urlscan.io logo urlscan.io
SecurityTrails logo

streamsport.pro Open in urlscan Pro
2606:4700:3035::ac43:d9c6  Public Scan

Go To Rescan Add Verdict Report
URL: http://streamsport.pro/ads/loading.html
Submission: On September 29 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 14 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3035::ac43:d9c6, located in United States and belongs to CLOUDFLARENET, US. The main domain is streamsport.pro.
This is the only time streamsport.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 143.204.201.55 16509 (AMAZON-02)
3 38.140.142.154 174 (COGENT-174)
3 3 143.204.201.22 16509 (AMAZON-02)
1 35.208.7.10 15169 (GOOGLE)
1 52.86.219.129 14618 (AMAZON-AES)
2 51.178.66.34 16276 (OVH)
2 172.255.6.251 7979 (SERVERS-COM)
2 2 173.239.53.18 36057 (WEBAIR-IN...)
2 88.208.7.132 39572 (ADVANCEDH...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 185.63.253.110 134512 (HWSPL-AS-...)
1 46.105.201.240 16276 (OVH)
1 192.99.8.28 16276 (OVH)
17 12
1    2606:4700:3035::ac43:d9c6 (United States)

ASN13335 (CLOUDFLARENET, US)
streamsport.pro
1    2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
2    143.204.201.55 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-55.fra53.r.cloudfront.net
azpresearch.club
3    38.140.142.154 (Fort Lauderdale, United States)

ASN174 (COGENT-174, US)
rtb.us4post.com
3    143.204.201.22 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-22.fra53.r.cloudfront.net
witalfieldt.com
1    35.208.7.10 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 10.7.208.35.bc.googleusercontent.com
codedexchange.com
1    52.86.219.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-219-129.compute-1.amazonaws.com
rliyc.bifidavity.club
2    51.178.66.34 (France)

ASN16276 (OVH, FR)
PTR: eu6.app6.gglx.me
producebreed.com
2    172.255.6.251 (Netherlands)

ASN7979 (SERVERS-COM, US)
squawcubesfry.com
2    173.239.53.18 (Garden City, United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
xml.fastdlr.com
2    88.208.7.132 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
t5ytz24c5.com
1    2606:4700:3030::ac43:b3be (United States)

ASN13335 (CLOUDFLARENET, US)
1123movies.to
1    185.63.253.110 (Amsterdam, Netherlands)

ASN134512 (HWSPL-AS-AP HostPalace Web Solution PVT LTD, IN)
sportlive.site
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    192.99.8.28 (Richmond Hill, Canada)

ASN16276 (OVH, FR)
PTR: ns523448.ip-192-99-8.net
s4.histats.com
Domain Requested by
3 witalfieldt.com 3 redirects
3 rtb.us4post.com streamsport.pro
2 t5ytz24c5.com streamsport.pro
2 xml.fastdlr.com 2 redirects
2 squawcubesfry.com streamsport.pro
2 producebreed.com streamsport.pro
2 azpresearch.club 2 redirects
1 s4.histats.com s10.histats.com
1 s10.histats.com streamsport.pro
1 sportlive.site streamsport.pro
1 1123movies.to streamsport.pro
1 rliyc.bifidavity.club streamsport.pro
1 codedexchange.com streamsport.pro
1 ajax.cloudflare.com streamsport.pro
1 streamsport.pro
17 15

This site contains no links.

Subject Issuer Validity Valid
ajax.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-11 -
2022-08-16		 2 years crt.sh
*.us4post.com
Let's Encrypt Authority X3		 2020-09-01 -
2020-11-30		 3 months crt.sh
bifidavity.club
Let's Encrypt Authority X3		 2020-09-15 -
2020-12-14		 3 months crt.sh
producebreed.com
Let's Encrypt Authority X3		 2020-07-28 -
2020-10-26		 3 months crt.sh
squawcubesfry.com
Let's Encrypt Authority X3		 2020-08-20 -
2020-11-18		 3 months crt.sh
t5ytz24c5.com
Let's Encrypt Authority X3		 2020-08-16 -
2020-11-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-06-18 -
2021-06-18		 a year crt.sh
histats.com
Let's Encrypt Authority X3		 2020-09-08 -
2020-12-07		 3 months crt.sh

This page contains 14 frames:

Primary Page: http://streamsport.pro/ads/loading.html
Frame ID: 7DE2FAC613FD07AD35A37CF06E2CF29A
Requests: 4 HTTP requests in this frame

Frame: https://rtb.us4post.com/log?action=click&key=2418-2418-4-964f77c2-f3d5-b292-f763-fb7870293e75&strategy=475208&ts=1601410987938
Frame ID: D3D4B23F3D9C00D4B0B3F5B8B2ADC6D3
Requests: 1 HTTP requests in this frame

Frame: https://rtb.us4post.com/log?action=click&key=2418-2418-4-021649bc-0edf-8aa7-ef6c-a455e917cfa5&strategy=475208&ts=1601410987911
Frame ID: 7B36EAED8692C79D4B2F363A1108C56C
Requests: 1 HTTP requests in this frame

