Report - player.smashy.stream/tv/tt0496424?e=14&s=4

Report Overview

Submitted URL
player.smashy.stream/tv/tt0496424?e=14&s=4
IP
104.21.91.100
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-08 15:32:21
Access
public
Website Title
Smashystream Player
Final URL
player.smashy.stream/tv/tt0496424?e=14&s=4
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
tigainareputaon.info	unknown	unknown	No data	No data	1.0 kB	1.3 kB	172.67.181.202
lylufhuxqwi.com	unknown	2022-12-13	2022-12-13	2024-04-28	1.9 kB	112 kB	212.117.190.201
embed.smashystream.com	unknown	2021-12-31	2022-10-28	2024-04-25	1.5 kB	15 kB	104.21.62.104
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-08	1.1 kB	36 kB	216.58.207.227
d2zf5gu5e5mp87.cloudfront.net	unknown	2008-04-25	2024-03-05	2024-04-18	1.8 kB	71 kB	143.204.42.212
player.smashy.stream	unknown	2024-02-23	2024-02-23	2024-03-01	2.0 kB	294 kB	172.67.215.153
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-08	865 B	189 kB	142.250.74.72
accounts.google.com	81	1997-09-15	2016-03-20	2024-05-07	3.2 kB	18 kB	74.125.131.84
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-05-07	433 B	280 kB	151.101.193.229
vaitotoo.net	unknown	2023-08-09	2023-08-09	2024-03-28	2.3 kB	2.8 kB	139.45.197.243
ws.coincap.io	230786	2014-06-17	2018-10-16	2024-04-30	557 B	240 B	104.16.106.40
habovethecit.info	unknown	2024-03-31	2024-04-16	2024-04-16	972 B	1.8 kB	108.157.229.106
o.pki.goog	unknown	2016-06-13	2024-04-24	2024-05-07	650 B	1.4 kB	142.250.74.131
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-05-07	445 B	2.8 kB	142.250.74.35
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-07	435 B	8.0 kB	142.250.74.138
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-05-06	523 B	678 B	139.45.195.8
coinpriceline.com	unknown	2022-05-14	2019-07-25	2024-03-04	1.7 kB	134 kB	172.67.166.189
pogothere.xyz	unknown	2022-08-22	2022-09-04	2024-05-07	866 B	107 kB	188.114.97.1
getrunkhomuto.info	unknown	2024-03-31	2024-03-31	2024-05-08	971 B	3.7 kB	52.85.243.31

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	vaitotoo.net	Sinkholed
2024-05-08	medium	vaitotoo.net	Sinkholed
2024-05-08	medium	vaitotoo.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (29)

	URL	Size	First Seen	Last Seen
	unknown	98 B	2023-03-07	2024-05-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:43:03 Last Seen2024-05-20 01:02:17 Times Seen1375 Hash 89bcf174d3531eddbb1500484a90d285 e367883c70b6b673845bf21c1da09806b6066df2 2fbbe20b7914a57bbdb823a2f7b56a091d9b2e53304909662e64aeb90f779e05 Loading...

	lib.wtg-ads.com/publisher/coinpriceline.com/dc234d802520aab423ad.js	68 kB	2023-11-10	2024-05-20
Pretty URL lib.wtg-ads.com/publisher/coinpriceline.com/dc234d802520aab423ad.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-10 05:34:07 Last Seen2024-05-20 01:02:17 Times Seen10 Hash 23818419031d78770cae7223688dfd22 845b1f2ce60155977adff27412b3078eef833ab5 00ea9bd7ab9d680071d04fa56826bb2f7358fbff8bcf89a3e0c8eb8aa574e765 Loading...

	coinpriceline.com/wp-content/plugins/coinpress/assets/public/js/vendor.min.js?ver=2.3.5	90 kB	2023-03-07	2024-05-19
Pretty URL coinpriceline.com/wp-content/plugins/coinpress/assets/public/js/vendor.min.js?ver=2.3.5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:11 Last Seen2024-05-19 18:58:08 Times Seen48 Hash 8502e9fb4eb96fb747f60ca5daf96edf 5b3ec728d0359f64412d66d3862b5a901aa54a5a 5a0a7f06f911e2a8ef53baba55dff9cffe1daf5848a3836f92d7ed2d1297ea4e Loading...

	player.smashy.stream/tv/tt0496424?e=14&s=4	184 B	2024-04-18	2024-05-19
Pretty URL player.smashy.stream/tv/tt0496424?e=14&s=4 IP 172.67.215.153 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 13:31:31 Last Seen2024-05-19 18:58:07 Times Seen13 Hash 0f23581be0935bfc1ba9a7045bec1da6 979048ee8c806c95999daadb25be6e6d984dc89a b9224a1319fda828347ff89d10622de8c9e2668398e1885dd88cb159be75a8c8 Loading...

	player.smashy.stream/assets/index-C82RhojO.js	275 kB	2024-05-07	2024-05-09
Pretty URL player.smashy.stream/assets/index-C82RhojO.js IP 172.67.215.153 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 05:35:56 Last Seen2024-05-09 08:03:11 Times Seen5 Hash c479ef0211de63381a94b0c8f6f1b546 04cb425ed6547415be4431cb739a72c1510c0791 92a2a5311a6b8d2e0c94553089ea93afa02c5a97a9a7cc7a400652cd915bb995 Loading...

	www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1	4.3 kB	2023-03-07	2024-05-19
Pretty URL www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1 IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:34 Last Seen2024-05-19 18:58:08 Times Seen3737 Hash b427175fa1078775eb792756e7b6d1e7 4c55c0233d3d9002b3449c025f97821f8bb8900d ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Loading...

	coinpriceline.com/wp-content/themes/smart-mag/js/jquery.sticky-sidebar.js?ver=10.0.0	12 kB	2023-03-07	2024-05-19
Pretty URL coinpriceline.com/wp-content/themes/smart-mag/js/jquery.sticky-sidebar.js?ver=10.0.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:04:18 Last Seen2024-05-19 18:58:09 Times Seen581 Hash 4d7c7efaef3434244613ec460710a0fd dd5ca616d636f4b1c7e77a9542da5eb2c5e12a48 2660d2ba27141ecebe732da9795d68254bb155fbf87a88d817d4da4528b9a83c Loading...

	www.googletagmanager.com/gtag/js?id=G-EXPW1TBVRJ	292 kB	2024-05-08	2024-05-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-EXPW1TBVRJ IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 17:32:28 Last Seen2024-05-08 17:32:29 Times Seen2 Hash 76bbe23bac528310df02de635db743c9 dbd62fedb6aecb55df36256affc49185b650fb24 522ff9781dd6297fbe62c7f297bbb88191f800b5ca144f694486de71929e619d Loading...

	lylufhuxqwi.com/aas/r45d/vki/2019261/25af6960.js	106 kB	2024-04-26	2024-05-09
Pretty URL lylufhuxqwi.com/aas/r45d/vki/2019261/25af6960.js IP 212.117.190.201 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 06:22:53 Last Seen2024-05-09 08:03:11 Times Seen11 Hash b4abd91ca89a5f6c2885ad97df87e188 c586719b27e080f4a889f8ae7544e414467dc501 3ba3825041badb95af70452c403c118fce573398ddbc62c5557b2bd85e94851a Loading...

	coinpriceline.com/wp-content/themes/smart-mag/js/theme.js?ver=10.0.0	54 kB	2024-03-22	2024-05-19
Pretty URL coinpriceline.com/wp-content/themes/smart-mag/js/theme.js?ver=10.0.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 21:18:50 Last Seen2024-05-19 18:58:09 Times Seen12 Hash 85da32e6b6041ada9c93a3fa59e0dc5d 5644805f8bb31491d77069b0765065bb6f8ef8ce b55a08c529bb99ad4a1ee25c32d443c7d416fa10975557ad32908feb58d6f51e Loading...

	coinpriceline.com/latest-crypto-news/?utm_source=google&utm_medium=cpc&utm_campaign=6244865	268 B	2024-05-07	2024-05-19
Pretty URL coinpriceline.com/latest-crypto-news/?utm_source=google&utm_medium=cpc&utm_campaign=6244865 IP 172.67.166.189 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 05:35:56 Last Seen2024-05-19 18:58:07 Times Seen4 Hash 77fb3e83e5b498de298dd886586aca88 340f7e0a18c585fbd7dfc60637638c3c3097a65d c368fb24a79c6c0a9e48440c524a2f6b281add48c0594bd853b3573c8ba7962f Loading...

	coinpriceline.com/wp-content/themes/smart-mag/js/jquery.mfp-lightbox.js?ver=10.0.0	20 kB	2023-03-07	2024-05-20
Pretty URL coinpriceline.com/wp-content/themes/smart-mag/js/jquery.mfp-lightbox.js?ver=10.0.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-20 00:55:52 Times Seen20393 Hash ba6cf724c8bb1cf5b084e79ff230626e f455c5f153f872e52265f87a644ff89fe14a6fb6 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4 Loading...

	player.smashy.stream/tv/tt0496424?e=14&s=4	485 B	2024-04-18	2024-05-19
Pretty URL player.smashy.stream/tv/tt0496424?e=14&s=4 IP 172.67.215.153 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 13:31:32 Last Seen2024-05-19 18:58:07 Times Seen13 Hash 90f52587b2c5f112119db21a46e18cbb 81c50c04764814c87a798cd5b92ea72ff66f0765 f9ebd36a9d691e53d72a5b122d36a21eead5f3b4a895fa8c611bd476ed171e53 Loading...

