tsportv100.usite.pro Open in urlscan Pro
213.174.157.150  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://tsportv100.usite.pro/sor.html Page URL
2. https://tsportv100.usite.pro/sor.html Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	sor.html Show response tsportv100.usite.pro/	10 KB 5 KB	439ms 111ms	Document text/html	213.174.157.150 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://tsportv100.usite.pro/sor.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.174.157.150 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS s101.ucoz.net Software nginx / Resource Hash 6c84883c9f915208a31454df6152e186ad918d4e4c7209005d6df581e3c99144 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Host tsportv100.usite.pro Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server nginx Date Wed, 08 Sep 2021 15:44:16 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=15 Expires Tue, 28 Sep 2021 15:44:16 GMT Cache-Control max-age=1728000 X-Frame-Options SAMEORIGIN Content-Encoding gzip
GET H/1.1	200 OK	Primary Request sor.html Show response tsportv100.usite.pro/	10 KB 5 KB	111ms 110ms	Document text/html	213.174.157.150 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://tsportv100.usite.pro/sor.html Requested by Host: tsportv100.usite.pro URL: https://tsportv100.usite.pro/sor.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.174.157.150 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS s101.ucoz.net Software nginx / Resource Hash 6c84883c9f915208a31454df6152e186ad918d4e4c7209005d6df581e3c99144 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Host tsportv100.usite.pro Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site same-origin Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer https://tsportv100.usite.pro/sor.html Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://tsportv100.usite.pro/sor.html Response headers Server nginx Date Wed, 08 Sep 2021 15:44:16 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=15 Expires Tue, 28 Sep 2021 15:44:16 GMT Cache-Control max-age=1728000 X-Frame-Options SAMEORIGIN Content-Encoding gzip
GET H2	200	split.min.js Show response www.cdn4ads.com/	30 KB 9 KB	39ms 8ms	Script application/x-javascript	2a02:6ea0:c700::2 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://www.cdn4ads.com/split.min.js Requested by Host: tsportv100.usite.pro URL: https://tsportv100.usite.pro/sor.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash d50de3ca4d4f26be893b8ecae31cf9ae08577ebc27c2b792beba6005f0aa16b8 Request headers Referer https://tsportv100.usite.pro/ Origin https://tsportv100.usite.pro Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-77-pop frankfurtDE date Wed, 08 Sep 2021 15:44:17 GMT content-encoding br x-77-cache HIT x-cache HIT x-age 533845 alt-svc quic="195.181.175.47:443"; ma=2592000; v="44,43,39" x-77-nzt AcO1ry/1G23/VSUIAA== x-accel-expires @1631186812 server CDN77-Turbo x-77-nzt-ray WntUutkdcA4= content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=604800 link <https://cdn4ads.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect expires Thu, 09 Sep 2021 11:26:52 GMT
GET H2	200	bnr.php Show response uprimp.com/	372 B 626 B	106ms 31ms	Script application/javascript	185.66.200.220 SKHOSTING-EU
General Check archive.org Show headers Download Go to Full URL https://uprimp.com/bnr.php?section=General&pub=236136&format=728x90&ga=g Requested by Host: tsportv100.usite.pro URL: https://tsportv100.usite.pro/sor.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK), Reverse DNS 185.66.200.220.skhosting.eu Software nginx / Resource Hash 243e04fcaf0c6a6a3c00aa45d6a420e0408978a4dd3d573f7faed2e66395c660 Request headers Referer https://tsportv100.usite.pro/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers pragma no-cache date Wed, 08 Sep 2021 15:44:17 GMT last-modified Wed, 08 Sep 2021 15:44:17 GMT server nginx content-type application/javascript cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 x-robots-tag noindex, nofollow, noarchive, nosnippet expires Wed, 08 Sep 2021 15:44:17 GMT
GET H2	200	bnr_xload.php Show response uprimp.com/ Frame 0295	1 KB 2 KB	118ms 118ms	Document text/html	185.66.200.220 SKHOSTING-EU
