urlscan.io logo urlscan.io
SecurityTrails logo

hindimean.com Open in urlscan Pro
2606:4700:3031::681c:ab8  Public Scan

Go To Rescan Add Verdict Report
URL: http://hindimean.com/freestreams/fs1.php
Submission: On January 18 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 9 countries across 15 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3031::681c:ab8, located in United States and belongs to CLOUDFLARENET, US. The main domain is hindimean.com.
This is the only time hindimean.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 198.134.112.241 27257 (WEBAIR-IN...)
1 142.91.159.81 7979 (SERVERS)
1 195.181.174.6 60068 (CDN77)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 88.85.66.196 35415 (WEBZILLA)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.28.5.252 13335 (CLOUDFLAR...)
1 46.105.201.240 16276 (OVH)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 162.252.214.5 53334 (TUT-AS)
1 2a04:4e42:1b:... 54113 (FASTLY)
2 2 147.75.102.200 54825 (PACKET)
1 188.42.160.46 35415 (WEBZILLA)
1 192.99.13.63 16276 (OVH)
1 185.200.118.90 9009 (M247)
1 38.132.109.186 9009 (M247)
1 185.200.116.90 9009 (M247)
1 35.190.8.27 15169 (GOOGLE)
1 216.21.13.11 53334 (TUT-AS)
28 20
1    2606:4700:3031::681c:ab8 (United States)

ASN13335 (CLOUDFLARENET, US)
hindimean.com
1    198.134.112.241 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET, US)
eecd179r3b.com
1    142.91.159.81 (Netherlands)

ASN7979 (SERVERS, US)
adgeiros.pw
1    195.181.174.6 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: frankfurt-1.cdn77.com
c1.popads.net
2    2606:4700::6811:c66b (United States)

ASN13335 (CLOUDFLARENET, US)
cdnondemand.org
3    88.85.66.196 (Netherlands)

ASN35415 (WEBZILLA, NL)
deloplen.com
2    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    104.28.5.252 (United States)

ASN13335 (CLOUDFLARENET, US)
wstream.to
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
4    2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)
c.adsco.re
6.adsco.re
1    2606:4700:3035::6812:3747 (United States)

ASN13335 (CLOUDFLARENET, US)
ufpcdn.com
2    162.252.214.5 (United States)

ASN53334 (TUT-AS, US)
adsco.re
1    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    147.75.102.200 (Central, Hong Kong)

ASN54825 (PACKET, US)
loadus.exelator.com
1    188.42.160.46 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)
my.rtmark.net
1    192.99.13.63 (Richmond Hill, Canada)

ASN16276 (OVH, FR)
PTR: ns504751.ip-192-99-13.net
s4.histats.com
1    185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com
iso8swk3v520.l.adsco.re
1    38.132.109.186 (New York, United States)

ASN9009 (M247, GB)
iso8swk3v520.n.adsco.re
1    185.200.116.90 (Singapore, Singapore)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com
iso8swk3v520.s.adsco.re
1    35.190.8.27 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 27.8.190.35.bc.googleusercontent.com
onclicksuper.com
1    216.21.13.11 (United States)

ASN53334 (TUT-AS, US)
serve.popads.net
Domain Requested by
3 deloplen.com hindimean.com
deloplen.com
2 loadus.exelator.com 2 redirects
2 adsco.re c.adsco.re
2 6.adsco.re hindimean.com
c.adsco.re
2 c.adsco.re c1.popads.net
c.adsco.re
2 www.google-analytics.com hindimean.com
2 cdnondemand.org hindimean.com
1 serve.popads.net c1.popads.net
1 onclicksuper.com hindimean.com
1 iso8swk3v520.s.adsco.re c.adsco.re
1 iso8swk3v520.n.adsco.re c.adsco.re
1 iso8swk3v520.l.adsco.re c.adsco.re
1 s4.histats.com s10.histats.com
1 my.rtmark.net hindimean.com
1 cdn.jsdelivr.net hindimean.com
1 ufpcdn.com hindimean.com
1 s10.histats.com hindimean.com
1 wstream.to hindimean.com
1 c1.popads.net hindimean.com
1 adgeiros.pw hindimean.com
1 eecd179r3b.com hindimean.com
1 hindimean.com
28 22

This site contains links to these domains. Also see Links.

