URL: http://www.dailydeports.pw/livetv/channel40.html
Submission: On June 18 via manual from CZ

Summary

This website contacted 16 IPs in 5 countries across 14 domains to perform 35 HTTP transactions. The main IP is 2606:4700:30::681b:a5ad, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.dailydeports.pw.
This is the only time www.dailydeports.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:30:... 13335 (CLOUDFLAR...)
2 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 50.23.131.235 36351 (SOFTLAYER)
1 185.125.230.216 48666 (AS-MAROSN...)
6 10 52.72.176.97 14618 (AMAZON-AES)
6 104.108.33.99 16625 (AKAMAI-AS)
4 173.239.53.18 27257 (WEBAIR-IN...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 167.114.209.61 16276 (OVH)
1 67.202.94.93 32748 (STEADFAST)
1 104.16.88.26 13335 (CLOUDFLAR...)
7 208.100.17.184 32748 (STEADFAST)
1 208.100.17.186 32748 (STEADFAST)
35 16
Domain Requested by
10 witalfieldt.com 6 redirects dailydeports.pw
7 ic.tynt.com www.dailydeports.pw
6 www.gearbest.com www.dailydeports.pw
dailydeports.pw
4 xml.popunder.bid dailydeports.pw
2 dailydeports.pw www.dailydeports.pw
1 de.tynt.com cdn.tynt.com
1 cdn.tynt.com waust.at
1 whos.amung.us waust.at
1 t.dtscout.com waust.at
1 xml.revrtb.com dailydeports.pw
1 telerium.tv www.dailydeports.pw
1 waust.at www.dailydeports.pw
1 1.bp.blogspot.com www.dailydeports.pw
1 cdnjs.cloudflare.com www.dailydeports.pw
1 www.dailydeports.pw
0 xml.adxnexus.com Failed dailydeports.pw
0 xml.popmonetizer.com Failed dailydeports.pw
35 17

This site contains links to these domains. Also see Links.

Domain
livetv.sx
whos.amung.us
Subject Issuer Validity Valid

1970-01-01 -
1970-01-01
a few seconds crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-03-02 -
2019-09-08
6 months crt.sh
www.telerium.tv
Let's Encrypt Authority X3
2019-04-12 -
2019-07-11
3 months crt.sh
*.gearbest.com
DigiCert SHA2 Secure Server CA
2019-02-09 -
2020-05-10
a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2018-10-15 -
2019-10-15
a year crt.sh

This page contains 20 frames:

Primary Page: http://www.dailydeports.pw/livetv/channel40.html
Frame ID: 2C85050C67E7D756B2F590AC60936B03
Requests: 17 HTTP requests in this frame

Frame: https://telerium.tv/embed/45678.html
Frame ID: C7AF1C00B70AA4E508D31EE6A2A77BB0
Requests: 1 HTTP requests in this frame

Frame: http://dailydeports.pw/adss/myads.html
Frame ID: BBBEDF72AF53C5CD898D7FB163012DB8
Requests: 1 HTTP requests in this frame

Frame: https://www.gearbest.com/?lkid=12144556
Frame ID: DF9568E657513578D4DCBE5AECACF13B
Requests: 1 HTTP requests in this frame

Frame: https://www.gearbest.com/?lkid=12144556
Frame ID: 7697112389889DDE9E15D792099FE085
Requests: 1 HTTP requests in this frame

Frame: https://www.gearbest.com/?lkid=12144556
Frame ID: EB5C5640D869C0EE0981E233422BA9D6
Requests: 1 HTTP requests in this frame

Frame: https://www.gearbest.com/?lkid=12144556
Frame ID: 2B7E2587FCF6FB77EB04801FE7A50CE4
Requests: 1 HTTP requests in this frame

Frame: https://www.gearbest.com/?lkid=12144556
Frame ID: 1D8D75BE4A73BDC0FF2552D437454514
Requests: 1 HTTP requests in this frame

Frame: http://witalfieldt.com/redirect?tid=698678&&ref=[URI_ENCODED_REFERER]
Frame ID: BEFD6E4249C17F9D3CC1406F4951204F
Requests: 1 HTTP requests in this frame

Frame: http://xml.popunder.bid/redirect?feed=111920&auth=2yHFJM
Frame ID: 34D661BCD1FD257511AF9776C3AAF9E4
Requests: 1 HTTP requests in this frame

Frame: http://xml.popunder.bid/redirect?feed=108952&auth=Ou5t6d
Frame ID: 426091525E73F9E9AFBCB0D18C19F31F
Requests: 1 HTTP requests in this frame

Frame: http://witalfieldt.com/redirect?tid=758290&&ref=[URI_ENCODED_REFERER]
Frame ID: A41B855F64A25A1DA8362D5D0997B319
Requests: 1 HTTP requests in this frame

Frame: http://witalfieldt.com/redirect?tid=780714&&ref=[URI_ENCODED_REFERER]
Frame ID: 1B40C06E32EA032B540113CE5C5CDFD7
Requests: 1 HTTP requests in this frame