Frame: http://codedexchange.com/script/s2iurl.php?csid=1587063&s1=733410&stamat=m%7C%2C%2CQiF6o3YrtGU3B_-GH0dEdHP3xP.3e2%2CDu5nweuyUXGP6HcwnwoJR3ALYCt9GMWrXv_NJZZormGj8GgLXGnB_CpysaWugF_C03loGqzjNYaVbpUBpg7CJt9koT0ZMfrLjV-SEDmb5vctgitIWJwA7aahqxVI2IblZlhEscQ1l9N-8brZsEMZ1leBTk2pU9ZjxzsgUQVjO2EvLiArojoDlBPwoBiWoztVp3atytsVaYqDMf_mZE2yzOJ2cgXvBgB50DgCcWF4Fo8RCOoewkD0jplfOA6xUwcoiZEEu541eoqs7VNLwYev_Eq-9jjR0Io0-EvLX5hLCoENYCq3Eqjvy-pDKR1_7QvfJ9KPq9-DbONh9Xa2X-xarbFMzaomZppPTVilvMukeylR5DsegVXdHGKWAp6_yqplFol2RJ8qzRpiZsxt4tIpxm_L2JkQZPfaMtQb-IY5HJuDBXuEHjapNNnxe05RNFUnh8O6F3BmunWGM8rJP0mibkjTcvm61z97ejjpJQHtZSo3Es7f8g7qTCBJW-sUe8I7XnWsThgmOMt1Ojo4e8nEu5P99nZr4FCrdXT-0NeGc9N1lz1G6fDkHeeQ8bYH4FzO
Frame ID: FBD5D3B9D81CA5C2F4E9C9C78F0C6F32
Requests: 1 HTTP requests in this frame

Frame: https://rliyc.bifidavity.club/RLRDTVH?tag_id=885054&sub_id1=&sub_id2=4571381408177556218&cookie_id=02dd1a28-09b9-4fb9-84a1-91cf35c84a5c&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fwitalfieldt.com%2F%3Ftid%3D885054%26noocp%3D1&hop=7&geo=NL
Frame ID: B1FF8E6C65376D356686C9986EB90F8D
Requests: 1 HTTP requests in this frame

Frame: https://producebreed.com/iwsDJoirkdASyL/16184
Frame ID: 4B48CD36560AC4293F5E9DD6143D81DC
Requests: 1 HTTP requests in this frame

Frame: https://producebreed.com/iwsDJoirkdASyL/16184
Frame ID: B3018F8AF62C285B25318D08D590DA28
Requests: 1 HTTP requests in this frame

Frame: https://squawcubesfry.com/iiCQmJYGJE7cXkDS/16184
Frame ID: F6D1D9E65EBC52FDC79876CB5DE4232B
Requests: 1 HTTP requests in this frame

Frame: https://squawcubesfry.com/iiCQmJYGJE7cXkDS/16184
Frame ID: 60B9B437395E3E8442830ABF9DA0687C
Requests: 1 HTTP requests in this frame

Frame: https://t5ytz24c5.com/i/2960?nsid=250834&partner_subid=
Frame ID: E7A4F2F9AD8C2F6E4F5D02A403516858
Requests: 1 HTTP requests in this frame

Frame: https://t5ytz24c5.com/i/2960?nsid=250834&partner_subid=
Frame ID: D696477A6A166BA1F733249F6E9E1BFB
Requests: 1 HTTP requests in this frame

Frame: https://1123movies.to/test-ad.html
Frame ID: 5C9513858C25CF1B99FA8CD00886D4CF
Requests: 1 HTTP requests in this frame

Frame: http://sportlive.site/admaven.html
Frame ID: 396D6DA26028D9FC5C030FB56BA8A12F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.us4post.com/log?action=click&key=2418-2418-4-d3da2b52-4815-36ab-fc7f-a135c246e5c4&strategy=475208&ts=1601410987944
Frame ID: EF632F1E8F1966F1230281B4171B3438
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

17
Requests

76 %
HTTPS

20 %
IPv6

14
Domains

15
Subdomains

12
IPs

4
Countries

11 kB
Transfer

27 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://azpresearch.club/redirect?tid=885258&ref=encodeURI HTTP 302
  • https://rtb.us4post.com/log?action=click&key=2418-2418-4-964f77c2-f3d5-b292-f763-fb7870293e75&strategy=475208&ts=1601410987938
Request Chain 2
  • https://azpresearch.club/redirect?tid=885258&ref=encodeURI HTTP 302
  • https://rtb.us4post.com/log?action=click&key=2418-2418-4-021649bc-0edf-8aa7-ef6c-a455e917cfa5&strategy=475208&ts=1601410987911
Request Chain 3
  • https://witalfieldt.com/redirect?tid=733410&ref=encodeURI HTTP 302
  • http://codedexchange.com/script/s2iurl.php?csid=1587063&s1=733410&stamat=m%7C%2C%2CQiF6o3YrtGU3B_-GH0dEdHP3xP.3e2%2CDu5nweuyUXGP6HcwnwoJR3ALYCt9GMWrXv_NJZZormGj8GgLXGnB_CpysaWugF_C03loGqzjNYaVbpUBpg7CJt9koT0ZMfrLjV-SEDmb5vctgitIWJwA7aahqxVI2IblZlhEscQ1l9N-8brZsEMZ1leBTk2pU9ZjxzsgUQVjO2EvLiArojoDlBPwoBiWoztVp3atytsVaYqDMf_mZE2yzOJ2cgXvBgB50DgCcWF4Fo8RCOoewkD0jplfOA6xUwcoiZEEu541eoqs7VNLwYev_Eq-9jjR0Io0-EvLX5hLCoENYCq3Eqjvy-pDKR1_7QvfJ9KPq9-DbONh9Xa2X-xarbFMzaomZppPTVilvMukeylR5DsegVXdHGKWAp6_yqplFol2RJ8qzRpiZsxt4tIpxm_L2JkQZPfaMtQb-IY5HJuDBXuEHjapNNnxe05RNFUnh8O6F3BmunWGM8rJP0mibkjTcvm61z97ejjpJQHtZSo3Es7f8g7qTCBJW-sUe8I7XnWsThgmOMt1Ojo4e8nEu5P99nZr4FCrdXT-0NeGc9N1lz1G6fDkHeeQ8bYH4FzO
Request Chain 4
  • https://witalfieldt.com/redirect?tid=885054&ref=encodeURI HTTP 302
  • https://rliyc.bifidavity.club/RLRDTVH?tag_id=885054&sub_id1=&sub_id2=4571381408177556218&cookie_id=02dd1a28-09b9-4fb9-84a1-91cf35c84a5c&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fwitalfieldt.com%2F%3Ftid%3D885054%26noocp%3D1&hop=7&geo=NL
Request Chain 9
  • https://xml.fastdlr.com/redirect?feed=250834&auth=3kb84n HTTP 302
  • https://t5ytz24c5.com/i/2960?nsid=250834&partner_subid=
Request Chain 10
  • https://xml.fastdlr.com/redirect?feed=250834&auth=3kb84n HTTP 302
  • https://t5ytz24c5.com/i/2960?nsid=250834&partner_subid=
Request Chain 13
  • https://witalfieldt.com/redirect?tid=899427&ref=encodeURI HTTP 302
  • https://rtb.us4post.com/log?action=click&key=2418-2418-4-d3da2b52-4815-36ab-fc7f-a135c246e5c4&strategy=475208&ts=1601410987944

