| qd.myosoteruins.com/rUdcK8qZZxyOOpBmq/77025 |  23.109.170.98 | 200 OK | 20 B |
URL GET HTTP/1.1qd.myosoteruins.com/rUdcK8qZZxyOOpBmq/77025 IP23.109.170.98:443
Requested byhttps://cdn.totalsportek.space/embed77/?event=stack.html&link=1&domain=&force=https://vivofytv.com/vod.html?get=https://voodc.com/embed/858a948ea28587958799838b918798858b96.html&ask=1737918000&lgt=3&noplayer=0 CertificateIssuerLet's Encrypt Subjectqd.myosoteruins.com Fingerprint5D:05:70:C1:65:21:AB:59:D3:3A:94:F7:7E:AA:81:F9:4D:31:13:51 ValidityThu, 05 Dec 2024 14:26:41 GMT - Wed, 05 Mar 2025 14:26:40 GMT
File typegzip compressed data, from Unix Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /rUdcK8qZZxyOOpBmq/77025 HTTP/1.1
Host: qd.myosoteruins.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.totalsportek.space/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 26 Jan 2025 18:37:07 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://cdn.totalsportek.space
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Mon, 27-Jan-2025 18:37:07 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Mon, 27-Jan-2025 18:37:07 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| ts.yowdenfalcial.com/rDwQTpfoIlIeWcu/71505 | 23.109.170.94 | 200 OK | 20 B |
URL GET HTTP/1.1ts.yowdenfalcial.com/rDwQTpfoIlIeWcu/71505 IP23.109.170.94:443
Requested byhttps://cdn.totalsportek.space/embed77/?event=stack.html&link=1&domain=&force=https://vivofytv.com/vod.html?get=https://voodc.com/embed/858a948ea28587958799838b918798858b96.html&ask=1737918000&lgt=3&noplayer=0 CertificateIssuerLet's Encrypt Subjectts.yowdenfalcial.com Fingerprint7D:09:A8:57:48:21:46:7A:81:9A:D9:C3:46:F6:23:DA:5D:29:ED:90 ValidityThu, 05 Dec 2024 14:30:28 GMT - Wed, 05 Mar 2025 14:30:27 GMT
File typegzip compressed data, from Unix Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /rDwQTpfoIlIeWcu/71505 HTTP/1.1
Host: ts.yowdenfalcial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.totalsportek.space/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 26 Jan 2025 18:37:07 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://cdn.totalsportek.space
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Mon, 27-Jan-2025 18:37:07 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Mon, 27-Jan-2025 18:37:07 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| cdn.totalsportek.space/embed77/?event=stack.html&link=1&domain=&force=https://vivofytv.com/vod.html?get=https://voodc.com/embed/858a948ea28587958799838b918798858b96.html&ask=1737918000&lgt=3&noplayer=0 |  104.21.14.92 | 200 OK | 21 kB |
URL HEAD HTTP/3cdn.totalsportek.space/embed77/?event=stack.html&link=1&domain=&force=https://vivofytv.com/vod.html?get=https://voodc.com/embed/858a948ea28587958799838b918798858b96.html&ask=1737918000&lgt=3&noplayer=0 IP104.21.14.92:443
Requested byhttps://cdn.totalsportek.space/embed77/?event=stack.html&link=1&domain=&force=https://vivofytv.com/vod.html?get=https://voodc.com/embed/858a948ea28587958799838b918798858b96.html&ask=1737918000&lgt=3&noplayer=0 CertificateIssuerGoogle Trust Services Subjecttotalsportek.space Fingerprint0D:35:D1:41:A9:1D:E9:79:0F:B4:68:C8:BA:01:3C:70:8C:19:5A:84 ValidityTue, 31 Dec 2024 08:29:00 GMT - Mon, 31 Mar 2025 09:27:15 GMT
File typeHTML document, ASCII text, with very long lines (58981) Hash140e87c2902d091f4c660214954f81b8 e49396abf4060667770c3d403ca01ba7e1960155 8b770c2248aeff93e3e0de407168d47c9388addb7e93b8639dee810dbcd63f98
GET /embed77/?event=stack.html&link=1&domain=&force=https://vivofytv.com/vod.html?get=https://voodc.com/embed/858a948ea28587958799838b918798858b96.html&ask=1737918000&lgt=3&noplayer=0 HTTP/1.1
