urlscan.io logo urlscan.io
SecurityTrails logo

cloud1.pw Open in urlscan Pro
37.230.112.186  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wuo.cloudz.pw/download?file=iso%2B27004%2Bstandard%2Bpdf
Effective URL: https://cloud1.pw/4/go.php?file=iso%2B27004%2Bstandard%2Bpdf
Submission Tags: falconsandbox
Submission: On March 21 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 13 domains to perform 24 HTTP transactions. The main IP is 37.230.112.186, located in Russian Federation and belongs to THEFIRST-AS, RU. The main domain is cloud1.pw.
TLS certificate: Issued by R3 on February 22nd 2021. Valid for: 3 months.
This is the only time cloud1.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 62.109.8.203 29182 (THEFIRST-AS)
9 37.230.112.186 29182 (THEFIRST-AS)
2 185.177.94.108 39572 (ADVANCEDH...)
3 213.174.135.25 39572 (ADVANCEDH...)
1 213.174.135.24 39572 (ADVANCEDH...)
1 168.119.25.22 24940 (HETZNER-AS)
1 2 2a01:4f8:e0:1... 24940 (HETZNER-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 ()
2 3 174.137.133.17 27257 (WEBAIR-IN...)
2 151.139.128.11 20446 (HIGHWINDS3)
24 11
1    62.109.8.203 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: i-vp.fvds.ru
wuo.cloudz.pw
9    37.230.112.186 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: i-vp2.fvds.ru
cloud1.pw
2    185.177.94.108 (United Kingdom)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-108.ah-server.com
go2news.biz
3    213.174.135.25 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
sw.wpush.org
sw.wpu.sh
sw.swwpush.com
1    213.174.135.24 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
vasgenerete.site
1    168.119.25.22 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.22.25.119.168.clients.your-server.de
nereserv.com
2    2a01:4f8:e0:19cb::1 (Germany)

ASN24940 (HETZNER-AS, DE)
ntvpwpush.com
ntvpevents.com
3    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    (None, )

ASN- ()
cloud1.pw
3    174.137.133.17 (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.reacheffect.com
2    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
static.realtime-bid.com
Domain Requested by
10 cloud1.pw cloud1.pw
sw.wpu.sh
3 xml.reacheffect.com 2 redirects
3 fonts.gstatic.com cloud1.pw
2 static.realtime-bid.com cloud1.pw
2 go2news.biz cloud1.pw
1 ntvpevents.com 1 redirects
1 ntvpwpush.com sw.wpu.sh
1 nereserv.com sw.wpu.sh
1 sw.swwpush.com sw.wpu.sh
1 vasgenerete.site sw.wpu.sh
1 sw.wpu.sh sw.wpush.org
1 sw.wpush.org cloud1.pw
1 wuo.cloudz.pw 1 redirects
24 13

This site contains links to these domains. Also see Links.

Domain
ntvpevents.com
Subject Issuer Validity Valid
cloud1.pw
R3		 2021-02-22 -
2021-05-23		 3 months crt.sh
go2news.biz
R3		 2021-03-02 -
2021-05-31		 3 months crt.sh
sw.wpush.org
R3		 2021-01-22 -
2021-04-22		 3 months crt.sh
sw.wpu.sh
R3		 2021-01-29 -
2021-04-29		 3 months crt.sh
vasgenerete.site
R3		 2021-02-28 -
2021-05-29		 3 months crt.sh
sw.swwpush.com
R3		 2021-02-19 -
2021-05-20		 3 months crt.sh
notification.tubecup.net
R3		 2021-03-18 -
2021-06-16		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.realtime-bid.com
AlphaSSL CA - SHA256 - G2		 2021-02-14 -
2022-03-18		 a year crt.sh
*.reacheffect.com
Go Daddy Secure Certificate Authority - G2		 2019-04-29 -
2021-06-27		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://cloud1.pw/4/go.php?file=iso%2B27004%2Bstandard%2Bpdf
Frame ID: AB9388AD9D0A33D69B53931AB90BFEDC
Requests: 25 HTTP requests in this frame