General Check archive.org Show headers Download Go to Full URL https://uprimp.com/bnr_xload.php?section=General&pub=236136&format=728x90&ga=g&xt=163111585759012&xtt=2924622 Requested by Host: uprimp.com URL: https://uprimp.com/bnr.php?section=General&pub=236136&format=728x90&ga=g Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK), Reverse DNS 185.66.200.220.skhosting.eu Software nginx / Resource Hash 99e3b2f2025921ffe206d5c12dcf98845265109c0dbd12996de1278d1604fb72 Request headers :method GET :authority uprimp.com :scheme https :path /bnr_xload.php?section=General&pub=236136&format=728x90&ga=g&xt=163111585759012&xtt=2924622 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tsportv100.usite.pro/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://tsportv100.usite.pro/ Response headers server nginx date Wed, 08 Sep 2021 15:44:17 GMT content-type text/html; charset=UTF-8 expires Wed, 08 Sep 2021 15:44:17 GMT last-modified Wed, 08 Sep 2021 15:44:17 GMT cache-control no-store, no-cache, must-revalidate post-check=0, pre-check=0 pragma no-cache x-robots-tag noindex, nofollow, noarchive, nosnippet set-cookie used_ad2558629=1; expires=Thu, 09-Sep-2021 04:00:00 GMT; Max-Age=44143; path=/; domain=uprimp.com; secure; HttpOnly; SameSite=None total_impressions=1; expires=Thu, 09-Sep-2021 04:00:00 GMT; Max-Age=44143; path=/; domain=uprimp.com; secure; HttpOnly; SameSite=None cpa_673873=728x90_372377596_0; expires=Fri, 08-Oct-2021 15:44:17 GMT; Max-Age=2592000; path=/; domain=uprimp.com; secure; SameSite=None
GET H2	200	embed.js Show response www.shidurlive.com/	2 KB 1 KB	87ms 45ms	Script application/x-javascript	2606:4700:3038::6815:e9e7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.shidurlive.com/embed.js Requested by Host: tsportv100.usite.pro URL: https://tsportv100.usite.pro/sor.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:e9e7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6aa5984152af99c3781a22fd2f356e6c2a944591b31295c6cef53226363db0b3 Request headers Referer https://tsportv100.usite.pro/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Wed, 08 Sep 2021 15:44:17 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tAPr9EYwsk8lrdIwezV7ixBmBterfCIeXmNNVZpTrOVpSvhzoGaMiEmUZiTQUTfLCzh9HM2nmxyU%2Fd6x32xUUOBpRM5HJepYiNI75Qi4Whq251NwdEvWtvMWpTRE3%2FoNCbrgyG83SD1Hu2Tm8Uqv0o%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=0, no-cache, no-store cf-ray 68b94c1bee51175a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	/ Show response c.adsco.re/	62 KB 22 KB	53ms 21ms	Script text/html	2606:4700::6811:a6ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adsco.re/ Requested by Host: www.cdn4ads.com URL: https://www.cdn4ads.com/split.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tsportv100.usite.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 15:44:17 GMT content-encoding br cf-cache-status HIT server cloudflare age 6989223 etag W/"2Ma3006J78KgzL0RD+7gUg==" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch cache-control public, max-age=2678400 cf-ray 68b94c1c1bdc2b12-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Sat, 09 Oct 2021 15:44:17 GMT
GET H2	200	400 Show response www.shidurlive.com/a/59e89c0e60a3af21/3131362c3131352c3131322c3131312c3131342c3131362c3131382c34352c3530/22df9deabe3eda5b14c50aabcae3818e05006713129e70fdad19b3d2d1dfc8a4/700/	1 KB 951 B	57ms 57ms	Script application/x-javascript	2606:4700:3038::6815:e9e7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.shidurlive.com/a/59e89c0e60a3af21/3131362c3131352c3131322c3131312c3131342c3131362c3131382c34352c3530/22df9deabe3eda5b14c50aabcae3818e05006713129e70fdad19b3d2d1dfc8a4/700/400 Requested by Host: tsportv100.usite.pro URL: https://tsportv100.usite.pro/sor.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:e9e7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 580ddb87facb9532b2337b97855f3a30329624d095ee605c9866477694c4db63 Request headers Referer https://tsportv100.usite.pro/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Wed, 08 Sep 2021 15:44:17 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3H2zeOYZ77Zb1%2BGIW97%2BqYuB8wBEEGrrZ3xhOGQtsYZcZywIe9FLzHlSvr5ExQd4opp2pHyskMrZImb4Y5CwqQYnEfzD4a9aOCh411KGHNztN4Q4eVrGYKWeiWsUPBsXm5pPvTNdGykioyd1KSlcDhE%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cf-ray 68b94c1c3ebb175a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	/ 6.adsco.re/	0 455 B	50ms 19ms	Other text/plain	2606:4700::6811:a6ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.adsco.re/ Requested by Host: tsportv100.usite.pro URL: https://tsportv100.usite.pro/sor.