Host: cdn.totalsportek.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 26 Jan 2025 18:37:07 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HUruoPlAmg%2FZ5lkxumpk0Eo0l5LI9w6r1zQv2kwezWbsowX0dLJL%2FBng%2BsTaXZ8Oe%2F2EDIOfinkh7ydVL7Pn5t2mv7PxpYX0hZMOM3CcJdt7NVBvO%2Bss%2FSPN4pjj0GHUjXC3h383QR7O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90829cc8083256ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6391&min_rtt=453&rtt_var=11870&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3295&recv_bytes=1388&delivery_rate=6851735&cwnd=254&unsent_bytes=0&cid=491d8ed79f9bc5d5&ts=151&x=0"
X-Firefox-Spdy: h2
|
|
| ptaixout.net/tag.min.js |  139.45.197.107 | 200 OK | 27 kB |
IP139.45.197.107:443
Requested byhttps://cdn.totalsportek.space/embed77/?event=stack.html&link=1&domain=&force=https://vivofytv.com/vod.html?get=https://voodc.com/embed/858a948ea28587958799838b918798858b96.html&ask=1737918000&lgt=3&noplayer=0 CertificateIssuerLet's Encrypt Subjectptaixout.net FingerprintEE:B7:7A:A3:2E:F5:C1:DE:27:FC:A2:64:11:D8:AE:DF:54:E0:65:D4 ValidityWed, 13 Nov 2024 05:13:26 GMT - Tue, 11 Feb 2025 05:13:25 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash1686a611c0e26591ac96683a642768bf 449a2534427d33fc917c1a8ddb988e268aa0a040 cf4de5e0c8ddb7ff9c0b128bcb23b1c2a2c1e64efacac613e96899cb5100a398
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /tag.min.js HTTP/1.1
Host: ptaixout.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.totalsportek.space/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 26 Jan 2025 18:37:07 GMT
content-type: text/javascript; charset=utf-8
content-length: 27355
content-encoding: br
x-trace-id: a479e6619949bb52a9a8651d9db2cfec
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 24 Jan 2025 15:05:05 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| voodc.com/embed/858a948ea28587958799838b918798858b96.html | 104.21.48.1 | 200 OK | 28 kB |
URL GET HTTP/2voodc.com/embed/858a948ea28587958799838b918798858b96.html IP104.21.48.1:443
Requested byhttps://vivofytv.com/vod.html?get=https://voodc.com/embed/858a948ea28587958799838b918798858b96.html CertificateIssuerGoogle Trust Services Subjectvoodc.com FingerprintCD:1A:43:A6:57:80:4C:DC:51:C3:65:4C:62:84:F0:4F:1E:35:6A:05 ValidityFri, 03 Jan 2025 21:58:27 GMT - Thu, 03 Apr 2025 22:55:40 GMT
File typeHTML document, ASCII text, with very long lines (384) Hashb034bb97ecbb17e9fd9bdeaed22065fb 2b3f3e5a7b8c8eb5a5b87eb30fbe287d7aa42e3c 42c1bdbb37934e26baad7e08910dc29fa398608a2d65afc6d5c4b7473ee2fd61
GET /embed/858a948ea28587958799838b918798858b96.html HTTP/1.1
Host: voodc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vivofytv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 26 Jan 2025 18:37:08 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.30
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-xss-protection: 0
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q82%2BFyi9eE1p51EydSz%2FKYii%2BT1ZaXrzh4uukMnGlmEKDfPVi55d7nrXVNz9UskhSyZGX4rkGG0jfcnCnT%2BY8NmErCcSln3W8A3C6OwniBDIBEJlYfDZh2Sqk6Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90829ccdbe5d0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6242&min_rtt=433&rtt_var=11626&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3271&recv_bytes=1286&delivery_rate=8044444&cwnd=254&unsent_bytes=0&cid=6d4e6e03d7676073&ts=133&x=0"
X-Firefox-Spdy: h2
|
|
| ptaixout.net/5/6320745/?oo=1&aab=1 | 139.45.197.107 | 200 OK | 43 kB |
URL GET HTTP/2ptaixout.net/5/6320745/?oo=1&aab=1 IP139.45.197.107:443
Requested byhttps://cdn.totalsportek.space/embed77/?event=stack.html&link=1&domain=&force=https://vivofytv.com/vod.html?get=https://voodc.com/embed/858a948ea28587958799838b918798858b96.html&ask=1737918000&lgt=3&noplayer=0 CertificateIssuerLet's Encrypt Subjectptaixout.net FingerprintEE:B7:7A:A3:2E:F5:C1:DE:27:FC:A2:64:11:D8:AE:DF:54:E0:65:D4 ValidityWed, 13 Nov 2024 05:13:26 GMT - Tue, 11 Feb 2025 05:13:25 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (61250) Hash9f571c65ce371313b60f8e2ff8225391 fd20d57049dc292a56aad0cc419172240afbd075 d537e9188ef06ed63d734cd2cfef1b77aab9a9ff82ce502c1862cf6bd33de426
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /5/6320745/?oo=1&aab=1 HTTP/1.1
