nowlive.pro Open in urlscan Pro
2606:4700:3033::6815:2107 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://nowlive.pro/1/103.html?id=103
Submission: On February 01 via manual (February 1st 2021, 8:49:09 am UTC) from ES

Summary HTTP 36 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 17 domains to perform 36 HTTP transactions. The main IP is 2606:4700:3033::6815:2107, located in United States and belongs to CLOUDFLARENET, US. The main domain is nowlive.pro.

This is the only time nowlive.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	2606:4700:303... 2606:4700:3033::6815:2107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	99.86.3.73 99.86.3.73	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:4bab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:6ea0:c70... 2a02:6ea0:c700::1	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
2	2606:4700::68... 2606:4700::6810:a710	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::ac43:beda	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	99.84.90.90 99.84.90.90	16509 (AMAZON-02) (AMAZON-02)
2 2	173.192.101.24 173.192.101.24	36351 (SOFTLAYER) (SOFTLAYER)
1	138.128.241.162 138.128.241.162	36007 (KAMATERA) (KAMATERA)
1	67.202.94.86 67.202.94.86	32748 (STEADFAST) (STEADFAST)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::ac43:8e31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:a6ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS)
1	38.132.109.186 38.132.109.186	9009 (M247) (M247)
1	185.200.116.90 185.200.116.90	9009 (M247) (M247)
1	35.190.71.96 35.190.71.96	15169 (GOOGLE) (GOOGLE)
1	208.95.113.2 208.95.113.2	53334 (TUT-AS) (TUT-AS)
36	21

4 2606:4700:3033::6815:2107 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nowlive.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.nowlive.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.3.73 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-73.fra6.r.cloudfront.net

releases.flowplayer.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

5vpbnbkiey24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::1 (Germany)

ASN60068 (CDN77 (^_^)/, GB)

www.antiadblocksystems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a710 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnondemand.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:beda (United States)

ASN13335 (CLOUDFLARENET, US)

www.soccerjumbotv1.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.90.90 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-90-90.muc50.r.cloudfront.net

witalfieldt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.192.101.24 (Dallas, United States) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com

infopicked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p38959.infopicked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.128.241.162 (New York, United States)

ASN36007 (KAMATERA, US)
PTR: 71us.mailspeedy.com

log.videocampaign.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.86 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:8e31 (United States)

ASN13335 (CLOUDFLARENET, US)

ufpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.252.214.5 (United States)

ASN53334 (TUT-AS, US)

4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.132.109.186 (New York, United States)

ASN9009 (M247, GB)

lhb2sclglgoj.n4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.116.90 (Singapore, Singapore)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com

lhb2sclglgoj.s4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.71.96 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 96.71.190.35.bc.googleusercontent.com

onclickgenius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.95.113.2 (United States)

ASN53334 (TUT-AS, US)

antiadblocksystems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	adsco.re c.adsco.re 6.adsco.re 4.adsco.re adsco.re lhb2sclglgoj.l4.adsco.re Failed lhb2sclglgoj.n4.adsco.re lhb2sclglgoj.s4.adsco.re	18 KB
4	nowlive.pro 1 redirects nowlive.pro www.nowlive.pro	10 KB
3	flowplayer.org releases.flowplayer.org	213 KB
2	infopicked.com 2 redirects infopicked.com p38959.infopicked.com	1 KB
2	witalfieldt.com 1 redirects witalfieldt.com	2 KB
2	cdnondemand.org cdnondemand.org	21 KB
2	antiadblocksystems.com www.antiadblocksystems.com antiadblocksystems.com	10 KB
2	amung.us widgets.amung.us whos.amung.us	7 KB
2	blogspot.com 1.bp.blogspot.com	6 KB
2	5vpbnbkiey24.com 5vpbnbkiey24.com
1	onclickgenius.com onclickgenius.com	2 KB
1	ufpcdn.com ufpcdn.com
1	gstatic.com www.gstatic.com	836 B
1	videocampaign.co log.videocampaign.co
1	soccerjumbotv1.me www.soccerjumbotv1.me
1	cloudflare.com cdnjs.cloudflare.com	43 KB
0	addressingethernet.xyz Failed cdn.addressingethernet.xyz Failed
36	17

	Domain	Requested by
3	releases.flowplayer.org	nowlive.pro releases.flowplayer.org
2	adsco.re	c.adsco.re
2	4.adsco.re	nowlive.pro c.adsco.re
2	6.adsco.re	nowlive.pro c.adsco.re
2	c.adsco.re	www.antiadblocksystems.com c.adsco.re
2	www.nowlive.pro	1 redirects nowlive.pro
2	witalfieldt.com	1 redirects nowlive.pro
2	cdnondemand.org	nowlive.pro
2	1.bp.blogspot.com	nowlive.pro
2	5vpbnbkiey24.com	nowlive.pro www.nowlive.pro
2	nowlive.pro	nowlive.pro
1	antiadblocksystems.com	www.antiadblocksystems.com
1	onclickgenius.com	nowlive.pro
1	lhb2sclglgoj.s4.adsco.re	c.adsco.re
1	lhb2sclglgoj.n4.adsco.re	c.adsco.re
1	ufpcdn.com	nowlive.pro
1	www.gstatic.com	releases.flowplayer.org
1	whos.amung.us	widgets.amung.us
1	log.videocampaign.co	nowlive.pro
1	p38959.infopicked.com	1 redirects
1	infopicked.com	1 redirects
1	www.soccerjumbotv1.me	nowlive.pro
1	www.antiadblocksystems.com	nowlive.pro
1	widgets.amung.us	nowlive.pro
1	cdnjs.cloudflare.com	nowlive.pro
0	lhb2sclglgoj.l4.adsco.re Failed	c.adsco.re
0	cdn.addressingethernet.xyz Failed	cdnjs.cloudflare.com
36	27

This site contains links to these domains. Also see Links.