	cdn.jsdelivr.net/gh/Zilllei/Smashystream@latest/pl4.js	760 kB	2024-04-18	2024-05-19
Pretty URL cdn.jsdelivr.net/gh/Zilllei/Smashystream@latest/pl4.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 13:31:32 Last Seen2024-05-19 18:58:08 Times Seen26 Hash c77281d8dc0748dab5284fe228e24ef0 888250cd94da1e6380315cc4b4cebd5191d89b31 73ffdbcefe85e19632026c2e5fbb2a5bc7ae76bbe289245d6707aebba3f62da9 Loading...

	d2zf5gu5e5mp87.cloudfront.net/?ugfzd=994781	210 kB	2024-05-08	2024-05-08
Pretty URL d2zf5gu5e5mp87.cloudfront.net/?ugfzd=994781 IP 143.204.42.212 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 17:32:28 Last Seen2024-05-08 17:58:00 Times Seen4 Hash 9ebd76e18f1b967af632802278b15c9c 38e10524ce0c7019fd4c88496605d4be2016c417 5af0199cf4a7e5746bb106a6cb9621e97bfbb2fe5e851c16b4b298b4ff65abba Loading...

	lylufhuxqwi.com/get/2019261?zoneid=2019261&jp=_cltmyhv82l4elcev6g3so0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3771580885263360&eclog=0&im=1&uf=0	3.0 kB	2024-05-08	2024-05-08
Pretty URL lylufhuxqwi.com/get/2019261?zoneid=2019261&jp=_cltmyhv82l4elcev6g3so0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3771580885263360&eclog=0&im=1&uf=0 IP 212.117.190.201 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 17:32:28 Last Seen2024-05-08 17:32:28 Times Seen1 Hash ad62efcb7b98bee3fc49c639047f76ee f9b8a3e6aaa95f125914c9084c21cc656eee8b72 8b5e1b60a7627dded143c6501f422ac6d162dd1372021c9812db29116f512681 Loading...

	player.smashy.stream/tv/tt0496424?e=14&s=4	10 kB	2024-04-18	2024-05-09
Pretty URL player.smashy.stream/tv/tt0496424?e=14&s=4 IP 172.67.215.153 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 13:31:32 Last Seen2024-05-09 08:03:11 Times Seen9 Hash 9d02709dddda6b0bc4a2eb0293455486 f6c4f67a5c4d3f3ec03aa8d6786e558761a352fa 4b32d84685e089464afad84df2666d62d30695d7f5f388bda4aad0d2db0907d3 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 97d5026cbd5b300ee816eeebfe110c78	2.5 kB	2024-04-18	2024-05-19
Pretty Observations First Seen2024-04-18 13:31:33 Last Seen2024-05-19 18:58:08 Times Seen15 Hash 97d5026cbd5b300ee816eeebfe110c78 5273502a2cc096c0cce4e3e24a51ffd6193c1507 5cc0cae1e13d8791361912827a89bd67554f2e38d83ef584f94b89e8f3b5068d Loading...

	#2 Eval - c6e780ed140f9bba95e4ba38fb9c4740	540 B	2023-03-07	2024-05-19
Pretty Observations First Seen2023-03-07 01:17:20 Last Seen2024-05-19 18:58:08 Times Seen1140 Hash c6e780ed140f9bba95e4ba38fb9c4740 81467f2fdc12c9c9f035ab9773b05e7f8c5b5e11 64484bee759ffebab3fcd44da43a0c14ecfc9dc82b799fa2afc19d3b0b2605c3 Loading...

	#3 Eval - d7f839ab7bb4c2da967e12626015cee8	4 B	2023-03-07	2024-05-19
Pretty Observations First Seen2023-03-07 01:17:20 Last Seen2024-05-19 18:58:08 Times Seen1141 Hash d7f839ab7bb4c2da967e12626015cee8 9c21a39fe452a3fb10266824eff2918c9671ff07 aa0c292b18bdff8b7e90764b19acd5ade0348a738129a00fa0352412f706540e Loading...

	#4 Eval - d00a243ea9b8f9ac010c591e5a65f055	4 B	2023-03-07	2024-05-19
Pretty Observations First Seen2023-03-07 01:17:20 Last Seen2024-05-19 18:58:08 Times Seen725 Hash d00a243ea9b8f9ac010c591e5a65f055 e9ca8d9a7aa820c00d3ab05c3cdc1fd81c92726f f705940e69387bd285eacb7fac7d6a6969b75e6e01d037bbca0d5d6fb8ad5fc2 Loading...

	#5 Eval - 8fa14cdd754f91cc6554c9e71929cce7	1 B	2023-03-07	2024-05-19
Pretty Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-19 18:58:08 Times Seen9249 Hash 8fa14cdd754f91cc6554c9e71929cce7 4a0a19218e082a343a1b17e5333409af9d98f0f5 252f10c83610ebca1a059c0bae8255eba2f95be4d1d7bcfa89d7248a82d9f111 Loading...

	#6 Eval - fb64b812367812940190dee8fda5af15	6 B	2023-03-07	2024-05-19
Pretty Observations First Seen2023-03-07 01:17:20 Last Seen2024-05-19 18:58:08 Times Seen725 Hash fb64b812367812940190dee8fda5af15 573f1a8dc15c61653834f7d51ace8d1e801dec36 f770ac95d53de5e43a57677f4decfc98d20c611cdd1705fbe56db71ab9836580 Loading...

	#7 Eval - 4a6b226322cab8944cabeb86da7cba6c	487 kB	2024-04-18	2024-05-19
Pretty Observations First Seen2024-04-18 13:31:33 Last Seen2024-05-19 18:58:08 Times Seen13 Hash 4a6b226322cab8944cabeb86da7cba6c 7359758881e9da0c131b6577611be038c2979b9b 568ed8b0ed6704927eb220f6619123d758692ec9787019746ac2275a24c7411d Loading...

	#8 Eval - 027f5bb2565db41e1e298f300b3c7fc7	5.7 kB	2024-04-18	2024-05-19
Pretty Observations First Seen2024-04-18 13:31:33 Last Seen2024-05-19 18:58:08 Times Seen15 Hash 027f5bb2565db41e1e298f300b3c7fc7 b0f2da4ee21c7809af0a7a81741e31abeb5b462d 50c43e59c3ca1d510c18e5482dc742ca9a9702149b7dc3a8226a9bb54d59883d Loading...

	#9 Eval - dcdd0431fbf368f3eb8d1e8ade47be7a	233 B	2024-04-18	2024-05-19
Pretty Observations First Seen2024-04-18 13:31:33 Last Seen2024-05-19 18:58:08 Times Seen15 Hash dcdd0431fbf368f3eb8d1e8ade47be7a 26f23b49b39d0089a1577c4e2d1343d888cc5b32 4e914b3350fb1438618a3c55277a0cdf897026c04eca97e8b498d7c66395c32e Loading...

	#10 Eval - 6f67948f708dd53c2d320da103868405	3 B	2023-03-07	2024-05-19
Pretty Observations First Seen2023-03-07 01:17:20 Last Seen2024-05-19 18:58:08 Times Seen725 Hash 6f67948f708dd53c2d320da103868405 adcfef16f46244c055949de9b6c3008ab82fc188 4937f2fdc1304a33f286c67e5a071dc357dfaaaabb69dd1042667293be2711bc Loading...

	#11 Eval - 15bf3f10366db48f1ef4f085428b908a	138 B	2023-03-07	2024-05-19
Pretty Observations First Seen2023-03-07 01:17:20 Last Seen2024-05-19 18:58:08 Times Seen1138 Hash 15bf3f10366db48f1ef4f085428b908a 1c9c68916dbd37c065076a6cb55f2b0c0889a10a 66ee2b5817289c79a8012cfc552aaadbd84cb5d23017246a10de5b4fe4035bdd Loading...

	#12 Eval - 9f64ca3bf6d8d34d2ee331698c7e6eec	6 B	2023-03-07	2024-05-19
Pretty Observations First Seen2023-03-07 01:17:20 Last Seen2024-05-19 18:58:08 Times Seen725 Hash 9f64ca3bf6d8d34d2ee331698c7e6eec 86ca41b6536dd24f31c79cbff4e8a9c12d1d06b8 0d25cde547c9643a2bac679d57b2f792ac3f3762793ad0cee1dfcaba5fd2fe04 Loading...