Host: ptaixout.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdn.totalsportek.space
DNT: 1
Connection: keep-alive
Referer: https://cdn.totalsportek.space/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 26 Jan 2025 18:37:07 GMT
content-type: application/json
x-trace-id: a8a85746b32dc4b38e13ee976c28e247
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://cdn.totalsportek.space
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=00815d0c7dbc4115ea3f8d937c891149; expires=Mon, 26 Jan 2026 18:37:07 GMT; path=/; secure; SameSite=None
oaidts=1737916627; expires=Mon, 26 Jan 2026 18:37:07 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ssl.p.jwpcdn.com/player/v/8.27.1/jwplayer.core.controls.js |  151.101.130.114 | 200 OK | 85 kB |
URL GET HTTP/2ssl.p.jwpcdn.com/player/v/8.27.1/jwplayer.core.controls.js IP151.101.130.114:443
Requested byhttps://voodc.com/player/d/jYSah52GhJaLtsPNysPVtYiRr5qFjq3A18nL2Y-fs4mVktvKjJeHsLm2zMabhISRh5qEhKfA27m50M-iioM_/vZeOj5a3uo6HmYGEmIqgjYSYjJuEgMql CertificateIssuerGlobalSign nv-sa Subject*.jwplayer.com FingerprintEB:7D:6F:C0:96:2F:66:35:5C:60:21:FF:31:D2:7A:D1:4F:C7:CF:96 ValidityTue, 02 Jul 2024 18:10:25 GMT - Sun, 03 Aug 2025 18:10:24 GMT
File typeJavaScript source, ASCII text, with very long lines (65143) Hash3141cfbc04d2f12e7e4047ffd289780c 8831b1b49d7e4a9d7ad0009d56183a6a37ace6ea f25b68cae995caaaaea17d890f255f8863419c6126a53322bb4469053acfc4c8
GET /player/v/8.27.1/jwplayer.core.controls.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, immutable
last-modified: Mon, 22 May 2023 06:27:29 GMT
etag: "3141cfbc04d2f12e7e4047ffd289780c"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 26 Jan 2025 18:37:08 GMT
via: 1.1 varnish
age: 3515297
x-served-by: cache-hel1410027-HEL
x-cache: HIT
x-cache-hits: 6689
x-timer: S1737916629.820150,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 84863
X-Firefox-Spdy: h2
|
|
| voodc.com/avurcfyas1.js?v53 | 104.21.48.1 | 200 OK | 129 kB |
URL GET HTTP/3voodc.com/avurcfyas1.js?v53 IP104.21.48.1:443
Requested byhttps://voodc.com/player/d/jYSah52GhJaLtsPNysPVtYiRr5qFjq3A18nL2Y-fs4mVktvKjJeHsLm2zMabhISRh5qEhKfA27m50M-iioM_/vZeOj5a3uo6HmYGEmIqgjYSYjJuEgMql CertificateIssuerGoogle Trust Services Subjectvoodc.com FingerprintCD:1A:43:A6:57:80:4C:DC:51:C3:65:4C:62:84:F0:4F:1E:35:6A:05 ValidityFri, 03 Jan 2025 21:58:27 GMT - Thu, 03 Apr 2025 22:55:40 GMT
File typeJavaScript source, ASCII text, with very long lines (57342) Size129 kB (129056 bytes) Hashd869790371d7690ba1d35cac54aae05e 168a54a2a8213b110271e16a3f933f831e8be755 356de21a0c7a61d4467d14594ffd0d6ffe680694146624b9dd7e1b9243ef1be9
GET /avurcfyas1.js?v53 HTTP/1.1
Host: voodc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 26 Jan 2025 18:37:08 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mYY5QestO7id1Q0f3bOeca8XqwBR0DbOP6pbiOjLKDbIeq8NyP7usH%2BpkBtwJ0JKf3SRx%2B%2B5a85lIK2Vc1RLITwJMIbiVn7o5YrrIHZsAVN2OdlpfunQ66tfSTM%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 14 Dec 2024 17:54:19 GMT
etag: W/"675dc64b-1e79"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-xss-protection: 0
content-encoding: gzip
cf-cache-status: DYNAMIC
vary: accept-encoding
cf-ray: 90829cd089a6568d-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
|
|
| ssl.p.jwpcdn.com/player/v/8.27.1/jwplayer.js | 151.101.130.114 | 200 OK | 110 kB |
URL GET HTTP/2ssl.p.jwpcdn.com/player/v/8.27.1/jwplayer.js IP151.101.130.114:443
Requested byhttps://voodc.com/player/d/jYSah52GhJaLtsPNysPVtYiRr5qFjq3A18nL2Y-fs4mVktvKjJeHsLm2zMabhISRh5qEhKfA27m50M-iioM_/vZeOj5a3uo6HmYGEmIqgjYSYjJuEgMql CertificateIssuerGlobalSign nv-sa Subject*.jwplayer.com FingerprintEB:7D:6F:C0:96:2F:66:35:5C:60:21:FF:31:D2:7A:D1:4F:C7:CF:96 ValidityTue, 02 Jul 2024 18:10:25 GMT - Sun, 03 Aug 2025 18:10:24 GMT
Size110 kB (109839 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /player/v/8.27.1/jwplayer.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=31536000, immutable