Frame: blob://https://cloud1.pw/53ec89c2-db31-4ee6-be01-511ac90f059a
Frame ID: DAF4F945D9739896869F69442A9B0E1C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://wuo.cloudz.pw/download?file=iso%2B27004%2Bstandard%2Bpdf HTTP 302
    https://cloud1.pw/4/go.php?file=iso%2B27004%2Bstandard%2Bpdf Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+foundation[^>"]+css/i
  • html /<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Page Statistics

24
Requests

100 %
HTTPS

18 %
IPv6

13
Domains

13
Subdomains

11
IPs

4
Countries

618 kB
Transfer

722 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wuo.cloudz.pw/download?file=iso%2B27004%2Bstandard%2Bpdf HTTP 302
    https://cloud1.pw/4/go.php?file=iso%2B27004%2Bstandard%2Bpdf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://xml.reacheffect.com/thumbnail?i=GP9yYPiY-iM_0 HTTP 302
  • https://static.realtime-bid.com/n337/ad/300x300_vMvXuB5sVYug5lIJC1hu.jpeg
Request Chain 24
  • https://ntvpevents.com/in/show/?mid=2549761636&pid=0&site=native-push&sc=FR&subid=324149235&sid=4124317906&cid=1577&price=0.005906&is_cpm=0&cpm=0&ecpm=0.2180397869022173&crid=&crtid=a1a30ae5e11274afcaadfbb1180c9110&tcid=2856&out_id=0&ver=2.15.12&ver_c=&refdom=cloud1.pw&hostname=auc-inpage-hz-3&site_id=312856&spot_id=0&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1616357996843&created_at=2021-03-21&is_native=1&auction_queue=1&burl=undefined&ip=82.102.18.114&testab=1&capping=0&url=https%3A%2F%2Fxml.reacheffect.com%2Fthumbnail%3Fi%3DGP9yYPiY-iM_0%26imgt%3Dicon&verify_data=H4sIAAAAAAAAA0WOUQ7CIBBE78K3NgwFoR7AA3iBhlIa-VCJoD_Gu7ssMX5sMvt2ZrJvUdIqjkJD6RF2kgexE-FRGXr4UfpoIqCs9lvwft2WBXAyTIBkKzubylcSjaUy_5f8SCE2PUhpen1JNc4cG6GcYZTvtSMuyCScGiBp3ADoZgkET2dSNbDzF6U22m6-plfc52e59Bc6oAvac5yAsVZ8vnCkqUDzAAAA&verify_cache=3ec8a2741a54ea6ba57f4144a57636ea&cpa=2150638b-9c1a-4695-83d0-0a166c0e6510&format=default-r-d HTTP 302
  • https://xml.reacheffect.com/thumbnail?i=GP9yYPiY-iM_0&imgt=icon HTTP 302
  • https://static.realtime-bid.com/n337/ad/300x300_tAZ4Yo0eCKkvZlxPhB0I.jpeg

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request go.php
cloud1.pw/4/
Redirect Chain
  • http://wuo.cloudz.pw/download?file=iso%2B27004%2Bstandard%2Bpdf
  • https://cloud1.pw/4/go.php?file=iso%2B27004%2Bstandard%2Bpdf
7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cloud1.pw/4/go.php?file=iso%2B27004%2Bstandard%2Bpdf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.230.112.186 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
i-vp2.fvds.ru
Software
nginx/1.16.1 / PHP/7.1.33
Resource Hash
2a35f43e247fbcf8bd80cda12b58f79b5f15e0d1587daaaa16030b9a8310cd52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Host
cloud1.pw
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx/1.16.1
Date
Sun, 21 Mar 2021 08:19:55 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.1.33
refresh
25; url=http://cloudz.pw/go?green=iso+27004+standard+pdf
Strict-Transport-Security
max-age=31536000;