Frame: http://xml.popunder.bid/redirect?feed=111920&auth=2yHFJM
Frame ID: 848BD86DA722091AF7ECCA3DE9D91BDE
Requests: 1 HTTP requests in this frame

Frame: https://www.gearbest.com/?lkid=12144556
Frame ID: 12C6DF9BC6DE6E79FC71FCA11E010E37
Requests: 1 HTTP requests in this frame

Frame: http://witalfieldt.com/redirect?tid=698678&&ref=[URI_ENCODED_REFERER]
Frame ID: 545127476EDBBE3D95D887787F22EE11
Requests: 1 HTTP requests in this frame

Frame: http://xml.popunder.bid/redirect?feed=108952&auth=Ou5t6d
Frame ID: 6F521047C33D2AFECDC17CE0933E715B
Requests: 1 HTTP requests in this frame

Frame: https://xml.popmonetizer.com/redirect?feed=184608&auth=02szyf&pubid=93422
Frame ID: 5D60CE9CD5211E8F4743E18FAC98AE92
Requests: 1 HTTP requests in this frame

Frame: https://xml.adxnexus.com/redirect?feed=184609&auth=3IQfNU&pubid=95210
Frame ID: D606C375BBF780CA5EC030C317ED5B8F
Requests: 1 HTTP requests in this frame

Frame: https://xml.revrtb.com/redirect?feed=184607&auth=cOcGqf&pubid=95209
Frame ID: 9C714CB152AD2D484412940E6390B896
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

35
Requests

26 %
HTTPS

33 %
IPv6

14
Domains

17
Subdomains

16
IPs

5
Countries

79 kB
Transfer

158 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://witalfieldt.com/redirect?tid=646273&ref=dailydeportes.pw HTTP 302
  • https://www.gearbest.com/?lkid=12144556
Request Chain 7
  • https://witalfieldt.com/redirect?tid=646273&ref=dailydeportes.pw HTTP 302
  • https://www.gearbest.com/?lkid=12144556
Request Chain 8
  • https://witalfieldt.com/redirect?tid=646273&ref=dailydeportes.pw HTTP 302
  • https://www.gearbest.com/?lkid=12144556
Request Chain 9
  • https://witalfieldt.com/redirect?tid=646273&ref=dailydeportes.pw HTTP 302
  • https://www.gearbest.com/?lkid=12144556
Request Chain 10
  • http://witalfieldt.com/redirect?tid=698580&&ref=[URI_ENCODED_REFERER] HTTP 302
  • https://www.gearbest.com/?lkid=12144556
Request Chain 17
  • http://witalfieldt.com/redirect?tid=698580&&ref=[URI_ENCODED_REFERER] HTTP 302
  • https://www.gearbest.com/?lkid=12144556

35 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set channel40.html
www.dailydeports.pw/livetv/
6 KB
2 KB
Document
General
Full URL
http://www.dailydeports.pw/livetv/channel40.html
Protocol
HTTP/1.1
Server
2606:4700:30::681b:a5ad , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa02feab990a97103ad0502d42e00116df1433afe74200615d0b1a145bda293c

Request headers

Host
www.dailydeports.pw
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 11:27:56 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d3f33c6d7329c2bfc153e50f482bd07431560857276; expires=Wed, 17-Jun-20 11:27:56 GMT; path=/; domain=.dailydeports.pw; HttpOnly
Last-Modified
Fri, 31 May 2019 17:43:52 GMT
Server
cloudflare
CF-RAY
4e8ceab9c847d6d9-FRA
Content-Encoding
gzip
livetv.png
dailydeports.pw/pic/
28 KB
29 KB
Image
General
Full URL
http://dailydeports.pw/pic/livetv.png
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/livetv/channel40.html
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:a4ad , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
35406765934a9b8e369f3d620c31694570c1b69e95e677e0b5a1974fe3699e27

Request headers

Referer
http://www.dailydeports.pw/livetv/channel40.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 11:27:56 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Tue, 26 Mar 2019 14:15:15 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4e8ceabaac8ec2ae-FRA
Content-Length
29064
Expires
Tue, 18 Jun 2019 15:27:56 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/
84 KB
29 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/livetv/channel40.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://www.dailydeports.pw/livetv/channel40.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 11:27:56 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:20:15 GMT
server
cloudflare
etag
W/"5afd494f-1514f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 07 Jun 2020 11:27:56 GMT
cache-control
public, max-age=30672000
cf-ray
4e8ceaba8dfdc27c-FRA
served-in-seconds
0.029
close.png
1.bp.blogspot.com/-9yI5UQQdjLo/Wr5sIe3_KTI/AAAAAAAAACY/4ir3yjU8Gc8sPXA5LNBcAKX3VNhs7R5XwCK4BGAYYCw/s400/
1 KB
2 KB
Image
General
Full URL
http://1.bp.blogspot.com/-9yI5UQQdjLo/Wr5sIe3_KTI/AAAAAAAAACY/4ir3yjU8Gc8sPXA5LNBcAKX3VNhs7R5XwCK4BGAYYCw/s400/close.png
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/livetv/channel40.html
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
fb9122075fe85d4e272f2a23307172fe484bda234ecbdcb071ea930e68bc5791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.dailydeports.pw/livetv/channel40.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 08:52:58 GMT
X-Content-Type-Options
nosniff
Server
fife
Age
9298
ETag
"v27"
Vary
Origin
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=86400, no-transform
Content-Disposition
inline;filename="close.png"
Timing-Allow-Origin
*
Content-Length
1402
X-XSS-Protection
0
Expires
Tue, 18 Jun 2019 23:01:54 GMT
d.js
waust.at/
13 KB
7 KB
Script
General
Full URL
http://waust.at/d.js
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/livetv/channel40.html
Protocol
HTTP/1.1
Security
, ,
Server
50.23.131.235 Seattle, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
eb.83.1732.ip4.static.sl-reverse.com
Software
/
Resource Hash
1d5befe8d12c77118b010f0079a340181e809be1b0bc6952756ab812dec98df2

