aw-live.cf Open in urlscan Pro
2400:cb00:2048:1::6818:7e43 Public Scan

URL:
http://aw-live.cf/ch11.html
Submission: On July 02 via manual (July 2nd 2018, 3:01:04 pm UTC) from CA

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 10 domains to perform 27 HTTP transactions. The main IP is 2400:cb00:2048:1::6818:7e43, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is aw-live.cf.

This is the only time aw-live.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2400:cb00:204... 2400:cb00:2048:1::6818:7e43	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	195.181.175.7 195.181.175.7	60068 (CDN77) (CDN77)
1	2400:cb00:204... 2400:cb00:2048:1::6818:7f43	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	184.173.167.98 184.173.167.98	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1 1	78.140.191.84 78.140.191.84	35415 (WEBZILLA) (WEBZILLA)
1	188.42.162.189 188.42.162.189	35415 (WEBZILLA) (WEBZILLA)
1	188.72.202.124 188.72.202.124	35415 (WEBZILLA) (WEBZILLA)
1	216.21.13.10 216.21.13.10	53334 (TUT-AS) (TUT-AS - Total Uptime Technologies)
4	188.72.213.137 188.72.213.137	35415 (WEBZILLA) (WEBZILLA)
2	2400:cb00:204... 2400:cb00:2048:1::6811:a7ba	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	94.31.29.138 94.31.29.138	54104 (AS-STACKPATH) (AS-STACKPATH - netDNA)
9	185.21.217.34 185.21.217.34	200052 (FERAL Fer...) (FERAL Feral Hosting)
27	13

2 2400:cb00:2048:1::6818:7e43 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

aw-live.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.181.175.7 (United Kingdom)

ASN60068 (CDN77, GB)

c1.popads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::6818:7f43 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

aw-live.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.173.167.98 (Chantilly, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 62.a7.adb8.ip4.static.sl-reverse.com

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.140.191.84 (Netherlands) 1 redirects

ASN35415 (WEBZILLA, NL)

go.oclasrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.162.189 (Luxembourg)

ASN35415 (WEBZILLA, NL)

cobalten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.72.202.124 (Netherlands)

ASN35415 (WEBZILLA, NL)

basepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.21.13.10 (United States)

ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US)

serve.popads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.72.213.137 (Netherlands)

ASN35415 (WEBZILLA, NL)

pushwhy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:cb00:2048:1::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.31.29.138 (United Kingdom)

ASN54104 (AS-STACKPATH - netDNA, US)
PTR: 94.31.29.138.IPYX-077437-ZYO.above.net

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.21.217.34 (United Kingdom)

ASN200052 (FERAL Feral Hosting, GB)
PTR: thisis.feralhosting.com

lhr-1.firstonetv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	firstonetv.net lhr-1.firstonetv.net	1 MB
4	pushwhy.com pushwhy.com	2 KB
3	aw-live.cf aw-live.cf	186 KB
2	jsdelivr.net cdn.jsdelivr.net	159 KB
2	adsco.re c.adsco.re 6.adsco.re	11 KB
2	histats.com s10.histats.com s4.histats.com	5 KB
2	popads.net c1.popads.net serve.popads.net	29 KB
1	basepush.com basepush.com	58 KB
1	cobalten.com cobalten.com	2 KB
1	oclasrv.com 1 redirects go.oclasrv.com	305 B
27	10

	Domain	Requested by
9	lhr-1.firstonetv.net	cdn.jsdelivr.net
4	pushwhy.com	basepush.com aw-live.cf
3	aw-live.cf	aw-live.cf
2	cdn.jsdelivr.net	aw-live.cf
1	6.adsco.re	aw-live.cf
1	c.adsco.re	serve.popads.net
1	serve.popads.net	c1.popads.net
1	basepush.com	aw-live.cf
1	cobalten.com	aw-live.cf
1	go.oclasrv.com	1 redirects
1	s4.histats.com	s10.histats.com
1	s10.histats.com	aw-live.cf
1	c1.popads.net	aw-live.cf
27	13

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 3 frames:

Primary Page: http://aw-live.cf/ch11.html
Frame ID: A515B2EE18702C7328F84FDAC5ADC448
Requests: 14 HTTP requests in this frame

Frame: http://aw-live.cf/ch/ch11.html
Frame ID: 2E22D7DBE86B36AA53A55CFB9A1D9391
Requests: 14 HTTP requests in this frame

Frame: data://truncated
Frame ID: C7D997607CCF23146E46FA4C7BFC8243
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Page Statistics

27
Requests

0 %
HTTPS

23 %
IPv6

10
Domains

13
Subdomains

13
IPs

5
Countries

1984 kB
Transfer

2617 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://go.oclasrv.com/apu.php?zoneid=1745614 HTTP 302
http://cobalten.com/apu.php?zoneid=1745614

27 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set ch11.html Show response
aw-live.cf/ 42 KB
16 KB 348ms
342ms Document
text/html 2400:cb00:2048:1::6818:7e43
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://aw-live.cf/ch11.html
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::6818:7e43 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e5ab6a7647d46e25cf34439779cd85985be0be71b0134a12761e9f431fff5cf

Request headers

Host: aw-live.cf
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: A515B2EE18702C7328F84FDAC5ADC448

Response headers

Date: Mon, 02 Jul 2018 15:00:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dccd446310fb3cc19896f148b8c506b301530543650; expires=Tue, 02-Jul-19 15:00:50 GMT; path=/; domain=.aw-live.cf; HttpOnly
Last-Modified: Sun, 01 Jul 2018 13:53:55 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4341fbf665a3bea8-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK pop.js Show response
c1.popads.net/ 68 KB
28 KB 15ms
8ms Script
application/javascript 195.181.175.7
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: http://c1.popads.net/pop.js
Requested by: Host: aw-live.cf
URL: http://aw-live.cf/ch11.html
Protocol: HTTP/1.1
Server: 195.181.175.7 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fefc31fe8b6a75aa50147bc062e2ed750e20c8d78fb24a02342c17f15f2f261a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://aw-live.cf/ch11.html
Origin: http://aw-live.cf