last-modified: Mon, 22 May 2023 06:27:30 GMT
etag: "8dc1a43e7496a716635450fc7ca56ab0"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 26 Jan 2025 18:37:08 GMT
via: 1.1 varnish
age: 2305852
x-served-by: cache-hel1410027-HEL
x-cache: HIT
x-cache-hits: 8806
x-timer: S1737916629.653768,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 41022
X-Firefox-Spdy: h2
|
|
| ssl.p.jwpcdn.com/player/v/8.27.1/provider.hlsjs.js | 151.101.130.114 | 200 OK | 422 kB |
URL GET HTTP/2ssl.p.jwpcdn.com/player/v/8.27.1/provider.hlsjs.js IP151.101.130.114:443
Requested byhttps://voodc.com/player/d/jYSah52GhJaLtsPNysPVtYiRr5qFjq3A18nL2Y-fs4mVktvKjJeHsLm2zMabhISRh5qEhKfA27m50M-iioM_/vZeOj5a3uo6HmYGEmIqgjYSYjJuEgMql CertificateIssuerGlobalSign nv-sa Subject*.jwplayer.com FingerprintEB:7D:6F:C0:96:2F:66:35:5C:60:21:FF:31:D2:7A:D1:4F:C7:CF:96 ValidityTue, 02 Jul 2024 18:10:25 GMT - Sun, 03 Aug 2025 18:10:24 GMT
Size422 kB (422237 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /player/v/8.27.1/provider.hlsjs.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=31536000, immutable
last-modified: Mon, 22 May 2023 06:27:32 GMT
etag: "4f4459c52455c57a5490992cac29595d"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 26 Jan 2025 18:37:08 GMT
via: 1.1 varnish
age: 1701509
x-served-by: cache-hel1410027-HEL
x-cache: HIT
x-cache-hits: 7160
x-timer: S1737916629.821348,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 125992
X-Firefox-Spdy: h2
|
|
| youradexchange.com/script/suurl5.php?r=7137382&cbur=0.6992252822340985&cbiframe=1&cbWidth=1100&cbHeight=619&cbtitle=&cbpage=https%3A%2F%2Fvoodc.com%2Fembed%2F858a948ea28587958799838b918798858b96.html&cbref=&cbdescription=&cbkeywords=&cbcdn=qsvbi.space&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1737916628868&srs=4ded442f7eba8348efe85c55d5286c79&atv=57.0&abtg=1&adbv=3-cdn-js | 104.21.91.188 | 200 OK | 1.1 kB |
URL GET HTTP/2youradexchange.com/script/suurl5.php?r=7137382&cbur=0.6992252822340985&cbiframe=1&cbWidth=1100&cbHeight=619&cbtitle=&cbpage=https%3A%2F%2Fvoodc.com%2Fembed%2F858a948ea28587958799838b918798858b96.html&cbref=&cbdescription=&cbkeywords=&cbcdn=qsvbi.space&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1737916628868&srs=4ded442f7eba8348efe85c55d5286c79&atv=57.0&abtg=1&adbv=3-cdn-js IP104.21.91.188:443
Requested byhttps://voodc.com/player/d/jYSah52GhJaLtsPNysPVtYiRr5qFjq3A18nL2Y-fs4mVktvKjJeHsLm2zMabhISRh5qEhKfA27m50M-iioM_/vZeOj5a3uo6HmYGEmIqgjYSYjJuEgMql CertificateIssuerGoogle Trust Services Subjectyouradexchange.com Fingerprint8B:14:37:06:AD:3B:34:24:D2:1C:2E:8F:85:18:45:17:CE:7A:8F:77 ValidityFri, 06 Dec 2024 14:16:45 GMT - Thu, 06 Mar 2025 14:16:44 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (1122), with no line terminators Hash927fa79bafa90bf40a2cfc35a04b6e29 0f2b58332c0aac36b9daac8462cb5cf6530a1654 3a6884b85a12fe9e8742eefede924472ed2cf8ae686bd2750f5cd47cd0f3ba44
GET /script/suurl5.php?r=7137382&cbur=0.6992252822340985&cbiframe=1&cbWidth=1100&cbHeight=619&cbtitle=&cbpage=https%3A%2F%2Fvoodc.com%2Fembed%2F858a948ea28587958799838b918798858b96.html&cbref=&cbdescription=&cbkeywords=&cbcdn=qsvbi.space&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1737916628868&srs=4ded442f7eba8348efe85c55d5286c79&atv=57.0&abtg=1&adbv=3-cdn-js HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voodc.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 26 Jan 2025 18:37:09 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M40k2vgksOZFaYncwM6iQBMbZ1vwsEu4X0wGeWZFj3rC3aAD6D5dZs582bT%2BRRQxWjo%2BBW%2Bc%2F8uqrHQ1BWdyJYXfbtl2zAcWU3JXlFZ7hyIt2mxRF2Emciuv0%2BZeppkVb1h29Bc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90829cd32c1f56a2-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6273&min_rtt=507&rtt_var=11547&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3221&recv_bytes=1349&delivery_rate=7350253&cwnd=254&unsent_bytes=0&cid=0b888d40107f8f55&ts=232&x=0"