Domain
adsco.re
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1O1		 2019-12-20 -
2020-03-13		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-05-17 -
2020-05-17		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-29 -
2020-04-23		 a year crt.sh
*.l.adsco.re
COMODO RSA Domain Validation Secure Server CA		 2018-07-14 -
2020-07-13		 2 years crt.sh
*.n.adsco.re
COMODO RSA Domain Validation Secure Server CA		 2018-07-30 -
2020-07-29		 2 years crt.sh
*.s.adsco.re
COMODO RSA Domain Validation Secure Server CA		 2018-07-30 -
2020-07-29		 2 years crt.sh

This page contains 5 frames:

Primary Page: http://hindimean.com/freestreams/fs1.php
Frame ID: 9AFEAA7D727FC8C6A5E614CF9F6C2078
Requests: 24 HTTP requests in this frame

Frame: https://wstream.to/embed/rqr2ckrf5a41
Frame ID: 71514B83155301844862EFCB79E4D851
Requests: 1 HTTP requests in this frame

Frame: http://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 9624F1B3FB0E695889B5589F77721AEE
Requests: 1 HTTP requests in this frame

Frame: http://deloplen.com/fac.php
Frame ID: 86571F369148392516320EFDFB64794A
Requests: 1 HTTP requests in this frame

Frame: http://c.adsco.re/
Frame ID: 27C88128B7CB3D0CD022B3785683EF74
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

28
Requests

25 %
HTTPS

29 %
IPv6

15
Domains

22
Subdomains

20
IPs

9
Countries

129 kB
Transfer

325 kB
Size

28
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 11
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=674041954&utmhn=hindimean.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Man%20and%20Van%20Removals%20Stockwell%2C%20UK&utmhid=1845294624&utmr=-&utmp=%2Ffreestreams%2Ffs1.php&utmht=1579362247006&utmac=UA-133782126-8&utmcc=__utma%3D157743395.535899787.1579362247.1579362247.1579362247.1%3B%2B__utmz%3D157743395.1579362247.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1960132892&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=674041954&utmhn=hindimean.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Man%20and%20Van%20Removals%20Stockwell%2C%20UK&utmhid=1845294624&utmr=-&utmp=%2Ffreestreams%2Ffs1.php&utmht=1579362247006&utmac=UA-133782126-8&utmcc=__utma%3D157743395.535899787.1579362247.1579362247.1579362247.1%3B%2B__utmz%3D157743395.1579362247.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1960132892&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Request Chain 15
  • http://cdn.jsdelivr.net/npm/fingerprintjs2@2.1.0/dist/fingerprint2.min.js HTTP 307
  • https://cdn.jsdelivr.net/npm/fingerprintjs2@2.1.0/dist/fingerprint2.min.js
Request Chain 16
  • http://loadus.exelator.com/load/?p=104&g=891&j=0&buid=1d88380d733e47118515314cdfa3ce87_de HTTP 302
  • http://loadus.exelator.com/load/?p=104&g=891&j=0&buid=1d88380d733e47118515314cdfa3ce87_de&xl8blockcheck=1 HTTP 302
  • http://my.rtmark.net/nls.gif?SEGMENTS=&id=1d88380d733e47118515314cdfa3ce87_de

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set fs1.php
hindimean.com/freestreams/ 		48 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://hindimean.com/freestreams/fs1.php
Protocol
HTTP/1.1
Server
2606:4700:3031::681c:ab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c3ac488cbd4073bb1e35c40c954125ed32a964df9212bcc47e7115d0c6ac3e2

Request headers

Host
hindimean.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 18 Jan 2020 15:44:06 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dddb063890431a72f0808835a4663cb021579362246; expires=Mon, 17-Feb-20 15:44:06 GMT; path=/; domain=.hindimean.com; HttpOnly; SameSite=Lax
Vary
Accept-Encoding Accept-Encoding
X-Turbo-Charged-By
LiteSpeed
G7Cache-10G
STALE
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
5571b0384aed6497-FRA
Content-Encoding
gzip
8b86e827ffd1daed951b0e08491947aa.js
eecd179r3b.com/8b/86/e8/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://eecd179r3b.com/8b/86/e8/8b86e827ffd1daed951b0e08491947aa.js
Requested by
Host: hindimean.com
URL: http://hindimean.com/freestreams/fs1.php
Protocol
HTTP/1.1
Server
198.134.112.241 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
http://hindimean.com/freestreams/fs1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 18 Jan 2020 15:44:06 GMT
Server
nginx/1.17.6
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Length
0
Content-Type
application/javascript
11812
adgeiros.pw/rCK7yRYBPFQP/ 		5 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://adgeiros.pw/rCK7yRYBPFQP/11812
Requested by
Host: hindimean.com
URL: http://hindimean.com/freestreams/fs1.php
Protocol
HTTP/1.1
Server
142.91.159.81 , Netherlands, ASN7979 (SERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