Response headers

Date: Mon, 02 Jul 2018 15:00:50 GMT
Content-Encoding: gzip
Last-Modified: Sun, 15 Apr 2018 14:16:47 GMT
Server: CDN77-Turbo
X-Edge-Location: frankfurtDE
ETag: W/"5ad35ecf-1108b"
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-Edge-IP: 195.181.175.2
Connection: keep-alive
X-Age: 218
Expires: Mon, 09 Jul 2018 14:57:12 GMT

GET
H/1.1 200
OK ch11.html Show response
aw-live.cf/ch/ Frame 2E22 848 B
849 B 335ms
330ms Document
text/html 2400:cb00:2048:1::6818:7f43
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://aw-live.cf/ch/ch11.html
Requested by: Host: aw-live.cf
URL: http://aw-live.cf/ch11.html
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::6818:7f43 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac2664f49c75a002d1e67d4d0b30dcc574345ffadc1c2622bce4a96be9d4acc6

Request headers

Host: aw-live.cf
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://aw-live.cf/ch11.html
Accept-Encoding: gzip, deflate
Cookie: __cfduid=dccd446310fb3cc19896f148b8c506b301530543650
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: A515B2EE18702C7328F84FDAC5ADC448
Referer: http://aw-live.cf/ch11.html

Response headers

Date: Mon, 02 Jul 2018 15:00:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 02 Jul 2018 11:36:48 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4341fbf8a337269c-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK js15_as.js Show response
s10.histats.com/ 10 KB
4 KB 18ms
9ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15_as.js
Requested by: Host: aw-live.cf
URL: http://aw-live.cf/ch11.html
Protocol: HTTP/1.1
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: cba2dd9d00ef6c95d4cb86a6c42e8f86d0935e0276348138f47e8f787107d560

Request headers

Referer: http://aw-live.cf/ch11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 02 Jul 2018 14:58:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jun 2017 15:26:33 GMT
X-CDN-Pop-IP: 137.74.120.32/27
ETag: "1262556565"
X-Cacheable: Matched cache
Vary: Accept-Encoding
X-IPLB-Instance: 4760
Content-Type: text/javascript
X-CDN-Pop: sbg
Accept-Ranges: bytes
Content-Length: 4243

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
322 B 194ms
101ms Script
text/html 184.173.167.98
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: http://s4.histats.com/stats/0.php?3989073&@f16&@g1&@h1&@i1&@j1530543650681&@k0&@l1&@mWENGER%20ONLINE%2011&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@vhttp%3A%2F%2Faw-live.cf%2Fch11.html&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Server: 184.173.167.98 Chantilly, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 62.a7.adb8.ip4.static.sl-reverse.com
Software: /
Resource Hash: 25f9d510e6e043c8e39fe3f55b6e230fc989af47a9d50ad02b2da0fd919e4ab5

Request headers

Referer: http://aw-live.cf/ch11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 02 Jul 2018 15:00:50 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H/1.1

200
OK

apu.php Show response
cobalten.com/
Redirect Chain

http://go.oclasrv.com/apu.php?zoneid=1745614
http://cobalten.com/apu.php?zoneid=1745614

1 KB
2 KB

170ms
156ms

Script
application/x-javascript

188.42.162.189
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

http://cobalten.com/apu.php?zoneid=1745614

Requested by

Host: aw-live.cf
URL: http://aw-live.cf/ch11.html

Protocol

HTTP/1.1

Server

188.42.162.189 , Luxembourg, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

187315db6ba2bab1857b3ca42e6490bb5a57e9a4a307ac3d5d54c42f24c1b576

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://aw-live.cf/ch11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Jul 2018 15:00:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Timing-Allow-Origin: *, *
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, max-age=0, no-cache
Strict-Transport-Security: max-age=1
Content-Type: application/x-javascript
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 02 Jul 2018 15:00:50 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: text/html
Location: http://cobalten.com/apu.php?zoneid=1745614
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 154

GET
H/1.1 200
OK ntfc.php Show response
basepush.com/ 142 KB
58 KB 36ms
23ms Script
application/javascript 188.72.202.124
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

http://basepush.com/ntfc.php?p=1745613

Requested by

Host: aw-live.cf
URL: http://aw-live.cf/ch11.html

Protocol

HTTP/1.1

Server

188.72.202.124 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

1c84d9738b63632635d0ade3ba59d7d5fe6988b4cc39bca5d816fa5ad3f51bac

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://aw-live.cf/ch11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Jul 2018 15:00:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Timing-Allow-Origin: *, *
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, max-age=0, no-cache
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK weng.png
aw-live.cf/images/ 168 KB
169 KB 11ms
11ms Image
image/png 2400:cb00:2048:1::6818:7e43
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aw-live.cf/images/weng.png
Requested by: Host: aw-live.cf
URL: http://aw-live.cf/ch11.html
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::6818:7e43 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebfb3d5d92b6ae173bc13eb2b1b6f98b0675a957ad6e38279edeb8b0728c6c93

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: aw-live.cf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://aw-live.cf/ch11.html
Cookie: __cfduid=dccd446310fb3cc19896f148b8c506b301530543650; HstCfa3989073=1530543650681; HstCla3989073=1530543650681; HstCmu3989073=1530543650681; HstPn3989073=1; HstPt3989073=1; HstCnv3989073=1; HstCns3989073=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://aw-live.cf/ch11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 02 Jul 2018 15:00:50 GMT
CF-Cache-Status: HIT
Last-Modified: Mon, 11 Jun 2018 15:58:01 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4341fbf986e6bea8-FRA
Content-Length: 172493
Expires: Mon, 02 Jul 2018 19:00:50 GMT

GET
H/1.1 200
OK c Show response
serve.popads.net/ 239 B
777 B 152ms
139ms Script
text/javascript 216.21.13.10
Total Uptime Tech...