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?userId=00815d0c7dbc4115ea3f8d937c891149 | 104.18.41.22 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=00815d0c7dbc4115ea3f8d937c891149 IP104.18.41.22:443
Requested byhttps://cdn.totalsportek.space/embed77/?event=stack.html&link=1&domain=&force=https://vivofytv.com/vod.html?get=https://voodc.com/embed/858a948ea28587958799838b918798858b96.html&ask=1737918000&lgt=3&noplayer=0 CertificateIssuerGoogle Trust Services Subjectmy.rtmark.net Fingerprint56:7F:53:10:57:2F:C3:F4:06:8B:DB:2F:C1:F7:6A:1D:68:59:14:3F ValiditySat, 04 Jan 2025 10:02:11 GMT - Fri, 04 Apr 2025 11:00:33 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash9f15387da2a66fbf986a6336f6ae385d 9ffba07c32f2cce3e5f373fbd949ab8d66ab83d0 d948cc972bb1d483ac4b923f3b75c4a859132e68cf8718de7d22ee3c69e17f28
GET /gid.js?userId=00815d0c7dbc4115ea3f8d937c891149 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdn.totalsportek.space
DNT: 1
Connection: keep-alive
Referer: https://cdn.totalsportek.space/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 26 Jan 2025 18:37:08 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn.totalsportek.space
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
set-cookie: ID=00815d0c7dbc4115ea3f8d937c891149; expires=Mon, 26 Jan 2026 18:37:08 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 90829ccdea3656a5-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ptaixout.net/?rb=ka-IkCIoYCKw_Eex1UQyLpJ5y9UUZB87ifHNwpwPtzGK2ofX94KdXdOoReylOzfV5guqxcYjp5IAz4aOKlINgHBESQq7PPekkWS53dugYIYZ8ndApXNg-DknbfCafFzsQYgjXvOU74y0swtwDOT4FwtCNhIJu5sdrX3s481KTrbY-Gl2xtO9mTGUNYIfUFUn06c0QgMByAH9IStYNrn41P1Hra2gIl9SFnqcNFJgf0vrBbsxMdnNSKUhtEazRHnBpZylKqJqgpo32zxerpXJkmnPd6JvT9VL&request_ab2=0&zoneid=6320745&js_build=iclick-v1.1059.2&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=2&pl=https%3A%2F%2Fcdn.totalsportek.space%2Fembed77%2F%3Fevent%3Dstack.html%26link%3D1%26domain%3D%26force%3Dhttps%3A%2F%2Fvivofytv.com%2Fvod.html%3Fget%3Dhttps%3A%2F%2Fvoodc.com%2Fembed%2F858a948ea28587958799838b918798858b96.html%26ask%3D1737918000%26lgt%3D3%26noplayer%3D0&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=3&wgl=&js_build=iclick-v1.1059.2&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=6a0fe7c9-2e09-4009-9ca7-1bd23c202b17&wasm=1&userId=00815d0c7dbc4115ea3f8d937c891149&m=link | 139.45.197.107 | 200 OK | 3.1 kB |
URL GET HTTP/2ptaixout.net/?rb=ka-IkCIoYCKw_Eex1UQyLpJ5y9UUZB87ifHNwpwPtzGK2ofX94KdXdOoReylOzfV5guqxcYjp5IAz4aOKlINgHBESQq7PPekkWS53dugYIYZ8ndApXNg-DknbfCafFzsQYgjXvOU74y0swtwDOT4FwtCNhIJu5sdrX3s481KTrbY-Gl2xtO9mTGUNYIfUFUn06c0QgMByAH9IStYNrn41P1Hra2gIl9SFnqcNFJgf0vrBbsxMdnNSKUhtEazRHnBpZylKqJqgpo32zxerpXJkmnPd6JvT9VL&request_ab2=0&zoneid=6320745&js_build=iclick-v1.1059.2&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=2&pl=https%3A%2F%2Fcdn.totalsportek.space%2Fembed77%2F%3Fevent%3Dstack.html%26link%3D1%26domain%3D%26force%3Dhttps%3A%2F%2Fvivofytv.com%2Fvod.html%3Fget%3Dhttps%3A%2F%2Fvoodc.com%2Fembed%2F858a948ea28587958799838b918798858b96.html%26ask%3D1737918000%26lgt%3D3%26noplayer%3D0&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=3&wgl=&js_build=iclick-v1.1059.2&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=6a0fe7c9-2e09-4009-9ca7-1bd23c202b17&wasm=1&userId=00815d0c7dbc4115ea3f8d937c891149&m=link IP139.45.197.107:443
Requested byhttps://cdn.totalsportek.space/embed77/?event=stack.html&link=1&domain=&force=https://vivofytv.com/vod.html?get=https://voodc.com/embed/858a948ea28587958799838b918798858b96.html&ask=1737918000&lgt=3&noplayer=0 CertificateIssuerLet's Encrypt Subjectptaixout.net FingerprintEE:B7:7A:A3:2E:F5:C1:DE:27:FC:A2:64:11:D8:AE:DF:54:E0:65:D4 ValidityWed, 13 Nov 2024 05:13:26 GMT - Tue, 11 Feb 2025 05:13:25 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3156), with no line terminators Hash4e4dd8ec6191894fe652c058f78579d5 d0deb2c34e43e32228960e46b51b97b3cb194a86 c8ec428cd30eae62deee6a3c0183c8f34df5eaad83fe50aa87b34359c53a13c1