Domain
adsco.re
flowplayer.com

Subject Issuer	Validity	Valid
*.flowplayer.org Amazon	`2020-08-30` - `2021-09-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
1431218181.rsc.cdn77.org R3	`2021-01-24` - `2021-04-24`	3 months	crt.sh
log.videocampaign.co R3	`2021-01-01` - `2021-04-01`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.n4.adsco.re R3	`2021-01-19` - `2021-04-19`	3 months	crt.sh
*.s4.adsco.re R3	`2021-01-19` - `2021-04-19`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://nowlive.pro/1/103.html?id=103
Frame ID: 4A6FD2E16E5968BDD0946430441E7090
Requests: 28 HTTP requests in this frame

Frame: http://www.soccerjumbotv1.me/ads1.htm
Frame ID: D3846851187B1FDBC40A1E45452DA23F
Requests: 1 HTTP requests in this frame

Frame: http://nowlive.pro/1/ads.htm
Frame ID: 73CB68A12500C76BD7AD52B23A360715
Requests: 2 HTTP requests in this frame

Frame: http://witalfieldt.com/redirect?tid=698580&&ref=[URI_ENCODED_REFERER]
Frame ID: 63E7DB09CC6E13D596821F57C0B7A55D
Requests: 1 HTTP requests in this frame

Frame: https://log.videocampaign.co/Watch/V5/?campaign_id=SAFeU5c67W_T10&pubfeed=137693752&cc=PL
Frame ID: 8BE3AC1E6CAE6B3042E622274361A236
Requests: 1 HTTP requests in this frame

Frame: http://ufpcdn.com/script/identify.html?frmt=0
Frame ID: C30CBFD81F5B85E98BD99BA03CAC70C2
Requests: 1 HTTP requests in this frame

Frame: http://www.nowlive.pro/300x250.html
Frame ID: 0F97ACFE26593552C311E482BA7C183B
Requests: 2 HTTP requests in this frame

Frame: http://c.adsco.re/
Frame ID: D9255A6C4C80425ACE4A16A18C1245DB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

36
Requests

33 %
HTTPS

48 %
IPv6

17
Domains

27
Subdomains

21
IPs

3
Countries

329 kB
Transfer

550 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://adsco.re/v
Title:

Search URL Search Domain Scan URL

URL: https://flowplayer.com/hello/?from=player

Search URL Search Domain Scan URL

URL: https://flowplayer.com/license
Title: GPL based license

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

http://witalfieldt.com/redirect?tid=698678&&ref=[URI_ENCODED_REFERER] HTTP 302
http://infopicked.com/aS/feedclick?s=H3f7JduMNEJ6cADb1OSHlY8uDhK_8R6jX7kIXd00STNfhpv0EDJHtbUC6hWIeTga6IkCbg7sKEuYDMm3vSUGcBkFyLaSpPv7RvTLHiBFC1FHMOcA4P_H5h1lVC9oF4FMfWDL82HqK6A2XpEZOwFKSRYokNc9fAJ0BYZeqkmo126equShul8Q0bPILrihAcUSotEvxi0fXsJVDA_jbNuAhdPhZJpyRZlN7PWi3Vntvd4JGD3Mor1QmvR-H_UQpVMYvmXhYCl66NxmnbGE7DbM8SpTde4_2_HkvRBxIoMc-NqNoU4L2qMmo573SMH8SyUoTqvNHCbd3hqu77IITVU6ZZgxwZ5Uy23ozWiFI3VHlLo3W9xJqDQOeYfSgp6O1Hm3xqOZGX7t2KIn2R0yWmQEZmcZsZK6knnmkjj6JNqB4NJhPHC4-omuP8DrMUvoXGPYbosq0-GGAqqLeunyL2QCQdS1Fcn8uCko8k6NpdNOMSk5fsmvhdXzZmiqnR2tMnkqOpXSzqulcbtM8E3Y5lCh27LoGfl5XI23IcmPbQi9RLEwNOZ5rTcv2xTeleyhTODuteJEhkmIuk_Wj8TewlUX2vyxyqyIxAwk0W8b_W8xmNRFBbeTyHukTvNB0RGdel1ianuJCf0ElhFPEaaHNoeQo7gFphRq2nPFEdO_7p-vVZDTSBIEpqq-yCEFUnj_sAsSRoCNZD8rlWd2cEdaiRA_dfi6iAbGbCmTopmo4UyBe48S7kow7RcudzV-tlGEtwjeLirtiGRTQ_XvqrtJ_AqwL7xyjAef0_2TkZxoTKQB1-ormZxlBik8_44UOWzdTVwdqn-PsIaz1VjOjbrlUnqh8eRh_D3YBq3Q1s_6SN_9Bt4mSe6FKMq5XyoJ4duS-CdqCAiL7mr_fFfQrLQQyH4pk-R7lC-ffBvP6Yo_6BsP-r4En3pdnGSoQpswH8ppDHLoYrWNdGMkhf7J04HXftNu8jd4erbF4Nu_dj0A_z1-8CVt9SU2FR4pFminJ5zlQmtYLVaHcodejbvmZ4JNqwvtfxNjTcQOom_iFTCMkECjwUBFT_pzCrMi7_5gE7_x26eM872LpnCJpw_YWtuy2-J-KEP5B8gI5mYZXBMxSpj6nCGmwoMcBpit6GrfhlyZH2pBYQMlqx5_L2EYXafOjBYQUy95TPAvRrjJcgCOKkx2BGyoMSv_cAXl0qidzWyuayY_R1FYBPnLmmD2u5VrwC_2xr30JprtgtTYgC7oVdbMb6ea2q9Ac15UFr0zYaC-ikAH6erdg3_RkvN_l2p-r9jZB7SVW-3f7FnP3QDOn6PxAaE HTTP 302
http://p38959.infopicked.com/adServe/adClick?ai=m7TYG-zL69Cj50X1iscUiAcR_QeyMyCFaNgbjMYURsecbaGYNGJ-L9Dc6u_7wdyZu_wLhd10bM0DPia90PSftPk9AL42zsfRQ_iKEYlo5hfliXS4JLXW_ga8tw24WWMwS9POxujes7CbXqjYZLPrxGkOO6XrYU_yn2TuXnVI5XfjIieh6dK6M41qF3pZIGe-rBZwfnlpzJloRr9sKAai5R7MG-AMPnwlbk16f1gZJ7XVCW9UoLTzK2_T5x_FGAdpIKKNlj9I1Bp0zkQJR4Qsl-RCaNkT3qyOnwM9sZtI20k3QkkpNB0KG6OIZhD5UZ8zUEpDz_87JciBp9n2wO8e3QXL0tt9b_p24Wg6c98G2nieKTEQPOdaBRbRh5WhN0Axej_wmAiUbeplkkLEB146pQ&ui=H3f7JduMNEJ6cADb1OSHlfbWwvziNp_1xLgNeF8Zj-iqGkt1jDjr16ZCvL2dwAwkUytvlZ_9S4T6BXIOJqxk1SggnT0W4ssXcU1Nlws354mZhLWKwBXRZw&si=1&oref=ae57f44ba990a30fa2639eb5fe44c30a&optunit=0Nzq7_vB3JnPaZlhzZ5rYw&rb=SZ6PmHOhBzc&rr=0 HTTP 302
https://log.videocampaign.co/Watch/V5/?campaign_id=SAFeU5c67W_T10&pubfeed=137693752&cc=PL