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set loading.html
streamsport.pro/ads/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://streamsport.pro/ads/loading.html
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:d9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64f5acc33a824145d5370fed11915d14e8d5041a6642d80855181c29ef77b395

Request headers

Host
streamsport.pro
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 29 Sep 2020 20:23:07 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dfc8320f20f2b45f78283ab9e809cc31d1601410987; expires=Thu, 29-Oct-20 20:23:07 GMT; path=/; domain=.streamsport.pro; HttpOnly; SameSite=Lax
Last-Modified
Tue, 29 Sep 2020 17:55:45 GMT
Vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
cf-request-id
057d218ebc0000d6e9e40af200000001
Server
cloudflare
CF-RAY
5da86b912a12d6e9-FRA
Content-Encoding
gzip
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: streamsport.pro
URL: http://streamsport.pro/ads/loading.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://streamsport.pro/ads/loading.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Sep 2020 20:23:07 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 25 Sep 2020 21:34:15 GMT
server
cloudflare
etag
W/"5f6e6257-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
5da86b91992f0609-FRA
cf-request-id
057d218efc000006098795e200000001
expires
Thu, 01 Oct 2020 20:23:07 GMT
log
rtb.us4post.com/ Frame D3D4
Redirect Chain
  • https://azpresearch.club/redirect?tid=885258&ref=encodeURI
  • https://rtb.us4post.com/log?action=click&key=2418-2418-4-964f77c2-f3d5-b292-f763-fb7870293e75&strategy=475208&ts=1601410987938
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.us4post.com/log?action=click&key=2418-2418-4-964f77c2-f3d5-b292-f763-fb7870293e75&strategy=475208&ts=1601410987938
Requested by
Host: streamsport.pro
URL: http://streamsport.pro/ads/loading.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
38.140.142.154 Fort Lauderdale, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash

Request headers

:method
GET
:authority
rtb.us4post.com
:scheme
https
:path
/log?action=click&key=2418-2418-4-964f77c2-f3d5-b292-f763-fb7870293e75&strategy=475208&ts=1601410987938
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://streamsport.pro/ads/loading.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://streamsport.pro/ads/loading.html

Response headers

status
200
server
openresty/1.15.8.3
date
Tue, 29 Sep 2020 20:23:08 GMT
content-type
text/html;charset=UTF-8
content-length
3765
set-cookie
platform_user_id=desktop:4345a19d538aaec927509bfa3e90da90

Redirect headers

status
302
content-type
text/plain
content-length
0
location
https://rtb.us4post.com/log?action=click&key=2418-2418-4-964f77c2-f3d5-b292-f763-fb7870293e75&strategy=475208&ts=1601410987938
date
Tue, 29 Sep 2020 20:23:08 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=9ee97623-e4c9-433e-a94b-2007ee57c8ca fv=rjgErjnFrdU5qGEFqTaFqdwEpjY6vdw=; Expires=Wed, 29 Sep 2021 20:23:08 GMT; Max-Age=31536000; Domain=.azpresearch.club; Path=/; Version=1
x-cache
Miss from cloudfront
via
1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
RYtwkvz1YINC66Te3cAUKdda-ocYKSkXdMBzDABWmaGwsi8zCHkSQA==
log
rtb.us4post.com/ Frame 7B36
Redirect Chain
  • https://azpresearch.club/redirect?tid=885258&ref=encodeURI
  • https://rtb.us4post.com/log?action=click&key=2418-2418-4-021649bc-0edf-8aa7-ef6c-a455e917cfa5&strategy=475208&ts=1601410987911
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.us4post.com/log?action=click&key=2418-2418-4-021649bc-0edf-8aa7-ef6c-a455e917cfa5&strategy=475208&ts=1601410987911
Requested by
Host: streamsport.pro
URL: http://streamsport.pro/ads/loading.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
38.140.142.154 Fort Lauderdale, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash

Request headers

:method
GET
:authority
rtb.us4post.com
:scheme
https
:path
/log?action=click&key=2418-2418-4-021649bc-0edf-8aa7-ef6c-a455e917cfa5&strategy=475208&ts=1601410987911
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://streamsport.pro/ads/loading.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://streamsport.pro/ads/loading.html

Response headers

status
200
server
openresty/1.15.8.3
date
Tue, 29 Sep 2020 20:23:08 GMT
content-type
text/html;charset=UTF-8
content-length
3765
set-cookie
platform_user_id=desktop:4345a19d538aaec927509bfa3e90da90

Redirect headers

status
302
content-type
text/plain
content-length
0
location
https://rtb.us4post.com/log?action=click&key=2418-2418-4-021649bc-0edf-8aa7-ef6c-a455e917cfa5&strategy=475208&ts=1601410987911
date
Tue, 29 Sep 2020 20:23:08 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=e16ce9c9-9b61-4405-b056-40a081841163 fv=rjgErjnFrdU5qGEFqTaFqdwEpjY6vdw=; Expires=Wed, 29 Sep 2021 20:23:08 GMT; Max-Age=31536000; Domain=.azpresearch.club; Path=/; Version=1
x-cache
Miss from cloudfront
via
1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
PcGMnj5481Fhm1lWAmN0VQTeuGo5Q-wZz0cs-X8t263yJMnCdvoFrg==
s2iurl.php
codedexchange.com/script/ Frame FBD5
Redirect Chain
  • https://witalfieldt.com/redirect?tid=733410&ref=encodeURI
  • http://codedexchange.com/script/s2iurl.php?csid=1587063&s1=733410&stamat=m%7C%2C%2CQiF6o3YrtGU3B_-GH0dEdHP3xP.3e2%2CDu5nweuyUXGP6HcwnwoJR3ALYCt9GMWrXv_NJZZormGj8GgLXGnB_CpysaWugF_C03loGqzjNYaVbpUBp...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://codedexchange.com/script/s2iurl.php?csid=1587063&s1=733410&stamat=m%7C%2C%2CQiF6o3YrtGU3B_-GH0dEdHP3xP.3e2%2CDu5nweuyUXGP6HcwnwoJR3ALYCt9GMWrXv_NJZZormGj8GgLXGnB_CpysaWugF_C03loGqzjNYaVbpUBpg7CJt9koT0ZMfrLjV-SEDmb5vctgitIWJwA7aahqxVI2IblZlhEscQ1l9N-8brZsEMZ1leBTk2pU9ZjxzsgUQVjO2EvLiArojoDlBPwoBiWoztVp3atytsVaYqDMf_mZE2yzOJ2cgXvBgB50DgCcWF4Fo8RCOoewkD0jplfOA6xUwcoiZEEu541eoqs7VNLwYev_Eq-9jjR0Io0-EvLX5hLCoENYCq3Eqjvy-pDKR1_7QvfJ9KPq9-DbONh9Xa2X-xarbFMzaomZppPTVilvMukeylR5DsegVXdHGKWAp6_yqplFol2RJ8qzRpiZsxt4tIpxm_L2JkQZPfaMtQb-IY5HJuDBXuEHjapNNnxe05RNFUnh8O6F3BmunWGM8rJP0mibkjTcvm61z97ejjpJQHtZSo3Es7f8g7qTCBJW-sUe8I7XnWsThgmOMt1Ojo4e8nEu5P99nZr4FCrdXT-0NeGc9N1lz1G6fDkHeeQ8bYH4FzO
Requested by
Host: streamsport.pro
URL: http://streamsport.pro/ads/loading.html
Protocol
HTTP/1.1
Server
35.208.7.10 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
10.7.208.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Host
codedexchange.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://streamsport.pro/ads/loading.html
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://streamsport.pro/ads/loading.html

Response headers

Server
openresty
Date
Tue, 29 Sep 2020 20:23:08 GMT
Content-Type
text/html; charset=utf-8; charset=utf-8
Transfer-Encoding
chunked
Access-Control-Allow-Origin
*
Referrer-Policy
no-referrer
Link
<//codedexchange.com>; rel=dns-prefetch,<//codedexchange.com>; rel=preconnect
Content-Encoding
gzip
Via
1.1 google