HTTP Transactions (41)

URL IP Response Size

d2zf5gu5e5mp87.cloudfront.net/?ugfzd=994781

143.204.42.212

200 OK

69 kB

URL GET HTTP/2
d2zf5gu5e5mp87.cloudfront.net/?ugfzd=994781
IP
143.204.42.212:443
ASN
#16509 AMAZON-02

Requested by
https://player.smashy.stream/tv/tt0496424?e=14&s=4
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (15945)
Size
69 kB (69334 bytes)
Hash
9ebd76e18f1b967af632802278b15c9c
38e10524ce0c7019fd4c88496605d4be2016c417
5af0199cf4a7e5746bb106a6cb9621e97bfbb2fe5e851c16b4b298b4ff65abba

HTTP Headers

GET /?ugfzd=994781 HTTP/1.1
Host: d2zf5gu5e5mp87.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 69334
date: Wed, 08 May 2024 15:31:51 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ApS54cXyKF5FoFo3T6eDLzQgtHd9vfbUeu7P6UMfo7vEtwWCQeyn2w==
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-EXPW1TBVRJ

142.250.74.72

200 OK

99 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-EXPW1TBVRJ
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://player.smashy.stream/tv/tt0496424?e=14&s=4
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
99 kB (98879 bytes)
Hash
76bbe23bac528310df02de635db743c9
dbd62fedb6aecb55df36256affc49185b650fb24
522ff9781dd6297fbe62c7f297bbb88191f800b5ca144f694486de71929e619d

HTTP Headers

GET /gtag/js?id=G-EXPW1TBVRJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 15:31:51 GMT
expires: Wed, 08 May 2024 15:31:51 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 98879
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tigainareputaon.info/RFFUVm5rbjclUyYVHhE6ABMNFF0CZxUABQM1OiUrHDYwZgsjOnIiByBsbW9ac2llcB4tNWlnSDclNSIbN2xlcAcqNztrSDJsZXhdcH9nYEBwdyFrX2IlJDcJeWByJhowPWlnWXVkZW5cd2BmZ19y

172.67.181.202

0 B

URL
tigainareputaon.info/RFFUVm5rbjclUyYVHhE6ABMNFF0CZxUABQM1OiUrHDYwZgsjOnIiByBsbW9ac2llcB4tNWlnSDclNSIbN2xlcAcqNztrSDJsZXhdcH9nYEBwdyFrX2IlJDcJeWByJhowPWlnWXVkZW5cd2BmZ19y
IP
172.67.181.202:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /RFFUVm5rbjclUyYVHhE6ABMNFF0CZxUABQM1OiUrHDYwZgsjOnIiByBsbW9ac2llcB4tNWlnSDclNSIbN2xlcAcqNztrSDJsZXhdcH9nYEBwdyFrX2IlJDcJeWByJhowPWlnWXVkZW5cd2BmZ19y HTTP/1.1
Host: tigainareputaon.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Wed, 08 May 2024 15:31:52 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bey6Lo%2BZOW8J0rpQUL1M0CwO5qs0KOa52ULlQCQItnwGa8iAUgKBBXWEN9WrHYT3Cf0TDf8G0agMlIDRE7rHr%2BEfsYSrnBsUxSLQ5Nwsi4d4g9BPwYwWVL3immkDKInBqyuLbi17gA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a7fcb3810712e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

player.smashy.stream/assets/index-rQRtNKW-.css

172.67.215.153

200 OK

3.1 kB

URL GET HTTP/3
player.smashy.stream/assets/index-rQRtNKW-.css
IP
172.67.215.153:443
ASN
#13335 CLOUDFLARENET

Requested by
https://player.smashy.stream/tv/tt0496424?e=14&s=4
Certificate
IssuerGoogle Trust Services LLC
Subjectplayer.smashy.stream
Fingerprint3D:AD:7C:53:E0:EC:16:14:D1:38:83:A1:1D:0F:FA:95:26:3D:5D:09
ValidityTue, 23 Apr 2024 12:57:56 GMT - Mon, 22 Jul 2024 12:57:55 GMT

File type
ASCII text, with very long lines (10481)
Size
3.1 kB (3125 bytes)
Hash
ff5375d712a411e5113e82166ffe4ae6
a2caa83dd8734c8b7f53482ca7024d9e5ae72950
eba550a15f56ce01da31b41304052760d8112218dd7524a7a28031e66a68805d

HTTP Headers

GET /assets/index-rQRtNKW-.css HTTP/1.1
Host: player.smashy.stream
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/tv/tt0496424?e=14&s=4
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 15:31:51 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"a9ac34fd63dc4a84698f3b2438a355a0"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JzxL4iRO0pArOJiVG1PoWykCi39QnAtp%2F24GJy4ZxRDgPOwyBSfPQJAW5jVfJI4MYvkiuwNWoSit9ddfRxvYEq6M1kZ2nZwP%2FRHkPZ1U7gGCwHDf707q2ioIxzntYvi3clcQKLTUng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 6605
server: cloudflare
cf-ray: 880a7fc83d41b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

lylufhuxqwi.com/solid.gif?z=2019261&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3771580885263360&eclog=0&im=1

212.117.190.201

200 OK

43 B

URL POST HTTP/2
lylufhuxqwi.com/solid.gif?z=2019261&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3771580885263360&eclog=0&im=1
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://player.smashy.stream/tv/tt0496424?e=14&s=4
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint59:69:20:70:FA:E5:D9:16:78:DB:51:76:3B:0A:AD:0A:32:12:73:D1
ValidityTue, 09 Jan 2024 12:44:49 GMT - Sat, 06 Jul 2024 21:59:00 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

HTTP Headers

POST /solid.gif?z=2019261&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3771580885263360&eclog=0&im=1 HTTP/1.1
Host: lylufhuxqwi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/
Origin: https://player.smashy.stream
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 15:31:52 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: CHCK=1; Path=/; Expires=Wed, 11 Jun 2025 15:31:52 GMT; Secure; SameSite=None
UID=240508103146a9b06fe90847019be0e1673e; Path=/; Expires=Wed, 11 Jun 2025 15:31:52 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

habovethecit.info/T1RRVEguNjI5dy5pM3I9PThscXoJcWMSLH0uN2EvOmE0YSU/bGZ6KyM7JDAuPTs/IGYhMSVxegkOAhIjNg46MzoBOCYVLDUjJgIkOywyA3gJDD84PQQBEBAEIQEhDC8sLB0HOywSAgE4BDg+MhIlJyUFCQIkGwxxFhICNyUEBWkjLSYnGw4LJBgdLTwiBRUjMR8FaAMqJgVlDAkJZTM+MCwWCQJ9KWUcFwMhAiUSCgZgGy4BHxEVP3ECETYQAzU/Jwd4Dm0aAxopFwUdIAECZRwqFzs3FngnYDMDOwwAOxZ9LhY1AgsiZSMVLyA8Gz0wBAViJHwGBXwkGQlnZCAOfgEaNh88FxcQfTs1PxouKTkLJA9/GmcxDHoMEwcFITIQFS8qOjk7CSMOZDEPKAwHHC86GRQVDAM9MjwOfgUeNx93Nwc5fHYOEBluJSc+OjhyAmM3GBkbEjM6Gw

108.157.229.106

200 OK

1.2 kB

URL GET HTTP/2
habovethecit.info/T1RRVEguNjI5dy5pM3I9PThscXoJcWMSLH0uN2EvOmE0YSU/bGZ6KyM7JDAuPTs/IGYhMSVxegkOAhIjNg46MzoBOCYVLDUjJgIkOywyA3gJDD84PQQBEBAEIQEhDC8sLB0HOywSAgE4BDg+MhIlJyUFCQIkGwxxFhICNyUEBWkjLSYnGw4LJBgdLTwiBRUjMR8FaAMqJgVlDAkJZTM+MCwWCQJ9KWUcFwMhAiUSCgZgGy4BHxEVP3ECETYQAzU/Jwd4Dm0aAxopFwUdIAECZRwqFzs3FngnYDMDOwwAOxZ9LhY1AgsiZSMVLyA8Gz0wBAViJHwGBXwkGQlnZCAOfgEaNh88FxcQfTs1PxouKTkLJA9/GmcxDHoMEwcFITIQFS8qOjk7CSMOZDEPKAwHHC86GRQVDAM9MjwOfgUeNx93Nwc5fHYOEBluJSc+OjhyAmM3GBkbEjM6Gw
IP
108.157.229.106:443
ASN
#16509 AMAZON-02

Requested by
https://player.smashy.stream/tv/tt0496424?e=14&s=4
Certificate
IssuerAmazon
Subjecthabovethecit.info
Fingerprint38:74:19:B2:CD:B6:EF:31:D4:35:71:5C:7D:82:82:D3:98:DC:BB:F5
ValidityMon, 15 Apr 2024 00:00:00 GMT - Wed, 14 May 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3048), with no line terminators
Size
1.2 kB (1200 bytes)
Hash
3bb5766928af6aba5b76c351c81831c0
ecaab490c9145962c7f4aaf3e0d49f9a8a789e7e
0a6a2d9b914b1ff6407f13681b78626e0f2bd9efac4fc77e04ec0ecb944bb0e5

HTTP Headers

GET /T1RRVEguNjI5dy5pM3I9PThscXoJcWMSLH0uN2EvOmE0YSU/bGZ6KyM7JDAuPTs/IGYhMSVxegkOAhIjNg46MzoBOCYVLDUjJgIkOywyA3gJDD84PQQBEBAEIQEhDC8sLB0HOywSAgE4BDg+MhIlJyUFCQIkGwxxFhICNyUEBWkjLSYnGw4LJBgdLTwiBRUjMR8FaAMqJgVlDAkJZTM+MCwWCQJ9KWUcFwMhAiUSCgZgGy4BHxEVP3ECETYQAzU/Jwd4Dm0aAxopFwUdIAECZRwqFzs3FngnYDMDOwwAOxZ9LhY1AgsiZSMVLyA8Gz0wBAViJHwGBXwkGQlnZCAOfgEaNh88FxcQfTs1PxouKTkLJA9/GmcxDHoMEwcFITIQFS8qOjk7CSMOZDEPKAwHHC86GRQVDAM9MjwOfgUeNx93Nwc5fHYOEBluJSc+OjhyAmM3GBkbEjM6Gw HTTP/1.1
Host: habovethecit.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1200
date: Wed, 08 May 2024 15:31:52 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 2ec95fe7e41d4394d0fc48587428057e.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: a2K05bFbAg0Hsx51C-3fCX4eh3Yxo_nXUxxQaP6uQ4KFb20GpiGCIg==
X-Firefox-Spdy: h2

lylufhuxqwi.com/get/2019261?zoneid=2019261&jp=_cltmyhv82l4elcev6g3so0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3771580885263360&eclog=0&im=1&uf=0