General

Check archive.org

Show headers Download Go to

Full URL: http://serve.popads.net/c?r=1530543650&v=3&siteId=2602048&minBid=0.001&popundersPerIP=&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200
Requested by: Host: c1.popads.net
URL: http://c1.popads.net/pop.js
Protocol: HTTP/1.1
Server: 216.21.13.10 , United States, ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US),
Reverse DNS
Software: /
Resource Hash: 4df277c12ec094b24c05c42caa9edd9f9686ddc7ef645504a0152020a069040e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://aw-live.cf/ch11.html
Origin: http://aw-live.cf

Response headers

Pragma: no-cache
Date: Mon, 02 Jul 2018 15:00:50 GMT
Access-Control-Allow-Origin: *
Content-Type: text/javascript;charset=UTF-8
PopAds-EC: GIID
Cache-Control: private, no-store, no-cache, must-revalidate, no-transform, max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 239

OPTIONS
H/1.1 204
No Content custom Show response
pushwhy.com/ 0
340 B 56ms
12ms XHR
text/plain 188.72.213.137
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://pushwhy.com/custom

Requested by

Host: basepush.com
URL: http://basepush.com/ntfc.php?p=1745613

Protocol

HTTP/1.1

Server

188.72.213.137 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Access-Control-Request-Method: POST
Origin: http://aw-live.cf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Mon, 02 Jul 2018 15:00:45 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Origin: http://aw-live.cf
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

POST
H/1.1 200
OK custom Show response
pushwhy.com/ 38 B
437 B 13ms
12ms XHR
application/json 188.72.213.137
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://pushwhy.com/custom

Requested by

Host: aw-live.cf
URL: http://aw-live.cf/ch11.html

Protocol

HTTP/1.1

Server

188.72.213.137 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

304fbd687c9b643bc952d93966b7afd853255ee039f8333da2752b226ed0709c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://aw-live.cf/ch11.html
Origin: http://aw-live.cf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type: application/json

Response headers

Date: Mon, 02 Jul 2018 15:00:45 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://aw-live.cf
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 38

GET
H/1.1 200
OK / Show response
c.adsco.re/ 31 KB
10 KB 22ms
11ms Script
text/html 2400:cb00:2048:1::6811:a7ba
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://c.adsco.re/
Requested by: Host: serve.popads.net
URL: http://serve.popads.net/c?r=1530543650&v=3&siteId=2602048&minBid=0.001&popundersPerIP=&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::6811:a7ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e006d2e9f1d32a255c25439d8a537cc255f11ff29c5487123b5abc7df417add

Request headers

Referer: http://aw-live.cf/ch11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 02 Jul 2018 15:00:50 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
ETag: "P8rq4XAciB4wFvuIzU+3Sw=="
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: max-age=259200,public,immutable
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4341fbfaa523bf20-FRA
Link: <//adsco.re>;rel=preconnect,<//6.adsco.re>;rel=prefetch
Expires: Thu, 05 Jul 2018 10:40:34 GMT

GET
H/1.1 200
OK /
6.adsco.re/ 0
446 B 24ms
10ms Other
text/plain 2400:cb00:2048:1::6811:a7ba
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://6.adsco.re/
Requested by: Host: aw-live.cf
URL: http://aw-live.cf/ch11.html
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::6811:a7ba , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Purpose: prefetch
Referer: http://aw-live.cf/ch11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 02 Jul 2018 15:00:51 GMT
Content-Encoding: gzip
Server: cloudflare
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=600,public,immutable
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4341fbfac535bf20-FRA

GET
S 200 clappr.min.js Show response
cdn.jsdelivr.net/clappr/latest/ Frame 2E22 517 KB
127 KB 48ms
15ms Script
application/javascript 94.31.29.138
netDNA

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/clappr/latest/clappr.min.js

Requested by

Host: aw-live.cf
URL: http://aw-live.cf/ch/ch11.html

Protocol

SPDY

Server

94.31.29.138 , United Kingdom, ASN54104 (AS-STACKPATH - netDNA, US),

Reverse DNS

94.31.29.138.IPYX-077437-ZYO.above.net

Software

NetDNA-cache/2.2 /

Resource Hash

cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://aw-live.cf/ch/ch11.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 02 Jul 2018 15:00:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: NetDNA-cache/2.2
status: 200
etag: W/"8156e-D6xFiaxzMytsrOCcfMOmYtKY+qo"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
x-served-by: cache-ams4121-AMS, cache-hhn1522-HHN

GET
DATA 200
OK truncated
/ Frame 2E22 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
S 200 38861cba61c66739c1452c3a71e39852.ttf
cdn.jsdelivr.net/clappr/latest/ Frame 2E22 32 KB
32 KB 29ms
11ms Font
font/ttf 94.31.29.138
netDNA

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/clappr/latest/38861cba61c66739c1452c3a71e39852.ttf

Requested by

Host: aw-live.cf
URL: http://aw-live.cf/ch/ch11.html

Protocol

SPDY

Server

94.31.29.138 , United Kingdom, ASN54104 (AS-STACKPATH - netDNA, US),

Reverse DNS

94.31.29.138.IPYX-077437-ZYO.above.net

Software

NetDNA-cache/2.2 /

Resource Hash

967e5cecfbfbf64099c3c1232273482dd7436f05714266953c4d2c8ee9c28af5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://aw-live.cf/ch/ch11.html
Origin: http://aw-live.cf