Redirect headers

status
302
content-type
text/plain
content-length
0
location
http://codedexchange.com/script/s2iurl.php?csid=1587063&s1=733410&stamat=m%7C%2C%2CQiF6o3YrtGU3B_-GH0dEdHP3xP.3e2%2CDu5nweuyUXGP6HcwnwoJR3ALYCt9GMWrXv_NJZZormGj8GgLXGnB_CpysaWugF_C03loGqzjNYaVbpUBpg7CJt9koT0ZMfrLjV-SEDmb5vctgitIWJwA7aahqxVI2IblZlhEscQ1l9N-8brZsEMZ1leBTk2pU9ZjxzsgUQVjO2EvLiArojoDlBPwoBiWoztVp3atytsVaYqDMf_mZE2yzOJ2cgXvBgB50DgCcWF4Fo8RCOoewkD0jplfOA6xUwcoiZEEu541eoqs7VNLwYev_Eq-9jjR0Io0-EvLX5hLCoENYCq3Eqjvy-pDKR1_7QvfJ9KPq9-DbONh9Xa2X-xarbFMzaomZppPTVilvMukeylR5DsegVXdHGKWAp6_yqplFol2RJ8qzRpiZsxt4tIpxm_L2JkQZPfaMtQb-IY5HJuDBXuEHjapNNnxe05RNFUnh8O6F3BmunWGM8rJP0mibkjTcvm61z97ejjpJQHtZSo3Es7f8g7qTCBJW-sUe8I7XnWsThgmOMt1Ojo4e8nEu5P99nZr4FCrdXT-0NeGc9N1lz1G6fDkHeeQ8bYH4FzO
date
Tue, 29 Sep 2020 20:23:08 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=636d96b2-6dc3-4de8-b187-57cdfd7a0b43 fv=rjgErjnFrdU5qGEFqTaFqdwEpjY6vdw=; Expires=Wed, 29 Sep 2021 20:23:08 GMT; Max-Age=31536000; Domain=.witalfieldt.com; Path=/; Version=1
x-cache
Miss from cloudfront
via
1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
7tu2hokOwE6Jl0GTmU-fRFN4Az9jnYbLU_VJ15G7QquibMvx_s_38A==
RLRDTVH
rliyc.bifidavity.club/ Frame B1FF
Redirect Chain
  • https://witalfieldt.com/redirect?tid=885054&ref=encodeURI
  • https://rliyc.bifidavity.club/RLRDTVH?tag_id=885054&sub_id1=&sub_id2=4571381408177556218&cookie_id=02dd1a28-09b9-4fb9-84a1-91cf35c84a5c&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=htt...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rliyc.bifidavity.club/RLRDTVH?tag_id=885054&sub_id1=&sub_id2=4571381408177556218&cookie_id=02dd1a28-09b9-4fb9-84a1-91cf35c84a5c&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fwitalfieldt.com%2F%3Ftid%3D885054%26noocp%3D1&hop=7&geo=NL
Requested by
Host: streamsport.pro
URL: http://streamsport.pro/ads/loading.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.86.219.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-219-129.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

:method
GET
:authority
rliyc.bifidavity.club
:scheme
https
:path
/RLRDTVH?tag_id=885054&sub_id1=&sub_id2=4571381408177556218&cookie_id=02dd1a28-09b9-4fb9-84a1-91cf35c84a5c&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fwitalfieldt.com%2F%3Ftid%3D885054%26noocp%3D1&hop=7&geo=NL
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://streamsport.pro/ads/loading.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://streamsport.pro/ads/loading.html

Response headers

status
200
content-type
text/html; charset=utf-8
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET, POST
access-control-allow-headers
X-Requested-With,content-type
etag
W/"31e7-+ypdUJw9yFLlffJDQCqarHAtKX4"
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

status
302
content-type
text/plain
content-length
0
location
https://rliyc.bifidavity.club/RLRDTVH?tag_id=885054&sub_id1=&sub_id2=4571381408177556218&cookie_id=02dd1a28-09b9-4fb9-84a1-91cf35c84a5c&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fwitalfieldt.com%2F%3Ftid%3D885054%26noocp%3D1&hop=7&geo=NL
date
Tue, 29 Sep 2020 20:23:07 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=02dd1a28-09b9-4fb9-84a1-91cf35c84a5c fv=rjgErjnFrdU5qGEFqTaFqdwEpjY6vdw=; Expires=Wed, 29 Sep 2021 20:23:07 GMT; Max-Age=31536000; Domain=.witalfieldt.com; Path=/; Version=1
x-cache
Miss from cloudfront
via
1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
mZr9kaHFAp07mxabyiqhExdULppQLHMsi-7MXtfZZ17tNoc3hggeKg==
Cookie set 16184
producebreed.com/iwsDJoirkdASyL/ Frame 4B48 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://producebreed.com/iwsDJoirkdASyL/16184
Requested by
Host: streamsport.pro
URL: http://streamsport.pro/ads/loading.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
51.178.66.34 , France, ASN16276 (OVH, FR),
Reverse DNS
eu6.app6.gglx.me
Software
nginx /
Resource Hash

Request headers

Host
producebreed.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://streamsport.pro/ads/loading.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://streamsport.pro/ads/loading.html

Response headers

Server
nginx
Date
Tue, 29 Sep 2020 20:23:07 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
Set-Cookie
GL_UI4=eJw9jb1ugzAYRYkJhDYK0pV4AB4BAmmSsepcdcjSDdn4c0ICfJHt%2Fr19rQ5d7j3DkU4URaJYI%2F6QO5T72phdS0prVVN1rIwy9b7RxyfaNu22P%2BBhcJ2XaiS%2FRKKsnPUGycSaxg1WyvKXI1vEWM5yIqQvF8vhk0le2UIcmoDDHHBRQbAr4jxF9ir78u1UvucZRF3lj2FbrO%2Bj9Ibt1A06FUjOVmrC4hlZLz2d2f5gpcndPN8BHnX37%2F%2BVY3bfSDV9Dn3Is7%2BQ%2FQXnBj7r; expires=Wed, 30-Sep-2020 20:23:07 GMT; Max-Age=86400; path=/ GL_GI10=eJxNjN0KgkAQRs1Kkv4Y6AF6gQylstuoiy7Mmx5gMR1tQXdkd4Ls6bOC6u5w5jtjWZY9G4Mta5j427UX%2BIHnh763CaFbIIEdRzBK6aZYN0IlFcIwRr6iLhOVGXA0FpJUOzvC8MMipQyhH0eLP%2FcuxzFpvs6PVL5i6KWSG3B3lWHUWVKB%2BxKffNTmv0NXmhoGp2AVziPOwFXIwtSILe6TS4nLwzmCyde%2BXzgdGEgjak33puUpywofpFBQnhtkx34CqHlK7A%3D%3D; expires=Wed, 30-Sep-2020 20:23:07 GMT; Max-Age=86400; path=/
Content-Encoding
gzip
Vary
Accept-Encoding
Cookie set 16184
producebreed.com/iwsDJoirkdASyL/ Frame B301 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://producebreed.com/iwsDJoirkdASyL/16184
Requested by
Host: streamsport.pro
URL: http://streamsport.pro/ads/loading.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
51.178.66.34 , France, ASN16276 (OVH, FR),
Reverse DNS
eu6.app6.gglx.me
Software
nginx /
Resource Hash