212.117.190.201

2.8 kB

URL
lylufhuxqwi.com/get/2019261?zoneid=2019261&jp=_cltmyhv82l4elcev6g3so0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3771580885263360&eclog=0&im=1&uf=0
IP
212.117.190.201:0
ASN
#7979 SERVERS-COM

Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint59:69:20:70:FA:E5:D9:16:78:DB:51:76:3B:0A:AD:0A:32:12:73:D1
ValidityTue, 09 Jan 2024 12:44:49 GMT - Sat, 06 Jul 2024 21:59:00 GMT

File type
JavaScript source, ASCII text, with very long lines (5996), with no line terminators
Size
2.8 kB (2798 bytes)
Hash
28c42729dc6544d9a91521f72f853ec7
2b922aaa9ef78b3bf98be6b842f2cfe856880969
3cb540ae0d87eafe32f5c58c2a206f08ba4bfad1bb426925be1fec3c9979777b

HTTP Headers

GET /get/2019261?zoneid=2019261&jp=_cltmyhv82l4elcev6g3so0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=3771580885263360&eclog=0&im=1&uf=0 HTTP/1.1
Host: lylufhuxqwi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 15:31:52 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Wed, 11 Jun 2025 15:31:52 GMT; Secure; SameSite=None
UID=2405081031749339fcc6bc4d57918260eca7; Path=/; Expires=Wed, 11 Jun 2025 15:31:52 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

player.smashy.stream/icon.png

172.67.215.153

200 OK

765 B

URL GET HTTP/3
player.smashy.stream/icon.png
IP
172.67.215.153:443
ASN
#13335 CLOUDFLARENET

Requested by
https://player.smashy.stream/tv/tt0496424?e=14&s=4
Certificate
IssuerGoogle Trust Services LLC
Subjectplayer.smashy.stream
Fingerprint3D:AD:7C:53:E0:EC:16:14:D1:38:83:A1:1D:0F:FA:95:26:3D:5D:09
ValidityTue, 23 Apr 2024 12:57:56 GMT - Mon, 22 Jul 2024 12:57:55 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Size
765 B (765 bytes)
Hash
a9bdf707c30e6fd00676a98da39f3362
c50775bcae87a0acf37e33ebbe7ef322bb69778a
e6910ed795e3269e0a70d1cd434a6a6b54efae20181ffb610107f8414fda1e1e

HTTP Headers

GET /icon.png HTTP/1.1
Host: player.smashy.stream
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/tv/tt0496424?e=14&s=4
DNT: 1
Connection: keep-alive
Cookie: _ga_EXPW1TBVRJ=GS1.1.1715182312.1.0.1715182312.0.0.0; _ga=GA1.1.177347240.1715182312
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 15:31:52 GMT
content-type: image/png
content-length: 765
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "3008129b722efe3139f604b6f10baedd"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZG995uRSbKNUf8ljt8lWll5hhITBFE5xp04whL8fxue%2BOS2zVCJlgkYof1nbJtbcCGBD9yybfKfaz%2FqCLTKn5cspwqOrpkVflldXkKceGD0f2jlnE9wpK5RUsMSYFVcrYfHn1uqmjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 839
accept-ranges: bytes
server: cloudflare
cf-ray: 880a7fce0d45b512-OSL
alt-svc: h3=":443"; ma=86400

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f276d15245c6ec1add5b5814bb8444eb
975c127eec9cc6514f4092ed034df575bcdeacd7
a77526d25e2226cff93318a2e87ab8d03eac1796e44fd997c5428693ddb61bd0

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 May 2024 15:31:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f276d15245c6ec1add5b5814bb8444eb
975c127eec9cc6514f4092ed034df575bcdeacd7
a77526d25e2226cff93318a2e87ab8d03eac1796e44fd997c5428693ddb61bd0

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 May 2024 15:31:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tigainareputaon.info/popunder.gif

172.67.181.202

35 B

URL
tigainareputaon.info/popunder.gif
IP
172.67.181.202:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: tigainareputaon.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 15:31:52 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 50732
last-modified: Wed, 08 May 2024 01:26:20 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vye5psIiLBEBCdxP5kB2RMT2mBiHvF4LRGw17Uxo8FvSscR4KUuH69QhP%2Bb9i09rVlMdlNZGJT5o%2BYwG48P3wcTgrDp3abDZilnbsAk6hyS1KIuUX8wCXFggUM6o2PGvbwXBEGKv8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880a7fcb381c712e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

74.125.131.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://player.smashy.stream/tv/tt0496424?e=14&s=4
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D
ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:f5uxhi5plc_FCr3Lxl0U1T7gL3HPxg:-JKTFVa74_w5VafW; Expires=Fri, 08-May-2026 15:31:52 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 15:31:52 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQzGMrhyqlM03bKyPDcXgAPhGcUEoGe0wuvsKw-J3JBLjFOkir_pRfY4-FayjeUjHTyIro4gUA
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-EZlJxdG6ImG1_pROgeZWxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQzGMrhyqlM03bKyPDcXgAPhGcUEoGe0wuvsKw-J3JBLjFOkir_pRfY4-FayjeUjHTyIro4gUA

74.125.131.84

302 Found

426 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQzGMrhyqlM03bKyPDcXgAPhGcUEoGe0wuvsKw-J3JBLjFOkir_pRfY4-FayjeUjHTyIro4gUA
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://player.smashy.stream/tv/tt0496424?e=14&s=4
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D
ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT

File type
HTML document, ASCII text, with very long lines (403)
Size
426 B (426 bytes)
Hash
9e68dd6a5664d77cdebde4812565f7cf
1f082251eb07d750107b1d04948754b9ba7dcde8
014fc8d74871c98f2f27bea98b3fe841c5bd8beaa7f2b26f2d2e2a33a747bca9

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQzGMrhyqlM03bKyPDcXgAPhGcUEoGe0wuvsKw-J3JBLjFOkir_pRfY4-FayjeUjHTyIro4gUA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:-N1onYFbJATYux4PpaKkKFyvH53XBg:1uDISwGVculBEawT;Path=/;Expires=Fri, 08-May-2026 15:31:52 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 15:31:52 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQxTOmF7Mk9_-2fZ9EERSZEqiPLytKCCClpvSUHucSX3JS-UNW1Jd-TpCilzQHZe1_487a94_w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-855276632%3A1715182312861714&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-B68GCNgbIAeH7lm1Jf26cA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 426
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzUIl3wZquANmsAfFoDk3jnU4i1FXTvKW8eAJnCo7JORU4B6P0AsRvcqDKzJhMW7UadVJTF1w

74.125.131.84

302 Found

427 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzUIl3wZquANmsAfFoDk3jnU4i1FXTvKW8eAJnCo7JORU4B6P0AsRvcqDKzJhMW7UadVJTF1w
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://player.smashy.stream/tv/tt0496424?e=14&s=4
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D
ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT

File type
HTML document, ASCII text, with very long lines (407)
Size
427 B (427 bytes)
Hash
27b62d0d6ed98da74163e9185a5c0002
d8e1bf48d04581f739bfa741d0ec0fd12c770a52
bd75d4662fc06aba4061848ae01ac0bba6b6329b0b6e8462eec152210e8ee5e8

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQzUIl3wZquANmsAfFoDk3jnU4i1FXTvKW8eAJnCo7JORU4B6P0AsRvcqDKzJhMW7UadVJTF1w HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:3fPZo6Sm8GgKqSncfy-Sy0D4ZmvFnQ:eAvCzh_QmxI8a_X5;Path=/;Expires=Fri, 08-May-2026 15:31:52 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 15:31:52 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQy3F1rU6FfkshO7e6xxahQy2oLsBat8JbdG63TYOB8QRyrVagoOZ8gvvUKOr5kxA40nRBPT8w&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1157959235%3A1715182312850344&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-KDbUSHy97WIMgDoDiyP4Ew' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 427
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d2zf5gu5e5mp87.cloudfront.net/ZSFkyZkgrNlwAdzwwVltxcW0FXnluKUADLnUpXgcxLSscFSUpKlofZjstQAMpJX9YFScmKQ8weisJZCkLLytmQDwyPQ9WbiQ4XAF1bjxcBXV5f1MCKnVtFBI4JzIPEDk9MEgDKzkvS0A9KWRfCTIhNV4HbXofB0h4bWsCTjB5aBdVCm1rAgohJixKQ3p4IQ-pQF35tF1UKbWsCFD5tanNffmZpG0N6eD5XBSMnfAAgenhoAlZ5eGgXVHguMEADLichF1QOcW8cVm49ZAM