Request headers

Referer
http://www.dailydeports.pw/livetv/channel40.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 11:27:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Jun 2019 21:07:07 GMT
ETag
W/"5d02bafb-3286"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, private
Connection
keep-alive
Expires
Wed, 19 Jun 2019 11:27:56 GMT
45678.html
telerium.tv/embed/ Frame C7AF
0
0
Document
General
Full URL
https://telerium.tv/embed/45678.html
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/livetv/channel40.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.125.230.216 Moscow, Russian Federation, ASN48666 (AS-MAROSNET Moscow, Russia, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
telerium.tv
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://www.dailydeports.pw/livetv/channel40.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.dailydeports.pw/livetv/channel40.html

Response headers

Server
nginx
Date
Tue, 18 Jun 2019 11:06:01 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Proxy-Cache
HIT
myads.html
dailydeports.pw/adss/ Frame BBBE
6 KB
1 KB
Document
General
Full URL
http://dailydeports.pw/adss/myads.html
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/livetv/channel40.html
Protocol
HTTP/1.1
Server
2606:4700:30::681b:a4ad , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
21fc0d7072efe4305add7117fa9835a106d263a4d128b7b985cae2cd734ae357

Request headers

Host
dailydeports.pw
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://www.dailydeports.pw/livetv/channel40.html
Accept-Encoding
gzip, deflate
Cookie
__cfduid=d3f33c6d7329c2bfc153e50f482bd07431560857276
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.dailydeports.pw/livetv/channel40.html

Response headers

Date
Tue, 18 Jun 2019 11:27:56 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 07 May 2019 16:41:01 GMT
Server
cloudflare
CF-RAY
4e8ceabaeca3d6d9-FRA
Content-Encoding
gzip
/
www.gearbest.com/ Frame DF95
Redirect Chain
  • https://witalfieldt.com/redirect?tid=646273&ref=dailydeportes.pw
  • https://www.gearbest.com/?lkid=12144556
0
0
Document
General
Full URL
https://www.gearbest.com/?lkid=12144556
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/livetv/channel40.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.33.99 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-33-99.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
www.gearbest.com
:scheme
https
:path
/?lkid=12144556
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://www.dailydeports.pw/livetv/channel40.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.dailydeports.pw/livetv/channel40.html

Response headers

status
200
content-type
text/html; charset=utf-8
x-amz-id-2
pWMruK6zkR1/fvVjt6opNivBbnNG5krjtLAFrMuBuEHLgjGub/SRTpRCwnipVSru5QDljZnofJM=
x-amz-request-id
9B79D9EE6624D7F3
last-modified
Tue, 18 Jun 2019 11:11:05 GMT
etag
W/"688a9e1eb0cf46e024ab742541a13eeb"
access-control-allow-origin
*
access-control-allow-methods
GET, POST
ng-cache
HIT
content-encoding
gzip
content-length
35763
cache-control
max-age=60
expires
Tue, 18 Jun 2019 11:28:58 GMT
date
Tue, 18 Jun 2019 11:27:58 GMT
vary
Accept-Encoding User-Agent
set-cookie
AKAM_CLIENTID=8302181a9047933ddab7280d138d2994; expires=Mon, 31-Dec-2038 23:59:59 GMT; path=/; domain=.gearbest.com

Redirect headers

status
302
date
Tue, 18 Jun 2019 11:27:56 GMT
content-type
text/plain
content-length
0
location
https://www.gearbest.com?lkid=12144556
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=f2671db9-b136-4a08-8a40-139948b47e56 fv=rjk7rdY8qHs6qSEFqjgEpdk6rTC7vdw=; Expires=Wed, 17 Jun 2020 11:27:56 GMT; Max-Age=31536000; Domain=.witalfieldt.com; Path=/; Version=1
/
www.gearbest.com/ Frame 7697
Redirect Chain
  • https://witalfieldt.com/redirect?tid=646273&ref=dailydeportes.pw
  • https://www.gearbest.com/?lkid=12144556
0
0
Document
General
Full URL
https://www.gearbest.com/?lkid=12144556
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/livetv/channel40.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.33.99 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-33-99.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
www.gearbest.com
:scheme
https
:path
/?lkid=12144556
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://www.dailydeports.pw/livetv/channel40.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.dailydeports.pw/livetv/channel40.html