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://tsportv100.usite.pro/ Origin https://tsportv100.usite.pro Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 15:44:17 GMT content-encoding br server cloudflare access-control-allow-headers Content-Type expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, OPTIONS content-type text/plain;charset=UTF-8 access-control-allow-origin https://tsportv100.usite.pro access-control-max-age 2592000 cache-control private, max-age=10 cf-ray 68b94c1c68f54a9d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	/ 4.adsco.re/	0 466 B	97ms 35ms	Other text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://4.adsco.re/ Requested by Host: tsportv100.usite.pro URL: https://tsportv100.usite.pro/sor.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://tsportv100.usite.pro/ Origin https://tsportv100.usite.pro Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 08 Sep 2021 15:44:17 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://tsportv100.usite.pro Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
POST H/1.1	200 OK	p Show response adsco.re/	0 422 B	84ms 27ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://adsco.re/p Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://tsportv100.usite.pro/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Wed, 08 Sep 2021 15:44:17 GMT Content-Encoding gzip Content-Type text/html; charset=UTF-8 AS-P-4 OK Transfer-Encoding chunked AS-P-1 OK Access-Control-Allow-Origin https://tsportv100.usite.pro Access-Control-Max-Age 2592000 Cache-Control no-transform Access-Control-Allow-Credentials true Connection keep-alive AS-E ND AS-P-2 OK AS-P-3 OK
GET H/1.1	200 OK	/ Show response 4.adsco.re/	47 B 466 B	66ms 24ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 5ff2ad00b7537ecf6c469d327d45d08045712c517a744a77647a48b9e8ec7a0a Request headers Accept-Language de-DE,de;q=0.9 Referer https://tsportv100.usite.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 08 Sep 2021 15:44:17 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://tsportv100.usite.pro Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
GET H2	200	/ Show response 6.adsco.re/	54 B 103 B	38ms 20ms	XHR text/plain	2606:4700::6811:a6ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29d0e7bc3c66042869f307f9c763a159de9585a98e2a31b269fbecc5df1895fa Request headers Accept-Language de-DE,de;q=0.9 Referer https://tsportv100.usite.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 15:44:17 GMT content-encoding br server cloudflare access-control-allow-headers Content-Type expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, OPTIONS content-type text/plain;charset=UTF-8 access-control-allow-origin https://tsportv100.usite.pro access-control-max-age 2592000 cache-control private, max-age=10 cf-ray 68b94c1c68ef4a9d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
POST H/1.1	200 OK	/ ogyiw8ed2bat.l4.adsco.re/	0 464 B	76ms 17ms	Ping text/html	185.200.118.90 M247
General Check archive.org Show headers Download Go to Full URL https://ogyiw8ed2bat.l4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB), Reverse DNS adscore.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://tsportv100.usite.pro/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Wed, 08 Sep 2021 15:44:17 GMT Last-Modified Tue, 31 Jul 2018 22:16:15 GMT ETag "5b60dfaf-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
POST H/1.1	200 OK	/ ogyiw8ed2bat.n4.adsco.re/	0 464 B	396ms 100ms	Ping text/html	38.132.109.186 M247
General Check archive.org Show headers Download Go to Full URL https://ogyiw8ed2bat.n4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 38.132.109.186 New York, United States, ASN9009 (M247, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://tsportv100.usite.pro/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Wed, 08 Sep 2021 15:44:17 GMT Last-Modified Mon, 30 Jul 2018 15:32:42 GMT ETag "5b5f2f9a-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
POST H/1.1	200 OK	/ ogyiw8ed2bat.s4.adsco.re/	0 464 B	668ms 167ms	Ping text/html	185.200.116.90 M247
