 18 Apr 2019 02:05:06 GMT
Content-Encoding
gzip
Server
cloudflare
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Max-Age
2592000
Cache-Control
max-age=600,public,immutable
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4c9312618dd4c2ec-FRA
t
adsco.re/ 		67 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adsco.re/t
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Server
162.252.214.5 -, , ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US),
Reverse DNS
Software
/
Resource Hash
d30037802015657dc95ee75b39f5da5965682adb0016df0ec4aa045e54f5ce67

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/kutta33.php
Origin
http://haramikutta.us

Response headers

Date
Thu, 18 Apr 2019 02:05:06 GMT
Accept-CH
DPR, Viewport-Width, Width, Device-Memory, Save-Data, RTT, Downlink, ECT
Access-Control-Max-Age
2592000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://haramikutta.us
Cache-Control
no-transform
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
suurl.php
onclickmega.com/script/ 		0
130 B 		Script
General
Check archive.org
Download Go to
Full URL
http://onclickmega.com/script/suurl.php?r=2149307&cbrandom=0.5873307541295127&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com&ufp=56188300211841604351700548672
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Server
35.190.64.167 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
167.64.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://haramikutta.us/kutta/kutta33.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 18 Apr 2019 02:05:06 GMT
Via
1.1 google
Referrer-Policy
no-referrer
Server
openresty
chrome.js
celeritascdn.com/script/ 		19 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://celeritascdn.com/script/chrome.js
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Server
2606:4700::6811:c46b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
01c5a7b2a3e6f87828b3b9753860d4c5f2ab3b45a8828b73d9456272e3ab5b05

Request headers

Referer
http://haramikutta.us/kutta/kutta33.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 18 Apr 2019 02:05:06 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
X-GUploader-UploadID
AEnB2UrMnCk3dH8SZexnp4x74gqpAO8O5YfaLjYiw5YCmg0WsmPLmlAEZGZ8IaR9brd96t6clMyHKvN9HRO9Z3kgx5DR68qODw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Last-Modified
Tue, 27 Nov 2018 10:11:23 GMT
Server
cloudflare
ETag
W/"9d9321d19f2301e6aa1626b33e3244c1"
Vary
Accept-Encoding
x-goog-hash
crc32c=sBm46w==, md5=nZMh0Z8jAeaqFiazPjJEwQ==
Content-Type
application/javascript
x-goog-generation
1543313483225659
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
x-goog-stored-content-length
18971
CF-RAY
4c931261a9a996be-FRA
Expires
Thu, 18 Apr 2019 06:05:06 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668

Request headers

Referer
http://haramikutta.us/kutta/kutta33.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 18 Apr 2019 02:03:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Dec 2018 14:12:12 GMT
X-CDN-Pop-IP
137.74.120.32/27
ETag
"-139234964"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
4761
Content-Type
text/javascript
X-CDN-Pop
sbg
Accept-Ranges
bytes
Content-Length
4525
/
t.dtscout.com/i/ 		17 B
379 B 		Script
General
Check archive.org
Download Go to
Full URL
http://t.dtscout.com/i/?l=http%3A%2F%2Fharamikutta.us%2Fkutta%2Fkutta33.php&j=
Requested by
Host: waust.at
URL: http://waust.at/d.js
Protocol
HTTP/1.1
Server
107.182.233.217 Providence, United States, ASN29854 (WESTHOST - WestHost, Inc., US),
Reverse DNS
6bb6e9d9.setaptr.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
37c5cbe8ad795a530c7ad3e2a3574a4f9038c3fc10fc48ca4c1c74ed9ffdc6a4

Request headers

Referer
http://haramikutta.us/kutta/kutta33.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 18 Apr 2019 02:05:06 GMT
Server
nginx/1.10.3 (Ubuntu)
X-Z
I
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Expires
Thu, 18 Apr 2019 02:05:05 GMT
/
6.adsco.re/ 		56 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://6.adsco.re/
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
09fe684ad7e0f8df84e8e8182c7392a4e1c3b53d8fdbba5bbca5972464bf110a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/kutta33.php
Origin
http://haramikutta.us

Response headers

Date
Thu, 18 Apr 2019 02:05:06 GMT
Content-Encoding
gzip
Server
cloudflare
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
http://haramikutta.us
Access-Control-Max-Age
2592000
Cache-Control
max-age=600,public,immutable
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4c931261ebe89756-FRA
/
30.l.adsco.re/ 		0
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://30.l.adsco.re/
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.200.118.90 -, , ASN9009 (M247, GB),
Reverse DNS
adscore.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/kutta33.php
Origin
http://haramikutta.us