Redirect headers

Server
nginx
Date
Sun, 21 Mar 2021 08:19:55 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires
0
Last-Modified
Sun, 21 Mar 2021 08:19:55 GMT
Location
https://cloud1.pw/4/go.php?file=iso%2B27004%2Bstandard%2Bpdf
Pragma
no-cache
Set-Cookie
_subid=3lbchl605701ab76b19;Expires=Wednesday, 21-Apr-2021 08:19:55 GMT;Max-Age=2678400;Path=/ d580c=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjMwOFwiOjE2MTYzMTQ3OTUsXCIyNDVcIjoxNjE2MzE0Nzk1fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNjE2MzE0Nzk1LFwiMTFcIjoxNjE2MzE0Nzk1fSxcInRpbWVcIjoxNjE2MzE0Nzk1fSJ9.xE68iUucrO7B5w6THsm_LTVAAWUlEziSVydtPLju21c;Expires=Wednesday, 21-Apr-2021 08:19:55 GMT;Max-Age=2678400;Path=/
X-Content-Type-Options
nosniff
/
go2news.biz/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go2news.biz/?pu=g4ztcmjrg45ha3ddf4ytmobx
Requested by
Host: cloud1.pw
URL: https://cloud1.pw/4/go.php?file=iso%2B27004%2Bstandard%2Bpdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.177.94.108 , United Kingdom, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-94-108.ah-server.com
Software
nginx /
Resource Hash
259b0ebd777e10eda2650aebc0e44004f04d5db03e02277cb1df630a9370f238
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://cloud1.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 Mar 2021 08:19:55 GMT
server
nginx
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
/
go2news.biz/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go2news.biz/?pu=gu4wmnjtmm5ha3ddf4ytcnbt
Requested by
Host: cloud1.pw
URL: https://cloud1.pw/4/go.php?file=iso%2B27004%2Bstandard%2Bpdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.177.94.108 , United Kingdom, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-94-108.ah-server.com
Software
nginx /
Resource Hash
9258b700f3ce048e003b585f085213398e4d974645528847fbc60399a34d6e70
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://cloud1.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 Mar 2021 08:19:55 GMT
server
nginx
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
style1.css
cloud1.pw/4/files/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud1.pw/4/files/style1.css
Requested by
Host: cloud1.pw
URL: https://cloud1.pw/4/go.php?file=iso%2B27004%2Bstandard%2Bpdf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.230.112.186 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
i-vp2.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
9e74c74efe9e572feeb6d482e1a5584b6e1eee3aafaedd638ebd3a9bb1a317eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://cloud1.pw/4/go.php?file=iso%2B27004%2Bstandard%2Bpdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 08:19:55 GMT
Last-Modified
Sat, 21 Mar 2020 18:04:34 GMT
Server
nginx/1.16.1
ETag
"5e765732-1c06"
Strict-Transport-Security
max-age=31536000;
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7174
style2.css
cloud1.pw/4/files/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud1.pw/4/files/style2.css
Requested by
Host: cloud1.pw
URL: https://cloud1.pw/4/go.php?file=iso%2B27004%2Bstandard%2Bpdf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.230.112.186 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
i-vp2.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
71a2a74ad49cc7d91d6f9e2d1761088032d58be37d8b776396c1391d4a658768
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://cloud1.pw/4/go.php?file=iso%2B27004%2Bstandard%2Bpdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 08:19:55 GMT
Last-Modified
Sat, 21 Mar 2020 18:04:34 GMT
Server
nginx/1.16.1
ETag
"5e765732-1192"
Strict-Transport-Security
max-age=31536000;