General Check archive.org Show headers Download Go to Full URL https://ogyiw8ed2bat.s4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.200.116.90 , Romania, ASN9009 (M247, GB), Reverse DNS no-mans-land.m247.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://tsportv100.usite.pro/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Wed, 08 Sep 2021 15:44:17 GMT Last-Modified Mon, 30 Jul 2018 15:38:01 GMT ETag "5b5f30d9-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
GET H2	200	/ Show response c.adsco.re/ Frame FA20	62 KB 22 KB	22ms 21ms	Document text/html	2606:4700::6811:a6ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8 Request headers :method GET :authority c.adsco.re :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tsportv100.usite.pro/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://tsportv100.usite.pro/ Response headers date Wed, 08 Sep 2021 15:44:17 GMT content-type text/html cache-control public, max-age=2678400 link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch expires Sat, 09 Oct 2021 15:44:17 GMT etag W/"2Ma3006J78KgzL0RD+7gUg==" cf-cache-status HIT age 6989223 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding server cloudflare cf-ray 68b94c1c6c6f2b12-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	/ 6.adsco.re/ Frame FA20	0 117 B	23ms 22ms	Other text/plain	2606:4700::6811:a6ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.adsco.re/ Requested by Host: tsportv100.usite.pro URL: https://tsportv100.usite.pro/sor.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://c.adsco.re/ Origin https://c.adsco.re Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 15:44:17 GMT content-encoding br server cloudflare access-control-allow-headers Content-Type expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, OPTIONS content-type text/plain;charset=UTF-8 access-control-allow-origin https://c.adsco.re access-control-max-age 2592000 cache-control private, max-age=10 cf-ray 68b94c1d5ae64a9d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	/ 4.adsco.re/ Frame FA20	0 456 B	26ms 26ms	Other text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://4.adsco.re/ Requested by Host: tsportv100.usite.pro URL: https://tsportv100.usite.pro/sor.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://c.adsco.re/ Origin https://c.adsco.re Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 08 Sep 2021 15:44:17 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://c.adsco.re Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
GET H2	200	playbtn.png www.shidurlive.com/	6 KB 6 KB	17ms 16ms	Image image/png	2606:4700:3038::6815:e9e7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.shidurlive.com/playbtn.png Requested by Host: tsportv100.usite.pro URL: https://tsportv100.usite.pro/sor.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:e9e7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6681c560771138291b3b6ec135bba4a80ae53fb993f5852b84814ff699961683 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tsportv100.usite.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 15:44:17 GMT cf-cache-status HIT last-modified Fri, 12 Jun 2020 23:01:10 GMT server cloudflare age 361 etag "5ee40936-1666" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4elg3ZAyKDXtO0MI6wwxHNgwd2OoRuHGNpjKP7d6IC5uHFVmRy6EitkJ4P4KJyifV9ipZ36hjjaq84rPhEn0YQFzbGIbt9CPPHsPyyRSIvMzLMKe027tvvysLbNpixuQOmQ8MHSSKMigA9PItGlshGg%3D"}],"group":"cf-nel","max_age":604800} content-type image/png nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 68b94c1d687d175a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 5734
GET H/1.1	200 OK	ocounter.php Show response freehostedscripts.net/	193 B 1 KB	303ms 274ms	Script application/javascript	104.21.9.86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freehostedscripts.net/ocounter.php?site=5610271&e1=er&e2=rs&r=https://tsportv100.usite.pro/sor.html&wh=1600%20x%201200&a=1&pn=https://tsportv100.usite.pro/sor.html Requested by Host: tsportv100.usite.pro URL: https://tsportv100.usite.pro/sor.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.21.9.86 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.3.10-1ubuntu3.26 Resource Hash c9a8a8d710505af289f9cbf1634941ecc82048b9bb6ede5a42e462a9e1541cd9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tsportv100.usite.