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /?rb=ka-IkCIoYCKw_Eex1UQyLpJ5y9UUZB87ifHNwpwPtzGK2ofX94KdXdOoReylOzfV5guqxcYjp5IAz4aOKlINgHBESQq7PPekkWS53dugYIYZ8ndApXNg-DknbfCafFzsQYgjXvOU74y0swtwDOT4FwtCNhIJu5sdrX3s481KTrbY-Gl2xtO9mTGUNYIfUFUn06c0QgMByAH9IStYNrn41P1Hra2gIl9SFnqcNFJgf0vrBbsxMdnNSKUhtEazRHnBpZylKqJqgpo32zxerpXJkmnPd6JvT9VL&request_ab2=0&zoneid=6320745&js_build=iclick-v1.1059.2&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=2&pl=https%3A%2F%2Fcdn.totalsportek.space%2Fembed77%2F%3Fevent%3Dstack.html%26link%3D1%26domain%3D%26force%3Dhttps%3A%2F%2Fvivofytv.com%2Fvod.html%3Fget%3Dhttps%3A%2F%2Fvoodc.com%2Fembed%2F858a948ea28587958799838b918798858b96.html%26ask%3D1737918000%26lgt%3D3%26noplayer%3D0&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=3&wgl=&js_build=iclick-v1.1059.2&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=6a0fe7c9-2e09-4009-9ca7-1bd23c202b17&wasm=1&userId=00815d0c7dbc4115ea3f8d937c891149&m=link HTTP/1.1
Host: ptaixout.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdn.totalsportek.space/
Origin: https://cdn.totalsportek.space
DNT: 1
Connection: keep-alive
Cookie: OAID=00815d0c7dbc4115ea3f8d937c891149; oaidts=1737916627
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 26 Jan 2025 18:37:08 GMT
content-type: application/json
x-trace-id: 31bb40bca8c9b24c558b24c2affce235
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://cdn.totalsportek.space
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=00815d0c7dbc4115ea3f8d937c891149; expires=Mon, 26 Jan 2026 18:37:08 GMT; path=/; secure; SameSite=None
oaidts=1737916628; expires=Mon, 26 Jan 2026 18:37:08 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 02 Feb 2025 18:37:08 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| qsvbi.space/script/ut.js?cb=1737916628849 | 188.114.97.1 | 200 OK | 66 kB |
URL GET HTTP/2qsvbi.space/script/ut.js?cb=1737916628849 IP188.114.97.1:443
Requested byhttps://voodc.com/player/d/jYSah52GhJaLtsPNysPVtYiRr5qFjq3A18nL2Y-fs4mVktvKjJeHsLm2zMabhISRh5qEhKfA27m50M-iioM_/vZeOj5a3uo6HmYGEmIqgjYSYjJuEgMql CertificateIssuerGoogle Trust Services Subjectqsvbi.space Fingerprint45:68:48:73:0D:9A:0F:0F:A8:87:08:61:E7:64:CF:1F:20:C5:39:DE ValidityMon, 23 Dec 2024 03:45:46 GMT - Sun, 23 Mar 2025 04:42:50 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/ut.js?cb=1737916628849 HTTP/1.1
Host: qsvbi.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 26 Jan 2025 18:37:08 GMT
content-type: text/javascript
x-goog-generation: 1733127707295818
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 66473
x-goog-hash: crc32c=VBET1w==, md5=SvoqyZ+XMx3JgmPUkCKpWA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: AFIdbgQ3aPFuycTDXKOx5KZSJp5_BQ9rZlV3a4cQw7tF4tqzmHL19_IbpTWWHoJHpigKOj4L
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sun, 26 Jan 2025 18:42:06 GMT
cache-control: public, max-age=14400
age: 3234
last-modified: Mon, 02 Dec 2024 08:21:47 GMT
etag: W/"4afa2ac99f97331dc98263d49022a958"
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1LIp1CGBXwVO9pcCsA7f9m7sDBWIKmY2aARPsRqmifRIMcn9TZ0%2FFhjJcWABToJysOlMkLHA7zRsMcJt6KTlvSz%2FqRo0lTwyx3xJkJZA5SWtvilvGdXBsuDgydKfmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 90829cd32aba0b49-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=852&min_rtt=563&rtt_var=298&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3273&recv_bytes=1173&delivery_rate=6426035&cwnd=254&unsent_bytes=0&cid=9ed85b360f519060&ts=45&x=0"
X-Firefox-Spdy: h2
|
|
| vivofytv.com/vod.html?get=https://voodc.com/embed/858a948ea28587958799838b918798858b96.html | 172.67.129.68 | 200 OK | 1.1 kB |
URL GET HTTP/2vivofytv.com/vod.html?get=https://voodc.com/embed/858a948ea28587958799838b918798858b96.html IP172.67.129.68:443