Response headers

status
200
content-type
text/html; charset=utf-8
x-amz-id-2
pWMruK6zkR1/fvVjt6opNivBbnNG5krjtLAFrMuBuEHLgjGub/SRTpRCwnipVSru5QDljZnofJM=
x-amz-request-id
9B79D9EE6624D7F3
last-modified
Tue, 18 Jun 2019 11:11:05 GMT
etag
W/"688a9e1eb0cf46e024ab742541a13eeb"
access-control-allow-origin
*
access-control-allow-methods
GET, POST
ng-cache
HIT
content-encoding
gzip
content-length
35763
cache-control
max-age=60
expires
Tue, 18 Jun 2019 11:28:58 GMT
date
Tue, 18 Jun 2019 11:27:58 GMT
vary
Accept-Encoding User-Agent
set-cookie
AKAM_CLIENTID=a2bb15277895c6a8678577f011d61a7b; expires=Mon, 31-Dec-2038 23:59:59 GMT; path=/; domain=.gearbest.com

Redirect headers

status
302
date
Tue, 18 Jun 2019 11:27:56 GMT
content-type
text/plain
content-length
0
location
https://www.gearbest.com?lkid=12144556
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=85f88589-82c5-4242-bab8-2d3ae559a293 fv=rjk7rdY8qHs6qSEFqjgEpdk6rTC7vdw=; Expires=Wed, 17 Jun 2020 11:27:56 GMT; Max-Age=31536000; Domain=.witalfieldt.com; Path=/; Version=1
/
www.gearbest.com/ Frame EB5C
Redirect Chain
  • https://witalfieldt.com/redirect?tid=646273&ref=dailydeportes.pw
  • https://www.gearbest.com/?lkid=12144556
0
0
Document
General
Full URL
https://www.gearbest.com/?lkid=12144556
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/livetv/channel40.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.33.99 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-33-99.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
www.gearbest.com
:scheme
https
:path
/?lkid=12144556
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://www.dailydeports.pw/livetv/channel40.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.dailydeports.pw/livetv/channel40.html

Response headers

status
200
content-type
text/html; charset=utf-8
x-amz-id-2
pWMruK6zkR1/fvVjt6opNivBbnNG5krjtLAFrMuBuEHLgjGub/SRTpRCwnipVSru5QDljZnofJM=
x-amz-request-id
9B79D9EE6624D7F3
last-modified
Tue, 18 Jun 2019 11:11:05 GMT
etag
W/"688a9e1eb0cf46e024ab742541a13eeb"
access-control-allow-origin
*
access-control-allow-methods
GET, POST
ng-cache
HIT
content-encoding
gzip
content-length
35763
cache-control
max-age=60
expires
Tue, 18 Jun 2019 11:28:58 GMT
date
Tue, 18 Jun 2019 11:27:58 GMT
vary
Accept-Encoding User-Agent
set-cookie
AKAM_CLIENTID=a597998e2c197034fc6fdb6172c591d9; expires=Mon, 31-Dec-2038 23:59:59 GMT; path=/; domain=.gearbest.com

Redirect headers

status
302
date
Tue, 18 Jun 2019 11:27:56 GMT
content-type
text/plain
content-length
0
location
https://www.gearbest.com?lkid=12144556
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=d45eafed-9f91-471f-b1d5-32ef380691fa fv=rjk7rdY8qHs6qSEFqjgEpdk6rTC7vdw=; Expires=Wed, 17 Jun 2020 11:27:56 GMT; Max-Age=31536000; Domain=.witalfieldt.com; Path=/; Version=1
/
www.gearbest.com/ Frame 2B7E
Redirect Chain
  • https://witalfieldt.com/redirect?tid=646273&ref=dailydeportes.pw
  • https://www.gearbest.com/?lkid=12144556
0
0
Document
General
Full URL
https://www.gearbest.com/?lkid=12144556
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/livetv/channel40.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.33.99 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-33-99.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
www.gearbest.com
:scheme
https
:path
/?lkid=12144556
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://www.dailydeports.pw/livetv/channel40.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.dailydeports.pw/livetv/channel40.html

Response headers

status
200
content-type
text/html; charset=utf-8
x-amz-id-2
pWMruK6zkR1/fvVjt6opNivBbnNG5krjtLAFrMuBuEHLgjGub/SRTpRCwnipVSru5QDljZnofJM=
x-amz-request-id
9B79D9EE6624D7F3
last-modified
Tue, 18 Jun 2019 11:11:05 GMT
etag
W/"688a9e1eb0cf46e024ab742541a13eeb"
access-control-allow-origin
*
access-control-allow-methods
GET, POST
ng-cache
HIT
content-encoding
gzip
content-length
35763
cache-control
max-age=60
expires
Tue, 18 Jun 2019 11:28:58 GMT
date
Tue, 18 Jun 2019 11:27:58 GMT
vary
Accept-Encoding User-Agent
set-cookie
AKAM_CLIENTID=c244fbb801000fcf433b0682a7a96793; expires=Mon, 31-Dec-2038 23:59:59 GMT; path=/; domain=.gearbest.com