Request headers

Host
producebreed.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://streamsport.pro/ads/loading.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://streamsport.pro/ads/loading.html

Response headers

Server
nginx
Date
Tue, 29 Sep 2020 20:23:07 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
Set-Cookie
GL_UI4=eJw9jb1ugzAYRYkJhDYK0pV4AB4BAmmSsepcdcjSDdn4c0ICfJHt%2Fr19rQ5d7j3DkU4URaJYI%2F6QO5T72phdS0prVVN1rIwy9b7RxyfaNu22P%2BBhcJ2XaiS%2FRKKsnPUGycSaxg1WyvKXI1vEWM5yIqQvF8vhk0le2UIcmoDDHHBRQbAr4jxF9ir78u1UvucZRF3lj2FbrO%2Bj9Ibt1A06FUjOVmrC4hlZLz2d2f5gpcndPN8BHnX37%2F%2BVY3bfSDV9Dn3Is7%2BQ%2FQXnBj7r; expires=Wed, 30-Sep-2020 20:23:07 GMT; Max-Age=86400; path=/ GL_GI10=eJxNjN0KgkAQRs1Kkv4Y6AF6gQylstuoiy7Mmx5gMR1tQXdkd4Ls6bOC6u5w5jtjWZY9G4Mta5j427UX%2BIHnh763CaFbIIEdRzBK6aZYN0IlFcIwRr6iLhOVGXA0FpJUOzvC8MMipQyhH0eLP%2FcuxzFpvs6PVL5i6KWSG3B3lWHUWVKB%2BxKffNTmv0NXmhoGp2AVziPOwFXIwtSILe6TS4nLwzmCyde%2BXzgdGEgjak33puUpywofpFBQnhtkx34CqHlK7A%3D%3D; expires=Wed, 30-Sep-2020 20:23:07 GMT; Max-Age=86400; path=/
Content-Encoding
gzip
Vary
Accept-Encoding
Cookie set 16184
squawcubesfry.com/iiCQmJYGJE7cXkDS/ Frame F6D1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://squawcubesfry.com/iiCQmJYGJE7cXkDS/16184
Requested by
Host: streamsport.pro
URL: http://streamsport.pro/ads/loading.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
172.255.6.251 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
squawcubesfry.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://streamsport.pro/ads/loading.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://streamsport.pro/ads/loading.html

Response headers

Server
nginx
Date
Tue, 29 Sep 2020 20:23:07 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
Set-Cookie
GL_UI4=eJw9jb1ugzAYRYkJhDYK0pV4AB4BAmmSsepcdcjSDdn4c0ICfJHt%2Fr19rQ5d7j3DkU4URaJYI%2F6QO5T72phdS0prVVN1rIwy9b7RxyfaNu22P%2BBhcJ2XaiS%2FRKKsnPUGycSaxg1WyvKXI1vEWM5yIqQvF8vhk0le2UIcmoDDHHBRQbAr4jxF9ir78u1UvucZRF3lj2FbrO%2Bj9Ibt1A06FUjOVmrC4hlZLz2d2f5gpcndPN8BHnX37%2F%2BVY3bfSDV9Dn3Is7%2BQ%2FQXnBj7r; expires=Wed, 30-Sep-2020 20:23:07 GMT; Max-Age=86400; path=/ GL_GI10=eJxNjN0KgkAQRs1Kkv4Y6AF6gQylstuoiy7Mmx5gMR1tQXdkd4Ls6bOC6u5w5jtjWZY9G4Mta5j427UX%2BIHnh763CaFbIIEdRzBK6aZYN0IlFcIwRr6iLhOVGXA0FpJUOzvC8MMipQyhH0eLP%2FcuxzFpvs6PVL5i6KWSG3B3lWHUWVKB%2BxKffNTmv0NXmhoGp2AVziPOwFXIwtSILe6TS4nLwzmCyde%2BXzgdGEgjak33puUpywofpFBQnhtkx34CqHlK7A%3D%3D; expires=Wed, 30-Sep-2020 20:23:07 GMT; Max-Age=86400; path=/
Content-Encoding
gzip
Vary
Accept-Encoding
Cookie set 16184
squawcubesfry.com/iiCQmJYGJE7cXkDS/ Frame 60B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://squawcubesfry.com/iiCQmJYGJE7cXkDS/16184
Requested by
Host: streamsport.pro
URL: http://streamsport.pro/ads/loading.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
172.255.6.251 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
squawcubesfry.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://streamsport.pro/ads/loading.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://streamsport.pro/ads/loading.html