Request headers

Referer
http://hindimean.com/freestreams/fs1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 18 Jan 2020 15:44:06 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
http://hindimean.com
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=20
pop.js
c1.popads.net/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c1.popads.net/pop.js
Requested by
Host: hindimean.com
URL: http://hindimean.com/freestreams/fs1.php
Protocol
HTTP/1.1
Server
195.181.174.6 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
5f7dfb159c9213a481ed748e06e270486e24def0aa5b2221781306fa708ca96c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://hindimean.com/freestreams/fs1.php
Origin
http://hindimean.com

Response headers

Date
Sat, 18 Jan 2020 15:44:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Dec 2019 21:50:35 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
W/"5df2b62b-7bef"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Edge-IP
195.181.174.1
Connection
keep-alive
X-Age
4021
alt-svc
quic="195.181.174.1:443"; ma=2592000; v="44,43,39"
compatibility.js
cdnondemand.org/script/ 		12 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdnondemand.org/script/compatibility.js
Requested by
Host: hindimean.com
URL: http://hindimean.com/freestreams/fs1.php
Protocol
HTTP/1.1
Server
2606:4700::6811:c66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
424c22882d902d767bff802920ee13a2ad43a10a5d80933359e0908c38f9b75c

Request headers

Referer
http://hindimean.com/freestreams/fs1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 18 Jan 2020 15:44:06 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
961
X-GUploader-UploadID
AEnB2UrgdZkOAbXMoCRAqD-fCeg-fPWRylx6iDgei-fLniXa5MbUK5gewwwYmSzIjS5gb0uarhpKONdXeeSy99W7wNsB8MIY1A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Last-Modified
Thu, 14 Nov 2019 10:12:19 GMT
Server
cloudflare
ETag
W/"4798f8dea4e1699c741550414944af68"
Vary
Accept-Encoding
x-goog-hash
crc32c=bUD+ww==, md5=R5j43qThaZx0FVBBSUSvaA==
Content-Type
application/javascript
x-goog-generation
1573726339118281
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
x-goog-stored-content-length
12119
CF-RAY
5571b03b9852d6b1-FRA
Expires
Sat, 18 Jan 2020 19:44:06 GMT
apu.php
deloplen.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://deloplen.com/apu.php?zoneid=2740671&oo=1
Requested by
Host: hindimean.com
URL: http://hindimean.com/freestreams/fs1.php
Protocol
HTTP/1.1
Server
88.85.66.196 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
3e1b73b0f2c8c7c0371caf78a7ebdf78b5b0bbed9e1294bdaea100679b52b84f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://hindimean.com/freestreams/fs1.php
Origin
http://hindimean.com

Response headers

Date
Sat, 18 Jan 2020 15:44:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-Trace-Id
32e8fb8ed773c5a5169058cafbe9aaff
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Authorization
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Expires
Tue, 11 Jan 1994 10:00:00 GMT
tag.min.js
deloplen.com/ 		93 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://deloplen.com/tag.min.js
Requested by
Host: hindimean.com
URL: http://hindimean.com/freestreams/fs1.php
Protocol
HTTP/1.1
Server
88.85.66.196 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
ce2cf0e9f65f9861c3840bf11a7cc28faf803901f2d05f61e7112bdf4572b042
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://hindimean.com/freestreams/fs1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 18 Jan 2020 15:44:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
29370
X-Trace-Id
c24b6d80e52e49c7a9b59e3db8a644b5
Pragma
no-cache
Last-Modified
Fri, 17 Jan 2020 11:26:38 GMT
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Expires
Tue, 11 Jan 1994 10:00:00 GMT
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: hindimean.com
URL: http://hindimean.com/freestreams/fs1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://hindimean.com/freestreams/fs1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
1060
date
Sat, 18 Jan 2020 15:26:26 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17168
expires
Sat, 18 Jan 2020 17:26:26 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
rqr2ckrf5a41
wstream.to/embed/ Frame 7151 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://wstream.to/embed/rqr2ckrf5a41
Requested by
Host: hindimean.com
URL: http://hindimean.com/freestreams/fs1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.5.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
wstream.to
:scheme
https
:path
/embed/rqr2ckrf5a41
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://hindimean.com/freestreams/fs1.php
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://hindimean.com/freestreams/fs1.php