Request Chain 18

https://www.nowlive.pro/300x250.html HTTP 301
http://www.nowlive.pro/300x250.html

36 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set 103.html Show response
nowlive.pro/1/ 17 KB
7 KB 97ms
83ms Document
text/html 2606:4700:3033::6815:2107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://nowlive.pro/1/103.html?id=103
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:2107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8bd16399e057bbc9ea77597ea195269fe245f2ca65223cc29570b0c08a0ccec

Request headers

Host: nowlive.pro
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Feb 2021 08:48:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d5c549b62a0ab4a9e400ded6b9ec69fec1612169307; expires=Wed, 03-Mar-21 08:48:27 GMT; path=/; domain=.nowlive.pro; HttpOnly; SameSite=Lax
Last-Modified: Fri, 22 Jan 2021 22:02:46 GMT
CF-Cache-Status: DYNAMIC
cf-request-id: 07fe607c3b00002c3a91b69000000001
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kurbk4nBpS1de0OMBNM6%2B6s9J786D%2Buu7aio2MnS%2BsX7ThpAU%2B%2FnCN%2B2HZ5MTrTVSBW6Y4R%2BHflTk1wBDAgbpQz4TbHYR%2FUw3jYGzODl7cpR6yAq%2BZa9dQ%3D%3D"}],"group":"cf-nel"}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 61aa69d9ffea2c3a-FRA
Content-Encoding: gzip

GET
H2 200 skin.css
releases.flowplayer.org/7.2.6/skin/ 40 KB
40 KB 158ms
55ms Stylesheet
text/css 99.86.3.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://releases.flowplayer.org/7.2.6/skin/skin.css
Requested by: Host: nowlive.pro
URL: http://nowlive.pro/1/103.html?id=103
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.73 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-73.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce7e9cc6858aeb30a23bc3bf5fee9fd57a339b273ab8b1681bf0dd7a2429505f

Request headers

Referer: http://nowlive.pro/1/103.html?id=103
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 11:36:39 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
last-modified: Tue, 17 Apr 2018 11:12:25 GMT
server: AmazonS3
age: 76334
etag: "977323326d3b4ab22afa6fe64e5a93cc"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 40582
x-amz-cf-id: mnc557x_2DhncmYDHGmMfPf6DnIJ2bLK5QQXCAxfAPRMv7WsXSL3lg==

GET
H2 200 hls.light.min.js Show response
cdnjs.cloudflare.com/ajax/libs/hls.js/0.9.1/ 172 KB
43 KB 19ms
19ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/hls.js/0.9.1/hls.light.min.js

Requested by

Host: nowlive.pro
URL: http://nowlive.pro/1/103.html?id=103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c4ba8d0db29ad1fe8732590c52af262afbcdb592c346934fd2bb25ff1ce8a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://nowlive.pro/1/103.html?id=103
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 08:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1425160
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43486
cf-request-id: 07fe607c94000063a7b228a000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e7d-2afb7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n%2FDXN7IfKGU3pqT2DjChgjkbucOqumdp9cBC%2Fzz1ELmNvQZjHcTVS9RWsD1bDon5Gg9%2BjtDXXqSVvVKezZXUUcKlIZTuKjNZl8X3AR%2BjghCylzqTii49QkVj0F3ksubeSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61aa69da8f1c63a7-FRA
expires: Sat, 22 Jan 2022 08:48:27 GMT

GET
H2 200 flowplayer.min.js Show response
releases.flowplayer.org/7.2.6/ 164 KB
164 KB 196ms
94ms Script
application/javascript 99.86.3.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://releases.flowplayer.org/7.2.6/flowplayer.min.js
Requested by: Host: nowlive.pro
URL: http://nowlive.pro/1/103.html?id=103
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.73 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-73.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d195f295d9bbb630527f6a457a9d74895f8b647f19218bf0477f3511a1a12d04

Request headers

Referer: http://nowlive.pro/1/103.html?id=103
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 05:01:05 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
last-modified: Tue, 17 Apr 2018 11:12:23 GMT
server: AmazonS3
age: 13643
etag: "753e989f05e4af4dc76909ea9b464f05"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 167872
x-amz-cf-id: V81rBxp0Y__ILpHlFwlUF4a3Y1PUsezZE_nIx-xWNXimZarBY04-3Q==

GET
H/1.1 403
Forbidden 21510760b6d533922bc4866e828f0d11.js
5vpbnbkiey24.com/21/51/07/ 0
0 274ms
248ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://5vpbnbkiey24.com/21/51/07/21510760b6d533922bc4866e828f0d11.js
Requested by: Host: nowlive.pro
URL: http://nowlive.pro/1/103.html?id=103
Protocol: HTTP/1.1
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Referer: http://nowlive.pro/1/103.html?id=103
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 01 Feb 2021 08:48:27 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 close.gif
1.bp.blogspot.com/-gJqX30AFyLM/U5cHTg-BYLI/AAAAAAAAADc/1YwTwtrsgGU/s1600/ 2 KB
2 KB 40ms
20ms Image
image/gif 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-gJqX30AFyLM/U5cHTg-BYLI/AAAAAAAAADc/1YwTwtrsgGU/s1600/close.gif

Requested by

Host: nowlive.pro
URL: http://nowlive.pro/1/103.html?id=103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3dddff067978d36c4fe4a9de9b4334d20ecd5cfb1be75367a48cdd4f19b7c257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nowlive.pro/1/103.html?id=103
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 08:48:27 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="close.gif"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1889
x-xss-protection: 0
server: fife
etag: "v38"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 01 Feb 2021 01:15:26 GMT