Response headers

date: Mon, 02 Jul 2018 15:00:51 GMT
x-content-type-options: nosniff
server: NetDNA-cache/2.2
status: 200
etag: "7f8c-Sx71jkdreJyXUhg0q996L9ZtbK8"
vary: Accept-Encoding
x-cache: HIT
content-type: font/ttf
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
content-length: 32652
x-served-by: cache-ams4144-AMS, cache-hhn1528-HHN

GET
S 200 687474703a2f2f3138352d35392d3232312d3135332e6d6264722e63662f7032702f34306265616366303166383532313630653064336366316439363234343965362e6d3375383f73743d54736f6a486d6d53775147655a6a4149364b46725951266... Show response
lhr-1.firstonetv.net/hls/a19b414ed8dfbfb1cd938002e9d4be7e/1530560116/7b226970223a66616c73652c227561223a22416e64726f6964222c22726566223a22687474703a5c2f5c2f6d6f6264726f2e6d65227d/ Frame 2E22 5 KB
5 KB 187ms
37ms XHR
application/vnd.apple.mpegurl 185.21.217.34
FERAL Feral Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://lhr-1.firstonetv.net:4434/hls/a19b414ed8dfbfb1cd938002e9d4be7e/1530560116/7b226970223a66616c73652c227561223a22416e64726f6964222c22726566223a22687474703a5c2f5c2f6d6f6264726f2e6d65227d/687474703a2f2f3138352d35392d3232312d3135332e6d6264722e63662f7032702f34306265616366303166383532313630653064336366316439363234343965362e6d3375383f73743d54736f6a486d6d53775147655a6a4149364b4672595126653d31353330353734353136.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol: SPDY
Server: 185.21.217.34 , United Kingdom, ASN200052 (FERAL Feral Hosting, GB),
Reverse DNS: thisis.feralhosting.com
Software: nginx/1.10.3 /
Resource Hash: 08548da5ce15135e6981c86a95fc02b7a448fc8d8f45f2647ed2807ec2cc361f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://aw-live.cf/ch/ch11.html
Origin: http://aw-live.cf

Response headers

date: Mon, 02 Jul 2018 15:00:51 GMT
x-tm-3_1_0_0: 1530543651.3889
x-tm-2: 1530543651.3889
x-cache: MISS
status: 200
x-cachekey: f6578428cbe98bb48dc48304e903c76887b7b5a5f8a7e578491a52ca16ecd883
x-tm-4: 1530543651.4072
x-tm-1: 1530543651.3885
content-length: 4661
access-control-allow-headers: *
server: nginx/1.10.3
x-tm-3_1_0: 1530543651.3889
access-control-allow-methods: GET, POST
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-tm-3_1_1: 1530543651.4072
x-tm-3_1_0_1: 1530543651.4068
x-tm-3_1_0_2: 1530543651.4072

GET
S 200 687474703a2f2f3138352d35392d3232312d3135332e6d6264722e63662f7032702f34306265616366303166383532313630653064336366316439363234343965362e6d3375383f73743d54736f6a486d6d53775147655a6a4149364b46725951266... Show response
lhr-1.firstonetv.net/hls/a19b414ed8dfbfb1cd938002e9d4be7e/1530560116/7b226970223a66616c73652c227561223a22416e64726f6964222c22726566223a22687474703a5c2f5c2f6d6f6264726f2e6d65227d/ Frame 2E22 5 KB
5 KB 82ms
81ms XHR
application/vnd.apple.mpegurl 185.21.217.34
FERAL Feral Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://lhr-1.firstonetv.net:4434/hls/a19b414ed8dfbfb1cd938002e9d4be7e/1530560116/7b226970223a66616c73652c227561223a22416e64726f6964222c22726566223a22687474703a5c2f5c2f6d6f6264726f2e6d65227d/687474703a2f2f3138352d35392d3232312d3135332e6d6264722e63662f7032702f34306265616366303166383532313630653064336366316439363234343965362e6d3375383f73743d54736f6a486d6d53775147655a6a4149364b4672595126653d31353330353734353136.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol: SPDY
Server: 185.21.217.34 , United Kingdom, ASN200052 (FERAL Feral Hosting, GB),
Reverse DNS: thisis.feralhosting.com
Software: nginx/1.10.3 /
Resource Hash: 08548da5ce15135e6981c86a95fc02b7a448fc8d8f45f2647ed2807ec2cc361f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://aw-live.cf/ch/ch11.html
Origin: http://aw-live.cf

Response headers

date: Mon, 02 Jul 2018 15:00:51 GMT
x-tm-3_1_0_0: 1530543651.4278
x-tm-2: 1530543651.4278
x-cache: MISS
status: 200
x-cachekey: f6578428cbe98bb48dc48304e903c76887b7b5a5f8a7e578491a52ca16ecd883
x-tm-4: 1530543651.45
x-tm-1: 1530543651.4277
content-length: 4661
access-control-allow-headers: *
server: nginx/1.10.3
x-tm-3_1_0: 1530543651.4278
access-control-allow-methods: GET, POST
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-tm-3_1_1: 1530543651.45
x-tm-3_1_0_1: 1530543651.4494
x-tm-3_1_0_2: 1530543651.4499

GET
S 200 687474703a2f2f3138352d35392d3232312d3135332e6d6264722e63662f7032702f34306265616366303166383532313630653064336366316439363234343965362d33333632362e7473.ts Show response
lhr-1.firstonetv.net/hls/a19b414ed8dfbfb1cd938002e9d4be7e/1530560116/7b226970223a66616c73652c227561223a22416e64726f6964222c22726566223a22687474703a5c2f5c2f6d6f6264726f2e6d65227d/ Frame 2E22 339 KB
340 KB 17ms
16ms XHR
video/mp2t 185.21.217.34
FERAL Feral Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://lhr-1.firstonetv.net:4434/hls/a19b414ed8dfbfb1cd938002e9d4be7e/1530560116/7b226970223a66616c73652c227561223a22416e64726f6964222c22726566223a22687474703a5c2f5c2f6d6f6264726f2e6d65227d/687474703a2f2f3138352d35392d3232312d3135332e6d6264722e63662f7032702f34306265616366303166383532313630653064336366316439363234343965362d33333632362e7473.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol: SPDY
Server: 185.21.217.34 , United Kingdom, ASN200052 (FERAL Feral Hosting, GB),
Reverse DNS: thisis.feralhosting.com
Software: nginx/1.10.3 /
Resource Hash: 7d3b79f3a2c0877e2ca51abb2ca742a0e5e999a055819fcabe36137e0da6f8ca