Response headers

status
200
date
Sat, 18 Jan 2020 15:44:07 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d9ebe6c419ace92ffb7cca501d82084ae1579362247; expires=Mon, 17-Feb-20 15:44:07 GMT; path=/; domain=.wstream.to; HttpOnly; SameSite=Lax hf1=1; expires=Sun, 19-Jan-2020 15:44:07 GMT; Max-Age=86400; path=/ hf2=1; expires=Sun, 19-Jan-2020 15:44:07 GMT; Max-Age=86400; path=/ hf3=1; expires=Sat, 18-Jan-2020 15:44:08 GMT; Max-Age=1; path=/ hf4=1; expires=Sat, 18-Jan-2020 15:44:08 GMT; Max-Age=1; path=/ hf5=1; expires=Sat, 18-Jan-2020 15:44:08 GMT; Max-Age=1; path=/ hf6=1; expires=Sat, 18-Jan-2020 15:44:08 GMT; Max-Age=1; path=/ hf7=1; expires=Sun, 19-Jan-2020 15:44:07 GMT; Max-Age=86400; path=/ hf8=1; expires=Sun, 19-Jan-2020 15:44:07 GMT; Max-Age=86400; path=/ hf9=1; expires=Sat, 18-Jan-2020 15:44:08 GMT; Max-Age=1; path=/
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5571b03bfd77edff-CDG
content-encoding
br
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: hindimean.com
URL: http://hindimean.com/freestreams/fs1.php
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668

Request headers

Referer
http://hindimean.com/freestreams/fs1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 18 Jan 2020 15:35:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Dec 2018 14:12:12 GMT
X-CDN-Pop-IP
137.74.120.32/27
ETag
"-139234964"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
32123
Content-Type
text/javascript
X-CDN-Pop
sbg
Accept-Ranges
bytes
Content-Length
4525
X-Request-ID
888159163
/
c.adsco.re/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c.adsco.re/
Requested by
Host: c1.popads.net
URL: http://c1.popads.net/pop.js
Protocol
HTTP/1.1
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b66e0ae4a3a7b8e6a280d5b512ba4dcf43afb3ae8862fed33266a038cbe1f154

Request headers

Referer
http://hindimean.com/freestreams/fs1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 18 Jan 2020 15:44:07 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Alt-Svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
Server
cloudflare
Age
2391615
ETag
"a73Qdnp6tbMta3RY0Wgotw=="
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
max-age=43200,public,immutable,no-transform
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5571b03bbef7d6e5-FRA
Link
<//adsco.re>;rel=preconnect,<//6.adsco.re>;rel=prefetch
Expires
Sun, 22 Dec 2019 11:23:52 GMT
Cookie set identify.html
ufpcdn.com/script/ Frame 9624 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: hindimean.com
URL: http://hindimean.com/freestreams/fs1.php
Protocol
HTTP/1.1
Server
2606:4700:3035::6812:3747 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
ufpcdn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://hindimean.com/freestreams/fs1.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://hindimean.com/freestreams/fs1.php

Response headers

Date
Sat, 18 Jan 2020 15:44:07 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d0f0e3058a647eeb9b9ee91550d36bd7d1579362247; expires=Mon, 17-Feb-20 15:44:07 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax
Last-Modified
Tue, 15 May 2018 06:39:25 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
5571b03bcc2796b6-FRA
Content-Encoding
gzip
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=674041954&utmhn=hindimean.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Man%20an...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=674041954&utmhn=hindimean.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Man%20a...
35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=674041954&utmhn=hindimean.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Man%20and%20Van%20Removals%20Stockwell%2C%20UK&utmhid=1845294624&utmr=-&utmp=%2Ffreestreams%2Ffs1.php&utmht=1579362247006&utmac=UA-133782126-8&utmcc=__utma%3D157743395.535899787.1579362247.1579362247.1579362247.1%3B%2B__utmz%3D157743395.1579362247.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1960132892&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: hindimean.com
URL: http://hindimean.com/freestreams/fs1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://hindimean.com/freestreams/fs1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jan 2020 15:44:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=674041954&utmhn=hindimean.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Man%20and%20Van%20Removals%20Stockwell%2C%20UK&utmhid=1845294624&utmr=-&utmp=%2Ffreestreams%2Ffs1.php&utmht=1579362247006&utmac=UA-133782126-8&utmcc=__utma%3D157743395.535899787.1579362247.1579362247.1579362247.1%3B%2B__utmz%3D157743395.1579362247.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1960132892&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
/
6.adsco.re/ 		0
584 B 		Other
General
Check archive.org
Download Go to
Full URL
http://6.adsco.re/
Requested by
Host: hindimean.com
URL: http://hindimean.com/freestreams/fs1.php
Protocol
HTTP/1.1
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://hindimean.com/freestreams/fs1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 18 Jan 2020 15:44:07 GMT
Content-Encoding
gzip
Alt-Svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
Server
cloudflare
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Max-Age
2592000
Cache-Control
max-age=600,public,immutable
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5571b03bedfc96c2-FRA
Access-Control-Allow-Headers
Content-Type
t
adsco.re/ 		67 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adsco.re/t
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
d30037802015657dc95ee75b39f5da5965682adb0016df0ec4aa045e54f5ce67