143.204.42.212

570 B

URL
d2zf5gu5e5mp87.cloudfront.net/ZSFkyZkgrNlwAdzwwVltxcW0FXnluKUADLnUpXgcxLSscFSUpKlofZjstQAMpJX9YFScmKQ8weisJZCkLLytmQDwyPQ9WbiQ4XAF1bjxcBXV5f1MCKnVtFBI4JzIPEDk9MEgDKzkvS0A9KWRfCTIhNV4HbXofB0h4bWsCTjB5aBdVCm1rAgohJixKQ3p4IQ-pQF35tF1UKbWsCFD5tanNffmZpG0N6eD5XBSMnfAAgenhoAlZ5eGgXVHguMEADLichF1QOcW8cVm49ZAM
IP
143.204.42.212:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (838), with no line terminators
Size
570 B (570 bytes)
Hash
87c16f134ed8536f8b55ab95bdf0e97b
8c9879d2bee11bfef3169235f8552162168d7691
38a6895fed32a867d16c798165c46cbd44066947564eca8191fd7f87309d0a21

HTTP Headers

GET /ZSFkyZkgrNlwAdzwwVltxcW0FXnluKUADLnUpXgcxLSscFSUpKlofZjstQAMpJX9YFScmKQ8weisJZCkLLytmQDwyPQ9WbiQ4XAF1bjxcBXV5f1MCKnVtFBI4JzIPEDk9MEgDKzkvS0A9KWRfCTIhNV4HbXofB0h4bWsCTjB5aBdVCm1rAgohJixKQ3p4IQ-pQF35tF1UKbWsCFD5tanNffmZpG0N6eD5XBSMnfAAgenhoAlZ5eGgXVHguMEADLichF1QOcW8cVm49ZAM HTTP/1.1
Host: d2zf5gu5e5mp87.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://habovethecit.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 570
date: Wed, 08 May 2024 15:31:52 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AiH83Dgau7hvrME2ra1QSX2RHMp7yQhNqRzBQ3JzYZ4fg2II-oi9jw==
X-Firefox-Spdy: h2

d2zf5gu5e5mp87.cloudfront.net/YVlJlTmQ1PQsoWyI7AXNdb2ZdeVFwIhcrAmsiCS8dMyBLPQk3IQ03SiUmFysFO3QPPQs4IlgLKRUzNi1TF2EEOgsgFA59QiIoAXNUcD4EIANrdAAgB2tjQy8ANG9RaBE3bwghHj8+CS9BZBRQYFRzYFVmHGdjQH0mc2BVIg04Jx1rVmYqXXg7YGZAfSZzYF-U8EnNhJHdSeGJMa1ZmNQAtDzl3VwhWZmNVflVmY0B8VDA7FysCOSpAfCJvZEt+QiNvVA

143.204.42.212

195 B

URL
d2zf5gu5e5mp87.cloudfront.net/YVlJlTmQ1PQsoWyI7AXNdb2ZdeVFwIhcrAmsiCS8dMyBLPQk3IQ03SiUmFysFO3QPPQs4IlgLKRUzNi1TF2EEOgsgFA59QiIoAXNUcD4EIANrdAAgB2tjQy8ANG9RaBE3bwghHj8+CS9BZBRQYFRzYFVmHGdjQH0mc2BVIg04Jx1rVmYqXXg7YGZAfSZzYF-U8EnNhJHdSeGJMa1ZmNQAtDzl3VwhWZmNVflVmY0B8VDA7FysCOSpAfCJvZEt+QiNvVA
IP
143.204.42.212:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
195 B (195 bytes)
Hash
b864714b7b566aa6b0b72777c3d1c4d6
6a20ebe42c325b0ccb2402a9559002d688ecd461
cf8c4d42183448f95dc48b317e5d69c17ddf4e3bf5849ccb12fa331824ad51ac

HTTP Headers

GET /YVlJlTmQ1PQsoWyI7AXNdb2ZdeVFwIhcrAmsiCS8dMyBLPQk3IQ03SiUmFysFO3QPPQs4IlgLKRUzNi1TF2EEOgsgFA59QiIoAXNUcD4EIANrdAAgB2tjQy8ANG9RaBE3bwghHj8+CS9BZBRQYFRzYFVmHGdjQH0mc2BVIg04Jx1rVmYqXXg7YGZAfSZzYF-U8EnNhJHdSeGJMa1ZmNQAtDzl3VwhWZmNVflVmY0B8VDA7FysCOSpAfCJvZEt+QiNvVA HTTP/1.1
Host: d2zf5gu5e5mp87.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getrunkhomuto.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 195
date: Wed, 08 May 2024 15:31:52 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2dr6UzQpek9c1Rnztk4pKl3CZ0hApFI1jpjK4Gdc-6SQfG7ZcrYMxA==
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQy3F1rU6FfkshO7e6xxahQy2oLsBat8JbdG63TYOB8QRyrVagoOZ8gvvUKOr5kxA40nRBPT8w&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1157959235%3A1715182312850344&theme=mn&ddm=0

74.125.131.84

8.7 kB

URL
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQy3F1rU6FfkshO7e6xxahQy2oLsBat8JbdG63TYOB8QRyrVagoOZ8gvvUKOr5kxA40nRBPT8w&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1157959235%3A1715182312850344&theme=mn&ddm=0
IP
74.125.131.84:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D
ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT

File type
gzip compressed data, max compression
Size
8.7 kB (8665 bytes)
Hash
53bfdb442ca507c8263c1167a2aa2b8a
d585e4cc3384e32459569128fee2877bbe957e58
10b9e81abb66e6f4ab7de0ecb68d1405dddfdf722d7baf644095b908723b98cb

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQy3F1rU6FfkshO7e6xxahQy2oLsBat8JbdG63TYOB8QRyrVagoOZ8gvvUKOr5kxA40nRBPT8w&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1157959235%3A1715182312850344&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 15:31:52 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-JfsV3yGdQOOPjcL_hQUfkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.jsdelivr.net/gh/Zilllei/Smashystream@latest/pl4.js

151.101.193.229

200 OK

280 kB

URL GET HTTP/2
cdn.jsdelivr.net/gh/Zilllei/Smashystream@latest/pl4.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://player.smashy.stream/tv/tt0496424?e=14&s=4
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (65448)
Size
280 kB (279501 bytes)
Hash
c77281d8dc0748dab5284fe228e24ef0
888250cd94da1e6380315cc4b4cebd5191d89b31
73ffdbcefe85e19632026c2e5fbb2a5bc7ae76bbe289245d6707aebba3f62da9

HTTP Headers

GET /gh/Zilllei/Smashystream@latest/pl4.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"b98c1-iIJQzZTaHmOAMVzEtM69UZHYmzE"
content-encoding: br
accept-ranges: bytes
age: 553
date: Wed, 08 May 2024 15:31:53 GMT
x-served-by: cache-fra-etou8220027-FRA, cache-hel1410034-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 279501
X-Firefox-Spdy: h2

embed.smashystream.com/data.php?imdb=tt0496424&season=4&episode=14

104.21.62.104

200 OK

12 kB

URL GET HTTP/2
embed.smashystream.com/data.php?imdb=tt0496424&season=4&episode=14
IP
104.21.62.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://player.smashy.stream/tv/tt0496424?e=14&s=4
Certificate
IssuerGoogle Trust Services LLC
Subjectsmashystream.com
FingerprintB1:4A:F7:28:64:1D:19:E4:5D:E0:D9:FE:E6:98:73:AD:03:DE:7D:BA
ValiditySun, 14 Apr 2024 02:08:49 GMT - Sat, 13 Jul 2024 02:08:48 GMT

File type
JSON text data
Size
12 kB (11660 bytes)
Hash
8fc80d3a403c079259303495506efe20
8e1377bffb78089284a686c28a3099bad011479b
ad297f112ca4241b8dca565c820be454add1de42e759998e9ccf2beff934e7c3

HTTP Headers

GET /data.php?imdb=tt0496424&season=4&episode=14 HTTP/1.1
Host: embed.smashystream.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/
Origin: https://player.smashy.stream
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 15:31:53 GMT
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
x-cached: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sa7iCI5gs9wTY1OaYN9FBth%2Fo4f2L23rxgKZYXS1EzdhfQApi7rEuJCY7%2FrRp8LIGB2%2FewnqavlskuyNXAxJB3uk1xx1fnoebJwzKtEOYFla4j8Su9kx9CmtJ6MG7qyIFLeA5ENW%2FbJX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a7fcc0e04b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

142.250.74.35

2.0 kB

URL
www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (1143)
Size
2.0 kB (2007 bytes)
Hash
b427175fa1078775eb792756e7b6d1e7
4c55c0233d3d9002b3449c025f97821f8bb8900d
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

HTTP Headers

GET /cv/js/sender/v1/cast_sender.js?loadCastFramework=1 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="cloudview"
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-length: 2007
date: Wed, 08 May 2024 15:31:54 GMT
expires: Wed, 08 May 2024 15:31:54 GMT
cache-control: private, max-age=3000
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

216.58.207.227

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://player.smashy.stream/tv/tt0496424?e=14&s=4
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18668, version 1.0
Size
19 kB (18668 bytes)
Hash
8655d20bbcc8cdbfab17b6be6cf55df3
90edbfa9a7dabb185487b4774076f82eb6412270
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

HTTP Headers

GET /s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://player.smashy.stream
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18668
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:49:21 GMT
expires: Fri, 02 May 2025 01:49:21 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
content-type: font/woff2
age: 567753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Open+Sans

142.250.74.138

200 OK

7.4 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Open+Sans
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://player.smashy.stream/tv/tt0496424?e=14&s=4
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
7.4 kB (7402 bytes)
Hash
ca276228381c52bc7475fa2d72dee3d7
02e0895fc20e4e1e620781d3d32fd929e9cd7504
a8d1db046e9e478562d755ab94dae2eb7958e1fe6454130826f422d914a63f8d