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 08 Sep 2021 15:44:17 GMT Content-Encoding br CF-Cache-Status DYNAMIC NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by PHP/5.3.10-1ubuntu3.26 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 pragma no-cache last-modified Wed, 08 Sep 2021 15:44:17 GMT Server cloudflare Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2x5zKS5HefLWoeRhVLWEjVsuLcyzXmmabYJOMukD0eiYIKot8L44v22O895PFx0zXF02XYJQdzuT3N%2FU4QUALY5VpcHMnmMHgT%2FE0c4LmPw6CiVSTTo6pDkLwc0HP1S5e%2BJ%2BlCpJU4%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 CF-RAY 68b94c1d9c274dfa-FRA expires Tue, 01 Jan 2000 00:00:00 GMT
GET H2	200	show.php Show response uprimp.com/ Frame 4A07	2 KB 2 KB	40ms 39ms	Document text/html	185.66.200.220 SKHOSTING-EU
General Check archive.org Show headers Download Go to Full URL https://uprimp.com/show.php?u52421631115857=true&ad=673873&f=728x90&a=625611&cri=0&s=ZTQ2OTI3NDc5YzNjMTkzMmQ1ZGI5NGVhNjhhZDY3YzU=&u=236136&si=372377596&di=40375078&ci=16&h=84df36544d2d0160be40d8f76eed13e5&cc=DE&https=1&useAf=loaded_string_40580547d857f7037332d5e3ff77005d5945b_2558629_1631115857.3015_13936&ar=aHR0cHM6Ly90c3BvcnR2MTAwLnVzaXRlLnByby8= Requested by Host: uprimp.com URL: https://uprimp.com/bnr_xload.php?section=General&pub=236136&format=728x90&ga=g&xt=163111585759012&xtt=2924622 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK), Reverse DNS 185.66.200.220.skhosting.eu Software nginx / Resource Hash 3021d7c6c4d5e10248d7fb217e325f3f1ebd8b8b7c8c0fd96c2659f8a8d33dea Request headers :method GET :authority uprimp.com :scheme https :path /show.php?u52421631115857=true&ad=673873&f=728x90&a=625611&cri=0&s=ZTQ2OTI3NDc5YzNjMTkzMmQ1ZGI5NGVhNjhhZDY3YzU=&u=236136&si=372377596&di=40375078&ci=16&h=84df36544d2d0160be40d8f76eed13e5&cc=DE&https=1&useAf=loaded_string_40580547d857f7037332d5e3ff77005d5945b_2558629_1631115857.3015_13936&ar=aHR0cHM6Ly90c3BvcnR2MTAwLnVzaXRlLnByby8= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://uprimp.com/bnr_xload.php?section=General&pub=236136&format=728x90&ga=g&xt=163111585759012&xtt=2924622 accept-encoding gzip, deflate, br cookie used_ad2558629=1; total_impressions=1; cpa_673873=728x90_372377596_0 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://uprimp.com/bnr_xload.php?section=General&pub=236136&format=728x90&ga=g&xt=163111585759012&xtt=2924622 Response headers server nginx date Wed, 08 Sep 2021 15:44:17 GMT content-type text/html; charset=UTF-8 expires Wed, 08 Sep 2021 15:44:17 GMT last-modified Wed, 08 Sep 2021 15:44:17 GMT cache-control no-store, no-cache, must-revalidate post-check=0, pre-check=0 pragma no-cache x-robots-tag noindex, nofollow, noarchive, nosnippet
GET H2	200	/ c.adsco.re/ Frame FA20	62 KB 0	22ms 21ms	XHR text/html	2606:4700::6811:a6ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://c.adsco.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 15:44:17 GMT content-encoding br cf-cache-status HIT server cloudflare age 6989223 etag W/"2Ma3006J78KgzL0RD+7gUg==" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch cache-control public, max-age=2678400 cf-ray 68b94c1d6e9c2b12-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Sat, 09 Oct 2021 15:44:17 GMT
GET		/ 6.adsco.re/ Frame FA20	0 0
GET		/ 4.adsco.re/ Frame FA20	0 0
GET H2	200	/ Show response xe9o.xyz/08c73116f6/82b174e040/ Frame 4A07	1 KB 911 B	126ms 38ms	Script application/javascript	185.66.201.59 SKHOSTING-EU
General Check archive.org Show headers Download Go to Full URL https://xe9o.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XAdCiGZiGGAkdCdZAdrrCxCrdjNrrkNZANrkACrCZZZCCrixCkZCrCrGCxCrpiAppxrZCCrxi_60972&adApiR=loaded_string_40580547d857f7037332d5e3ff77005d5945b_2558629_1631115857.3015_13936&refferer=3914522412_aHR0cHM6Ly90c3BvcnR2MTAwLnVzaXRlLnByby8=&width=728&height=90&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2 Requested by Host: uprimp.com URL: https://uprimp.com/show.php?u52421631115857=true&ad=673873&f=728x90&a=625611&cri=0&s=ZTQ2OTI3NDc5YzNjMTkzMmQ1ZGI5NGVhNjhhZDY3YzU=&u=236136&si=372377596&di=40375078&ci=16&h=84df36544d2d0160be40d8f76eed13e5&cc=DE&https=1&useAf=loaded_string_40580547d857f7037332d5e3ff77005d5945b_2558629_1631115857.3015_13936&ar=aHR0cHM6Ly90c3BvcnR2MTAwLnVzaXRlLnByby8= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.66.201.59 , Slovakia, ASN201702 (SKHOSTING-EU, SK), Reverse DNS 185.66.201.59.skhosting.eu Software nginx / Resource Hash 57933f21661add3625ab3a122cea6139b0491bb89b2aa324687b9ed332bb6793 Request headers Accept-Language de-DE,de;q=0.9 Referer https://uprimp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 08 Sep 2021 15:44:17 GMT content-encoding br server nginx content-type application/javascript cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 x-robots-tag noindex,nofollow expires Sun, 01 Jan 2014 00:00:00 GMT
GET H2	200	pub_upk7x1.png ylx-i.advertica-cdn2.com/aff/ Frame 4A07	22 KB 22 KB	180ms 61ms	Image image/png	185.66.200.127 SKHOSTING-EU
General Check archive.org Show headers Download Go to Show image Full URL https://ylx-i.advertica-cdn2.com/aff/pub_upk7x1.png?1480419365 Requested by Host: uprimp.com URL: https://uprimp.com/show.php?u52421631115857=true&ad=673873&f=728x90&a=625611&cri=0&s=ZTQ2OTI3NDc5YzNjMTkzMmQ1ZGI5NGVhNjhhZDY3YzU=&u=236136&si=372377596&di=40375078&ci=16&h=84df36544d2d0160be40d8f76eed13e5&cc=DE&https=1&useAf=loaded_string_40580547d857f7037332d5e3ff77005d5945b_2558629_1631115857.3015_13936&ar=aHR0cHM6Ly90c3BvcnR2MTAwLnVzaXRlLnByby8= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK), Reverse DNS 185.66.200.127.skhosting.eu Software nginx / Resource Hash 224bb06234df291883a230938dccb15657d699a646cc98f26fa13e10f63fc540 Request headers Accept-Language de-DE,de;q=0.9 Referer https://uprimp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 15:44:17 GMT content-encoding gzip last-modified Tue, 29 Nov 2016 11:36:05 GMT server nginx etag W/"583d6825-5642" x-cache HIT content-type image/png access-control-allow-origin * cache-control max-age=2592000 x-server cdnbts expires Fri, 08 Oct 2021 15:44:17 GMT
GET H2	200	logo_n_small.png ylx-i.advertica-cdn2.com/ Frame 4A07	2 KB 1 KB	181ms 62ms	Image image/png	185.66.200.127 SKHOSTING-EU
General Check archive.org Show headers Download Go to Show image Full URL https://ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810 Requested by Host: uprimp.com URL: https://uprimp.com/show.php?u52421631115857=true&ad=673873&f=728x90&a=625611&cri=0&s=ZTQ2OTI3NDc5YzNjMTkzMmQ1ZGI5NGVhNjhhZDY3YzU=&u=236136&si=372377596&di=40375078&ci=16&h=84df36544d2d0160be40d8f76eed13e5&cc=DE&https=1&useAf=loaded_string_40580547d857f7037332d5e3ff77005d5945b_2558629_1631115857.3015_13936&ar=aHR0cHM6Ly90c3BvcnR2MTAwLnVzaXRlLnByby8= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK), Reverse DNS 185.66.200.127.skhosting.eu Software nginx / Resource Hash 6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f Request headers Accept-Language de-DE,de;q=0.9 Referer https://uprimp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 15:44:17 GMT content-encoding gzip last-modified Thu, 01 Dec 2016 21:46:50 GMT server nginx etag W/"58409a4a-631" x-cache HIT content-type image/png access-control-allow-origin * cache-control max-age=2592000 x-server cdnbts expires Fri, 08 Oct 2021 15:44:17 GMT
GET H2	200	/ uprimp.com/trk/ Frame 4A07	43 B 268 B	36ms 36ms	Image image/gif	185.66.200.220 SKHOSTING-EU
General Check archive.org Show headers Download Go to Show image Full URL https://uprimp.com/trk/?84df36544d2d0160be40d8f76eed13e5 Requested by Host: uprimp.com URL: https://uprimp.com/show.php?u52421631115857=true&ad=673873&f=728x90&a=625611&cri=0&s=ZTQ2OTI3NDc5YzNjMTkzMmQ1ZGI5NGVhNjhhZDY3YzU=&u=236136&si=372377596&di=40375078&ci=16&h=84df36544d2d0160be40d8f76eed13e5&cc=DE&https=1&useAf=loaded_string_40580547d857f7037332d5e3ff77005d5945b_2558629_1631115857.3015_13936&ar=aHR0cHM6Ly90c3BvcnR2MTAwLnVzaXRlLnByby8= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK), Reverse DNS 185.66.200.220.skhosting.eu Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://uprimp.com/show.php?u52421631115857=true&ad=673873&f=728x90&a=625611&cri=0&s=ZTQ2OTI3NDc5YzNjMTkzMmQ1ZGI5NGVhNjhhZDY3YzU=&u=236136&si=372377596&di=40375078&ci=16&h=84df36544d2d0160be40d8f76eed13e5&cc=DE&https=1&useAf=loaded_string_40580547d857f7037332d5e3ff77005d5945b_2558629_1631115857.3015_13936&ar=aHR0cHM6Ly90c3BvcnR2MTAwLnVzaXRlLnByby8= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 08 Sep 2021 15:44:17 GMT last-modified Wed, 08 Sep 2021 15:44:17 GMT server nginx cache-directive no-cache content-type image/gif cache-control public, no-cache pragma-directive no-cache x-robots-tag noindex, nofollow, noarchive, nosnippet content-length 43 expires 0
GET H2	200	/ Show response xe9o.xyz/08c73116f6/82b174e040/ Frame 9FE2	25 KB 4 KB	40ms 39ms	Document text/html	185.66.201.59 SKHOSTING-EU
General Check archive.org Show headers Download Go to Full URL https://xe9o.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XAdCiGZiGGAkdCdZAdrrCxCrdjNrrkNZANrkACrCZZZCCrixCkZCrCrGCxCrpiAppxrZCCrxi_60972&adApiR=loaded_string_40580547d857f7037332d5e3ff77005d5945b_2558629_1631115857.3015_13936&refferer=3914522412_aHR0cHM6Ly90c3BvcnR2MTAwLnVzaXRlLnByby8=&width=728&height=90&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1011170234269&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0= Requested by Host: xe9o.xyz URL: https://xe9o.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XAdCiGZiGGAkdCdZAdrrCxCrdjNrrkNZANrkACrCZZZCCrixCkZCrCrGCxCrpiAppxrZCCrxi_60972&adApiR=loaded_string_40580547d857f7037332d5e3ff77005d5945b_2558629_1631115857.3015_13936&refferer=3914522412_aHR0cHM6Ly90c3BvcnR2MTAwLnVzaXRlLnByby8=&width=728&height=90&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.66.201.59 , Slovakia, ASN201702 (SKHOSTING-EU, SK), Reverse DNS 185.66.201.59.skhosting.eu Software nginx / Resource Hash c4534e2c5e02feb1883d2ae84c55f1d511bb3007d8461a44333d3abb66ef7d78 Request headers :method GET :authority xe9o.xyz :scheme https :path /08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XAdCiGZiGGAkdCdZAdrrCxCrdjNrrkNZANrkACrCZZZCCrixCkZCrCrGCxCrpiAppxrZCCrxi_60972&adApiR=loaded_string_40580547d857f7037332d5e3ff77005d5945b_2558629_1631115857.3015_13936&refferer=3914522412_aHR0cHM6Ly90c3BvcnR2MTAwLnVzaXRlLnByby8=&width=728&height=90&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1011170234269&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://uprimp.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://uprimp.com/ Response headers server nginx date Wed, 08 Sep 2021 15:44:17 GMT content-type text/html; charset=UTF-8 set-cookie total_impressions=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; secure; SameSite=None used_ad2558629=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; SameSite=None expires Sun, 01 Jan 2014 00:00:00 GMT cache-control no-store, no-cache, must-revalidate post-check=0, pre-check=0 pragma no-cache x-robots-tag noindex,nofollow access-control-allow-origin * content-encoding br
POST H/1.1	200 OK	p Show response adsco.re/	364 B 868 B	380ms 380ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://adsco.re/p Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 7f45fabc33705d47c359b8d91d9ad5f78fb5bdfbeca9aa7a4bed4712f3dd59ab Request headers Accept-Language de-DE,de;q=0.9 Referer https://tsportv100.usite.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers AS-P-G OK Date Wed, 08 Sep 2021 15:44:18 GMT AS-P-7 OK AS-P-9 OK AS-P-C OK Transfer-Encoding chunked AS-P-5 OK AS-P-F OK Connection keep-alive Content-Encoding gzip AS-P-2 OK AS-P-D OK AS-P-6 OK AS-P-B OK AS-P-H OK AS-P-4 OK AS-P-A OK Access-Control-Max-Age 2592000 AS-P-1 OK Access-Control-Allow-Origin https://tsportv100.usite.pro Cache-Control no-transform Access-Control-Allow-Credentials true AS-P-8 OK Content-Type text/html; charset=UTF-8 AS-P-E OK AS-P-3 OK
GET H2	200	ptUG.html Show response cdn4ads.com/	44 B 140 B	176ms 131ms	Script text/javascript	216.59.63.128 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://cdn4ads.com/ptUG.html?_=BAoAYTjaUQFhONpSgAGBAsAAIH0Xeaezwqflcbh2oNFr8-1nqaSbB3PFm92tRSJN1Y8jwQBHMEUCIQDOAKQy2gA_vqKDnkvZVZOff881a4QUo_VwEQsMyTNCwwIgfYXeIGYrnmwd-BXGhmaHfVMlj58YApJnDjl6csYvZaHCACCRWhbhyTuuOKSBHGSDzmTn9JghyqIeP8tkNsLUD-lVOMQAECoBBPgAoQGhAIYAAAAAAAHFABBxwj5J-cjuyg93rSPILoL2wwBIMEYCIQCFKJVFXdLc8nSExTzSvSTTZ6-AfBhnDA_7_tYWlJ-bKwIhAME9J_EkELL0p8AgBX5sgnna7iHudPQ5STP9eOtc9rOl&v=4&tSvYMNru=4603297&minBid=&EneGdrkB=0:1,0&cjwzKneC=&DhgWNfzx=https%3A%2F%2Ftsportv100.usite.pro%2Fsor.html&s=1600,1200,1,1600,1200,0 Requested by Host: www.cdn4ads.com URL: https://www.cdn4ads.com/split.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.59.63.128 , United States, ASN53334 (TUT-AS, US), Reverse DNS 216-59-63-128.customer.totaluptime.net Software / Resource Hash 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tsportv100.usite.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers access-control-allow-origin * date Wed, 08 Sep 2021 15:44:18 GMT popads-ec ASB asf 9 content-length 44 content-type text/javascript;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

6.adsco.re

URL

https://6.adsco.re/

Domain

4.adsco.re

URL

https://4.adsco.re/

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster object| _pop function| pb06014 string| k object| detectZoom object| iframe object| where object| win object| _pao number| qs function| ta7245d589 function| embedChannel object| $jscomp function| $jscomp$lookupPolyfilledValue function| AdscoreInit object| pako string| txt number| a function| ed number| t string| property number| r number| g number| b string| bt string| zed function| goCh function| mecb974e object| fhs string| fhs_id string| ref object| pn string| w_h

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.uprimp.com/	1970-01-19 21:06:00	Name: used_ad2558629 Value: 1
			.uprimp.com/	1970-01-19 21:06:00	Name: total_impressions Value: 1
			.uprimp.com/	1970-01-19 21:48:27	Name: cpa_673873 Value: 728x90_372377596_0
			tsportv100.usite.pro/	1970-01-19 21:05:41	Name: a Value: qVUxTNtSG154E0cDeXwW1i5looADXROu
			tsportv100.usite.pro/	1970-01-19 21:05:37	Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c Value: BAoAYTjaUQFhONpSgAGBAsAAIH0Xeaezwqflcbh2oNFr8-1nqaSbB3PFm92tRSJN1Y8jwQBHMEUCIQDOAKQy2gA_vqKDnkvZVZOff881a4QUo_VwEQsMyTNCwwIgfYXeIGYrnmwd-BXGhmaHfVMlj58YApJnDjl6csYvZaHCACCRWhbhyTuuOKSBHGSDzmTn9JghyqIeP8tkNsLUD-lVOMQAECoBBPgAoQGhAIYAAAAAAAHFABBxwj5J-cjuyg93rSPILoL2wwBIMEYCIQCFKJVFXdLc8nSExTzSvSTTZ6-AfBhnDA_7_tYWlJ-bKwIhAME9J_EkELL0p8AgBX5sgnna7iHudPQ5STP9eOtc9rOl
			tsportv100.usite.pro/	1970-01-19 21:05:37	Name: _popprepop Value: 1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://uprimp.com/bnr.php?section=General&pub=236136&format=728x90&ga=g, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://uprimp.com/bnr.php?section=General&pub=236136&format=728x90&ga=g, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.shidurlive.com/embed.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.shidurlive.com/embed.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.shidurlive.com/a/59e89c0e60a3af21/3131362c3131352c3131322c3131312c3131342c3131362c3131382c34352c3530/22df9deabe3eda5b14c50aabcae3818e05006713129e70fdad19b3d2d1dfc8a4/700/400, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.shidurlive.com/a/59e89c0e60a3af21/3131362c3131352c3131322c3131312c3131342c3131362c3131382c34352c3530/22df9deabe3eda5b14c50aabcae3818e05006713129e70fdad19b3d2d1dfc8a4/700/400, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
adsco.re
c.adsco.re
cdn4ads.com
freehostedscripts.net
ogyiw8ed2bat.l4.adsco.re
ogyiw8ed2bat.n4.adsco.re
ogyiw8ed2bat.s4.adsco.re
tsportv100.usite.pro
uprimp.com
www.cdn4ads.com
www.shidurlive.com
xe9o.xyz
ylx-i.advertica-cdn2.com
4.adsco.re
6.adsco.re
104.21.9.86
162.252.214.5
185.200.116.90
185.200.118.90
185.66.200.127
185.66.200.220
185.66.201.59
213.174.157.150
216.59.63.128
2606:4700:3038::6815:e9e7
2606:4700::6811:a6ba
2a02:6ea0:c700::2
38.132.109.186
224bb06234df291883a230938dccb15657d699a646cc98f26fa13e10f63fc540
243e04fcaf0c6a6a3c00aa45d6a420e0408978a4dd3d573f7faed2e66395c660
29d0e7bc3c66042869f307f9c763a159de9585a98e2a31b269fbecc5df1895fa
3021d7c6c4d5e10248d7fb217e325f3f1ebd8b8b7c8c0fd96c2659f8a8d33dea
57933f21661add3625ab3a122cea6139b0491bb89b2aa324687b9ed332bb6793
580ddb87facb9532b2337b97855f3a30329624d095ee605c9866477694c4db63
5ff2ad00b7537ecf6c469d327d45d08045712c517a744a77647a48b9e8ec7a0a
6681c560771138291b3b6ec135bba4a80ae53fb993f5852b84814ff699961683
6aa5984152af99c3781a22fd2f356e6c2a944591b31295c6cef53226363db0b3
6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f
6c84883c9f915208a31454df6152e186ad918d4e4c7209005d6df581e3c99144
7f45fabc33705d47c359b8d91d9ad5f78fb5bdfbeca9aa7a4bed4712f3dd59ab
99e3b2f2025921ffe206d5c12dcf98845265109c0dbd12996de1278d1604fb72
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c4534e2c5e02feb1883d2ae84c55f1d511bb3007d8461a44333d3abb66ef7d78
c9a8a8d710505af289f9cbf1634941ecc82048b9bb6ede5a42e462a9e1541cd9
d50de3ca4d4f26be893b8ecae31cf9ae08577ebc27c2b792beba6005f0aa16b8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855