GET
H2 200 classic.js Show response
widgets.amung.us/ 12 KB
7 KB 29ms
11ms Script
application/x-javascript 2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.amung.us/classic.js
Requested by: Host: nowlive.pro
URL: http://nowlive.pro/1/103.html?id=103
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f

Request headers

Referer: http://nowlive.pro/1/103.html?id=103
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 08:48:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Jan 2021 17:07:09 GMT
server: cloudflare
age: 2617
etag: W/"5ff73fbd-2f8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 61aa69dc2d2105c8-FRA
cf-request-id: 07fe607d96000005c8b32ca000000001
expires: Tue, 02 Feb 2021 08:04:50 GMT

GET
H2 200 intro.min.js Show response
www.antiadblocksystems.com/ 31 KB
9 KB 93ms
27ms Script
application/x-javascript 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://www.antiadblocksystems.com/intro.min.js
Requested by: Host: nowlive.pro
URL: http://nowlive.pro/1/103.html?id=103
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 , Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 150ded2787d7099b1d54a87458de2a30765fb4af24921437e87bbfc9a78e9e39

Request headers

Origin: http://nowlive.pro
Referer: http://nowlive.pro/1/103.html?id=103
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1ryzDMj7vIJ8AAA==
date: Mon, 01 Feb 2021 08:48:27 GMT
content-encoding: br
server: CDN77-Turbo
link: <https://antiadblocksystems.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
x-77-nzt-ray: HtQjc28FzXM=
x-77-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
x-77-pop: frankfurtDE
x-cache: HIT
x-age: 40736
alt-svc: quic="195.181.175.44:443"; ma=2592000; v="44,43,39"
expires: Sun, 07 Feb 2021 21:29:31 GMT

GET
H/1.1 200
OK compatibility.js Show response
cdnondemand.org/script/ 20 KB
9 KB 53ms
40ms Script
application/javascript 2606:4700::6810:a710
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdnondemand.org/script/compatibility.js
Requested by: Host: nowlive.pro
URL: http://nowlive.pro/1/103.html?id=103
Protocol: HTTP/1.1
Server: 2606:4700::6810:a710 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac

Request headers

Referer: http://nowlive.pro/1/103.html?id=103
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Feb 2021 08:48:27 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 677
X-GUploader-UploadID: ABg5-UwzV4UPX2dxkIneQW96wZMTo0hclYCZ43yYycTzn7H3K77QD-3o6uzwZCae8swY6ErSwU6ePTT08eHaAJM1DYRcq63MCA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Type: application/javascript
cf-request-id: 07fe607dbe00002bf24b9e5000000001
Last-Modified: Tue, 15 Sep 2020 12:10:32 GMT
Server: cloudflare
ETag: W/"c2bbc1e2544049cb035c321919bef2bc"
Vary: Accept-Encoding
x-goog-hash: crc32c=6TBdZQ==, md5=wrvB4lRAScsDXDIZGb7yvA==
x-goog-generation: 1600171832181211
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
x-goog-stored-content-length: 20647
CF-RAY: 61aa69dc6de42bf2-FRA
Expires: Mon, 01 Feb 2021 12:48:27 GMT

GET
H2 200 flowplayer.woff2
releases.flowplayer.org/7.2.6/skin/icons/ 8 KB
8 KB 145ms
51ms Font
font/woff2 99.86.3.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://releases.flowplayer.org/7.2.6/skin/icons/flowplayer.woff2
Requested by: Host: releases.flowplayer.org
URL: https://releases.flowplayer.org/7.2.6/skin/skin.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.73 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-73.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 676b7fcb662822833ca633f1e26c68236067f30530dea79dab00be4cd8f9ef9a

Request headers

Origin: http://nowlive.pro
Referer: https://releases.flowplayer.org/7.2.6/skin/skin.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 07:01:49 GMT
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
age: 6539
x-cache: Hit from cloudfront
content-length: 7908
last-modified: Tue, 17 Apr 2018 11:12:27 GMT
server: AmazonS3
etag: "73ccb97fd8df0703038a40b00dc8ae5f"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: JzNcJ5j_NvR7NKAuoFQ2U1aar-t_6SdD19v2n7GXFA7Sat6vAdwL8Q==

GET 103.m3u8
cdn.addressingethernet.xyz/hls/ 0
0

GET
H/1.1 200
OK Cookie set ads1.htm
www.soccerjumbotv1.me/ Frame D384 0
0 141ms
110ms Document
text/html 2606:4700:3032::ac43:beda
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.soccerjumbotv1.me/ads1.htm
Requested by: Host: nowlive.pro
URL: http://nowlive.pro/1/103.html?id=103
Protocol: HTTP/1.1
Server: 2606:4700:3032::ac43:beda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: www.soccerjumbotv1.me
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://nowlive.pro/1/103.html?id=103
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://nowlive.pro/1/103.html?id=103

Response headers

Date: Mon, 01 Feb 2021 08:48:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d8c5e92969b1df78b185b4c717393ce291612169307; expires=Wed, 03-Mar-21 08:48:27 GMT; path=/; domain=.soccerjumbotv1.me; HttpOnly; SameSite=Lax
last-modified: Sat, 16 Mar 2019 23:03:00 GMT
CF-Cache-Status: DYNAMIC
cf-request-id: 07fe607ded000005e993073000000001
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c0VfWKycgq6zssLb2%2F4MokStfMQ5HZOP4ziTvMCDCeOZUijx70WTn%2F9k0BT9qnbMKRovYoTdccdh0ehgGKG3eOp68WwzLVRR6f28YLHg5K%2Fp1RIcwg1byRbR1jxaozCk0xY%3D"}]}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 61aa69dcad4105e9-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK ads.htm Show response
nowlive.pro/1/ Frame 73CB 366 B
934 B 82ms
82ms Document
text/html 2606:4700:3033::6815:2107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://nowlive.pro/1/ads.htm
Requested by: Host: nowlive.pro
URL: http://nowlive.pro/1/103.html?id=103
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:2107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb4668f10720f8a574b5331ca24727431911d56accc360ccd109048a87e0bf1d

Request headers

Host: nowlive.pro
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://nowlive.pro/1/103.html?id=103
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: __cfduid=d5c549b62a0ab4a9e400ded6b9ec69fec1612169307
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://nowlive.pro/1/103.html?id=103

Response headers

Date: Mon, 01 Feb 2021 08:48:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 12 Jan 2021 17:42:48 GMT
CF-Cache-Status: DYNAMIC
cf-request-id: 07fe607dcf00002c3aed24a000000001
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dsKZZaFMzwfWqgm4JYFXht%2BhA5D7zl6POgmBp2E5kd3B%2FAuPan2ddFp9Rfzymg5Ya1xeUrBd1W6qYdj9HLFaroedM25JhDsuCCXSAKxZN41Mh9STR%2Bxkyw%3D%3D"}],"group":"cf-nel"}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 61aa69dc7d7c2c3a-FRA
Content-Encoding: gzip

GET
H/1.1 204
No Content Cookie set redirect
witalfieldt.com/ Frame 63E7 0
0 606ms
573ms Document
text/plain 99.84.90.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://witalfieldt.com/redirect?tid=698580&&ref=[URI_ENCODED_REFERER]
Requested by: Host: nowlive.pro
URL: http://nowlive.pro/1/103.html?id=103
Protocol: HTTP/1.1
Server: 99.84.90.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-90-90.muc50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: witalfieldt.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://nowlive.pro/1/103.html?id=103
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://nowlive.pro/1/103.html?id=103

Response headers

Content-Type: text/plain
Connection: keep-alive
Date: Mon, 01 Feb 2021 08:48:28 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
set-cookie: csu=e1d179ea-5e82-49e7-8f37-1845e85724ea
Set-Cookie: fv=rjgFrTw7pjrEqGEFqTwGrjg4rHa6vdw=; Expires=Tue, 01 Feb 2022 08:48:28 GMT; Max-Age=31536000; Domain=.witalfieldt.com; Path=/; Version=1
X-Cache: Miss from cloudfront
Via: 1.1 7e5808188f3301eda7b952b4c6dfa208.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-C1
X-Amz-Cf-Id: 3BnZkMnTPVzfmaOHHLsdXvTSg2n9tnBjWhIlLNI-D5MotodP3mQWgQ==

GET
H/1.1

200
OK

Cookie set /
log.videocampaign.co/Watch/V5/ Frame 8BE3
Redirect Chain

http://witalfieldt.com/redirect?tid=698678&&ref=[URI_ENCODED_REFERER]
http://infopicked.com/aS/feedclick?s=H3f7JduMNEJ6cADb1OSHlY8uDhK_8R6jX7kIXd00STNfhpv0EDJHtbUC6hWIeTga6IkCbg7sKEuYDMm3vSUGcBkFyLaSpPv7RvTLHiBFC1FHMOcA4P_H5h1lVC9oF4FMfWDL82HqK6A2XpEZOwFKSRYokNc9fAJ0...
http://p38959.infopicked.com/adServe/adClick?ai=m7TYG-zL69Cj50X1iscUiAcR_QeyMyCFaNgbjMYURsecbaGYNGJ-L9Dc6u_7wdyZu_wLhd10bM0DPia90PSftPk9AL42zsfRQ_iKEYlo5hfliXS4JLXW_ga8tw24WWMwS9POxujes7CbXqjYZLPrx...
https://log.videocampaign.co/Watch/V5/?campaign_id=SAFeU5c67W_T10&pubfeed=137693752&cc=PL

0
0

374ms
127ms

Document
text/html

138.128.241.162
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL: https://log.videocampaign.co/Watch/V5/?campaign_id=SAFeU5c67W_T10&pubfeed=137693752&cc=PL
Requested by: Host: nowlive.pro
URL: http://nowlive.pro/1/103.html?id=103
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.128.241.162 New York, United States, ASN36007 (KAMATERA, US),
Reverse DNS: 71us.mailspeedy.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Host: log.videocampaign.co
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://nowlive.pro/1/103.html?id=103
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://nowlive.pro/1/103.html?id=103

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 01 Feb 2021 08:48:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
Set-Cookie: SessionToken=P_3867538e-ab52-4346-a390-d7b7cd580c5e_1612169308; path=/ HASRV=services1_LB; path=/; HttpOnly
Content-Encoding: gzip
Cache-control: private

Redirect headers

Server: nginx
Date: Mon, 01 Feb 2021 08:48:28 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: rhid=75927642135; Max-Age=15552000; Expires=Sat, 31-Jul-2021 08:48:28 GMT; Domain=infopicked.com; Path=/; SameSite=None; secure; loi=ad_933498_off_406094_aff_12338_cid_38959-698678_ts_1612169308; Max-Age=3600; Expires=Mon, 01-Feb-2021 09:48:28 GMT; Domain=infopicked.com; Path=/; SameSite=None; secure;
Location: https://log.videocampaign.co/Watch/V5/?campaign_id=SAFeU5c67W_T10&pubfeed=137693752&cc=PL

GET
H/1.1 200
OK / Show response
whos.amung.us/pingjs/ 30 B
214 B 287ms
261ms Script
text/javascript 67.202.94.86
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: http://whos.amung.us/pingjs/?k=nowlivepro&t=&c=c&x=http%3A%2F%2Fnowlive.pro%2F1%2F103.html%3Fid%3D103&y=&a=-1&d=0.436&v=27&r=1910
Requested by: Host: widgets.amung.us
URL: https://widgets.amung.us/classic.js
Protocol: HTTP/1.1
Server: 67.202.94.86 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: 18ae5da9bc4648479154a0e50dc31b7baa149cb704bc5be30298f0f91ca41616

Request headers

Referer: http://nowlive.pro/1/103.html?id=103
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 08:48:27 GMT
content-encoding: gzip
transfer-encoding: chunked
content-type: text/javascript;charset=UTF-8

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ 1 KB
836 B 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: releases.flowplayer.org
URL: https://releases.flowplayer.org/7.2.6/flowplayer.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87abd10ff4dde54aa21a9acf3dfd863f6ff99e35f74b9ab3987cf2e36b817bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nowlive.pro/1/103.html?id=103
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 08:48:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 31 Jan 2019 17:53:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 680
x-xss-protection: 0
expires: Mon, 01 Feb 2021 08:48:27 GMT

GET
H/1.1 200
OK Cookie set identify.html
ufpcdn.com/script/ Frame C30C 0
0 239ms
233ms Document
text/html 2606:4700:3037::ac43:8e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ufpcdn.com/script/identify.html?frmt=0
Requested by: Host: nowlive.pro
URL: http://nowlive.pro/1/103.html?id=103
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: ufpcdn.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://nowlive.pro/1/103.html?id=103
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://nowlive.pro/1/103.html?id=103

Response headers

Date: Mon, 01 Feb 2021 08:48:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d72ffc40142527c84d5f3396f314bcd391612169307; expires=Wed, 03-Mar-21 08:48:27 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax __cf_bm=80bdf1188a31cbc30aeeedee722dbce296b048e3-1612169307-1800-AQThEv++d89tLKYmuH/D7PO5SBkW6Dk3dRWdFtxCc09gSUPOwZvO4MV54RhBfEV4Za54MDN3BkJGLLWjOnctT3o=; path=/; expires=Mon, 01-Feb-21 09:18:27 GMT; domain=.ufpcdn.com; HttpOnly; SameSite=None
Last-Modified: Tue, 15 May 2018 06:39:25 GMT
CF-Cache-Status: DYNAMIC
cf-request-id: 07fe607e050000d6b53a09a000000001
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0BXOYNJE6DnGTkAzsu8w9yZwveT3vAmJG39tfNRH15vHRDXD%2ByM3FiFBXcI5N1Ms0o6PclKrhv1qJnxXvb2OUvsoXgFddC1NIOjWIW0ANFjuM9QFMgk6"}],"max_age":604800}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 61aa69dcde78d6b5-FRA
Content-Encoding: gzip

GET
H3-Q050 200 Clic.jpg
1.bp.blogspot.com/-fYa0saa2BPY/XRi8chzYcYI/AAAAAAAA64A/jUg4y4SpDvcd6PCsoZGlNOwwtTCIKLmkgCK4BGAYYCw/s1600/ Frame 73CB 3 KB
4 KB 45ms
32ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-fYa0saa2BPY/XRi8chzYcYI/AAAAAAAA64A/jUg4y4SpDvcd6PCsoZGlNOwwtTCIKLmkgCK4BGAYYCw/s1600/Clic.jpg

Requested by

Host: nowlive.pro
URL: http://nowlive.pro/1/ads.htm

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ef57ad760fcb7229f18b02969f7c5467da749d7328c2b0334c6d7452524a61ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nowlive.pro/1/ads.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 08:48:27 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="Clic.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3472
x-xss-protection: 0
server: fife
etag: "veb81"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 01 Feb 2021 01:16:06 GMT

GET
H/1.1

200
OK

300x250.html Show response
www.nowlive.pro/ Frame 0F97
Redirect Chain

https://www.nowlive.pro/300x250.html
http://www.nowlive.pro/300x250.html

517 B
994 B

100ms
94ms

Document
text/html

2606:4700:3033::6815:2107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.nowlive.pro/300x250.html
Requested by: Host: nowlive.pro
URL: http://nowlive.pro/1/ads.htm
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:2107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3494eaf7f5511a3550dbdcee7811159175090ba7b6d9edb453919af0a891b350

Request headers

Host: www.nowlive.pro
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://nowlive.pro/1/ads.htm
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: __cfduid=d5c549b62a0ab4a9e400ded6b9ec69fec1612169307
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://nowlive.pro/1/ads.htm

Response headers

Date: Mon, 01 Feb 2021 08:48:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Tue, 12 Jan 2021 18:26:43 GMT
CF-Cache-Status: DYNAMIC
cf-request-id: 07fe607e5700000eaf053a6000000001
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fQXDSkuhhhAOckdFbZZhJcRbbJcHuNmFw7lByujwmpOGiXo1jLp3RyUGkWCgU0YA0mdCnd03TYAPL1OV0tfQjq7u3szOIitajC14ppdCkm%2FUAhNqs4O8JtYknCw%3D"}],"max_age":604800}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 61aa69dd58ac0eaf-FRA
Content-Encoding: gzip

Redirect headers

date: Mon, 01 Feb 2021 08:48:27 GMT
cache-control: max-age=3600
expires: Mon, 01 Feb 2021 09:48:27 GMT
location: http://www.nowlive.pro/300x250.html
cf-request-id: 07fe607e420000c2a4c48f8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yzlmGFL2M82kj1ivk9rPRZ2SLF5lq0FUM%2FPrLQS4obeTGVfXRgNrgI8kMAVGcysJvv%2FWTanbSmZLADQuNwSNEc0ygGRAZs4JmxQt5RhK926MIt6yP1HPaHLH2CQ%3D"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 61aa69dd3d3dc2a4-FRA

GET
H/1.1 200
OK / Show response
c.adsco.re/ 36 KB
14 KB 29ms
22ms Script
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://c.adsco.re/
Requested by: Host: www.antiadblocksystems.com
URL: https://www.antiadblocksystems.com/intro.min.js
Protocol: HTTP/1.1
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9433c1f93007125f450774ac0ffe126257e688e976c9ce29eabee0f449d76c96

Request headers

Referer: http://nowlive.pro/1/103.html?id=103
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Feb 2021 08:48:27 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 34866
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07fe607e7b00000eb70d2e3000000001
Server: cloudflare
ETag: W/"i3T2LXGRCAaVCQTagVXOkw=="
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=2678400
CF-RAY: 61aa69dd9ae30eb7-FRA
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
Expires: Thu, 04 Mar 2021 08:48:27 GMT

GET
H/1.1 200
OK /
6.adsco.re/ 0
665 B 19ms
12ms Other
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://6.adsco.re/
Requested by: Host: nowlive.pro
URL: http://nowlive.pro/1/103.html?id=103
Protocol: HTTP/1.1
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: http://nowlive.pro
Referer: http://nowlive.pro/1/103.html?id=103
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Feb 2021 08:48:27 GMT
Content-Encoding: gzip
Server: cloudflare
Access-Control-Allow-Headers: Content-Type
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: http://nowlive.pro
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 61aa69ddcf0c1f21-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07fe607e9900001f21c3892000000001

GET
H/1.1 200
OK /
4.adsco.re/ 0
457 B 142ms
112ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://4.adsco.re/
Requested by: Host: nowlive.pro
URL: http://nowlive.pro/1/103.html?id=103
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: http://nowlive.pro
Referer: http://nowlive.pro/1/103.html?id=103
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Feb 2021 08:48:27 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://nowlive.pro
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