Redirect headers

status
302
date
Tue, 18 Jun 2019 11:27:56 GMT
content-type
text/plain
content-length
0
location
https://www.gearbest.com?lkid=12144556
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=65962fb4-b218-42f7-b764-bdddd05e2887 fv=rjk7rdY8qHs6qSEFqjgEpdk6rTC7vdw=; Expires=Wed, 17 Jun 2020 11:27:56 GMT; Max-Age=31536000; Domain=.witalfieldt.com; Path=/; Version=1
/
www.gearbest.com/ Frame 1D8D
Redirect Chain
  • http://witalfieldt.com/redirect?tid=698580&&ref=[URI_ENCODED_REFERER]
  • https://www.gearbest.com/?lkid=12144556
0
0
Document
General
Full URL
https://www.gearbest.com/?lkid=12144556
Requested by
Host: dailydeports.pw
URL: http://dailydeports.pw/adss/myads.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.33.99 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-33-99.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
www.gearbest.com
:scheme
https
:path
/?lkid=12144556
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://dailydeports.pw/adss/myads.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://dailydeports.pw/adss/myads.html

Response headers

status
200
content-type
text/html; charset=utf-8
x-amz-id-2
pWMruK6zkR1/fvVjt6opNivBbnNG5krjtLAFrMuBuEHLgjGub/SRTpRCwnipVSru5QDljZnofJM=
x-amz-request-id
9B79D9EE6624D7F3
last-modified
Tue, 18 Jun 2019 11:11:05 GMT
etag
W/"688a9e1eb0cf46e024ab742541a13eeb"
access-control-allow-origin
*
access-control-allow-methods
GET, POST
ng-cache
HIT
content-encoding
gzip
content-length
35763
cache-control
max-age=60
expires
Tue, 18 Jun 2019 11:28:58 GMT
date
Tue, 18 Jun 2019 11:27:58 GMT
vary
Accept-Encoding User-Agent
set-cookie
AKAM_CLIENTID=1820c1c18a88380ac6af57c121769687; expires=Mon, 31-Dec-2038 23:59:59 GMT; path=/; domain=.gearbest.com

Redirect headers

Date
Tue, 18 Jun 2019 11:27:57 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
set-cookie
csu=31841516-031f-4635-a476-5d6972ffb636
Set-Cookie
fv=rjk7rdY8qHs6qSEFqjgEpdk6rTC7vdw=; Expires=Wed, 17 Jun 2020 11:27:57 GMT; Max-Age=31536000; Domain=.witalfieldt.com; Path=/; Version=1
Location
https://www.gearbest.com?lkid=12144556
Cookie set redirect
witalfieldt.com/ Frame BEFD
0
0
Document
General
Full URL
http://witalfieldt.com/redirect?tid=698678&&ref=[URI_ENCODED_REFERER]
Requested by
Host: dailydeports.pw
URL: http://dailydeports.pw/adss/myads.html
Protocol
HTTP/1.1
Server
52.72.176.97 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-72-176-97.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Host
witalfieldt.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://dailydeports.pw/adss/myads.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://dailydeports.pw/adss/myads.html

Response headers

Date
Tue, 18 Jun 2019 11:27:57 GMT
Content-Type
text/plain
Connection
keep-alive
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
set-cookie
csu=c1ba7852-7fd3-457d-af6b-019c45f08787
Set-Cookie
fv=rjk7rdY8qHs6qGEFqjgEpdk6rTC6vdw=; Expires=Wed, 17 Jun 2020 11:27:57 GMT; Max-Age=31536000; Domain=.witalfieldt.com; Path=/; Version=1
redirect
xml.popunder.bid/ Frame 34D6
0
0
Document
General
Full URL
http://xml.popunder.bid/redirect?feed=111920&auth=2yHFJM
Requested by
Host: dailydeports.pw
URL: http://dailydeports.pw/adss/myads.html
Protocol
HTTP/1.1
Server
173.239.53.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
xml.popunder.bid
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://dailydeports.pw/adss/myads.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://dailydeports.pw/adss/myads.html

Response headers

Cache-Control
no-store
Pragma
no-cache
Age
0
Connection
keep-alive
Content-Length
0
redirect
xml.popunder.bid/ Frame 4260
0
0
Document
General
Full URL
http://xml.popunder.bid/redirect?feed=108952&auth=Ou5t6d
Requested by
Host: dailydeports.pw
URL: http://dailydeports.pw/adss/myads.html
Protocol
HTTP/1.1
Server
173.239.53.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
xml.popunder.bid
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://dailydeports.pw/adss/myads.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://dailydeports.pw/adss/myads.html

Response headers

Cache-Control
no-store
Pragma
no-cache
Age
0
Connection
keep-alive
Content-Length
0
Cookie set redirect
witalfieldt.com/ Frame A41B
0
0
Document
General
Full URL
http://witalfieldt.com/redirect?tid=758290&&ref=[URI_ENCODED_REFERER]
Requested by
Host: dailydeports.pw
URL: http://dailydeports.pw/adss/myads.html
Protocol
HTTP/1.1
Server
52.72.176.97 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-72-176-97.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Host
witalfieldt.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://dailydeports.pw/adss/myads.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://dailydeports.pw/adss/myads.html

Response headers

Date
Tue, 18 Jun 2019 11:27:57 GMT
Content-Type
text/plain
Connection
keep-alive
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
set-cookie
csu=368bcb84-4861-4a5a-97aa-3c3eec747f2a
Set-Cookie
fv=rjk7rdY8qHs6qGEFqjgEpdk6rTC6vdw=; Expires=Wed, 17 Jun 2020 11:27:57 GMT; Max-Age=31536000; Domain=.witalfieldt.com; Path=/; Version=1
Cookie set redirect
witalfieldt.com/ Frame 1B40
0
0
Document
General
Full URL
http://witalfieldt.com/redirect?tid=780714&&ref=[URI_ENCODED_REFERER]
Requested by
Host: dailydeports.pw
URL: http://dailydeports.pw/adss/myads.html
Protocol
HTTP/1.1
Server
52.72.176.97 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-72-176-97.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Host
witalfieldt.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://dailydeports.pw/adss/myads.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://dailydeports.pw/adss/myads.html

Response headers

Date
Tue, 18 Jun 2019 11:27:57 GMT
Content-Type
text/plain
Connection
keep-alive
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
set-cookie
csu=9692bbe7-1100-4faa-a25f-28b62df8e387
Set-Cookie
fv=rjk7rdY8qHs6qGEFqjgEpdk6rTC6vdw=; Expires=Wed, 17 Jun 2020 11:27:57 GMT; Max-Age=31536000; Domain=.witalfieldt.com; Path=/; Version=1
redirect
xml.popunder.bid/ Frame 848B
0
0
Document
General
Full URL
http://xml.popunder.bid/redirect?feed=111920&auth=2yHFJM
Requested by
Host: dailydeports.pw
URL: http://dailydeports.pw/adss/myads.html
Protocol
HTTP/1.1
Server
173.239.53.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
xml.popunder.bid
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://dailydeports.pw/adss/myads.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://dailydeports.pw/adss/myads.html

Response headers

Cache-Control
no-store
Pragma
no-cache
Age
0
Connection
keep-alive
Content-Length
0
/
www.gearbest.com/ Frame 12C6
Redirect Chain
  • http://witalfieldt.com/redirect?tid=698580&&ref=[URI_ENCODED_REFERER]
  • https://www.gearbest.com/?lkid=12144556
0
0
Document
General
Full URL
https://www.gearbest.com/?lkid=12144556
Requested by
Host: dailydeports.pw
URL: http://dailydeports.pw/adss/myads.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.33.99 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-33-99.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
www.gearbest.com
:scheme
https
:path
/?lkid=12144556
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://dailydeports.pw/adss/myads.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://dailydeports.pw/adss/myads.html

Response headers

status
200
content-type
text/html; charset=utf-8
x-amz-id-2
pWMruK6zkR1/fvVjt6opNivBbnNG5krjtLAFrMuBuEHLgjGub/SRTpRCwnipVSru5QDljZnofJM=
x-amz-request-id
9B79D9EE6624D7F3
last-modified
Tue, 18 Jun 2019 11:11:05 GMT
etag
W/"688a9e1eb0cf46e024ab742541a13eeb"
access-control-allow-origin
*
access-control-allow-methods
GET, POST
ng-cache
HIT
content-encoding
gzip
content-length
35763
cache-control
max-age=60
expires
Tue, 18 Jun 2019 11:28:58 GMT
date
Tue, 18 Jun 2019 11:27:58 GMT
vary
Accept-Encoding User-Agent
set-cookie
AKAM_CLIENTID=0fd9827cbd994b124e6499765f52e1a3; expires=Mon, 31-Dec-2038 23:59:59 GMT; path=/; domain=.gearbest.com

Redirect headers

Date
Tue, 18 Jun 2019 11:27:57 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
set-cookie
csu=d838645f-9534-4506-addf-4fbef9e497da
Set-Cookie
fv=rjk7rdY8qHs6qGEFqjgEpdk6rTC6vdw=; Expires=Wed, 17 Jun 2020 11:27:57 GMT; Max-Age=31536000; Domain=.witalfieldt.com; Path=/; Version=1
Location
https://www.gearbest.com?lkid=12144556
Cookie set redirect
witalfieldt.com/ Frame 5451
0
0
Document
General
Full URL
http://witalfieldt.com/redirect?tid=698678&&ref=[URI_ENCODED_REFERER]
Requested by
Host: dailydeports.pw
URL: http://dailydeports.pw/adss/myads.html
Protocol
HTTP/1.1
Server
52.72.176.97 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-72-176-97.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Host
witalfieldt.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://dailydeports.pw/adss/myads.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://dailydeports.pw/adss/myads.html

Response headers

Date
Tue, 18 Jun 2019 11:27:58 GMT
Content-Type
text/plain
Connection
keep-alive
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
set-cookie
csu=c92785d4-1133-4646-87fe-36cfbb523b86
Set-Cookie
fv=rjk7rdY8qHs6qGEFqjgEpdk6rTC6vdw=; Expires=Wed, 17 Jun 2020 11:27:58 GMT; Max-Age=31536000; Domain=.witalfieldt.com; Path=/; Version=1
redirect
xml.popunder.bid/ Frame 6F52
0
0
Document
General
Full URL
http://xml.popunder.bid/redirect?feed=108952&auth=Ou5t6d
Requested by
Host: dailydeports.pw
URL: http://dailydeports.pw/adss/myads.html
Protocol
HTTP/1.1
Server
173.239.53.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
xml.popunder.bid
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://dailydeports.pw/adss/myads.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://dailydeports.pw/adss/myads.html

Response headers

Cache-Control
no-store
Pragma
no-cache
Age
0
Connection
keep-alive
Content-Length
0
redirect
xml.popmonetizer.com/ Frame 5D60
0
0

redirect
xml.adxnexus.com/ Frame D606
0
0

redirect
xml.revrtb.com/ Frame 9C71
0
0
Document
General
Full URL
https://xml.revrtb.com/redirect?feed=184607&auth=cOcGqf&pubid=95209
Requested by
Host: dailydeports.pw
URL: http://dailydeports.pw/adss/myads.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3359 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
xml.revrtb.com
:scheme
https
:path
/redirect?feed=184607&auth=cOcGqf&pubid=95209
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://dailydeports.pw/adss/myads.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://dailydeports.pw/adss/myads.html

Response headers

status
200
date
Tue, 18 Jun 2019 11:27:56 GMT
content-length
0
set-cookie
__cfduid=d208b8b7c30ad1c76fda079e026b367ea1560857276; expires=Wed, 17-Jun-20 11:27:56 GMT; path=/; domain=.revrtb.com; HttpOnly
cache-control
no-store
pragma
no-cache
age
0
accept-ranges
bytes
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4e8ceabc6f70233a-FRA
/
t.dtscout.com/i/
17 B
379 B
Script
General
Full URL
http://t.dtscout.com/i/?l=http%3A%2F%2Fwww.dailydeports.pw%2Flivetv%2Fchannel40.html&j=
Requested by
Host: waust.at
URL: http://waust.at/d.js
Protocol
HTTP/1.1
Security
, ,
Server
167.114.209.61 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns515688.ip-167-114-209.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
37c5cbe8ad795a530c7ad3e2a3574a4f9038c3fc10fc48ca4c1c74ed9ffdc6a4

Request headers

Referer
http://www.dailydeports.pw/livetv/channel40.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 11:28:15 GMT
Server
nginx/1.10.3 (Ubuntu)
X-Z
I
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Expires
Tue, 18 Jun 2019 11:28:14 GMT
/
whos.amung.us/pingjs/
28 B
212 B
Script
General
Full URL
http://whos.amung.us/pingjs/?k=c4v0nfwsey&t=&c=d&y=&a=0&r=644
Requested by
Host: waust.at
URL: http://waust.at/d.js
Protocol
HTTP/1.1
Security
, ,
Server
67.202.94.93 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
amung.us
Software
/
Resource Hash
37e1ae1ece23f9753ca862c1b22eb8701742d5dc53920cf97adee75f39eccbed

Request headers

Referer
http://www.dailydeports.pw/livetv/channel40.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 11:28:00 GMT
content-encoding
gzip
transfer-encoding
chunked
content-type
text/javascript;charset=UTF-8
tc.js
cdn.tynt.com/
16 KB
7 KB
Script
General
Full URL
http://cdn.tynt.com/tc.js
Requested by
Host: waust.at
URL: http://waust.at/d.js
Protocol
HTTP/1.1
Security
, ,
Server
104.16.88.26 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e26eb528df1b8c63d58b9fcc62a5e86c3c148300c739d6094d5d12615d80e060

Request headers

Referer
http://www.dailydeports.pw/livetv/channel40.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 11:28:00 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 04 Jun 2019 15:40:15 GMT
Server
cloudflare
ETag
W/"5cf690df-3e50"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=259200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4e8cead5f9a9c82f-AMS
Expires
Fri, 21 Jun 2019 11:28:00 GMT
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Referer
http://www.dailydeports.pw/livetv/channel40.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
p
ic.tynt.com/b/
0
316 B
Image
General
Full URL
http://ic.tynt.com/b/p?id=w!c4v0nfwsey&lm=0&ts=1560857280985&dn=TC&iso=0&t=www.dailydeports.pw
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/livetv/channel40.html
Protocol
HTTP/1.1
Security
, ,
Server
208.100.17.184 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip184.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.dailydeports.pw/livetv/channel40.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 11:28:01 GMT
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Server
nginx/1.14.0
p
ic.tynt.com/b/
0
151 B
Image
General
Full URL
http://ic.tynt.com/b/p?id=w!c4v0nfwsey&lm=0&ts=1560857280985&dn=TC&iso=0&t=www.dailydeports.pw
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/livetv/channel40.html
Protocol
HTTP/1.1
Security
, ,
Server
208.100.17.184 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip184.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.dailydeports.pw/livetv/channel40.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 11:28:01 GMT
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Server
nginx/1.14.0
v2
de.tynt.com/deb/
4 B
250 B
Script
General
Full URL
http://de.tynt.com/deb/v2?id=w!c4v0nfwsey&dn=TC&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: http://cdn.tynt.com/tc.js
Protocol
HTTP/1.1
Security
, ,
Server
208.100.17.186 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip186.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Referer
http://www.dailydeports.pw/livetv/channel40.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 11:28:08 GMT
Cache-Control
max-age=86400
Expires
Wed, 19 Jun 2019 11:28:08 GMT
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Content-Length
4
Content-Type
application/javascript
p
ic.tynt.com/b/
0
151 B
Image
General
Full URL
http://ic.tynt.com/b/p?id=w!c4v0nfwsey&lm=0&ts=1560857280985&dn=TC&iso=0&t=www.dailydeports.pw
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/livetv/channel40.html
Protocol
HTTP/1.1
Security
, ,
Server
208.100.17.184 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip184.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.dailydeports.pw/livetv/channel40.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 11:28:01 GMT
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Server
nginx/1.14.0
p
ic.tynt.com/b/
0
151 B
Image
General
Full URL
http://ic.tynt.com/b/p?id=w!c4v0nfwsey&lm=0&ts=1560857280985&dn=TC&iso=0
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/livetv/channel40.html
Protocol
HTTP/1.1
Security
, ,
Server
208.100.17.184 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip184.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.dailydeports.pw/livetv/channel40.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 11:28:01 GMT
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Server
nginx/1.14.0
p
ic.tynt.com/b/
0
316 B
Image
General
Full URL
http://ic.tynt.com/b/p?id=w!c4v0nfwsey&lm=0&ts=1560857280985&dn=TC&iso=0
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/livetv/channel40.html
Protocol
HTTP/1.1
Security
, ,
Server
208.100.17.184 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip184.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.dailydeports.pw/livetv/channel40.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 11:28:01 GMT
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Server
nginx/1.14.0
p
ic.tynt.com/b/
0
151 B
Image
General
Full URL
http://ic.tynt.com/b/p?id=w!c4v0nfwsey&lm=0&ts=1560857280985&dn=TC&iso=0
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/livetv/channel40.html
Protocol
HTTP/1.1
Security
, ,
Server
208.100.17.184 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip184.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.dailydeports.pw/livetv/channel40.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 11:28:01 GMT
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Server
nginx/1.14.0
p
ic.tynt.com/b/
0
151 B
Image
General
Full URL
http://ic.tynt.com/b/p?id=w!c4v0nfwsey&lm=0&ts=1560857280985&dn=TC&iso=0
Requested by
Host: www.dailydeports.pw
URL: http://www.dailydeports.pw/livetv/channel40.html
Protocol
HTTP/1.1
Security
, ,
Server
208.100.17.184 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip184.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.dailydeports.pw/livetv/channel40.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 11:28:02 GMT
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Server
nginx/1.14.0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
xml.popmonetizer.com
URL
https://xml.popmonetizer.com/redirect?feed=184608&auth=02szyf&pubid=93422
Domain
xml.adxnexus.com
URL
https://xml.adxnexus.com/redirect?feed=184609&auth=3IQfNU&pubid=95210

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask string| str function| $ function| jQuery string| iframe object| _wau string| wau_w_col string| wau_w_siz object| WAU_ren function| WAU_dynamic function| WAU_dynamic_request function| WAU_r_d function| WAU_insert function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_cps function| docReady object| x string| x1 string| x2 object| Tynt object| _33Across object| _dts

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
cdn.tynt.com
cdnjs.cloudflare.com
dailydeports.pw
de.tynt.com
ic.tynt.com
t.dtscout.com
telerium.tv
waust.at
whos.amung.us
witalfieldt.com
www.dailydeports.pw
www.gearbest.com
xml.adxnexus.com
xml.popmonetizer.com
xml.popunder.bid
xml.revrtb.com
xml.adxnexus.com
xml.popmonetizer.com
104.108.33.99
104.16.88.26
167.114.209.61
173.239.53.18
185.125.230.216
208.100.17.184
208.100.17.186
2606:4700:30::6812:3359
2606:4700:30::681b:a4ad
2606:4700:30::681b:a5ad
2606:4700::6813:c597
2a00:1450:4001:818::2001
50.23.131.235
52.72.176.97
67.202.94.93
1d5befe8d12c77118b010f0079a340181e809be1b0bc6952756ab812dec98df2
21fc0d7072efe4305add7117fa9835a106d263a4d128b7b985cae2cd734ae357
35406765934a9b8e369f3d620c31694570c1b69e95e677e0b5a1974fe3699e27
37c5cbe8ad795a530c7ad3e2a3574a4f9038c3fc10fc48ca4c1c74ed9ffdc6a4
37e1ae1ece23f9753ca862c1b22eb8701742d5dc53920cf97adee75f39eccbed
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
e26eb528df1b8c63d58b9fcc62a5e86c3c148300c739d6094d5d12615d80e060
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa02feab990a97103ad0502d42e00116df1433afe74200615d0b1a145bda293c
fb9122075fe85d4e272f2a23307172fe484bda234ecbdcb071ea930e68bc5791