HTTP Headers

GET /css2?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 15:31:54 GMT
date: Wed, 08 May 2024 15:31:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

vaitotoo.net/sftouch?userId=008056091fd14a7bed1e1dd7c0cbc8f0&z=6244865&p_rid=c660b04e-0991-487f-8901-f9eef7308fd0&p_src=sf&branchId=0&rb=XBwSesazleQIsNi-Ed_uDeQUZz8TmZLxhr3sHFTD7vDdQY2h2nfcZSH1AxeVHwCY2WiaIwAX_EAH98ckkI1gQMEO9_38-7UuWOiWbP-vvccNH3HnskAjcBFmsCbkAyggamXkiq8GUcUlTZzrgAHXlm-XNgtVc9J2Lcgq3WT5hOXEbWJ9Y9aUVBf8TpfnBRJfQabSRtoCCWfKyswy-OLkWlIGgrtblkYWZDPF8aNEvJXNYdrzj5Ff1EnLidbG_qurjyTp1FMYY6sx314bP96O75XuwYg=

139.45.197.243

2 B

URL
vaitotoo.net/sftouch?userId=008056091fd14a7bed1e1dd7c0cbc8f0&z=6244865&p_rid=c660b04e-0991-487f-8901-f9eef7308fd0&p_src=sf&branchId=0&rb=XBwSesazleQIsNi-Ed_uDeQUZz8TmZLxhr3sHFTD7vDdQY2h2nfcZSH1AxeVHwCY2WiaIwAX_EAH98ckkI1gQMEO9_38-7UuWOiWbP-vvccNH3HnskAjcBFmsCbkAyggamXkiq8GUcUlTZzrgAHXlm-XNgtVc9J2Lcgq3WT5hOXEbWJ9Y9aUVBf8TpfnBRJfQabSRtoCCWfKyswy-OLkWlIGgrtblkYWZDPF8aNEvJXNYdrzj5Ff1EnLidbG_qurjyTp1FMYY6sx314bP96O75XuwYg=
IP
139.45.197.243:0
ASN
#9002 RETN Limited

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /sftouch?userId=008056091fd14a7bed1e1dd7c0cbc8f0&z=6244865&p_rid=c660b04e-0991-487f-8901-f9eef7308fd0&p_src=sf&branchId=0&rb=XBwSesazleQIsNi-Ed_uDeQUZz8TmZLxhr3sHFTD7vDdQY2h2nfcZSH1AxeVHwCY2WiaIwAX_EAH98ckkI1gQMEO9_38-7UuWOiWbP-vvccNH3HnskAjcBFmsCbkAyggamXkiq8GUcUlTZzrgAHXlm-XNgtVc9J2Lcgq3WT5hOXEbWJ9Y9aUVBf8TpfnBRJfQabSRtoCCWfKyswy-OLkWlIGgrtblkYWZDPF8aNEvJXNYdrzj5Ff1EnLidbG_qurjyTp1FMYY6sx314bP96O75XuwYg= HTTP/1.1
Host: vaitotoo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vaitotoo.net
DNT: 1
Connection: keep-alive
Referer: https://vaitotoo.net/4/6244865
Cookie: OAID=008056091fd14a7bed1e1dd7c0cbc8f0; oaidts=1715182333
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 15:32:14 GMT
content-type: text/plain
content-length: 2
x-trace-id: 6b790883219f8012352652da108c4980
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://vaitotoo.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

vaitotoo.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=c660b04e-0991-487f-8901-f9eef7308fd0

139.45.197.243

12 B

URL
vaitotoo.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=c660b04e-0991-487f-8901-f9eef7308fd0
IP
139.45.197.243:0
ASN
#9002 RETN Limited

File type
JSON text data
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=c660b04e-0991-487f-8901-f9eef7308fd0 HTTP/1.1
Host: vaitotoo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1408
Origin: https://vaitotoo.net
DNT: 1
Connection: keep-alive
Referer: https://vaitotoo.net/4/6244865
Cookie: OAID=008056091fd14a7bed1e1dd7c0cbc8f0; oaidts=1715182333
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 15:32:14 GMT
content-type: application/json; charset=utf-8
content-length: 12
access-control-allow-origin: https://vaitotoo.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=merge&userId=008056091fd14a7bed1e1dd7c0cbc8f0&z=6244865&p_rid=c660b04e-0991-487f-8901-f9eef7308fd0&p_src=sf

139.45.195.8

43 B

URL
my.rtmark.net/img.gif?f=merge&userId=008056091fd14a7bed1e1dd7c0cbc8f0&z=6244865&p_rid=c660b04e-0991-487f-8901-f9eef7308fd0&p_src=sf
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=merge&userId=008056091fd14a7bed1e1dd7c0cbc8f0&z=6244865&p_rid=c660b04e-0991-487f-8901-f9eef7308fd0&p_src=sf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vaitotoo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 15:32:14 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=008056091fd14a7bed1e1dd7c0cbc8f0; expires=Thu, 08 May 2025 15:32:14 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

vaitotoo.net/?z=6244865&syncedCookie=true&rhd=false

139.45.197.243

0 B

URL POST
vaitotoo.net/?z=6244865&syncedCookie=true&rhd=false
IP
139.45.197.243:0
ASN
#9002 RETN Limited

Requested by
https://player.smashy.stream/tv/tt0496424?e=14&s=4
Certificate
IssuerLet's Encrypt
Subjectvaitotoo.net
Fingerprint0E:86:CD:13:28:85:6E:10:AA:44:51:1E:0D:D9:0D:EC:03:91:62:86
ValidityFri, 05 Apr 2024 05:24:33 GMT - Thu, 04 Jul 2024 05:24:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /?z=6244865&syncedCookie=true&rhd=false HTTP/1.1
Host: vaitotoo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 601
Origin: https://vaitotoo.net
DNT: 1
Connection: keep-alive
Referer: https://vaitotoo.net/afu.php?zoneid=6244865&var=6244865&rid=mnhKzS_wDF_SW3g2Y1iWsw%3D%3D&rhd=false&ab2r=0&sf=1
Cookie: OAID=008056091fd14a7bed1e1dd7c0cbc8f0; oaidts=1715182333
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 May 2024 15:32:14 GMT
content-length: 0
location: https://coinpriceline.com/latest-crypto-news/?utm_source=google&utm_medium=cpc&utm_campaign=6244865
x-trace-id: 92f62c2139c2f2d79a612f911d2dbde8
link: <https://coinpriceline.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://vaitotoo.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008056091fd14a7bed1e1dd7c0cbc8f0; expires=Thu, 08 May 2025 15:32:14 GMT; path=/; secure; SameSite=None
oaidts=1715182333; expires=Thu, 08 May 2025 15:32:14 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 15 May 2024 15:32:14 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

coinpriceline.com/wp-content/uploads/2022/05/coinpricelogotext33689.png

172.67.166.189

6.9 kB

URL
coinpriceline.com/wp-content/uploads/2022/05/coinpricelogotext33689.png
IP
172.67.166.189:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 336 x 89, 8-bit/color RGBA, non-interlaced
Size
6.9 kB (6946 bytes)
Hash
a9c0affebf0fe0d19574925481bfa11d
eececae9d5afe101904f47c10fe46742a8c0ac8d
86f1682cb7e4e9dbf1b915e6e37d7385f835057e9149a90fa9bf3bbdd08ad67b

HTTP Headers

GET /wp-content/uploads/2022/05/coinpricelogotext33689.png HTTP/1.1
Host: coinpriceline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://coinpriceline.com/latest-crypto-news/?utm_source=google&utm_medium=cpc&utm_campaign=6244865
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 15:32:14 GMT
content-type: image/png
content-length: 6946
last-modified: Wed, 08 Nov 2023 17:35:34 GMT
etag: "654bc6e6-1b22"
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 679993
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q9j8o%2BobadmXV64Y0uBjPcNnWNYUg%2BA6RWWN%2BMWDJpCATeym8t%2BJ1KXx9VlEJnSvq6t7EJoUwldAc4zuz%2FDxTzoCClfbIIeW8lLUkUHugqDP0ZA2m9IiWNz4N6z6kOudggJqhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880a80594a4ab50f-OSL
alt-svc: h3=":443"; ma=86400

pogothere.xyz/asd100.bin

188.114.97.1

200 OK

106 kB

URL GET HTTP/2
pogothere.xyz/asd100.bin
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://player.smashy.stream/tv/tt0496424?e=14&s=4
Certificate
IssuerGoogle Trust Services LLC
Subjectpogothere.xyz
Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B
ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT

File type
data
Size
106 kB (105588 bytes)
Hash
9b56482166e57339f35c3c0af8e1dd0a
6d58af699e333ab1bf9e516472c1f1313e0f3c38
c894dcba8fc7c62f2c334b0adf5a39899d26200eb3ef85c50e647cd1a4392eea

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/
Origin: https://player.smashy.stream
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 15:31:52 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://player.smashy.stream
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5162
last-modified: Wed, 08 May 2024 14:05:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lF0rfmZhXSAqBGvdfoKV9YtzxKvXWDXXIGKRijvn0jPyM%2Bi11IVKIN5PHCwu88GD5Andhx2Vrgzt9b%2Bu56r2Kbf0DIOYKu90EcY6icaFepBr98soAKre8WX99ixYeGeG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880a7fce2fbdb523-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-GFN8W0SE7S