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4498
font-awesome.min.css
cloud1.pw/4/files/ 		30 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud1.pw/4/files/font-awesome.min.css
Requested by
Host: cloud1.pw
URL: https://cloud1.pw/4/go.php?file=iso%2B27004%2Bstandard%2Bpdf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.230.112.186 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
i-vp2.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Origin
https://cloud1.pw
Referer
https://cloud1.pw/4/go.php?file=iso%2B27004%2Bstandard%2Bpdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 08:19:56 GMT
Last-Modified
Sat, 21 Mar 2020 18:04:34 GMT
Server
nginx/1.16.1
ETag
"5e765732-7918"
Strict-Transport-Security
max-age=31536000;
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31000
foundation.css
cloud1.pw/4/files/ 		76 KB
76 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud1.pw/4/files/foundation.css
Requested by
Host: cloud1.pw
URL: https://cloud1.pw/4/go.php?file=iso%2B27004%2Bstandard%2Bpdf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.230.112.186 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
i-vp2.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
ac3ec47ce78147bfd62aa7d8d5762f63b0834eca502014c9f5eb9e8da16cb28a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://cloud1.pw/4/go.php?file=iso%2B27004%2Bstandard%2Bpdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 08:19:56 GMT
Last-Modified
Sat, 21 Mar 2020 18:04:34 GMT
Server
nginx/1.16.1
ETag
"5e765732-12f28"
Strict-Transport-Security
max-age=31536000;
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
77608
default.css
cloud1.pw/4/files/ 		28 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud1.pw/4/files/default.css
Requested by
Host: cloud1.pw
URL: https://cloud1.pw/4/go.php?file=iso%2B27004%2Bstandard%2Bpdf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.230.112.186 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
i-vp2.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
f014a15036b7cf5ac587bc3f1f8d2d79eb45ea9be09d61078dde7193bddbaf0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://cloud1.pw/4/go.php?file=iso%2B27004%2Bstandard%2Bpdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 08:19:56 GMT
Last-Modified
Sat, 21 Mar 2020 21:46:14 GMT
Server
nginx/1.16.1
ETag
"5e768b26-6f2a"
Strict-Transport-Security
max-age=31536000;
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28458
largepreview.png
cloud1.pw/4/files/ 		192 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud1.pw/4/files/largepreview.png
Requested by
Host: cloud1.pw
URL: https://cloud1.pw/4/go.php?file=iso%2B27004%2Bstandard%2Bpdf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.230.112.186 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
i-vp2.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
3508d22da4e737cfc619d9bfe197cdd2c6b0dea0877a1c37a8dce83bcd650e56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://cloud1.pw/4/go.php?file=iso%2B27004%2Bstandard%2Bpdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 08:19:56 GMT
Last-Modified
Sun, 19 May 2019 18:10:02 GMT
Server
nginx/1.16.1
ETag
"5ce19bfa-3003a"
Strict-Transport-Security
max-age=31536000;
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
196666
main.js
sw.wpush.org/script/ 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sw.wpush.org/script/main.js?promo=24298&tcid=2856&src=324149235
Requested by
Host: cloud1.pw
URL: https://cloud1.pw/4/go.php?file=iso%2B27004%2Bstandard%2Bpdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
e616d7845c979aea81925ab5abce47640f385fc189ac57d29357a818e289c422