Response headers

Server
nginx
Date
Tue, 29 Sep 2020 20:23:07 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
Set-Cookie
GL_UI4=eJw9jb1ugzAYRYkJhDYK0pV4AB4BAmmSsepcdcjSDdn4c0ICfJHt%2Fr19rQ5d7j3DkU4URaJYI%2F6QO5T72phdS0prVVN1rIwy9b7RxyfaNu22P%2BBhcJ2XaiS%2FRKKsnPUGycSaxg1WyvKXI1vEWM5yIqQvF8vhk0le2UIcmoDDHHBRQbAr4jxF9ir78u1UvucZRF3lj2FbrO%2Bj9Ibt1A06FUjOVmrC4hlZLz2d2f5gpcndPN8BHnX37%2F%2BVY3bfSDV9Dn3Is7%2BQ%2FQXnBj7r; expires=Wed, 30-Sep-2020 20:23:07 GMT; Max-Age=86400; path=/ GL_GI10=eJxNjN0KgkAQRs1Kkv4Y6AF6gQylstuoiy7Mmx5gMR1tQXdkd4Ls6bOC6u5w5jtjWZY9G4Mta5j427UX%2BIHnh763CaFbIIEdRzBK6aZYN0IlFcIwRr6iLhOVGXA0FpJUOzvC8MMipQyhH0eLP%2FcuxzFpvs6PVL5i6KWSG3B3lWHUWVKB%2BxKffNTmv0NXmhoGp2AVziPOwFXIwtSILe6TS4nLwzmCyde%2BXzgdGEgjak33puUpywofpFBQnhtkx34CqHlK7A%3D%3D; expires=Wed, 30-Sep-2020 20:23:07 GMT; Max-Age=86400; path=/
Content-Encoding
gzip
Vary
Accept-Encoding
2960
t5ytz24c5.com/i/ Frame E7A4
Redirect Chain
  • https://xml.fastdlr.com/redirect?feed=250834&auth=3kb84n
  • https://t5ytz24c5.com/i/2960?nsid=250834&partner_subid=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t5ytz24c5.com/i/2960?nsid=250834&partner_subid=
Requested by
Host: streamsport.pro
URL: http://streamsport.pro/ads/loading.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.208.7.132 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx-more /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Host
t5ytz24c5.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://streamsport.pro/ads/loading.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://streamsport.pro/ads/loading.html

Response headers

Date
Tue, 29 Sep 2020 20:23:07 GMT
Content-Type
text/html; charset=utf8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Server
nginx-more
Strict-Transport-Security
max-age=15768000
Content-Encoding
br

Redirect headers

Server
nginx
Date
Tue, 29 Sep 2020 20:23:08 GMT
Content-Length
0
Connection
keep-alive
Location
https://t5ytz24c5.com/i/2960?nsid=250834&partner_subid=
2960
t5ytz24c5.com/i/ Frame D696
Redirect Chain
  • https://xml.fastdlr.com/redirect?feed=250834&auth=3kb84n
  • https://t5ytz24c5.com/i/2960?nsid=250834&partner_subid=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t5ytz24c5.com/i/2960?nsid=250834&partner_subid=
Requested by
Host: streamsport.pro
URL: http://streamsport.pro/ads/loading.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.208.7.132 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx-more /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Host
t5ytz24c5.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://streamsport.pro/ads/loading.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://streamsport.pro/ads/loading.html

Response headers

Date
Tue, 29 Sep 2020 20:23:07 GMT
Content-Type
text/html; charset=utf8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Server
nginx-more
Strict-Transport-Security
max-age=15768000
Content-Encoding
br

Redirect headers

Server
nginx
Date
Tue, 29 Sep 2020 20:23:08 GMT
Content-Length
0
Connection
keep-alive
Location
https://t5ytz24c5.com/i/2960?nsid=250834&partner_subid=
test-ad.html
1123movies.to/ Frame 5C95 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://1123movies.to/test-ad.html
Requested by
Host: streamsport.pro
URL: http://streamsport.pro/ads/loading.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:b3be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;connect-src *
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

:method
GET
:authority
1123movies.to
:scheme
https
:path
/test-ad.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://streamsport.pro/ads/loading.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://streamsport.pro/ads/loading.html

Response headers

status
200
date
Tue, 29 Sep 2020 20:23:07 GMT
content-type
text/html
set-cookie
__cfduid=d9c1102d1374ca647b0daf09ca1ca88df1601410987; expires=Thu, 29-Oct-20 20:23:07 GMT; path=/; domain=.1123movies.to; HttpOnly; SameSite=Lax
last-modified
Wed, 16 Sep 2020 04:30:51 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1;mode=block
content-security-policy
upgrade-insecure-requests;connect-src *
cache-control
max-age=2678400
cf-cache-status
HIT
age
2433
cf-request-id
057d218f25000096bc6a945200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5da86b91dbf496bc-FRA
content-encoding
br
admaven.html
sportlive.site/ Frame 396D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://sportlive.site/admaven.html
Requested by
Host: streamsport.pro
URL: http://streamsport.pro/ads/loading.html
Protocol
HTTP/1.1
Server
185.63.253.110 Amsterdam, Netherlands, ASN134512 (HWSPL-AS-AP HostPalace Web Solution PVT LTD, IN),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
sportlive.site
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://streamsport.pro/ads/loading.html
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://streamsport.pro/ads/loading.html

Response headers

Server
nginx
Date
Tue, 29 Sep 2020 20:47:19 GMT
Content-Type
text/html
Last-Modified
Sat, 19 Sep 2020 16:54:07 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
ETag
W/"5f6637af-154a"
Content-Encoding
gzip
log
rtb.us4post.com/ Frame EF63
Redirect Chain
  • https://witalfieldt.com/redirect?tid=899427&ref=encodeURI
  • https://rtb.us4post.com/log?action=click&key=2418-2418-4-d3da2b52-4815-36ab-fc7f-a135c246e5c4&strategy=475208&ts=1601410987944
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.us4post.com/log?action=click&key=2418-2418-4-d3da2b52-4815-36ab-fc7f-a135c246e5c4&strategy=475208&ts=1601410987944
Requested by
Host: streamsport.pro
URL: http://streamsport.pro/ads/loading.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
38.140.142.154 Fort Lauderdale, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash

Request headers

:method
GET
:authority
rtb.us4post.com
:scheme
https
:path
/log?action=click&key=2418-2418-4-d3da2b52-4815-36ab-fc7f-a135c246e5c4&strategy=475208&ts=1601410987944
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://streamsport.pro/ads/loading.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://streamsport.pro/ads/loading.html

Response headers

status
200
server
openresty/1.15.8.3
date
Tue, 29 Sep 2020 20:23:08 GMT
content-type
text/html;charset=UTF-8
content-length
3765
set-cookie
platform_user_id=desktop:4345a19d538aaec927509bfa3e90da90

Redirect headers

status
302
content-type
text/plain
content-length
0
location
https://rtb.us4post.com/log?action=click&key=2418-2418-4-d3da2b52-4815-36ab-fc7f-a135c246e5c4&strategy=475208&ts=1601410987944
date
Tue, 29 Sep 2020 20:23:08 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=a0e70f0d-4090-44ab-9b8c-7d815802dbe9 fv=rjgErjnFrdU5qGEFqTaFqdwEpjY6vdw=; Expires=Wed, 29 Sep 2021 20:23:08 GMT; Max-Age=31536000; Domain=.witalfieldt.com; Path=/; Version=1
x-cache
Miss from cloudfront
via
1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
9jxdkA81ay9FU-Du_MjODKXMBnG3oDLOT3K308BZplqhwyun6VXaxQ==
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: streamsport.pro
URL: http://streamsport.pro/ads/loading.html
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer
http://streamsport.pro/ads/loading.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 29 Sep 2020 20:13:17 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Apr 2020 10:44:16 GMT
X-CDN-Pop-IP
137.74.120.32/27
ETag
"-375139978"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
33186
Content-Type
text/javascript
X-CDN-Pop
sbg
Accept-Ranges
bytes
Content-Length
4547
X-Request-ID
620954034
0.php
s4.histats.com/stats/ 		52 B
323 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?3930687&@f16&@g1&@h1&@i1&@j1601410987821&@k0&@l1&@mHistats&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:114151644&@b3:1601410988&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fstreamsport.pro%2Fads%2Floading.html&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.28 Richmond Hill, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns523448.ip-192-99-8.net
Software
/
Resource Hash
0c03dff82376069525165234bac07fe03c7ab04806c27f5060df3fe33dcb7f42

Request headers

Referer
http://streamsport.pro/ads/loading.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 29 Sep 2020 20:23:08 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| timedRefresh number| prevent_bust object| _Hasync object| __cfQR function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues boolean| __cfRLUnblockHandlers

18 Cookies

Domain/Path Name / Value
.worldofwarships.eu/ Name: _ym_d
Value: 1601410990
.worldofwarships.eu/ Name: _ym_uid
Value: 1601410990164912475
.aliexpress.com/ Name: aep_usuc_f
Value: site=nld&c_tp=USD&region=US&b_locale=nl_NL
.aliexpress.com/ Name: aeu_cid
Value: 85add5340d4d44f3b39c6222a9693a02-1601410990578-04927-_d7pZ6Rv
.worldofwarships.eu/ Name: _ym_visorc_45727869
Value: b
.aliexpress.com/ Name: xman_t
Value: L86M9RVNTCFQdfCO/LIUKuuN/cTnictqZM0QieCTWLRI80pI5GCdlXXcXdGCt34t
.aliexpress.com/ Name: xman_us_f
Value: x_locale=nl_NL&x_l=0&x_c_chg=1&x_as_i=%7B%22aeuCID%22%3A%2285add5340d4d44f3b39c6222a9693a02-1601410990578-04927-_d7pZ6Rv%22%2C%22affiliateKey%22%3A%22_d7pZ6Rv%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%22726927582%22%2C%22tagtime%22%3A1601410990578%7D&acs_rt=1e3ad724133f4212b22374db8e984187
streamsport.pro/ Name: HstCns3930687
Value: 1
streamsport.pro/ Name: HstCla3930687
Value: 1601410987821
streamsport.pro/ Name: HstCnv3930687
Value: 1
streamsport.pro/ Name: HstPt3930687
Value: 1
streamsport.pro/ Name: HstCmu3930687
Value: 1601410987821
.aliexpress.com/ Name: acs_usuc_t
Value: x_csrf=yqdr8bws8y56&acs_rt=1e3ad724133f4212b22374db8e984187
.worldofwarships.eu/ Name: _ym_isad
Value: 2
.aliexpress.com/ Name: xman_f
Value: JjoCKnqhvIhVrkJg2m9gwAswiihmDxGr++t7PMVm3wIkMeOm2DaQ9mREwnSE3r+piJcd52Ci2CLguKyiIDba4cUidn+RxnNAA9aWYu+spVg7sIbyMwF2UA==
streamsport.pro/ Name: HstCfa3930687
Value: 1601410987821
streamsport.pro/ Name: HstPn3930687
Value: 1
.streamsport.pro/ Name: __cfduid
Value: dfc8320f20f2b45f78283ab9e809cc31d1601410987