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://aw-live.cf/ch/ch11.html
Origin: http://aw-live.cf

Response headers

date: Mon, 02 Jul 2018 15:00:51 GMT
x-tm-1: 1530543651.4317
x-tm-2: 1530543651.4318
x-cache: HIT
status: 200
x-tm-4: 1530543651.4321
content-length: 347048
server: nginx/1.10.3
x-cachekey: 495de19f9a129a3a86dd3ef5354e2fde1d12968a65650ccaccadaef971272299
access-control-allow-methods: GET, POST
content-type: video/MP2T
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-tm-3_0: 1530543651.4321
access-control-allow-headers: *

GET
BLOB 200
OK a286ed97-7f66-4c80-88fd-634ef71c767e
http://aw-live.cf/ Frame 2E22 62 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://aw-live.cf/a286ed97-7f66-4c80-88fd-634ef71c767e
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81417b74939a2659fd39c755682d55284d3945e3cabce0d97128a4595bc5a282

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 63944
Content-Type: text/javascript

GET
S 200 687474703a2f2f3138352d35392d3232312d3135332e6d6264722e63662f7032702f34306265616366303166383532313630653064336366316439363234343965362d33333632372e7473.ts Show response
lhr-1.firstonetv.net/hls/a19b414ed8dfbfb1cd938002e9d4be7e/1530560116/7b226970223a66616c73652c227561223a22416e64726f6964222c22726566223a22687474703a5c2f5c2f6d6f6264726f2e6d65227d/ Frame 2E22 334 KB
335 KB 15ms
15ms XHR
video/mp2t 185.21.217.34
FERAL Feral Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://lhr-1.firstonetv.net:4434/hls/a19b414ed8dfbfb1cd938002e9d4be7e/1530560116/7b226970223a66616c73652c227561223a22416e64726f6964222c22726566223a22687474703a5c2f5c2f6d6f6264726f2e6d65227d/687474703a2f2f3138352d35392d3232312d3135332e6d6264722e63662f7032702f34306265616366303166383532313630653064336366316439363234343965362d33333632372e7473.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol: SPDY
Server: 185.21.217.34 , United Kingdom, ASN200052 (FERAL Feral Hosting, GB),
Reverse DNS: thisis.feralhosting.com
Software: nginx/1.10.3 /
Resource Hash: e7a7d488910050c246c8ba1aef0dfb0cb2b8fb39e4be634dd9fa79c5479dd2c1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://aw-live.cf/ch/ch11.html
Origin: http://aw-live.cf

Response headers

date: Mon, 02 Jul 2018 15:00:51 GMT
x-tm-1: 1530543651.5529
x-tm-2: 1530543651.553
x-cache: HIT
status: 200
x-tm-4: 1530543651.5534
content-length: 342160
server: nginx/1.10.3
x-cachekey: c1b27d9891170eb0c31547afef4fd72f916fc91f926f15cf24a384c179ac50ae
access-control-allow-methods: GET, POST
content-type: video/MP2T
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-tm-3_0: 1530543651.5534
access-control-allow-headers: *

GET
S 200 687474703a2f2f3138352d35392d3232312d3135332e6d6264722e63662f7032702f34306265616366303166383532313630653064336366316439363234343965362d33333632382e7473.ts Show response
lhr-1.firstonetv.net/hls/a19b414ed8dfbfb1cd938002e9d4be7e/1530560116/7b226970223a66616c73652c227561223a22416e64726f6964222c22726566223a22687474703a5c2f5c2f6d6f6264726f2e6d65227d/ Frame 2E22 280 KB
281 KB 26ms
25ms XHR
video/mp2t 185.21.217.34
FERAL Feral Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://lhr-1.firstonetv.net:4434/hls/a19b414ed8dfbfb1cd938002e9d4be7e/1530560116/7b226970223a66616c73652c227561223a22416e64726f6964222c22726566223a22687474703a5c2f5c2f6d6f6264726f2e6d65227d/687474703a2f2f3138352d35392d3232312d3135332e6d6264722e63662f7032702f34306265616366303166383532313630653064336366316439363234343965362d33333632382e7473.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol: SPDY
Server: 185.21.217.34 , United Kingdom, ASN200052 (FERAL Feral Hosting, GB),
Reverse DNS: thisis.feralhosting.com
Software: nginx/1.10.3 /
Resource Hash: 869913ff7be98ee637b46a7f31deec3097a30a13e7419e2a26263713eb58838d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://aw-live.cf/ch/ch11.html
Origin: http://aw-live.cf

Response headers

date: Mon, 02 Jul 2018 15:00:51 GMT
x-tm-1: 1530543651.6337
x-tm-2: 1530543651.6344
x-cache: HIT
status: 200
x-tm-4: 1530543651.6357
content-length: 286700
server: nginx/1.10.3
x-cachekey: 2b5f1083f3df8d97648495aafb9d25d2d2b2048987329db1bfe6824a0cb00f9d
access-control-allow-methods: GET, POST
content-type: video/MP2T
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-tm-3_0: 1530543651.6357
access-control-allow-headers: *