Request headers

Referer
https://cloud1.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 08:19:55 GMT
content-encoding
gzip
server
nginx/1.16.1
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 21 Mar 2021 09:19:55 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
natpsdk.js
sw.wpu.sh/ps/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sw.wpu.sh/ps/natpsdk.js
Requested by
Host: sw.wpush.org
URL: https://sw.wpush.org/script/main.js?promo=24298&tcid=2856&src=324149235
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
6ff840724de9f9f5d5a0c655c526aff24e7b2b1ede8b6cb108ebf3e754279317

Request headers

Referer
https://cloud1.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 08:19:56 GMT
content-encoding
gzip
server
nginx/1.16.1
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 21 Mar 2021 09:19:56 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
2856.php
vasgenerete.site/npc/anpc/ 		129 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vasgenerete.site/npc/anpc/2856.php
Requested by
Host: sw.wpu.sh
URL: https://sw.wpu.sh/ps/natpsdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.16.1 / PHP/7.1.28
Resource Hash
8fee7b55275e3b297c71d4f9de8bd39228af0f54212f1a222597225a67ed2302

Request headers

Referer
https://cloud1.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 08:19:56 GMT
content-encoding
gzip
server
nginx/1.16.1
x-powered-by
PHP/7.1.28
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
expires
Sun, 21 Mar 2021 09:19:56 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
csub.js
sw.swwpush.com/npc/sdk/wpu/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sw.swwpush.com/npc/sdk/wpu/csub.js
Requested by
Host: sw.wpu.sh
URL: https://sw.wpu.sh/ps/natpsdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.16.1 / PHP/7.1.28
Resource Hash
f027eacbd3700b0f54821c2d08e829a054930626a495bea56484074c29290dd7

Request headers

Referer
https://cloud1.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 08:19:56 GMT
content-encoding
gzip
server
nginx/1.16.1
x-powered-by
PHP/7.1.28
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 21 Mar 2021 09:19:56 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
dip
nereserv.com/in/ 		0
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nereserv.com/in/dip?wl=0&event_id=88bdfdd9-395c-4568-8fbf-42a2ceb4791f&subid=324149235&sid=4124317906&spot_id=0&created_at=2021-03-21&timezone=1&ver=2.15.12&is_native=1&site=native-push
Requested by
Host: sw.wpu.sh
URL: https://sw.wpu.sh/ps/natpsdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.25.22 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.22.25.119.168.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cloud1.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 Mar 2021 08:19:56 GMT
cache-control
no-transform
server
nginx/1.18.0
content-length
0
vary
Origin
multy
ntvpwpush.com/in/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ntvpwpush.com/in/multy?wl=0&event_id=88bdfdd9-395c-4568-8fbf-42a2ceb4791f&subid=324149235&sid=4124317906&spot_id=0&created_at=2021-03-21&timezone=1&ver=2.15.12&is_native=1&cid=0&tcid=2856&site=native-push&screen_resolution=1600x1200&testab=1
Requested by
Host: sw.wpu.sh
URL: https://sw.wpu.sh/ps/natpsdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:e0:19cb::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
c5ef3b9e66a9e15da8b69db2c29e22183b1b456949626c5cebede4514515fee4

Request headers

Referer
https://cloud1.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 Mar 2021 08:19:56 GMT
cache-control
no-transform
server
nginx/1.18.0
content-length
2386
vary
Origin
content-type
application/json; charset=utf-8
books.png
cloud1.pw/4/files/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud1.pw/4/files/books.png
Requested by
Host: cloud1.pw
URL: https://cloud1.pw/4/files/default.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.230.112.186 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
i-vp2.fvds.ru
Software
nginx/1.16.1 /
Resource Hash
e0051859f7f5a6114041b1ffae36c81cec43150ff6e942997469fc86e42333ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://cloud1.pw/4/files/default.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 08:19:56 GMT
Last-Modified
Sat, 21 Mar 2020 21:32:04 GMT
Server
nginx/1.16.1
ETag
"5e7687d4-16a9e"
Strict-Transport-Security
max-age=31536000;
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
92830
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v15/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: cloud1.pw
URL: https://cloud1.pw/4/files/style1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://cloud1.pw
Referer
https://cloud1.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 23:19:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:43 GMT
server
sffe
age
291650
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14720
x-xss-protection
0
expires
Thu, 17 Mar 2022 23:19:06 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v15/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: cloud1.pw
URL: https://cloud1.pw/4/files/style1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://cloud1.pw
Referer
https://cloud1.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 10:21:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:43 GMT
server
sffe
age
79097
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14048
x-xss-protection
0
expires
Sun, 20 Mar 2022 10:21:39 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v15/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: cloud1.pw
URL: https://cloud1.pw/4/files/style1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://cloud1.pw
Referer
https://cloud1.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 00:41:24 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:51 GMT
server
sffe
age
286712
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14544
x-xss-protection
0
expires
Fri, 18 Mar 2022 00:41:24 GMT
arrow-left.png
cloud1.pw/themes/downloadplayer_xyz/assets/images/bm-signup/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud1.pw/themes/downloadplayer_xyz/assets/images/bm-signup/arrow-left.png
Requested by
Host: cloud1.pw
URL: https://cloud1.pw/4/files/foundation.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.230.112.186 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
i-vp2.fvds.ru
Software
nginx/1.16.1 / PHP/7.1.33
Resource Hash
07be6a36a57e9d94d4aff0724d11fe9bed8784146c357772baed92d35384e286

Request headers

Referer
https://cloud1.pw/4/files/foundation.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 08:19:56 GMT
Server
nginx/1.16.1
X-Powered-By
PHP/7.1.33
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
Link
<https://cloud1.pw/wp-json/>; rel="https://api.w.org/"
Expires
Wed, 11 Jan 1984 05:00:00 GMT
53ec89c2-db31-4ee6-be01-511ac90f059a
https://cloud1.pw/ Frame DAF4 		704 B
0 		Document
General
Check archive.org
Download Go to
Full URL
blob:https://cloud1.pw/53ec89c2-db31-4ee6-be01-511ac90f059a
Requested by
Host: sw.wpu.sh
URL: https://sw.wpu.sh/ps/natpsdk.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b97fe34bf67e278e0c0c13b7b6ad26398093db600a8b40b3880b6051e1cf79b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
704
Content-Type
text/html
300x300_vMvXuB5sVYug5lIJC1hu.jpeg
static.realtime-bid.com/n337/ad/
Redirect Chain
  • https://xml.reacheffect.com/thumbnail?i=GP9yYPiY-iM_0
  • https://static.realtime-bid.com/n337/ad/300x300_vMvXuB5sVYug5lIJC1hu.jpeg
17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.realtime-bid.com/n337/ad/300x300_vMvXuB5sVYug5lIJC1hu.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
f0f7d0a3a6dbab8b214b28f9ed77ec3c850fd9333583b665ed14dcb85e756d5e

Request headers

Referer
https://cloud1.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 08:19:57 GMT
last-modified
Thu, 11 Mar 2021 13:03:35 GMT
server
nginx
etag
"604a1527-448c"
x-hw
1616314797.cds018.pa1.hn,1616314797.cds217.pa1.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
17548

Redirect headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 08:19:57 GMT
Server
nginx
Age
0
Location
https://static.realtime-bid.com/n337/ad/300x300_vMvXuB5sVYug5lIJC1hu.jpeg
Cache-Control
no-store
Connection
keep-alive
Content-Length
0
pixel
xml.reacheffect.com/ 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xml.reacheffect.com/pixel?i=GP9yYPiY-iM_0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.17 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://cloud1.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 08:19:57 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
truncated
/ 		692 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c55477bf59eb7492347a8ddf46d0c1fe1d5d3cae02d74e514cca631af3ef65f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		862 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e1ca32c4b05ca52e5b8bd614b431294310129c02f7408808367d5d2b244ddb3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
300x300_tAZ4Yo0eCKkvZlxPhB0I.jpeg
static.realtime-bid.com/n337/ad/
Redirect Chain
  • https://ntvpevents.com/in/show/?mid=2549761636&pid=0&site=native-push&sc=FR&subid=324149235&sid=4124317906&cid=1577&price=0.005906&is_cpm=0&cpm=0&ecpm=0.2180397869022173&crid=&crtid=a1a30ae5e11274a...
  • https://xml.reacheffect.com/thumbnail?i=GP9yYPiY-iM_0&imgt=icon
  • https://static.realtime-bid.com/n337/ad/300x300_tAZ4Yo0eCKkvZlxPhB0I.jpeg
13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.realtime-bid.com/n337/ad/300x300_tAZ4Yo0eCKkvZlxPhB0I.jpeg
Requested by
Host: cloud1.pw
URL: https://cloud1.pw/4/go.php?file=iso%2B27004%2Bstandard%2Bpdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
5daed490ca23740d9c872270ba1466e4d13fdbccaef4956293f2a35ff69e5dcc

Request headers

Referer
https://cloud1.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 08:19:57 GMT
last-modified
Thu, 11 Mar 2021 13:03:42 GMT
server
nginx
etag
"604a152e-35b9"
x-hw
1616314797.cds018.pa1.hn,1616314797.cds201.pa1.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
13753

Redirect headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 08:19:57 GMT
Server
nginx
Age
0
Location
https://static.realtime-bid.com/n337/ad/300x300_tAZ4Yo0eCKkvZlxPhB0I.jpeg
Cache-Control
no-store
Connection
keep-alive
Content-Length
0

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| regeneratorRuntime function| setImmediate function| clearImmediate function| tcpusher object| Sk function| __fp-init

0 Cookies

2 Console Messages

Source Level URL
Text
console-api error URL: https://go2news.biz/?pu=gu4wmnjtmm5ha3ddf4ytcnbt(Line 228)
Message:
Error: Browser is not suitable for subscriptions
console-api error URL: https://go2news.biz/?pu=g4ztcmjrg45ha3ddf4ytmobx(Line 167)
Message:
Error: Browser is not suitable for subscriptions

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cloud1.pw
fonts.gstatic.com
go2news.biz
nereserv.com
ntvpevents.com
ntvpwpush.com
static.realtime-bid.com
sw.swwpush.com
sw.wpu.sh
sw.wpush.org
vasgenerete.site
wuo.cloudz.pw
xml.reacheffect.com

151.139.128.11
168.119.25.22
174.137.133.17
185.177.94.108
213.174.135.24
213.174.135.25
2a00:1450:4001:801::2003
2a01:4f8:e0:19cb::1
37.230.112.186
62.109.8.203
07be6a36a57e9d94d4aff0724d11fe9bed8784146c357772baed92d35384e286
0b97fe34bf67e278e0c0c13b7b6ad26398093db600a8b40b3880b6051e1cf79b
1e1ca32c4b05ca52e5b8bd614b431294310129c02f7408808367d5d2b244ddb3
259b0ebd777e10eda2650aebc0e44004f04d5db03e02277cb1df630a9370f238
2a35f43e247fbcf8bd80cda12b58f79b5f15e0d1587daaaa16030b9a8310cd52
3508d22da4e737cfc619d9bfe197cdd2c6b0dea0877a1c37a8dce83bcd650e56
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc
5daed490ca23740d9c872270ba1466e4d13fdbccaef4956293f2a35ff69e5dcc
6ff840724de9f9f5d5a0c655c526aff24e7b2b1ede8b6cb108ebf3e754279317
71a2a74ad49cc7d91d6f9e2d1761088032d58be37d8b776396c1391d4a658768
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8fee7b55275e3b297c71d4f9de8bd39228af0f54212f1a222597225a67ed2302
9258b700f3ce048e003b585f085213398e4d974645528847fbc60399a34d6e70
9c55477bf59eb7492347a8ddf46d0c1fe1d5d3cae02d74e514cca631af3ef65f
9e74c74efe9e572feeb6d482e1a5584b6e1eee3aafaedd638ebd3a9bb1a317eb
ac3ec47ce78147bfd62aa7d8d5762f63b0834eca502014c9f5eb9e8da16cb28a
c5ef3b9e66a9e15da8b69db2c29e22183b1b456949626c5cebede4514515fee4
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
e0051859f7f5a6114041b1ffae36c81cec43150ff6e942997469fc86e42333ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e616d7845c979aea81925ab5abce47640f385fc189ac57d29357a818e289c422
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f014a15036b7cf5ac587bc3f1f8d2d79eb45ea9be09d61078dde7193bddbaf0a
f027eacbd3700b0f54821c2d08e829a054930626a495bea56484074c29290dd7
f0f7d0a3a6dbab8b214b28f9ed77ec3c850fd9333583b665ed14dcb85e756d5e