Response headers

Date
Thu, 18 Apr 2019 02:05:06 GMT
Last-Modified
Tue, 31 Jul 2018 22:16:15 GMT
ETag
"5b60dfaf-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
30.n.adsco.re/ 		0
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://30.n.adsco.re/
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.132.109.186 , United States, ASN9009 (M247, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/kutta33.php
Origin
http://haramikutta.us

Response headers

Date
Thu, 18 Apr 2019 02:05:06 GMT
Last-Modified
Mon, 30 Jul 2018 15:32:42 GMT
ETag
"5b5f2f9a-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
30.s.adsco.re/ 		0
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://30.s.adsco.re/
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.200.116.90 -, , ASN9009 (M247, GB),
Reverse DNS
no-mans-land.m247.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/kutta33.php
Origin
http://haramikutta.us

Response headers

Date
Thu, 18 Apr 2019 02:05:07 GMT
Last-Modified
Mon, 30 Jul 2018 15:38:01 GMT
ETag
"5b5f30d9-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
c.adsco.re/ Frame A6D6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://c.adsco.re/
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
c.adsco.re
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://haramikutta.us/kutta/kutta33.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/kutta33.php

Response headers

Date
Thu, 18 Apr 2019 02:05:06 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=10800,public,immutable,no-transform
Link
<//adsco.re>;rel=preconnect,<//6.adsco.re>;rel=prefetch
Accept-CH
DPR, Viewport-Width, Width, Device-Memory, Save-Data, RTT, Downlink, ECT
Expires
Sat, 30 Mar 2019 01:03:50 GMT
ETag
"REC+IpT/LibVVrVYYZtWKg=="
Content-Encoding
gzip
CF-Cache-Status
HIT
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4c931261edf1c274-FRA
/
whos.amung.us/pingjs/ 		30 B
233 B 		Script
General
Check archive.org
Download Go to
Full URL
http://whos.amung.us/pingjs/?k=bcdsbeeygm&t=&c=d&y=&a=0&r=130
Requested by
Host: waust.at
URL: http://waust.at/d.js
Protocol
HTTP/1.1
Server
67.202.94.86 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
amung.us
Software
/
Resource Hash
cce73282feb198d1a9aac25ab64f4f2a588848514796416b7ef554782ef46e58

Request headers

Referer
http://haramikutta.us/kutta/kutta33.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 18 Apr 2019 02:05:06 GMT
Content-Encoding
gzip
Connection
close
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
0.php
s4.histats.com/stats/ 		52 B
323 B 		Script
General
Check archive.org
Download Go to
Full URL
http://s4.histats.com/stats/0.php?3451427&@f16&@g1&@h1&@i1&@j1555553106322&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-143716745&@b3:1555553106&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fharamikutta.us%2Fkutta%2Fkutta33.php&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Server
192.99.5.78 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns558046.ip-192-99-5.net
Software
/
Resource Hash
58274ed49f07bf56b085ac926a8fc8d1ffa91b84e74a1475d9ce1d309f313a33

Request headers

Referer
http://haramikutta.us/kutta/kutta33.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 18 Apr 2019 02:05:07 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
tc.js
cdn.tynt.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.tynt.com/tc.js
Requested by
Host: waust.at
URL: http://waust.at/d.js
Protocol
HTTP/1.1
Server
104.16.88.26 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f019b3e38098b74d98fb909e1add41a2c4208bfa59db027818fcbd0e187f763

Request headers

Referer
http://haramikutta.us/kutta/kutta33.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 18 Apr 2019 02:05:06 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Mon, 10 Dec 2018 17:11:41 GMT
Server
cloudflare
ETag
W/"5c0e9e4d-3ddc"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=259200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4c9312640e1ebecb-FRA
Expires
Sun, 21 Apr 2019 02:05:06 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Referer
http://haramikutta.us/kutta/kutta33.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
p
ic.tynt.com/b/ 		0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ic.tynt.com/b/p?id=w!bcdsbeeygm&lm=0&ts=1555553106577&dn=TC&iso=0&t=haramikutta.us
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Server
208.100.17.183 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip183.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://haramikutta.us/kutta/kutta33.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 18 Apr 2019 02:05:06 GMT
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Server
nginx/1.14.0
v2
de.tynt.com/deb/ 		4 B
250 B 		Script
General
Check archive.org
Download Go to
Full URL
http://de.tynt.com/deb/v2?id=w!bcdsbeeygm&dn=TC&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: http://cdn.tynt.com/tc.js
Protocol
HTTP/1.1
Server
208.100.17.187 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip187.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Referer
http://haramikutta.us/kutta/kutta33.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 18 Apr 2019 02:05:06 GMT
Cache-Control
max-age=86400
Expires
Fri, 19 Apr 2019 02:05:07 GMT
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Content-Length
4
Content-Type
application/javascript
p
adsco.re/ 		208 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adsco.re/p
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Server
162.252.214.5 -, , ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US),
Reverse DNS
Software
/
Resource Hash
f4a6d451228d8d435c9b514abd065817f5d37a5884ce9735cc3255d60c1da43c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://haramikutta.us/kutta/kutta33.php
Origin
http://haramikutta.us

Response headers

Date
Thu, 18 Apr 2019 02:05:06 GMT
Content-Encoding
gzip
Accept-CH
DPR, Viewport-Width, Width, Device-Memory, Save-Data, RTT, Downlink, ECT
Access-Control-Max-Age
2592000
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://haramikutta.us
Cache-Control
no-transform
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
p
ic.tynt.com/b/ 		0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ic.tynt.com/b/p?id=w!bcdsbeeygm&lm=0&ts=1555553106577&dn=TC&iso=0&t=haramikutta.us
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Server
208.100.17.183 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip183.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://haramikutta.us/kutta/kutta33.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 18 Apr 2019 02:05:07 GMT
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Server
nginx/1.14.0
c
serve.popads.net/ 		44 B
259 B 		Script
General
Check archive.org
Download Go to
Full URL
http://serve.popads.net/c?_=BAgAXLfbUgFct9tSgAGBAcAAIDc9ViT1jy5_kzz5LXHnngsHJHdig61VenTvtb3B17LcwQAgK7vvkpFgs3RYaK6dhx-2ZobWzRMoKws6-3gP5RSKWt3CACAHKC8Q_tR-JdxKDVH3Xt88neYvrx49rNvmyP_RwrJkOMMAIK7HubNqqzY_c8ahFBkMwFQTvtxWu-ijUyRyctN5k1b0&v=4&siteId=2906922&minBid=&popundersPerIP=&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200
Requested by
Host: c1.popads.net
URL: http://c1.popads.net/pop.js
Protocol
HTTP/1.1
Server
216.21.13.17 , United States, ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US),
Reverse DNS
Software
/
Resource Hash
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

Referer
http://haramikutta.us/kutta/kutta33.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 18 Apr 2019 02:05:10 GMT
PopAds-EC
ASB
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
44
Content-Type
text/javascript;charset=UTF-8
p
ic.tynt.com/b/ 		0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ic.tynt.com/b/p?id=w!bcdsbeeygm&lm=0&ts=1555553106577&dn=TC&iso=0&t=haramikutta.us
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Server
208.100.17.183 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip183.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://haramikutta.us/kutta/kutta33.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 18 Apr 2019 02:05:07 GMT
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Server
nginx/1.14.0
p
ic.tynt.com/b/ 		0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ic.tynt.com/b/p?id=w!bcdsbeeygm&lm=0&ts=1555553106577&dn=TC&iso=0
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Server
208.100.17.183 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip183.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://haramikutta.us/kutta/kutta33.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 18 Apr 2019 02:05:07 GMT
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Server
nginx/1.14.0
p
ic.tynt.com/b/ 		0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ic.tynt.com/b/p?id=w!bcdsbeeygm&lm=0&ts=1555553106577&dn=TC&iso=0
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Server
208.100.17.183 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip183.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://haramikutta.us/kutta/kutta33.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 18 Apr 2019 02:05:07 GMT
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Server
nginx/1.14.0
p
ic.tynt.com/b/ 		0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ic.tynt.com/b/p?id=w!bcdsbeeygm&lm=0&ts=1555553106577&dn=TC&iso=0
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Server
208.100.17.183 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip183.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://haramikutta.us/kutta/kutta33.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 18 Apr 2019 02:05:07 GMT
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Server
nginx/1.14.0
p
ic.tynt.com/b/ 		0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ic.tynt.com/b/p?id=w!bcdsbeeygm&lm=0&ts=1555553106577&dn=TC&iso=0
Requested by
Host: haramikutta.us
URL: http://haramikutta.us/kutta/kutta33.php
Protocol
HTTP/1.1
Server
208.100.17.183 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip183.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://haramikutta.us/kutta/kutta33.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 18 Apr 2019 02:05:07 GMT
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Server
nginx/1.14.0