Requested byhttps://cdn.totalsportek.space/embed77/?event=stack.html&link=1&domain=&force=https://vivofytv.com/vod.html?get=https://voodc.com/embed/858a948ea28587958799838b918798858b96.html&ask=1737918000&lgt=3&noplayer=0 CertificateIssuerGoogle Trust Services Subjectvivofytv.com Fingerprint2A:08:22:E7:44:0F:E4:C4:B1:6A:F2:0B:11:34:F8:B5:42:EE:90:56 ValidityFri, 27 Dec 2024 09:27:12 GMT - Thu, 27 Mar 2025 10:17:39 GMT
File typeHTML document, ASCII text, with very long lines (1190), with no line terminators Hash8bd9c3031aecae1529c9e468b923ca6f cbe90558c41eaa13cf8049f3a0546b7187e9e319 88ee3738bb0ce84f1b7ac557ba0bc4b5ffc9c244005d3e1865f81d504e5d45e4
GET /vod.html?get=https://voodc.com/embed/858a948ea28587958799838b918798858b96.html HTTP/1.1
Host: vivofytv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.totalsportek.space/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 26 Jan 2025 18:37:07 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Sun, 12 Jan 2025 17:23:04 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: EXPIRED
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bYGlYww%2FAiAobAaZK4XJNW%2FU1Y2Wt4Q8OPxD%2BSiclXgIoTSjCWbrxgLHrXtcLZHugTqEOFJfloUFlOFfQVARLHR1LyNbBLKMLyen70SjDw5o05%2BmCR42NV094I0WSU0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90829ccb7c2f56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=7502&min_rtt=1642&rtt_var=11658&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3276&recv_bytes=1320&delivery_rate=1887874&cwnd=254&unsent_bytes=0&cid=9e6aa7a3fb33b4c1&ts=177&x=0"
X-Firefox-Spdy: h2
|
|
| cdn.totalsportek.space/favicon.ico | 104.21.14.92 | 404 Not Found | 555 B |
URL GET HTTP/3cdn.totalsportek.space/favicon.ico IP104.21.14.92:443
Requested byhttps://cdn.totalsportek.space/embed77/?event=stack.html&link=1&domain=&force=https://vivofytv.com/vod.html?get=https://voodc.com/embed/858a948ea28587958799838b918798858b96.html&ask=1737918000&lgt=3&noplayer=0 CertificateIssuerGoogle Trust Services Subjecttotalsportek.space Fingerprint0D:35:D1:41:A9:1D:E9:79:0F:B4:68:C8:BA:01:3C:70:8C:19:5A:84 ValidityTue, 31 Dec 2024 08:29:00 GMT - Mon, 31 Mar 2025 09:27:15 GMT
File typeHTML document, ASCII text, with very long lines (581), with no line terminators Hashe9e4f9c9480bb14ad8343f37e3fb9b99 628fcbc6080fd3e684d1def2e5f67e98133ffa3b 85e4b614933e56b4531289e0bc3d2665db1f2b9d04d2c756a4a72b867c059594
GET /favicon.ico HTTP/1.1
Host: cdn.totalsportek.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.totalsportek.space/embed77/?event=stack.html&link=1&domain=&force=https://vivofytv.com/vod.html?get=https://voodc.com/embed/858a948ea28587958799838b918798858b96.html&ask=1737918000&lgt=3&noplayer=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sun, 26 Jan 2025 18:37:08 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 40
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w5orREMa3xluESnM%2BvJ%2BE%2FCTtSiVJ9UOivseqv6qYTRHxJgcOGamm3vuRdIm4HMHfmWUV%2B58NtcveGkluDwAUFlneUsUovGYdkDjwE60Wok8GxR7xCxgEFLDappAfJ%2B0qrCmaJTStQJ6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90829ccd7be05699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7074&min_rtt=4965&rtt_var=5498&sent=14&recv=10&lost=0&retrans=0&sent_bytes=4846&recv_bytes=1880&delivery_rate=1515&cwnd=12000&unsent_bytes=0&cid=3621635a317128f3&ts=703&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| voodc.com/player/d/jYSah52GhJaLtsPNysPVtYiRr5qFjq3A18nL2Y-fs4mVktvKjJeHsLm2zMabhISRh5qEhKfA27m50M-iioM_/vZeOj5a3uo6HmYGEmIqgjYSYjJuEgMql | 104.21.48.1 | 200 OK | 185 kB |
URL GET HTTP/3voodc.com/player/d/jYSah52GhJaLtsPNysPVtYiRr5qFjq3A18nL2Y-fs4mVktvKjJeHsLm2zMabhISRh5qEhKfA27m50M-iioM_/vZeOj5a3uo6HmYGEmIqgjYSYjJuEgMql IP104.21.48.1:443
Requested byhttps://voodc.com/embed/858a948ea28587958799838b918798858b96.html CertificateIssuerGoogle Trust Services Subjectvoodc.com FingerprintCD:1A:43:A6:57:80:4C:DC:51:C3:65:4C:62:84:F0:4F:1E:35:6A:05 ValidityFri, 03 Jan 2025 21:58:27 GMT - Thu, 03 Apr 2025 22:55:40 GMT
Size185 kB (185394 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /player/d/jYSah52GhJaLtsPNysPVtYiRr5qFjq3A18nL2Y-fs4mVktvKjJeHsLm2zMabhISRh5qEhKfA27m50M-iioM_/vZeOj5a3uo6HmYGEmIqgjYSYjJuEgMql HTTP/1.1