POST
H/1.1 200
OK p Show response
adsco.re/ 0
412 B 133ms
105ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://adsco.re/p
Requested by: Host: c.adsco.re
URL: http://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nowlive.pro/1/103.html?id=103
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 01 Feb 2021 08:48:27 GMT
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
AS-P-4: OK
Transfer-Encoding: chunked
AS-P-1: OK
Access-Control-Allow-Origin: http://nowlive.pro
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
AS-E: ND
AS-P-2: OK
AS-P-3: OK

GET
H/1.1 200
OK / Show response
4.adsco.re/ 46 B
457 B 130ms
108ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://4.adsco.re/
Requested by: Host: c.adsco.re
URL: http://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 0b4d2858fa9003fae24f5d89c05887c1e034a236007ed45cdc3e6a6478485e7c

Request headers

Referer: http://nowlive.pro/1/103.html?id=103
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Feb 2021 08:48:27 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://nowlive.pro
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK / Show response
6.adsco.re/ 53 B
665 B 21ms
15ms XHR
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://6.adsco.re/
Requested by: Host: c.adsco.re
URL: http://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8

Request headers

Referer: http://nowlive.pro/1/103.html?id=103
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Feb 2021 08:48:27 GMT
Content-Encoding: gzip
Server: cloudflare
Access-Control-Allow-Headers: Content-Type
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: http://nowlive.pro
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 61aa69ddce722c32-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07fe607e9e00002c3261bca000000001

POST /
lhb2sclglgoj.l4.adsco.re/ 0
0

POST
H/1.1 200
OK /
lhb2sclglgoj.n4.adsco.re/ 0
464 B 461ms
124ms Other
text/html 38.132.109.186
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://lhb2sclglgoj.n4.adsco.re/
Requested by: Host: c.adsco.re
URL: http://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nowlive.pro/1/103.html?id=103
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 01 Feb 2021 08:48:28 GMT
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
ETag: "5b5f2f9a-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
lhb2sclglgoj.s4.adsco.re/ 0
464 B 821ms
210ms Other
text/html 185.200.116.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://lhb2sclglgoj.s4.adsco.re/
Requested by: Host: c.adsco.re
URL: http://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB),
Reverse DNS: no-mans-land.m247.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nowlive.pro/1/103.html?id=103
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 01 Feb 2021 08:48:28 GMT
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
ETag: "5b5f30d9-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H/1.1 200
OK /
c.adsco.re/ Frame D925 0
0 12ms
11ms Document
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://c.adsco.re/
Requested by: Host: c.adsco.re
URL: http://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: c.adsco.re
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://nowlive.pro/1/103.html?id=103
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://nowlive.pro/1/103.html?id=103

Response headers

Date: Mon, 01 Feb 2021 08:48:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2678400
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
Expires: Thu, 04 Mar 2021 08:48:27 GMT
ETag: W/"i3T2LXGRCAaVCQTagVXOkw=="
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 34866
cf-request-id: 07fe607e9d00000eb7f6261000000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 61aa69ddcb490eb7-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK suurl.php Show response
onclickgenius.com/script/ 5 KB
2 KB 274ms
247ms Script
application/javascript 35.190.71.96
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://onclickgenius.com/script/suurl.php?r=1846339&cbrandom=0.7038731293274403&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=cdnondemand.org&ufp=557464240397623035154815586
Requested by: Host: nowlive.pro
URL: http://nowlive.pro/1/103.html?id=103
Protocol: HTTP/1.1
Server: 35.190.71.96 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 96.71.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 7c2b68cd6b30c11cdffbb62959a7700c8db8d49003647b7837835e93d42a315e

Request headers

Referer: http://nowlive.pro/1/103.html?id=103
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 01 Feb 2021 08:48:28 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: openresty
Via: 1.1 google
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK chrome.js Show response
cdnondemand.org/script/ 36 KB
12 KB 13ms
12ms Script
application/javascript 2606:4700::6810:a710
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cdnondemand.org/script/chrome.js
Requested by: Host: nowlive.pro
URL: http://nowlive.pro/1/103.html?id=103
Protocol: HTTP/1.1
Server: 2606:4700::6810:a710 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946

Request headers

Referer: http://nowlive.pro/1/103.html?id=103
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Feb 2021 08:48:27 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1579
X-GUploader-UploadID: ABg5-Ux1q8cflVMEYRXY3m4KWsDwxLAPLFmbzWxMO_zf1mHeMhOS3SzK2aT4_FG9fyUOdIy5fGrEdzkeNG-CNmjRI0U
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Type: application/javascript
cf-request-id: 07fe607f0d00002bf26a1aa000000001
Last-Modified: Mon, 14 Sep 2020 09:15:29 GMT
Server: cloudflare
ETag: W/"ef6565ab259dafbc08468b4d0bb46762"
Vary: Accept-Encoding
x-goog-hash: crc32c=KoLUvQ==, md5=72VlqyWdr7wIRotNC7RnYg==
x-goog-generation: 1600074929755781
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
x-goog-stored-content-length: 37300
CF-RAY: 61aa69de7a042bf2-FRA
Expires: Mon, 01 Feb 2021 12:48:27 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

Referer: http://nowlive.pro/1/103.html?id=103
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 403
Forbidden invoke.js
5vpbnbkiey24.com/c49d093f9cdd880dc59bd41a83919bf5/ Frame 0F97 0
0 138ms
137ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://5vpbnbkiey24.com/c49d093f9cdd880dc59bd41a83919bf5/invoke.js
Requested by: Host: www.nowlive.pro
URL: http://www.nowlive.pro/300x250.html
Protocol: HTTP/1.1
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Referer: http://www.nowlive.pro/300x250.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 01 Feb 2021 08:48:27 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

POST
H/1.1 200
OK p Show response
adsco.re/ 362 B
851 B 87ms
87ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://adsco.re/p
Requested by: Host: c.adsco.re
URL: http://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 3ac804a07b7821ee4c06888e071b94bc76b3ad615774dee1cd044ec34be42ce1

Request headers

Referer: http://nowlive.pro/1/103.html?id=103
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

AS-P-G: OK
Date: Mon, 01 Feb 2021 08:48:28 GMT
AS-P-7: OK
AS-P-9: OK
AS-P-C: OK
Transfer-Encoding: chunked
AS-P-5: OK
AS-P-F: OK
Connection: keep-alive
Content-Encoding: gzip
AS-P-2: OK
AS-P-D: OK
AS-P-6: OK
AS-P-B: OK
AS-P-H: OK
AS-P-4: OK
AS-P-A: OK
Access-Control-Max-Age: 2592000
AS-P-1: OK
Access-Control-Allow-Origin: http://nowlive.pro
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
AS-P-8: OK
Content-Type: text/html; charset=UTF-8
AS-P-E: OK
AS-P-3: OK

GET
H/1.1 200
OK wzdPs.php Show response
antiadblocksystems.com/ 0
272 B 216ms
184ms Script
application/javascript 208.95.113.2
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://antiadblocksystems.com/wzdPs.php?_=BAoAYBfAXAFgF8BcgAGBAsAAIIm3co2MKzFYjvbGF02QkblFqfgNfjQX6XvPGPojFoJqwQBHMEUCIQDKyBdRSInDLl8ayusbZSFyXVxNnaebqHJsAOQTJL1vKwIgQNQIHjNgDBMgIFVU4lusNvHs5n-E5hwEOiXYfso-88bCACBOmm_TC8mivbOVIelPHI63a_NT2WJnLViSjC87HbTpucQAECoBBPgBklQUAAAAAAAAAALFABBd_idHs-IY3nWmJoaDX2NVwwBGMEQCIBzk8sDuiuAUSubd1cUFGn4ycquc-oEz5AWfxGE6yUwSAiBtcNgwPX_LjGdHIr2LnQ_zNE2iXSSGVwZpva8B0tEcgg&v=4&zdkQXMFN=2383201&minBid=&oWhquCmx=0,0&KbCISBmh=&geRSPCEm=&s=1600,1200,1,1600,1200,0
Requested by: Host: www.antiadblocksystems.com
URL: https://www.antiadblocksystems.com/intro.min.js
Protocol: HTTP/1.1
Server: 208.95.113.2 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://nowlive.pro/1/103.html?id=103
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Feb 2021 08:48:28 GMT
ASF: 9
Access-Control-Allow-Origin: *
Content-Type: application/javascript
PopAds-EC: ASB
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Content-Length: 0
Expires: Mon, 08 Feb 2021 08:48:28 GMT

GET 103.m3u8
cdn.addressingethernet.xyz/hls/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.addressingethernet.xyz
URL: http://cdn.addressingethernet.xyz/hls/103.m3u8

Domain: lhb2sclglgoj.l4.adsco.re
URL: https://lhb2sclglgoj.l4.adsco.re/

Domain: cdn.addressingethernet.xyz
URL: http://cdn.addressingethernet.xyz/hls/103.m3u8

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://c.adsco.re/(Line 14) Message:
console-api	debug	URL: http://c.adsco.re/(Line 15) Message:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
4.adsco.re
5vpbnbkiey24.com
6.adsco.re
adsco.re
antiadblocksystems.com
c.adsco.re
cdn.addressingethernet.xyz
cdnjs.cloudflare.com
cdnondemand.org
infopicked.com
lhb2sclglgoj.l4.adsco.re
lhb2sclglgoj.n4.adsco.re
lhb2sclglgoj.s4.adsco.re
log.videocampaign.co
nowlive.pro
onclickgenius.com
p38959.infopicked.com
releases.flowplayer.org
ufpcdn.com
whos.amung.us
widgets.amung.us
witalfieldt.com
www.antiadblocksystems.com
www.gstatic.com
www.nowlive.pro
www.soccerjumbotv1.me
cdn.addressingethernet.xyz
lhb2sclglgoj.l4.adsco.re
138.128.241.162
162.252.214.5
173.192.101.24
185.200.116.90
192.243.59.20
208.95.113.2
2606:4700:10::6816:4bab
2606:4700:3032::ac43:beda
2606:4700:3033::6815:2107
2606:4700:3037::ac43:8e31
2606:4700::6810:125e
2606:4700::6810:a710
2606:4700::6811:a6ba
2a00:1450:4001:802::2001
2a00:1450:4001:827::2003
2a02:6ea0:c700::1
35.190.71.96
38.132.109.186
67.202.94.86
99.84.90.90
99.86.3.73
03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac
0b4d2858fa9003fae24f5d89c05887c1e034a236007ed45cdc3e6a6478485e7c
12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8
150ded2787d7099b1d54a87458de2a30765fb4af24921437e87bbfc9a78e9e39
18ae5da9bc4648479154a0e50dc31b7baa149cb704bc5be30298f0f91ca41616
3494eaf7f5511a3550dbdcee7811159175090ba7b6d9edb453919af0a891b350
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
3ac804a07b7821ee4c06888e071b94bc76b3ad615774dee1cd044ec34be42ce1
3dddff067978d36c4fe4a9de9b4334d20ecd5cfb1be75367a48cdd4f19b7c257
59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946
676b7fcb662822833ca633f1e26c68236067f30530dea79dab00be4cd8f9ef9a
6c4ba8d0db29ad1fe8732590c52af262afbcdb592c346934fd2bb25ff1ce8a1b
7c2b68cd6b30c11cdffbb62959a7700c8db8d49003647b7837835e93d42a315e
87abd10ff4dde54aa21a9acf3dfd863f6ff99e35f74b9ab3987cf2e36b817bff
87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f
9433c1f93007125f450774ac0ffe126257e688e976c9ce29eabee0f449d76c96
bb4668f10720f8a574b5331ca24727431911d56accc360ccd109048a87e0bf1d
ce7e9cc6858aeb30a23bc3bf5fee9fd57a339b273ab8b1681bf0dd7a2429505f
d195f295d9bbb630527f6a457a9d74895f8b647f19218bf0477f3511a1a12d04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8bd16399e057bbc9ea77597ea195269fe245f2ca65223cc29570b0c08a0ccec
ef57ad760fcb7229f18b02969f7c5467da749d7328c2b0334c6d7452524a61ad

nowlive.pro Open in urlscan Pro 2606:4700:3033::6815:2107 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

36 Requests

33 %HTTPS

48 %IPv6

17 Domains

27 Subdomains

21 IPs

3 Countries

329 kBTransfer

550 kBSize

0 Cookies

3 Outgoing links

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nowlive.pro Open in urlscan Pro
2606:4700:3033::6815:2107 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

33 %
HTTPS

48 %
IPv6

17
Domains

27
Subdomains

21
IPs

3
Countries

329 kB
Transfer

550 kB
Size

0
Cookies

36 HTTP transactions
1 data transactions