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://hindimean.com/freestreams/fs1.php
Origin
http://hindimean.com

Response headers

Date
Sat, 18 Jan 2020 15:44:07 GMT
Access-Control-Max-Age
2592000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://hindimean.com
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
fac.php
deloplen.com/ Frame 8657 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://deloplen.com/fac.php
Requested by
Host: deloplen.com
URL: http://deloplen.com/tag.min.js
Protocol
HTTP/1.1
Server
88.85.66.196 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Host
deloplen.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://hindimean.com/freestreams/fs1.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://hindimean.com/freestreams/fs1.php

Response headers

Server
nginx
Date
Sat, 18 Jan 2020 15:44:07 GMT
Content-Type
text/html; charset=utf8
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Pragma
no-cache
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 11 Jan 1994 10:00:00 GMT
X-Trace-Id
c17b979f439e0c9716e661b6229961e5
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Timing-Allow-Origin
*
fingerprint2.min.js
cdn.jsdelivr.net/npm/fingerprintjs2@2.1.0/dist/
Redirect Chain
  • http://cdn.jsdelivr.net/npm/fingerprintjs2@2.1.0/dist/fingerprint2.min.js
  • https://cdn.jsdelivr.net/npm/fingerprintjs2@2.1.0/dist/fingerprint2.min.js
29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/fingerprintjs2@2.1.0/dist/fingerprint2.min.js
Requested by
Host: hindimean.com
URL: http://hindimean.com/freestreams/fs1.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b6c65ab685234e744044e9b94c2a52db31b84c54ff3a00044aa188012ad61365
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://hindimean.com/freestreams/fs1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Sat, 18 Jan 2020 15:44:07 GMT
content-length
10721
x-served-by
cache-ams21036-AMS, cache-hhn4031-HHN
etag
W/"73a6-07rMMn60HlMYw5/xZY35iYfesNs"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

Location
https://cdn.jsdelivr.net/npm/fingerprintjs2@2.1.0/dist/fingerprint2.min.js
Non-Authoritative-Reason
HSTS
nls.gif
my.rtmark.net/
Redirect Chain
  • http://loadus.exelator.com/load/?p=104&g=891&j=0&buid=1d88380d733e47118515314cdfa3ce87_de
  • http://loadus.exelator.com/load/?p=104&g=891&j=0&buid=1d88380d733e47118515314cdfa3ce87_de&xl8blockcheck=1
  • http://my.rtmark.net/nls.gif?SEGMENTS=&id=1d88380d733e47118515314cdfa3ce87_de
43 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://my.rtmark.net/nls.gif?SEGMENTS=&id=1d88380d733e47118515314cdfa3ce87_de
Requested by
Host: hindimean.com
URL: http://hindimean.com/freestreams/fs1.php
Protocol
HTTP/1.1
Server
188.42.160.46 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://hindimean.com/freestreams/fs1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 18 Jan 2020 15:44:07 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Authorization
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length
43

Redirect headers

Date
Sat, 18 Jan 2020 15:44:07 GMT
Server
nginx/1.14.0
X-Powered-By
Undertow/1
P3P
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
Location
http://my.rtmark.net/nls.gif?SEGMENTS=&id=1d88380d733e47118515314cdfa3ce87_de
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Content-Type
image/gif
Content-Length
0
0.php
s4.histats.com/stats/ 		52 B
323 B 		Script
General
Check archive.org
Download Go to
Full URL
http://s4.histats.com/stats/0.php?4204151&@f16&@g1&@h1&@i1&@j1579362247055&@k0&@l1&@mMan%20and%20Van%20Removals%20Stockwell%2C%20UK&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-171600868&@b3:1579362247&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttp%3A%2F%2Fhindimean.com%2Ffreestreams%2Ffs1.php&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Server
192.99.13.63 Richmond Hill, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns504751.ip-192-99-13.net
Software
/
Resource Hash
1c3260df804095ef7c0086dae323df7dc08a0cf1de58344ec74656b7a3a26abf

Request headers

Referer
http://hindimean.com/freestreams/fs1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 18 Jan 2020 15:44:07 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
/
6.adsco.re/ 		53 B
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://6.adsco.re/
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://hindimean.com/freestreams/fs1.php
Origin
http://hindimean.com

Response headers

Date
Sat, 18 Jan 2020 15:44:07 GMT
Content-Encoding
gzip
Server
cloudflare
Access-Control-Allow-Headers
Content-Type
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
http://hindimean.com
Access-Control-Max-Age
2592000
Cache-Control
max-age=600,public,immutable
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5571b03c2e3d9704-FRA
Alt-Svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
/
iso8swk3v520.l.adsco.re/ 		0
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://iso8swk3v520.l.adsco.re/
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS
adscore.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://hindimean.com/freestreams/fs1.php
Origin
http://hindimean.com

Response headers

Date
Sat, 18 Jan 2020 15:44:07 GMT
Last-Modified
Tue, 31 Jul 2018 22:16:15 GMT
ETag
"5b60dfaf-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
iso8swk3v520.n.adsco.re/ 		0
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://iso8swk3v520.n.adsco.re/
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://hindimean.com/freestreams/fs1.php
Origin
http://hindimean.com

Response headers

Date
Sat, 18 Jan 2020 15:44:07 GMT
Last-Modified
Mon, 30 Jul 2018 15:32:42 GMT
ETag
"5b5f2f9a-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
iso8swk3v520.s.adsco.re/ 		0
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://iso8swk3v520.s.adsco.re/
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB),
Reverse DNS
no-mans-land.m247.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://hindimean.com/freestreams/fs1.php
Origin
http://hindimean.com

Response headers

Date
Sat, 18 Jan 2020 15:44:07 GMT
Last-Modified
Mon, 30 Jul 2018 15:38:01 GMT
ETag
"5b5f30d9-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
c.adsco.re/ Frame 27C8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://c.adsco.re/
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
c.adsco.re
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://hindimean.com/freestreams/fs1.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://hindimean.com/freestreams/fs1.php

Response headers

Date
Sat, 18 Jan 2020 15:44:07 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=43200,public,immutable,no-transform
Link
<//adsco.re>;rel=preconnect,<//6.adsco.re>;rel=prefetch
Expires
Sun, 22 Dec 2019 11:23:52 GMT
ETag
"a73Qdnp6tbMta3RY0Wgotw=="
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
2391615
Vary
Accept-Encoding
Alt-Svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
Server
cloudflare
CF-RAY
5571b03c3892d6e5-FRA
suurl.php
onclicksuper.com/script/ 		0
130 B 		Script
General
Check archive.org
Download Go to
Full URL
http://onclicksuper.com/script/suurl.php?r=2679499&cbrandom=0.9776326959496273&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=Man%20and%20Van%20Removals%20Stockwell%2C%20UK&cbref=&cbdescription=Man%20and%20Van%20Removal%20in%20Stockwell%20of%20United%20Kingdom%20are%20a%20matter%20of%20relocations%20department%20and%20it%20needs%20to%20be%20done%20in%20a%20clean%20and%20clear%20way%20so%20that%20there%20are%20many%20satisfied%20and%20stress%20free%20clients%20who%20come%20out%20as%20a%20result&cbkeywords=man%20and%20van%20London%2C%20Stockwell%20removal%20company%2C%20donatecar%2Cinsurance%2Clife%20insurance%20co%20lincoln%2Cmesothelioma%20law%20firm%2C&cbcdn=cdnondemand.org&ufp=6696372541061548606725995537
Requested by
Host: hindimean.com
URL: http://hindimean.com/freestreams/fs1.php
Protocol
HTTP/1.1
Server
35.190.8.27 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
27.8.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://hindimean.com/freestreams/fs1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 18 Jan 2020 15:44:07 GMT
Via
1.1 google
Referrer-Policy
no-referrer
Server
openresty
chrome.js
cdnondemand.org/script/ 		18 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdnondemand.org/script/chrome.js
Requested by
Host: hindimean.com
URL: http://hindimean.com/freestreams/fs1.php
Protocol
HTTP/1.1
Server
2606:4700::6811:c66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd185dfbf9ab9c108d634166de89aed49aa428db7b7a50d7eb8e23faf81196ca