GET
S 200 687474703a2f2f3138352d35392d3232312d3135332e6d6264722e63662f7032702f34306265616366303166383532313630653064336366316439363234343965362d33333632392e7473.ts Show response
lhr-1.firstonetv.net/hls/a19b414ed8dfbfb1cd938002e9d4be7e/1530560116/7b226970223a66616c73652c227561223a22416e64726f6964222c22726566223a22687474703a5c2f5c2f6d6f6264726f2e6d65227d/ Frame 2E22 294 KB
294 KB 15ms
15ms XHR
video/mp2t 185.21.217.34
FERAL Feral Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://lhr-1.firstonetv.net:4434/hls/a19b414ed8dfbfb1cd938002e9d4be7e/1530560116/7b226970223a66616c73652c227561223a22416e64726f6964222c22726566223a22687474703a5c2f5c2f6d6f6264726f2e6d65227d/687474703a2f2f3138352d35392d3232312d3135332e6d6264722e63662f7032702f34306265616366303166383532313630653064336366316439363234343965362d33333632392e7473.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol: SPDY
Server: 185.21.217.34 , United Kingdom, ASN200052 (FERAL Feral Hosting, GB),
Reverse DNS: thisis.feralhosting.com
Software: nginx/1.10.3 /
Resource Hash: 984dce110c207886c99a8e9b6d8cfa3f40b8235f68984eab0ba53b2d100805ad

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://aw-live.cf/ch/ch11.html
Origin: http://aw-live.cf

Response headers

date: Mon, 02 Jul 2018 15:00:51 GMT
x-tm-1: 1530543651.6684
x-tm-2: 1530543651.6685
x-cache: HIT
status: 200
x-tm-4: 1530543651.6689
content-length: 300612
server: nginx/1.10.3
x-cachekey: 7c1af9c2b2a34ab7a9096da0f5d70920987cb3fb593963e3efff1175edec1181
access-control-allow-methods: GET, POST
content-type: video/MP2T
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-tm-3_0: 1530543651.6689
access-control-allow-headers: *

OPTIONS
H/1.1 204
No Content custom Show response
pushwhy.com/ 0
340 B 12ms
12ms XHR
text/plain 188.72.213.137
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://pushwhy.com/custom

Requested by

Host: basepush.com
URL: http://basepush.com/ntfc.php?p=1745613

Protocol

HTTP/1.1

Server

188.72.213.137 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Access-Control-Request-Method: POST
Origin: http://aw-live.cf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Mon, 02 Jul 2018 15:00:46 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Origin: http://aw-live.cf
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
DATA 200
OK truncated
/ Frame C7D9 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9563fdc19456cd77d4a8726af68cd4909cc4031208bc2eecda0a75942deec403

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C7D9 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ad770f7303d5654daf4d143d7b1b3bb746700bc1333497c9744f4f03ce42b91

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml

POST
H/1.1 200
OK custom Show response
pushwhy.com/ 38 B
437 B 13ms
12ms XHR
application/json 188.72.213.137
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://pushwhy.com/custom

Protocol

HTTP/1.1

Server

188.72.213.137 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

304fbd687c9b643bc952d93966b7afd853255ee039f8333da2752b226ed0709c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://aw-live.cf/ch11.html
Origin: http://aw-live.cf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type: application/json

Response headers

Date: Mon, 02 Jul 2018 15:00:46 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://aw-live.cf
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 38

GET
S 200 687474703a2f2f3138352d35392d3232312d3135332e6d6264722e63662f7032702f34306265616366303166383532313630653064336366316439363234343965362e6d3375383f73743d54736f6a486d6d53775147655a6a4149364b46725951266... Show response
lhr-1.firstonetv.net/hls/a19b414ed8dfbfb1cd938002e9d4be7e/1530560116/7b226970223a66616c73652c227561223a22416e64726f6964222c22726566223a22687474703a5c2f5c2f6d6f6264726f2e6d65227d/ Frame 2E22 5 KB
5 KB 31ms
31ms XHR
application/vnd.apple.mpegurl 185.21.217.34
FERAL Feral Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://lhr-1.firstonetv.net:4434/hls/a19b414ed8dfbfb1cd938002e9d4be7e/1530560116/7b226970223a66616c73652c227561223a22416e64726f6964222c22726566223a22687474703a5c2f5c2f6d6f6264726f2e6d65227d/687474703a2f2f3138352d35392d3232312d3135332e6d6264722e63662f7032702f34306265616366303166383532313630653064336366316439363234343965362e6d3375383f73743d54736f6a486d6d53775147655a6a4149364b4672595126653d31353330353734353136.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol: SPDY
Server: 185.21.217.34 , United Kingdom, ASN200052 (FERAL Feral Hosting, GB),
Reverse DNS: thisis.feralhosting.com
Software: nginx/1.10.3 /
Resource Hash: c6441aa249f706fd8e855f93942723124838bd6c5d21ef4f2e07bf06dfc4c539

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://aw-live.cf/ch/ch11.html
Origin: http://aw-live.cf

Response headers

date: Mon, 02 Jul 2018 15:00:54 GMT
x-tm-3_1_0_0: 1530543654.4414
x-tm-2: 1530543654.4414
x-cache: MISS
status: 200
x-cachekey: f6578428cbe98bb48dc48304e903c76887b7b5a5f8a7e578491a52ca16ecd883
x-tm-4: 1530543654.4578
x-tm-1: 1530543654.4413
content-length: 4661
access-control-allow-headers: *
server: nginx/1.10.3
x-tm-3_1_0: 1530543654.4414
access-control-allow-methods: GET, POST
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-tm-3_1_1: 1530543654.4578
x-tm-3_1_0_1: 1530543654.4573
x-tm-3_1_0_2: 1530543654.4577

GET
S 200 687474703a2f2f3138352d35392d3232312d3135332e6d6264722e63662f7032702f34306265616366303166383532313630653064336366316439363234343965362d33333633302e7473.ts Show response
lhr-1.firstonetv.net/hls/a19b414ed8dfbfb1cd938002e9d4be7e/1530560116/7b226970223a66616c73652c227561223a22416e64726f6964222c22726566223a22687474703a5c2f5c2f6d6f6264726f2e6d65227d/ Frame 2E22 264 KB
264 KB 17ms
17ms XHR
video/mp2t 185.21.217.34
FERAL Feral Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://lhr-1.firstonetv.net:4434/hls/a19b414ed8dfbfb1cd938002e9d4be7e/1530560116/7b226970223a66616c73652c227561223a22416e64726f6964222c22726566223a22687474703a5c2f5c2f6d6f6264726f2e6d65227d/687474703a2f2f3138352d35392d3232312d3135332e6d6264722e63662f7032702f34306265616366303166383532313630653064336366316439363234343965362d33333633302e7473.ts
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol: SPDY
Server: 185.21.217.34 , United Kingdom, ASN200052 (FERAL Feral Hosting, GB),
Reverse DNS: thisis.feralhosting.com
Software: nginx/1.10.3 /
Resource Hash: fa22339b183eac44d2811929d9ae09086e48d37cf07283bc2a91b66d5c0e0ffb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://aw-live.cf/ch/ch11.html
Origin: http://aw-live.cf

Response headers

date: Mon, 02 Jul 2018 15:00:54 GMT
x-tm-1: 1530543654.4794
x-tm-2: 1530543654.4796
x-cache: HIT
status: 200
x-tm-4: 1530543654.4799
content-length: 269968
server: nginx/1.10.3
x-cachekey: f3ffa1f5ca6da2f86f0bb675abce081f6de12e5056c398517a604cd89c7c2723
access-control-allow-methods: GET, POST
content-type: video/MP2T
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-tm-3_0: 1530543654.4799
access-control-allow-headers: *

GET
S 200 687474703a2f2f3138352d35392d3232312d3135332e6d6264722e63662f7032702f34306265616366303166383532313630653064336366316439363234343965362e6d3375383f73743d54736f6a486d6d53775147655a6a4149364b46725951266... Show response
lhr-1.firstonetv.net/hls/a19b414ed8dfbfb1cd938002e9d4be7e/1530560116/7b226970223a66616c73652c227561223a22416e64726f6964222c22726566223a22687474703a5c2f5c2f6d6f6264726f2e6d65227d/ Frame 2E22 5 KB
5 KB 50ms
50ms XHR
application/vnd.apple.mpegurl 185.21.217.34
FERAL Feral Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://lhr-1.firstonetv.net:4434/hls/a19b414ed8dfbfb1cd938002e9d4be7e/1530560116/7b226970223a66616c73652c227561223a22416e64726f6964222c22726566223a22687474703a5c2f5c2f6d6f6264726f2e6d65227d/687474703a2f2f3138352d35392d3232312d3135332e6d6264722e63662f7032702f34306265616366303166383532313630653064336366316439363234343965362e6d3375383f73743d54736f6a486d6d53775147655a6a4149364b4672595126653d31353330353734353136.m3u8
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol: SPDY
Server: 185.21.217.34 , United Kingdom, ASN200052 (FERAL Feral Hosting, GB),
Reverse DNS: thisis.feralhosting.com
Software: nginx/1.10.3 /
Resource Hash: c6441aa249f706fd8e855f93942723124838bd6c5d21ef4f2e07bf06dfc4c539

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://aw-live.cf/ch/ch11.html
Origin: http://aw-live.cf

Response headers

date: Mon, 02 Jul 2018 15:00:57 GMT
x-tm-3_1_0_0: 1530543657.2771
x-tm-2: 1530543657.2771
x-cache: MISS
status: 200
x-cachekey: f6578428cbe98bb48dc48304e903c76887b7b5a5f8a7e578491a52ca16ecd883
x-tm-4: 1530543657.2966
x-tm-1: 1530543657.277
content-length: 4661
access-control-allow-headers: *
server: nginx/1.10.3
x-tm-3_1_0: 1530543657.2771
access-control-allow-methods: GET, POST
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-tm-3_1_1: 1530543657.2966
x-tm-3_1_0_1: 1530543657.2961
x-tm-3_1_0_2: 1530543657.2966

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
aw-live.cf/	1970-01-19 01:54:39	Name: HstCns3989073 Value: 1
aw-live.cf/	1970-01-19 01:54:39	Name: HstPt3989073 Value: 1
aw-live.cf/	1970-01-19 01:54:39	Name: HstCnv3989073 Value: 1
aw-live.cf/	1970-01-19 01:54:39	Name: HstCla3989073 Value: 1530543650681
aw-live.cf/	1970-01-19 01:54:39	Name: HstCfa3989073 Value: 1530543650681
aw-live.cf/	1970-01-19 01:54:39	Name: HstPn3989073 Value: 1
aw-live.cf/	1970-01-19 01:54:39	Name: HstCmu3989073 Value: 1530543650681
.aw-live.cf/	1970-01-19 01:54:39	Name: __cfduid Value: dccd446310fb3cc19896f148b8c506b301530543650

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: http://basepush.com/ntfc.php?p=1745613(Line 2) Message: TypeError: Cannot read property '__PSR_SESSION_1_1745613_false' of null at http://basepush.com/ntfc.php?p=1745613:2:118418 at t.(anonymous function) (http://basepush.com/ntfc.php?p=1745613:2:33927) at c (http://basepush.com/ntfc.php?p=1745613:2:118400) at t.(anonymous function) (http://basepush.com/ntfc.php?p=1745613:2:120045) at t.(anonymous function) (http://basepush.com/ntfc.php?p=1745613:2:115662) at http://basepush.com/ntfc.php?p=1745613:2:23812 at t.(anonymous function) (http://basepush.com/ntfc.php?p=1745613:2:30982) at t.(anonymous function) (http://basepush.com/ntfc.php?p=1745613:2:23557) at http://basepush.com/ntfc.php?p=1745613:2:22053 at Object.<anonymous> (http://basepush.com/ntfc.php?p=1745613:2:22065)
console-api	error	URL: http://basepush.com/ntfc.php?p=1745613(Line 2) Message: TypeError: Cannot set property '__PSR_SESSION_1_1745613_false' of null at http://basepush.com/ntfc.php?p=1745613:2:75812 at t.(anonymous function) (http://basepush.com/ntfc.php?p=1745613:2:33927) at u (http://basepush.com/ntfc.php?p=1745613:2:75793) at t.(anonymous function) (http://basepush.com/ntfc.php?p=1745613:2:77168) at t.(anonymous function) (http://basepush.com/ntfc.php?p=1745613:2:115841) at http://basepush.com/ntfc.php?p=1745613:2:23812 at t.(anonymous function) (http://basepush.com/ntfc.php?p=1745613:2:30982) at t.(anonymous function) (http://basepush.com/ntfc.php?p=1745613:2:23557) at http://basepush.com/ntfc.php?p=1745613:2:22053 at Object.<anonymous> (http://basepush.com/ntfc.php?p=1745613:2:22065)
console-api	log	URL: http://cobalten.com/apu.php?zoneid=1745614(Line 1) Message: 70000
console-api	error	URL: http://basepush.com/ntfc.php?p=1745613(Line 2) Message: TypeError: Cannot set property '__PSR_SESSION_1_1745613_false' of null at http://basepush.com/ntfc.php?p=1745613:2:75812 at t.(anonymous function) (http://basepush.com/ntfc.php?p=1745613:2:33927) at u (http://basepush.com/ntfc.php?p=1745613:2:75793) at t.(anonymous function) (http://basepush.com/ntfc.php?p=1745613:2:77168) at t.(anonymous function) (http://basepush.com/ntfc.php?p=1745613:2:116903) at http://basepush.com/ntfc.php?p=1745613:2:25047 at t.(anonymous function) (http://basepush.com/ntfc.php?p=1745613:2:49642) at http://basepush.com/ntfc.php?p=1745613:2:24415

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6.adsco.re
aw-live.cf
basepush.com
c.adsco.re
c1.popads.net
cdn.jsdelivr.net
cobalten.com
go.oclasrv.com
lhr-1.firstonetv.net
pushwhy.com
s10.histats.com
s4.histats.com
serve.popads.net
184.173.167.98
185.21.217.34
188.42.162.189
188.72.202.124
188.72.213.137
195.181.175.7
216.21.13.10
2400:cb00:2048:1::6811:a7ba
2400:cb00:2048:1::6818:7e43
2400:cb00:2048:1::6818:7f43
46.105.201.240
78.140.191.84
94.31.29.138
08548da5ce15135e6981c86a95fc02b7a448fc8d8f45f2647ed2807ec2cc361f
0ad770f7303d5654daf4d143d7b1b3bb746700bc1333497c9744f4f03ce42b91
187315db6ba2bab1857b3ca42e6490bb5a57e9a4a307ac3d5d54c42f24c1b576
1c84d9738b63632635d0ade3ba59d7d5fe6988b4cc39bca5d816fa5ad3f51bac
1e006d2e9f1d32a255c25439d8a537cc255f11ff29c5487123b5abc7df417add
25f9d510e6e043c8e39fe3f55b6e230fc989af47a9d50ad02b2da0fd919e4ab5
304fbd687c9b643bc952d93966b7afd853255ee039f8333da2752b226ed0709c
3e5ab6a7647d46e25cf34439779cd85985be0be71b0134a12761e9f431fff5cf
4df277c12ec094b24c05c42caa9edd9f9686ddc7ef645504a0152020a069040e
7d3b79f3a2c0877e2ca51abb2ca742a0e5e999a055819fcabe36137e0da6f8ca
81417b74939a2659fd39c755682d55284d3945e3cabce0d97128a4595bc5a282
869913ff7be98ee637b46a7f31deec3097a30a13e7419e2a26263713eb58838d
9563fdc19456cd77d4a8726af68cd4909cc4031208bc2eecda0a75942deec403
967e5cecfbfbf64099c3c1232273482dd7436f05714266953c4d2c8ee9c28af5
984dce110c207886c99a8e9b6d8cfa3f40b8235f68984eab0ba53b2d100805ad
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
ac2664f49c75a002d1e67d4d0b30dcc574345ffadc1c2622bce4a96be9d4acc6
c6441aa249f706fd8e855f93942723124838bd6c5d21ef4f2e07bf06dfc4c539
cba2dd9d00ef6c95d4cb86a6c42e8f86d0935e0276348138f47e8f787107d560
cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a7d488910050c246c8ba1aef0dfb0cb2b8fb39e4be634dd9fa79c5479dd2c1
ebfb3d5d92b6ae173bc13eb2b1b6f98b0675a957ad6e38279edeb8b0728c6c93
fa22339b183eac44d2811929d9ae09086e48d37cf07283bc2a91b66d5c0e0ffb
fefc31fe8b6a75aa50147bc062e2ed750e20c8d78fb24a02342c17f15f2f261a

aw-live.cf Open in urlscan Pro 2400:cb00:2048:1::6818:7e43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

27 Requests

0 %HTTPS

23 %IPv6

10 Domains

13 Subdomains

13 IPs

5 Countries

1984 kBTransfer

2617 kBSize

8 Cookies

0 Outgoing links

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

aw-live.cf Open in urlscan Pro
2400:cb00:2048:1::6818:7e43 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

0 %
HTTPS

23 %
IPv6

10
Domains

13
Subdomains

13
IPs

5
Countries

1984 kB
Transfer

2617 kB
Size

8
Cookies

27 HTTP transactions
3 data transactions