142.250.74.72

89 kB

URL
www.googletagmanager.com/gtag/js?id=G-GFN8W0SE7S
IP
142.250.74.72:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (7711)
Size
89 kB (88870 bytes)
Hash
9e36afb4ca3796a5de18005938e9f7f1
925992653c0931ae6702bf44b63c9321bfb425dc
575bc346edce867401c023c971ad750d673a68fb2f7ef65c2508247603ca7d00

HTTP Headers

GET /gtag/js?id=G-GFN8W0SE7S HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://coinpriceline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 15:32:14 GMT
expires: Wed, 08 May 2024 15:32:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88870
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

coinpriceline.com/wp-content/themes/smart-mag/css/icons/fonts/ts-icons.woff2?v2.8

172.67.166.189

12 kB

URL
coinpriceline.com/wp-content/themes/smart-mag/css/icons/fonts/ts-icons.woff2?v2.8
IP
172.67.166.189:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 11616, version 1.0
Size
12 kB (11616 bytes)
Hash
270d223f8a0d8d2ebd681827519c75ef
cd74b8b6fd8b1303ca512d642cd0498cfc462b5c
a15cca56bcaefca8a0c452c9fbecb2e737cc5e23e5594d602e7f30bac598dda8

HTTP Headers

GET /wp-content/themes/smart-mag/css/icons/fonts/ts-icons.woff2?v2.8 HTTP/1.1
Host: coinpriceline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://coinpriceline.com/wp-content/themes/smart-mag/css/icons/icons.css?ver=10.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 15:32:15 GMT
content-type: application/font-woff2
content-length: 11616
last-modified: Wed, 27 Mar 2024 03:50:09 GMT
etag: "66039771-2d60"
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 674392
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yCr6g%2FQ58YzYiCZpslFerrPbD7QZHgTwS1PYGC1qvMLmjjAHvLIzbji%2Babzckc80JzuFoo%2F3pNaWiD%2BcKjWssZtuuheVWDw6s5dDzf%2BrIdWRmq2mL1%2BbhZjQDUeTvIpImikRbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880a805abc4ab50f-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

16 kB

URL
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://coinpriceline.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 567435
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

coinpriceline.com/latest-crypto-news/?utm_source=google&utm_medium=cpc&utm_campaign=6244865

172.67.166.189

113 kB

URL GET
coinpriceline.com/latest-crypto-news/?utm_source=google&utm_medium=cpc&utm_campaign=6244865
IP
172.67.166.189:0
ASN
#13335 CLOUDFLARENET

Requested by
https://player.smashy.stream/tv/tt0496424?e=14&s=4
Certificate
IssuerLet's Encrypt
Subjectcoinpriceline.com
FingerprintFD:66:6B:DC:25:71:4A:A0:42:37:43:B4:85:C1:14:17:AC:58:37:14
ValiditySat, 16 Mar 2024 06:35:01 GMT - Fri, 14 Jun 2024 06:35:00 GMT

File type
gzip compressed data, from Unix
Size
113 kB (112675 bytes)
Hash
856a7865e8bc2503a75f7282600380d7
95fb72d76f6c46aeb2da465eba13df3306589afa
b00387619577a8333769843aa920f565c6dc3c4eb55321e031c26c4cdf7c86e1

HTTP Headers

GET /latest-crypto-news/?utm_source=google&utm_medium=cpc&utm_campaign=6244865 HTTP/1.1
Host: coinpriceline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 15:32:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
link: <https://coinpriceline.com/wp-json/>; rel="https://api.w.org/", <https://coinpriceline.com/wp-json/wp/v2/pages/146>; rel="alternate"; type="application/json", <https://coinpriceline.com/?p=146>; rel=shortlink
cache-control: max-age=0
expires: Wed, 08 May 2024 15:32:14 GMT
age: 0
x-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lN%2BA2T6m91KIswfiSvh5jqPAVnrS3mnPdkj%2BTdfzdHQsWHPsyCGX152F0z7Euvm4S6dWQMyf1YaGZdqGRmX2gRI46CqoHFaPpfczaB24HMg2d26reCGmx9qLp60hLaMsN7LTWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a80561bf40b31-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ws.coincap.io/prices?assets=ALL

104.16.106.40

0 B

URL
ws.coincap.io/prices?assets=ALL
IP
104.16.106.40:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /prices?assets=ALL HTTP/1.1
Host: ws.coincap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://coinpriceline.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: w4I7uRrbesvMNkDEj219cw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Wed, 08 May 2024 15:32:15 GMT
Connection: upgrade
Sec-Websocket-Accept: gr7GOJSWL4obqFiTl7nOSiw2bKY=
Upgrade: websocket
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 880a805c5db07127-OSL

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQxTOmF7Mk9_-2fZ9EERSZEqiPLytKCCClpvSUHucSX3JS-UNW1Jd-TpCilzQHZe1_487a94_w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-855276632%3A1715182312861714&theme=mn&ddm=0

74.125.131.84

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQxTOmF7Mk9_-2fZ9EERSZEqiPLytKCCClpvSUHucSX3JS-UNW1Jd-TpCilzQHZe1_487a94_w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-855276632%3A1715182312861714&theme=mn&ddm=0
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://player.smashy.stream/tv/tt0496424?e=14&s=4
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint9F:A1:53:E4:09:E1:ED:82:F8:E0:30:B6:39:FA:EC:03:B4:89:46:8A
ValidityTue, 16 Apr 2024 03:19:40 GMT - Tue, 09 Jul 2024 03:19:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQxTOmF7Mk9_-2fZ9EERSZEqiPLytKCCClpvSUHucSX3JS-UNW1Jd-TpCilzQHZe1_487a94_w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-855276632%3A1715182312861714&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 15:31:52 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-_hkM-heHRIoC1i04wWyc4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

player.smashy.stream/tv/tt0496424?e=14&s=4

172.67.215.153

200 OK

12 kB

URL User Request GET HTTP/2
player.smashy.stream/tv/tt0496424?e=14&s=4
IP
172.67.215.153:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectplayer.smashy.stream
Fingerprint3D:AD:7C:53:E0:EC:16:14:D1:38:83:A1:1D:0F:FA:95:26:3D:5D:09
ValidityTue, 23 Apr 2024 12:57:56 GMT - Mon, 22 Jul 2024 12:57:55 GMT

File type
HTML document, ASCII text, with very long lines (10304)
Size
12 kB (12052 bytes)
Hash
7b7b4754c89f0e6bccd2bcc429ed8f44
2fa7c80013c2b56175c531eebf82854606686b86
418e061c8f3c96377160df1dc1c0fe126597be32a43eb41d76221fe7f1ed1814

HTTP Headers

GET /tv/tt0496424?e=14&s=4 HTTP/1.1
Host: player.smashy.stream
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 15:31:51 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jyq1bHouCa0%2BL2Chu4piRBXLgC%2F%2B11a7DJImwwjqktrcfjtziY%2B5GCHCrl30o6bLdX%2FynyCvLwOUI8b700D%2BpT9CEPGrtoQcnR%2FZXyMmmzLhzHmlYtXWLVmKCa%2BMou%2FGiVRNqVK3Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 880a7fc5e9e41c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

embed.smashystream.com/getplayer.php?player=f&tmdb=4608&season=4&episode=14

104.21.62.104

404 Not Found

62 B

URL GET HTTP/2
embed.smashystream.com/getplayer.php?player=f&tmdb=4608&season=4&episode=14
IP
104.21.62.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://player.smashy.stream/tv/tt0496424?e=14&s=4
Certificate
IssuerGoogle Trust Services LLC
Subjectsmashystream.com
FingerprintB1:4A:F7:28:64:1D:19:E4:5D:E0:D9:FE:E6:98:73:AD:03:DE:7D:BA
ValiditySun, 14 Apr 2024 02:08:49 GMT - Sat, 13 Jul 2024 02:08:48 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
62 B (62 bytes)
Hash
4fa323f958eda617485f1bedb207a401
d68dd256848f25e626a3ea0ba29377f3bbd471f7
017120b6ff0aaed37d560d78f01134eb10ad13d4e7c67d95ce04c282d5ad22ea

HTTP Headers

GET /getplayer.php?player=f&tmdb=4608&season=4&episode=14 HTTP/1.1
Host: embed.smashystream.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/
Origin: https://player.smashy.stream
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Wed, 08 May 2024 15:31:54 GMT
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Be1s1gRoc662YBCXVJ0UIhtZ8NTjTk6yEUxp3kh4stBjEijRI%2BE0RETmEpgN3wymBkSTOYXOxk6hqsIUZgUn0xoD1B877ZjwabPbPCk%2BLidx29QTNgjDPVtxOhYJUwtGyyplRILoalmq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a7fd50a29b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

getrunkhomuto.info/NG9JdXFVDSoYTlVSK1MERgN0UENySnszFQYVL0AWQVosQBxEV35bElgAPBEXRgAnAV9aCj1QQ3I2Hxk7WDskJEBkPjoaJk0mfjQpegsrRytQCh8zBn0HKgcwWRwgNiIMCwQMM3g/GB5CfT55RiJdOiQzCEcpBkYgZD8YBkV9Ay45OmY6MzsYBTsPRzRxIC4GFnIufEwgXSYmNCl6OioxRXEmCDsDUC4IEjMGGyMkCAwuBzJIZg4LMEJWGC4dOV5XbEczdzxwNyt2PRgsN2YVEDMnWScOERtlJ3kYEgYtHzwWBFsDDUBGOSQsAGw3LkIoczUIEyJuFRAzXGFXDBs/XCUBESJRKAM4EAU1JDsgdRsNDx0HOT4dJm4CByMXWDkkLEF2Vx8xMAMpMAYyezw5NBd3JT8vNEBKezcgXSE/IzASBToaH0RSDDgyVTwqQjAHDj0aB3IEeg