Request headers

Referer
http://hindimean.com/freestreams/fs1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 18 Jan 2020 15:44:07 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
1483
X-GUploader-UploadID
AEnB2Uq3O7XRoRoYiBT_l696OXBYFXNchowmoGIchLVozs4yI39_mU1QgfdM2MB6RVi3gMku5EGF0pkGjKhfWM9CLjFwOyr9wg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Last-Modified
Thu, 31 Oct 2019 10:14:31 GMT
Server
cloudflare
ETag
W/"2990eae17895f67de9f4fbca62475041"
Vary
Accept-Encoding
x-goog-hash
crc32c=hVwIww==, md5=KZDq4XiV9n3p9PvKYkdQQQ==
Content-Type
application/javascript
x-goog-generation
1572516871888329
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
x-goog-stored-content-length
18777
CF-RAY
5571b03cbbfed6b1-FRA
Expires
Sat, 18 Jan 2020 19:44:07 GMT
p
adsco.re/ 		259 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adsco.re/p
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
b9682dafcd313217e772f8fbeba83581a930c22dc30ba798b1f6cacb64d7e093

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://hindimean.com/freestreams/fs1.php
Origin
http://hindimean.com

Response headers

AS-P-G
OK
Date
Sat, 18 Jan 2020 15:44:07 GMT
AS-P-7
OK
AS-P-9
OK
AS-P-C
OK
Transfer-Encoding
chunked
AS-P-5
OK
AS-P-F
OK
Connection
keep-alive
Content-Encoding
gzip
AS-P-2
OK
AS-P-D
OK
AS-P-6
OK
AS-P-B
OK
AS-P-4
OK
AS-P-A
OK
Access-Control-Max-Age
2592000
AS-P-1
OK
Access-Control-Allow-Origin
http://hindimean.com
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
AS-P-8
OK
Content-Type
text/html; charset=UTF-8
AS-P-E
OK
AS-P-3
OK
c
serve.popads.net/ 		0
202 B 		Script
General
Check archive.org
Download Go to
Full URL
http://serve.popads.net/c?_=BAoAXiMnxwFeIyfHgAGBAcAAIHFULbPSG9Ho9QKnp3Oo8q54X6C3u_Dt5oRJItUs_r6FwQAgf1PUFZbYAyvPFElJ_RcwMdf4UsIbFK-Bdh8pdmIYLmXCACAwcDbueInFOzMHw0I4q8nyvBFlagEPjcqPnNY9HY7CO8QAECoBBPgBklQUAAAAAAAAAALFABCjOuFsi4x_HF7GCC8a1NqDwwAgq_3SUkp8gonkdE5wT6_V7t1BaWuf2M7771JTctO5H2A&v=4&siteId=3115481&minBid=&popundersPerIP=&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200
Requested by
Host: c1.popads.net
URL: http://c1.popads.net/pop.js
Protocol
HTTP/1.1
Server
216.21.13.11 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://hindimean.com/freestreams/fs1.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 18 Jan 2020 15:44:07 GMT
PopAds-EC
ASB
Connection
Keep-Alive
Content-Length
0
PopAds-CI
93
Content-Type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _pop object| popjs object| Base64 function| pafban object| detectZoom object| PopAds object| _pao object| adcashMacros object| zoneSett object| urls object| _0xaef8 function| acPrefetch object| CTABPu string| k object| _vfafw92gof object| zfgformats function| setImmediate function| clearImmediate function| _rbspeqmw function| _rmdoerpz object| _gaq object| _Hasync object| _0x9379 function| ufpAttach object| CTAMAT object| adcashUfp object| _gat object| gaGlobal function| AdscoreInit object| _dy9k9a2z31 function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup function| chfh function| chfh2 string| _HST_cntval object| Histats number| a function| ed number| t number| newTime number| r number| g number| b string| bt function| Fingerprint2 object| _0x10e2 object| Cnac object| stamat function| NqPnfu19663779009904192 function| NqPnfu object| NqpnfuVfNOrggreArgjbex boolean| _0x90aa object| _HistatsCounterGraphics_0_setValues

28 Cookies

Domain/Path Name / Value
ufpcdn.com/ Name: adcashufpv3
Value: 6696372541061548606725995537
.wstream.to/ Name: _gat_gtag_UA_129284792_5
Value: 1
.wstream.to/ Name: _gid
Value: GA1.2.725764000.1579362247
wstream.to/ Name: hf9
Value: 1
wstream.to/ Name: hf6
Value: 1
wstream.to/ Name: hf5
Value: 1
hindimean.com/ Name: HstCfa4204151
Value: 1579362247055
wstream.to/ Name: hf8
Value: 1
wstream.to/ Name: hf1
Value: 1
wstream.to/ Name: hf7
Value: 1
.wstream.to/ Name: _ga
Value: GA1.2.1540830810.1579362247
wstream.to/ Name: hf4
Value: 1
hindimean.com/ Name: HstCnv4204151
Value: 1
hindimean.com/ Name: a
Value: 9TavTa3ZTktbxqFZTVconqhZNOluAiVr
hindimean.com/ Name: HstCns4204151
Value: 1
hindimean.com/ Name: HstPt4204151
Value: 1
.hindimean.com/ Name: __utma
Value: 157743395.535899787.1579362247.1579362247.1579362247.1
hindimean.com/ Name: HstPn4204151
Value: 1
wstream.to/ Name: hf2
Value: 1
hindimean.com/ Name: HstCla4204151
Value: 1579362247055
.hindimean.com/ Name: __utmb
Value: 157743395.1.10.1579362247
hindimean.com/ Name: HstCmu4204151
Value: 1579362247055
.hindimean.com/ Name: __cfduid
Value: dddb063890431a72f0808835a4663cb021579362246
.hindimean.com/ Name: __utmz
Value: 157743395.1579362247.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
hindimean.com/ Name: adcashufpv3
Value: 6696372541061548606725995537
.hindimean.com/ Name: __utmc
Value: 157743395
wstream.to/ Name: hf3
Value: 1
.hindimean.com/ Name: __utmt
Value: 1

2 Console Messages

Source Level URL
Text
console-api log URL: http://c.adsco.re/(Line 13)
Message:
console-api log URL: http://c1.popads.net/pop.js(Line 44)
Message:
CI BAoAXiMnxwFeIyfHgAGBAcAAIHFULbPSG9Ho9QKnp3Oo8q54X6C3u_Dt5oRJItUs_r6FwQAgf1PUFZbYAyvPFElJ_RcwMdf4UsIbFK-Bdh8pdmIYLmXCACAwcDbueInFOzMHw0I4q8nyvBFlagEPjcqPnNY9HY7CO8QAECoBBPgBklQUAAAAAAAAAALFABCjOuFsi4x_HF7GCC8a1NqDwwAgq_3SUkp8gonkdE5wT6_V7t1BaWuf2M7771JTctO5H2A

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6.adsco.re
adgeiros.pw
adsco.re
c.adsco.re
c1.popads.net
cdn.jsdelivr.net
cdnondemand.org
deloplen.com
eecd179r3b.com
hindimean.com
iso8swk3v520.l.adsco.re
iso8swk3v520.n.adsco.re
iso8swk3v520.s.adsco.re
loadus.exelator.com
my.rtmark.net
onclicksuper.com
s10.histats.com
s4.histats.com
serve.popads.net
ufpcdn.com
wstream.to
www.google-analytics.com
104.28.5.252
142.91.159.81
147.75.102.200
162.252.214.5
185.200.116.90
185.200.118.90
188.42.160.46
192.99.13.63
195.181.174.6
198.134.112.241
216.21.13.11
2606:4700:3031::681c:ab8
2606:4700:3035::6812:3747
2606:4700::6811:a6ba
2606:4700::6811:c66b
2a00:1450:4001:814::200e
2a04:4e42:1b::621
35.190.8.27
38.132.109.186
46.105.201.240
88.85.66.196
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8
1c3260df804095ef7c0086dae323df7dc08a0cf1de58344ec74656b7a3a26abf
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668
3e1b73b0f2c8c7c0371caf78a7ebdf78b5b0bbed9e1294bdaea100679b52b84f
424c22882d902d767bff802920ee13a2ad43a10a5d80933359e0908c38f9b75c
4c3ac488cbd4073bb1e35c40c954125ed32a964df9212bcc47e7115d0c6ac3e2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5f7dfb159c9213a481ed748e06e270486e24def0aa5b2221781306fa708ca96c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
b66e0ae4a3a7b8e6a280d5b512ba4dcf43afb3ae8862fed33266a038cbe1f154
b6c65ab685234e744044e9b94c2a52db31b84c54ff3a00044aa188012ad61365
b9682dafcd313217e772f8fbeba83581a930c22dc30ba798b1f6cacb64d7e093
cd185dfbf9ab9c108d634166de89aed49aa428db7b7a50d7eb8e23faf81196ca
ce2cf0e9f65f9861c3840bf11a7cc28faf803901f2d05f61e7112bdf4572b042
d30037802015657dc95ee75b39f5da5965682adb0016df0ec4aa045e54f5ce67
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855