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| _pop object| adcashMacros object| zoneSett object| urls object| _0x6e62 function| acPrefetch object| CTABPu object| _0xabb3 function| ufpAttach object| CTAMAT object| adcashUfp object| popjs object| Base64 function| pafban object| detectZoom object| PopAds object| _pao function| AdscoreInit object| _Hasync object| _wau string| wau_w_col string| wau_w_siz object| WAU_ren function| WAU_dynamic function| WAU_dynamic_request function| WAU_r_d function| WAU_insert function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_cps function| docReady number| a function| ed number| t number| newTime number| r number| g number| b string| bt object| _0x5000 object| Cnac object| stamat function| NqPnfu9924294973759769 function| NqPnfu object| NqpnfuVfNOrggreArgjbex boolean| _0x90aa function| chfh function| chfh2 string| _HST_cntval object| Histats object| _dts object| x string| x1 string| x2 object| Tynt object| _33Across object| _HistatsCounterGraphics_0_setValues

4 Cookies

Domain/Path Name / Value
.wordingpressure.club/ Name: _ga
Value: GA1.2.789222999.1555553114
.wordingpressure.club/ Name: _gat_gtag_UA_109145051_6
Value: 1
.wordingpressure.club/ Name: _gid
Value: GA1.2.1285052334.1555553114
.wordingpressure.club/ Name: __cfduid
Value: d8906de3bdc015891e32e03422c0c208f1555553113

1 Console Messages

Source Level URL
Text
console-api log URL: http://c.adsco.re/(Line 13)
Message:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
30.l.adsco.re
30.n.adsco.re
30.s.adsco.re
6.adsco.re
adsco.re
c.adsco.re
c1.popads.net
cdn.tynt.com
celeritascdn.com
de.betclic.com
de.tynt.com
go2linkfast.com
haramikutta.us
ic.tynt.com
jolic2.com
lp.interwetten.com
mob.kaipirinhaloka.xyz
nowlive.pro
onclickmega.com
rensovetors.info
s10.histats.com
s4.histats.com
serve.popads.net
sls.wordingpressure.club
t.dtscout.com
track4.highseas.xyz
ufpcdn.com
usd.photios-raj.com
waust.at
whos.amung.us
witalfieldt.com
wlbetclic.adsrv.eacdn.com
xml.popunder.bid
103.194.169.88
104.16.88.26
104.31.65.141
107.182.233.217
151.106.13.29
162.252.214.5
173.239.53.18
185.200.116.90
185.200.118.90
185.225.208.133
192.99.5.78
193.124.183.237
194.127.139.104
195.181.170.18
198.134.116.30
208.100.17.183
208.100.17.187
216.21.13.17
2604:9e00:1:138::11
2606:4700:30::6812:3647
2606:4700::6811:a6ba
2606:4700::6811:a7ba
2606:4700::6811:c46b
2a00:1450:4001:81a::2001
3.92.103.120
35.190.64.167
37.187.75.92
38.132.109.186
46.105.201.240
54.210.104.147
54.85.142.120
67.202.94.86
91.92.196.190
94.125.61.194
01c5a7b2a3e6f87828b3b9753860d4c5f2ab3b45a8828b73d9456272e3ab5b05
09fe684ad7e0f8df84e8e8182c7392a4e1c3b53d8fdbba5bbca5972464bf110a
1d5befe8d12c77118b010f0079a340181e809be1b0bc6952756ab812dec98df2
1edee80b7b61b0c5e2e0f00242c19b2f0e04c1517a9097d0769659425eaf0725
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668
37c5cbe8ad795a530c7ad3e2a3574a4f9038c3fc10fc48ca4c1c74ed9ffdc6a4
4e9df74a2654e54242ac36f10826cba1261c1f9152da9ff7504b2248c42463ad
4f019b3e38098b74d98fb909e1add41a2c4208bfa59db027818fcbd0e187f763
58274ed49f07bf56b085ac926a8fc8d1ffa91b84e74a1475d9ce1d309f313a33
6aa12f096d1a1ceea49ad2560640baaf7d1ada288e50f2eaf9a6d8210d7339e0
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
cce73282feb198d1a9aac25ab64f4f2a588848514796416b7ef554782ef46e58
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d30037802015657dc95ee75b39f5da5965682adb0016df0ec4aa045e54f5ce67
e159e76420409e0334f23b7544ecbfb68ee3195e2ddb4cd6c19e4d97cee32521
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4a6d451228d8d435c9b514abd065817f5d37a5884ce9735cc3255d60c1da43c
f8dd6c33eb19d66432b2884e9ee165cf081899298638b9173170096019e63a6a
f99b828572cc85990b4e209512ec7d90c03cbd1d4e1c625f35d308f442abeeab