Host: voodc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://voodc.com/embed/858a948ea28587958799838b918798858b96.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 26 Jan 2025 18:37:08 GMT
content-type: text/html; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dD%2BRVOIwQ%2B6b5T%2FkiPjcKdYMEfSR9oOvRkDWNzkYYGYhHUH8t6IRm9mcjqjWeoNrF6tC71cL4zxFtiqQY4vT0CuJzUdW%2FOwWTLVa9dR8v0KaJTzdqeaByAdwXFY%3D"}],"group":"cf-nel","max_age":604800}
x-powered-by: PHP/8.0.30
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-xss-protection: 0
cf-cache-status: DYNAMIC
vary: accept-encoding
content-encoding: br
cf-ray: 90829ccf99a4568d-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
|
|
| voodc.com/embed/0/0/vZeOj5a3uo6HmYGEmIqgjYSYjJuEgMql/jYSah52GhJaLtsPNysPVtYiRr5qFjq3A18nL2Y-fs4mVktvKjJeHsLm2zMabhISRh5qEhKfA27m50M-iioM_ | 104.21.48.1 | 200 OK | 2.4 kB |
URL GET HTTP/2voodc.com/embed/0/0/vZeOj5a3uo6HmYGEmIqgjYSYjJuEgMql/jYSah52GhJaLtsPNysPVtYiRr5qFjq3A18nL2Y-fs4mVktvKjJeHsLm2zMabhISRh5qEhKfA27m50M-iioM_ IP104.21.48.1:443
Requested byhttps://voodc.com/embed/858a948ea28587958799838b918798858b96.html CertificateIssuerGoogle Trust Services Subjectvoodc.com FingerprintCD:1A:43:A6:57:80:4C:DC:51:C3:65:4C:62:84:F0:4F:1E:35:6A:05 ValidityFri, 03 Jan 2025 21:58:27 GMT - Thu, 03 Apr 2025 22:55:40 GMT
File typeASCII text, with very long lines (2534), with no line terminators Hash2fd431f364e3a936073493c3bb9194ab 58a2d9de16eda29d82300cc8d3e34684a348ed78 789584ee1389f073eb57bd9ddfbcf1a1a4af45116e5f40173ec73f8be2c27b86
GET /embed/0/0/vZeOj5a3uo6HmYGEmIqgjYSYjJuEgMql/jYSah52GhJaLtsPNysPVtYiRr5qFjq3A18nL2Y-fs4mVktvKjJeHsLm2zMabhISRh5qEhKfA27m50M-iioM_ HTTP/1.1
Host: voodc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://voodc.com/embed/858a948ea28587958799838b918798858b96.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 26 Jan 2025 18:37:08 GMT
content-type: application/javascript
x-powered-by: PHP/8.0.30
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-xss-protection: 0
content-encoding: gzip
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AjaS7ntxdiwga38Wa5lwhHBCOKic9NkGgewRgdJQOTWAGVzHG22n6JofBDZTT3klcjgKQInxoSplPvx241cTs9T5XQMqFZfuPuhaXp8lMBItKsEcMscQPSuPEHo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90829cceef750b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4352&min_rtt=433&rtt_var=7746&sent=11&recv=15&lost=0&retrans=0&sent_bytes=4781&recv_bytes=1529&delivery_rate=8044444&cwnd=257&unsent_bytes=0&cid=6d4e6e03d7676073&ts=251&x=0"
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js | 104.17.25.14 | 200 OK | 88 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js IP104.17.25.14:443
Requested byhttps://voodc.com/embed/858a948ea28587958799838b918798858b96.html CertificateIssuerGoogle Trust Services Subjectcdnjs.cloudflare.com Fingerprint00:0E:39:59:53:CF:68:07:90:75:EB:68:26:B9:04:22:44:7D:9A:32 ValidityFri, 24 Jan 2025 09:16:22 GMT - Thu, 24 Apr 2025 10:16:21 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hashe6c2415c0ace414e5153670314ce99a9 5a9eeac34d86e92e5660e0f4f87204f1ed0c8ff6 d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
GET /ajax/libs/jquery/3.7.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voodc.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 26 Jan 2025 18:37:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 27437
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "659afac8-6b2d"
last-modified: Sun, 07 Jan 2024 20:26:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 346684
expires: Fri, 16 Jan 2026 18:37:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NyJDtiqBsKRCRPX%2FNllTrdlVueTPleGJOhqPJOQIwC%2F0jJaUUypNIMkgGUV%2FNXHsULIf8IAqboAkkpNKK9zvDfQUDAQxVgVqaTFZbQYzQKftJP1ce1ZUobfaSZHI9e8xBf66RTHM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 90829ccf099a56bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|