52.85.243.31

200 OK

3.0 kB

URL GET HTTP/2
getrunkhomuto.info/NG9JdXFVDSoYTlVSK1MERgN0UENySnszFQYVL0AWQVosQBxEV35bElgAPBEXRgAnAV9aCj1QQ3I2Hxk7WDskJEBkPjoaJk0mfjQpegsrRytQCh8zBn0HKgcwWRwgNiIMCwQMM3g/GB5CfT55RiJdOiQzCEcpBkYgZD8YBkV9Ay45OmY6MzsYBTsPRzRxIC4GFnIufEwgXSYmNCl6OioxRXEmCDsDUC4IEjMGGyMkCAwuBzJIZg4LMEJWGC4dOV5XbEczdzxwNyt2PRgsN2YVEDMnWScOERtlJ3kYEgYtHzwWBFsDDUBGOSQsAGw3LkIoczUIEyJuFRAzXGFXDBs/XCUBESJRKAM4EAU1JDsgdRsNDx0HOT4dJm4CByMXWDkkLEF2Vx8xMAMpMAYyezw5NBd3JT8vNEBKezcgXSE/IzASBToaH0RSDDgyVTwqQjAHDj0aB3IEeg
IP
52.85.243.31:443
ASN
#16509 AMAZON-02

Requested by
https://player.smashy.stream/tv/tt0496424?e=14&s=4
Certificate
IssuerAmazon
Subjectgetrunkhomuto.info
Fingerprint07:6C:15:28:EC:56:65:DE:8C:55:1C:BF:A5:DB:7B:96:8F:38:56:0E
ValidityMon, 01 Apr 2024 00:00:00 GMT - Wed, 30 Apr 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3067), with no line terminators
Size
3.0 kB (3041 bytes)
Hash
54bd2992cb4e36448809701736d303c4
b80348eb28af5442584d1a2f9b55e7ebf0e0a18c
57a5f474c2ff1ec042bb62dc18a24bd838d0f0c9ee2475bba94d7346f1be7de5

HTTP Headers

GET /NG9JdXFVDSoYTlVSK1MERgN0UENySnszFQYVL0AWQVosQBxEV35bElgAPBEXRgAnAV9aCj1QQ3I2Hxk7WDskJEBkPjoaJk0mfjQpegsrRytQCh8zBn0HKgcwWRwgNiIMCwQMM3g/GB5CfT55RiJdOiQzCEcpBkYgZD8YBkV9Ay45OmY6MzsYBTsPRzRxIC4GFnIufEwgXSYmNCl6OioxRXEmCDsDUC4IEjMGGyMkCAwuBzJIZg4LMEJWGC4dOV5XbEczdzxwNyt2PRgsN2YVEDMnWScOERtlJ3kYEgYtHzwWBFsDDUBGOSQsAGw3LkIoczUIEyJuFRAzXGFXDBs/XCUBESJRKAM4EAU1JDsgdRsNDx0HOT4dJm4CByMXWDkkLEF2Vx8xMAMpMAYyezw5NBd3JT8vNEBKezcgXSE/IzASBToaH0RSDDgyVTwqQjAHDj0aB3IEeg HTTP/1.1
Host: getrunkhomuto.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1191
date: Wed, 08 May 2024 15:31:52 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 210fa10efb175d891774d170436663b0.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: -9sHeii_0PSHEZAB-tcJrMU2rwMu93cCq92W24185XFdEMQvyGPwCw==
X-Firefox-Spdy: h2

pogothere.xyz/

188.114.97.1

200 OK

27 B

URL GET HTTP/2
pogothere.xyz/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://player.smashy.stream/tv/tt0496424?e=14&s=4
Certificate
IssuerGoogle Trust Services LLC
Subjectpogothere.xyz
Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B
ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT

File type
ASCII text, with no line terminators
Size
27 B (27 bytes)
Hash
bb61ee1154fbf07ca84f2797d002d0b3
1eef633037e6a3135e248743d6b17dc3075f95a1
b65c21e2b63047961ac1ac7c6adccbae1281eae048b80ccf79613ba8bf7a89fa

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/
Origin: https://player.smashy.stream
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 15:31:52 GMT
content-type: text/plain
set-cookie: csu=1230382730504823@1@1715182312; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://player.smashy.stream
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CyKwHYk5Ri5Rnz1w5%2BxSviKh5c2%2BuVXghe5fqrbUqzkN7pFSo9iGB5ZZlMrYb0fsC4Jp3Ya%2BgjWtSCLs7vny6YBNor5IvZuMqnds3VyiO9cZTeWRjN%2FHUFy%2FdIuKQbRO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a7fce2fc5b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

player.smashy.stream/assets/index-C82RhojO.js

172.67.215.153

200 OK

275 kB

URL GET HTTP/3
player.smashy.stream/assets/index-C82RhojO.js
IP
172.67.215.153:443
ASN
#13335 CLOUDFLARENET

Requested by
https://player.smashy.stream/tv/tt0496424?e=14&s=4
Certificate
IssuerGoogle Trust Services LLC
Subjectplayer.smashy.stream
Fingerprint3D:AD:7C:53:E0:EC:16:14:D1:38:83:A1:1D:0F:FA:95:26:3D:5D:09
ValidityTue, 23 Apr 2024 12:57:56 GMT - Mon, 22 Jul 2024 12:57:55 GMT

File type

Size
275 kB (274985 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/index-C82RhojO.js HTTP/1.1
Host: player.smashy.stream
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/tv/tt0496424?e=14&s=4
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 15:31:51 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"a36dfb5abee43b9ad764460059030445"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=420oON%2BEDe6Rig3j8vgUhcekwjlnwF62V%2BZQn3TwGicyUnmh0BFLbn9zvzgHfueRXlR0EehG8uWQt10mcuBWlQl6JRBCaAXIdVPErVCltrtLnIWtQ1Li0dqg7ZZ0ilgSJoapqDqJmZZ179xbeu%2B%2FEOsmEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 6131
server: cloudflare
cf-ray: 880a7fc83d38b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

embed.smashystream.com/status.php?imdb=tt0496424&season=4&episode=14

104.21.62.104

200 OK

1.2 kB

URL GET HTTP/2
embed.smashystream.com/status.php?imdb=tt0496424&season=4&episode=14
IP
104.21.62.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://player.smashy.stream/tv/tt0496424?e=14&s=4
Certificate
IssuerGoogle Trust Services LLC
Subjectsmashystream.com
FingerprintB1:4A:F7:28:64:1D:19:E4:5D:E0:D9:FE:E6:98:73:AD:03:DE:7D:BA
ValiditySun, 14 Apr 2024 02:08:49 GMT - Sat, 13 Jul 2024 02:08:48 GMT

File type
ASCII text, with very long lines (1352), with no line terminators
Size
1.2 kB (1184 bytes)
Hash
2a001880b3ad09002af228df536ebe88
8f30cf04290109ba00544b206f28c0875c823633
3e0781e839eec73255c3ddee1688c6194c967c199afa71ae486283ed3e627810

HTTP Headers

GET /status.php?imdb=tt0496424&season=4&episode=14 HTTP/1.1
Host: embed.smashystream.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/
Origin: https://player.smashy.stream
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 15:31:53 GMT
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
x-cached: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fL8%2FRB06suo8CP8l4GWxExOF%2FN2e3oXrcHthAVuqSXqXzNinIoGd28wIiqehOYVphSK6zknO3FugHLv%2FqLm0k6wGAB%2BrNxJOU6SFUDAptCYwX3IOQsDieo1PYfxFNmydZ%2FEpLcYuss9w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a7fcc0e08b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

lylufhuxqwi.com/aas/r45d/vki/2019261/25af6960.js

212.117.190.201

200 OK

106 kB

URL GET HTTP/2
lylufhuxqwi.com/aas/r45d/vki/2019261/25af6960.js
IP
212.117.190.201:443
ASN
#7979 SERVERS-COM

Requested by
https://player.smashy.stream/tv/tt0496424?e=14&s=4
Certificate
IssuerBuypass AS-983163327
Subject
Fingerprint59:69:20:70:FA:E5:D9:16:78:DB:51:76:3B:0A:AD:0A:32:12:73:D1
ValidityTue, 09 Jan 2024 12:44:49 GMT - Sat, 06 Jul 2024 21:59:00 GMT

File type
JavaScript source, ASCII text, with very long lines (65106)
Size
106 kB (106462 bytes)
Hash
b4abd91ca89a5f6c2885ad97df87e188
c586719b27e080f4a889f8ae7544e414467dc501
3ba3825041badb95af70452c403c118fce573398ddbc62c5557b2bd85e94851a

HTTP Headers

GET /aas/r45d/vki/2019261/25af6960.js HTTP/1.1
Host: lylufhuxqwi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://player.smashy.stream/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 15:31:51 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-1a022"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (29)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL