seriale-shqip123.com/
216.239.36.21301 Moved Permanently 229 B IP 216.239.36.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 03624e37e152a1c4219020d5873de96f
928572c956e865200cee05e1a38c727e401122fe
409ece6bce78a63be17eba0ee4887c7a48703e54e148d76b0947fe5437e3e91b
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: seriale-shqip123.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: http://www.seriale-shqip123.com/
Date: Mon, 05 Dec 2022 03:00:10 GMT
Content-Type: text/html; charset=UTF-8
Server: ghs
Content-Length: 229
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7541
Expires: Mon, 05 Dec 2022 05:05:51 GMT
Date: Mon, 05 Dec 2022 03:00:10 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4687
Cache-Control: max-age=118154
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:10 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:49:24 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7308
Expires: Mon, 05 Dec 2022 05:01:58 GMT
Date: Mon, 05 Dec 2022 03:00:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 02:20:11 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2399
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FHrp7z4EaTFmFypwMj+Y4CHygAYolzkUBS+6/ozHC8gcuuyqDZfdanSd2EkL2uqRLf1q2R7PrPk=
x-amz-request-id: VRYCPNW43WJ9W0EZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 02:47:13 GMT
age: 777
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 03:00:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.seriale-shqip123.com/
216.58.207.211301 Moved Permanently 181 B URL HTTP/1.1 www.seriale-shqip123.com/
IP 216.58.207.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c0cdc588fcc1b50c6fb03989c2691d9f
70dc73ed31870c67a299fa50b81ee0b818867df1
ed5ecf4fe7ac526559c0e4b62c4803a0dc141a37c93dcf9085407f73a95ad591
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.seriale-shqip123.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.seriale-shqip123.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 03:00:10 GMT
Expires: Mon, 05 Dec 2022 03:00:10 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 181
Server: GSE
ocsp.pki.goog/s/gts1d4/hvOXnEUejGU
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/hvOXnEUejGU
IP 216.58.211.3:0
Hash 65671b064ef1cafb606611c0f5cdb30a
50195c7b9f5f712f56085d0ecb1f2b16533a81bd
d87462546ca603719509e28159f5893c5539352944200acc5f56ea76a58c0839
POST /s/gts1d4/hvOXnEUejGU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 02:08:58 GMT
cache-control: public,max-age=3600
age: 3073
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4677
Cache-Control: max-age=113077
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:11 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:24:48 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.186.117.16101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.117.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tngwryT59aUWtv/AwumCDQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: a28nGPUPIkh/Sw8U82VDbKUdVaA=
www.seriale-shqip123.com/
216.58.207.211200 OK 26 kB URL HTTP/2 www.seriale-shqip123.com/
IP 216.58.207.211:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1495)
Hash da8e16a54d693c0498890586def8aae8
a0f885d92b1cbb79b0670546c87bf53d315b3479
b1b8cee3c6a0f464b84b664cc622e3d25c88378fd3673351fe52d6ff8731325a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.seriale-shqip123.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Mon, 05 Dec 2022 03:00:11 GMT
date: Mon, 05 Dec 2022 03:00:11 GMT
cache-control: private, max-age=0
last-modified: Sun, 04 Dec 2022 22:57:57 GMT
etag: W/"49f23a701338628f2a3f228ae3067e6bb00ecc34df2ec43e48c90bc844575aa9"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 25599
server: GSE
X-Firefox-Spdy: h2
www.seriale-shqip123.com/js/cookienotice.js
216.58.207.211200 OK 2.0 kB URL HTTP/2 www.seriale-shqip123.com/js/cookienotice.js
IP 216.58.207.211:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Phishing
GET /js/cookienotice.js HTTP/1.1
Host: www.seriale-shqip123.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Mon, 05 Dec 2022 03:00:11 GMT
expires: Mon, 12 Dec 2022 03:00:11 GMT
cache-control: public, max-age=604800
last-modified: Sun, 04 Dec 2022 19:52:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 65f78026bd16cfba254886219e4e2bff
559176fd6b23488891485f1e698dd34bbaebed9a
69b113b4dcf6e56e853a2ef1e050b777c6ba34bc9c0a1ca1efe373df2b751b9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
142.250.74.73200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 142.250.74.73:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 21:47:53 GMT
expires: Wed, 29 Nov 2023 21:47:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 20:52:41 GMT
content-type: text/css
age: 450738
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 1e5e51fbc58282a2410de240a13bac3d
03e7151c23e4ed5efc5a4415fc5dcb01f0d5e019
ad20d69cf3f84ec6bee56a570acbce60d0ade6bdf201397a1de2417fed11b3fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 35c66ab0dafc0ed05c3f2e1b8829e3b7
e8fac7e103462c9cb3fab7ed1c1cfa07813ccd74
09270f5899964b5438d18e198fb9f50ed079fb0ee1c54a9cd668b96abdb8c228
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 35c66ab0dafc0ed05c3f2e1b8829e3b7
e8fac7e103462c9cb3fab7ed1c1cfa07813ccd74
09270f5899964b5438d18e198fb9f50ed079fb0ee1c54a9cd668b96abdb8c228
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 35c66ab0dafc0ed05c3f2e1b8829e3b7
e8fac7e103462c9cb3fab7ed1c1cfa07813ccd74
09270f5899964b5438d18e198fb9f50ed079fb0ee1c54a9cd668b96abdb8c228
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 35c66ab0dafc0ed05c3f2e1b8829e3b7
e8fac7e103462c9cb3fab7ed1c1cfa07813ccd74
09270f5899964b5438d18e198fb9f50ed079fb0ee1c54a9cd668b96abdb8c228
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c1f7594a4097e4dcc9fd7d4a02cafafe
b9dba74fb06bc248a40b26cb26600e750e376695
4dc877df2ca9330da46809359d71469672d18d87edcfee2c825fde13f470bfd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
142.250.74.78200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Mon, 05 Dec 2022 03:00:11 GMT
expires: Mon, 05 Dec 2022 03:00:11 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c1f7594a4097e4dcc9fd7d4a02cafafe
b9dba74fb06bc248a40b26cb26600e750e376695
4dc877df2ca9330da46809359d71469672d18d87edcfee2c825fde13f470bfd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2342155703-widgets.js
142.250.74.73200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 142.250.74.73:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 05:43:29 GMT
expires: Wed, 29 Nov 2023 05:43:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
content-type: text/javascript
age: 508602
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/YoWs_GRXtr0/maxresdefault.jpg
142.250.74.118200 OK 101 kB URL HTTP/2 i.ytimg.com/vi/YoWs_GRXtr0/maxresdefault.jpg
IP 142.250.74.118:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 101 kB (100984 bytes)
Hash ee20b7a36f8ce9d656db0a0a60e7039d
7b4f98fb45133a9ca0bf4b6289f6de8806b037a4
cebdcf8e5b878f82c11079e8d58617a5299e49955fb079afeb005d7d619b0b32
GET /vi/YoWs_GRXtr0/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 100984
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 03:00:11 GMT
expires: Mon, 05 Dec 2022 05:00:11 GMT
cache-control: public, max-age=7200
etag: "1667573730"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/7SeCFWayjlA/maxresdefault.jpg
142.250.74.118200 OK 110 kB URL HTTP/2 i.ytimg.com/vi/7SeCFWayjlA/maxresdefault.jpg
IP 142.250.74.118:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 110 kB (109741 bytes)
Hash 10c6f05391eceb7cfd6f090b1e193327
e6d0d91cd6c769bea023df9e8ad2e84e61d6408c
971907eb0ca14e3051691be0ccf0c718a7f84376677aefb706c4ea27b9ed4b67
GET /vi/7SeCFWayjlA/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 109741
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 03:00:11 GMT
expires: Mon, 05 Dec 2022 05:00:11 GMT
cache-control: public, max-age=7200
etag: "1668171782"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 29335a536fd47c44f11a984665f501f6
46dbfa43c5a94c6baec55a9e89cb1cb0cee7eb69
39d8bc234639a4fceeee88f10319692733e37388c06ae5567971f9dbb7c0aab5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/6hQHq_RiDeU/maxresdefault.jpg
142.250.74.118200 OK 92 kB URL HTTP/2 i.ytimg.com/vi/6hQHq_RiDeU/maxresdefault.jpg
IP 142.250.74.118:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash 9223ede8097e7a4f9b08eb16c1f8d98a
db1b13adf86706fe618323f0e657d475c1be76b3
f508a291cf397e88131ca267321da63062a481ea2b0a75a814b0eb60d33eb6cc
GET /vi/6hQHq_RiDeU/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 92161
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 03:00:11 GMT
expires: Mon, 05 Dec 2022 03:05:11 GMT
cache-control: public, max-age=300
etag: "1670080931"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-mLEW87QkkgQ/Xbci2TZjGFI/AAAAAAAADRs/PboPo8Hz0fsONwiIAbgEyv4QbG2BKOfMgCLcBGAsYHQ/s1600/banner2.jpg
216.58.207.225200 OK 34 kB URL HTTP/2 1.bp.blogspot.com/-mLEW87QkkgQ/Xbci2TZjGFI/AAAAAAAADRs/PboPo8Hz0fsONwiIAbgEyv4QbG2BKOfMgCLcBGAsYHQ/s1600/banner2.jpg
IP 216.58.207.225:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1150x186, components 3\012- data
Hash 19a18c113003b5a5f2c72095cef80474
35daa174c33013a8196d6b9253deba88ec5ed2ca
76fa58b43bfbc20262b82b4065306205316cda37a452e0c676fd9d909ef1ff6c
GET /-mLEW87QkkgQ/Xbci2TZjGFI/AAAAAAAADRs/PboPo8Hz0fsONwiIAbgEyv4QbG2BKOfMgCLcBGAsYHQ/s1600/banner2.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="banner2.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 34070
x-xss-protection: 0
date: Mon, 05 Dec 2022 03:00:12 GMT
expires: Thu, 24 Nov 2022 19:03:52 GMT
cache-control: public, max-age=86400, no-transform
etag: "vd1d"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-yLg7EfHkaJk/Xbci2i9Ry7I/AAAAAAAADRw/9keSGio6ra4_fzouG_A8Cx43eEZ3dLciwCLcBGAsYHQ/s1600/banner3.jpg
216.58.207.225200 OK 33 kB URL HTTP/2 1.bp.blogspot.com/-yLg7EfHkaJk/Xbci2i9Ry7I/AAAAAAAADRw/9keSGio6ra4_fzouG_A8Cx43eEZ3dLciwCLcBGAsYHQ/s1600/banner3.jpg
IP 216.58.207.225:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1150x186, components 3\012- data
Hash 05d536aa482722103750da836074972d
58388e5d9acbb334dbbf92a84d7390992f9880a3
356739893f997c348033a5c13b9acb0313ae16b3428732b85394048af7afa4b1
GET /-yLg7EfHkaJk/Xbci2i9Ry7I/AAAAAAAADRw/9keSGio6ra4_fzouG_A8Cx43eEZ3dLciwCLcBGAsYHQ/s1600/banner3.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="banner3.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 32754
x-xss-protection: 0
date: Mon, 05 Dec 2022 03:00:12 GMT
expires: Thu, 24 Nov 2022 14:18:42 GMT
cache-control: public, max-age=86400, no-transform
etag: "vd1d"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-UFyaNMQZgEc/Ya9VJnETMuI/AAAAAAAAAQg/V7v70VKUHpo1lfLOJn7c7n2t-OFwokA0ACNcBGAsYHQ/s803/FB_IMG_1638880449574.jpg
216.58.207.225200 OK 10 kB URL HTTP/2 1.bp.blogspot.com/-UFyaNMQZgEc/Ya9VJnETMuI/AAAAAAAAAQg/V7v70VKUHpo1lfLOJn7c7n2t-OFwokA0ACNcBGAsYHQ/s803/FB_IMG_1638880449574.jpg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], progressive, precision 8, 803x453, components 3\012- data
Hash c9e15fce287d59739a2b8fcb2db25382
5cf3cb244bd33fca22345b5300bc3878cae532dd
174ad67da3a5f7d611c4e0abb7fb41db98ee86adb837399c29ba876d7be12734
GET /-UFyaNMQZgEc/Ya9VJnETMuI/AAAAAAAAAQg/V7v70VKUHpo1lfLOJn7c7n2t-OFwokA0ACNcBGAsYHQ/s803/FB_IMG_1638880449574.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="FB_IMG_1638880449574.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 10348
x-xss-protection: 0
date: Sun, 04 Dec 2022 23:17:29 GMT
expires: Tue, 29 Nov 2022 17:57:32 GMT
cache-control: public, max-age=86400, no-transform
age: 13363
etag: "v109"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 35c66ab0dafc0ed05c3f2e1b8829e3b7
e8fac7e103462c9cb3fab7ed1c1cfa07813ccd74
09270f5899964b5438d18e198fb9f50ed079fb0ee1c54a9cd668b96abdb8c228
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c1f7594a4097e4dcc9fd7d4a02cafafe
b9dba74fb06bc248a40b26cb26600e750e376695
4dc877df2ca9330da46809359d71469672d18d87edcfee2c825fde13f470bfd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 323841baf7f387897216302b1ac302a7
e7f6b9d8ba5366f9f738268a6eca9422f98e8f0a
aac8346a639fb2f81e20932b9eb6644f7ba025e794aba13b1a94c3d10654375c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AAC8346A639FB2F81E20932B9EB6644F7BA025E794ABA13B1A94C3D10654375C"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20380
Expires: Mon, 05 Dec 2022 08:39:52 GMT
Date: Mon, 05 Dec 2022 03:00:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 85738f69b0e9642289fa5f584eb0567d
3195f2a5c98103547ee63539103cf9ab7f9be957
6d1963dd413d5e158c75ba5569e981ee7c6a3c362f40da85d1083c5a4165a4d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D1963DD413D5E158C75BA5569E981EE7C6A3C362F40DA85D1083C5A4165A4D2"
Last-Modified: Sat, 03 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 05 Dec 2022 09:00:12 GMT
Date: Mon, 05 Dec 2022 03:00:12 GMT
Connection: keep-alive
spiritualdiscussing.com/2542b9376e69e7c9ab59020b52823532/invoke.js
173.233.139.164200 OK 9.3 kB URL HTTP/1.1 spiritualdiscussing.com/2542b9376e69e7c9ab59020b52823532/invoke.js
IP 173.233.139.164:0
File type Unicode text, UTF-8 text, with very long lines (25118), with no line terminators
Hash 93b91fd8193339f2bf348f5187522199
19783dcd4d1089753c7814c7166bb36e681a7e7b
1e97062a44f2be824f6b2df21ba87e479a2ebe233a1f74d07971d30dc2134539
Analyzer Verdict Alert quad9 Sinkholed
GET /2542b9376e69e7c9ab59020b52823532/invoke.js HTTP/1.1
Host: spiritualdiscussing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 03:00:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3aa4af9e54e944aaa5df26e81b7da4f7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl17772624.profitablegatetocontent.com/56/04/92/5604922e93a976af1c03625784afd2ff.js
192.243.59.20200 OK 21 kB URL HTTP/1.1 pl17772624.profitablegatetocontent.com/56/04/92/5604922e93a976af1c03625784afd2ff.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60186), with no line terminators
Hash d0e38671d40aa9ca41ef1395271f264d
050f6b7b5121f02f8b8cb88a49bb639b20aeb189
54dfb2b7a8934fa981dda35ebd88d3d47812f1b61c0be7d9be1912c4e50b398f
Analyzer Verdict Alert quad9 Sinkholed
GET /56/04/92/5604922e93a976af1c03625784afd2ff.js HTTP/1.1
Host: pl17772624.profitablegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 05 Dec 2022 03:00:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8f4c2b28187271f364c51830be748804
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5877
Expires: Mon, 05 Dec 2022 04:38:09 GMT
Date: Mon, 05 Dec 2022 03:00:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5877
Expires: Mon, 05 Dec 2022 04:38:09 GMT
Date: Mon, 05 Dec 2022 03:00:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5877
Expires: Mon, 05 Dec 2022 04:38:09 GMT
Date: Mon, 05 Dec 2022 03:00:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5877
Expires: Mon, 05 Dec 2022 04:38:09 GMT
Date: Mon, 05 Dec 2022 03:00:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5877
Expires: Mon, 05 Dec 2022 04:38:09 GMT
Date: Mon, 05 Dec 2022 03:00:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a349d02cce160f72cc93f6fb6e45fa46
a6f82481ea0a820da0f199e8f9051a4aa4013c82
ab320118577a2dcb6ab7ad904d6350e187501a94b39b71fdd70b31cbc8853b24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6826
x-amzn-requestid: f0abdba6-14c8-4aae-ba3b-37ba0af2ff08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_t2FsLIAMFekA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1325-3452be066acddb554f528cc3;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GS4yLzXiIZt-eL9T7gjbf2-vMu8i30WKPDmc2EQDxv0CELjdW1gMVA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:46:51 GMT
age: 18801
etag: "a6f82481ea0a820da0f199e8f9051a4aa4013c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d72fb8d20c29763234c2817b119d11b
d4924ec714f5157bcb2fddcb5f768188a3dd37dc
e9aa59142e0673ed3f58b36beaca48213c678dbe4655f9c4b64581cb0f6f22f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12830
x-amzn-requestid: 66f5f2fa-8472-4484-bbea-20ece7e98b1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcsxGDyIAMFX4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e51-146167697890d9312ce3dbac;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2jx-M9MgKrJXU4yYsJzWqNXwruIGhFNWkD7GcPdqddnEzcNgFw2luw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:27:17 GMT
age: 84775
etag: "d4924ec714f5157bcb2fddcb5f768188a3dd37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:01 GMT
age: 17831
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad33fba3-ee62-4ef5-9330-0bd0a142dd92.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad33fba3-ee62-4ef5-9330-0bd0a142dd92.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9e228ec099cad3eea0fb1656da3536f
532cf52021a6cdb7b7963e9108b41590f58276fe
8e54f09dd66fdc35e5f54100cf6c56abf88cb7e724b08092e7ce82720d423135
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad33fba3-ee62-4ef5-9330-0bd0a142dd92.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6236
x-amzn-requestid: 0215aac5-7c44-43b0-b2e9-baddeed42fe0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjiXEEXiIAMFqIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ae42d-5961705726e81a4e3b6a91c9;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 05:52:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oJp2wIEPM-swJMvp-n40xEtH1a7V8gi1ixzsxmuXoBG_UFglSeS-1g==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:21:31 GMT
age: 16721
etag: "532cf52021a6cdb7b7963e9108b41590f58276fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f71032604eecccf0a81f323a5f96a400
f8866d4f3185bcf7871581d75339998b34d6cf6d
d053eedc717d7fd86e621ba948680be16538396d1ba9854b6816626d149b1c57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6886
x-amzn-requestid: d721caf6-2252-4ede-9533-3d3fcd6cce0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpsw-FfRoAMFtOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5b39-7644a195142f6c420ec7eac6;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 02:45:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RwhNdxS-EBTraqzS_TnCNXj3JXgz5NkO8oLyQaHOhHdtnvBbg4vsRQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 02:45:13 GMT
etag: "f8866d4f3185bcf7871581d75339998b34d6cf6d"
content-type: image/jpeg
age: 899
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396c9419-24ff-48bc-bf81-361b151c281b.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396c9419-24ff-48bc-bf81-361b151c281b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3d863be9bd5d072e85b8976251ce342
b9c67cf9a5ae7ec4c7bf8e8b857918be9277a140
f188fb7575c4b8662acfe2a6682559d50a12430c116605391dd77257bc11a60b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396c9419-24ff-48bc-bf81-361b151c281b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6133
x-amzn-requestid: d2c60baf-1d2e-4b1f-9c08-2adf0aa458a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUXHcPIAMFl5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-3ddc6f0428790a9d5f253825;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: LXL1HKGAwrWzHWEKPjwmwmFqQjexkCUwMsbr8huuSXrdaalyNbxnfA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 05:05:30 GMT
age: 78882
etag: "b9c67cf9a5ae7ec4c7bf8e8b857918be9277a140"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 11dfd43b701b1a720023e49ca365da43
a68efa59ac888c977cc301193a2c787741973227
eb9ba56e51aa23f0f250e784e536103cda8bed0ab103ab0f5159e2f6da70b8b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB9BA56E51AA23F0F250E784E536103CDA8BED0AB103AB0F5159E2F6DA70B8B0"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15171
Expires: Mon, 05 Dec 2022 07:13:03 GMT
Date: Mon, 05 Dec 2022 03:00:12 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash f0f8b0d8806166791f6d6d9a9aa908ca
e30099fed67b541c022984b41b6de1e9ca8e01bb
c8d3589546edd372653dbcc6fe1bc48340d7bf5dc3b0f37324a9ff8014aa912b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=128266
Date: Mon, 05 Dec 2022 03:00:12 GMT
Etag: "638ca11c-1d7"
Expires: Tue, 06 Dec 2022 14:37:58 GMT
Last-Modified: Sun, 04 Dec 2022 13:31:08 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NGYg5V5pmVMXR2Nj1LWa3eW_TvXFdTL_3C_xnfvDM0larG4JIA50kA==
Age: 4010
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 15c9ecfc85c12c40191b7299ac273dd7
089f7d1c3bd0af2943744d36b8d0b092814d46d3
38ca0ddac8ef00e6e6b794e3709be6dd2bc5a148474bf14fffb0b97835a5343e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:00:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.seriale-shqip123.com
access-control-allow-credentials: true
set-cookie: uid_id2=553b6b11-20cc-4707-af26-1e688ce12ca0:2:1; expires=Thu, 02 Dec 2032 03:00:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
semicoloninadequacypleasantly.com/pixel/purst?dl=0&th=0&sc=0&rs=2575&rd=2575&fd=893&bv=22.10.v.9&tmpl=70
192.243.59.20200 OK 0 B URL HTTP/1.1 semicoloninadequacypleasantly.com/pixel/purst?dl=0&th=0&sc=0&rs=2575&rd=2575&fd=893&bv=22.10.v.9&tmpl=70
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2575&rd=2575&fd=893&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: semicoloninadequacypleasantly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 05 Dec 2022 03:00:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 44d58ab31438e2e99a70476a6f19af19
f9ab25d6e9d5940788de986b48f2fb1909489478
8e85b30d6b856619f5bde199e4cbbecdd6a3de8f405841df94697c8c4b488d2a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E85B30D6B856619F5BDE199E4CBBECDD6A3DE8F405841DF94697C8C4B488D2A"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19291
Expires: Mon, 05 Dec 2022 08:21:44 GMT
Date: Mon, 05 Dec 2022 03:00:13 GMT
Connection: keep-alive
www.highperformancedisplayformat.com/8e51e259fd1a1aa9fcd9c3a978dc532d/invoke.js
173.233.137.52200 OK 9.8 kB URL HTTP/1.1 www.highperformancedisplayformat.com/8e51e259fd1a1aa9fcd9c3a978dc532d/invoke.js
IP 173.233.137.52:0
File type exported SGML document, ASCII text, with very long lines (26967), with no line terminators
Hash 9e89a1f136e15407aa2151cad0385ac4
08250e53137d232997c3e3ae146d42c39acdb6de
ea00970adbe86ca87cadedbe08645ba606d4a07d1ea1654003dce417f46d289b
Analyzer Verdict Alert quad9 Sinkholed
GET /8e51e259fd1a1aa9fcd9c3a978dc532d/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 03:00:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1cb4afafb33935afb8c0773475d3cfa3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.highperformancedisplayformat.com/6b89af69f49621c6c443dd9b71e61d32/invoke.js
173.233.137.52200 OK 9.8 kB URL HTTP/1.1 www.highperformancedisplayformat.com/6b89af69f49621c6c443dd9b71e61d32/invoke.js
IP 173.233.137.52:0
File type exported SGML document, ASCII text, with very long lines (26953), with no line terminators
Hash 2445d4f0608aa7177e3a51d5418851ef
6f0898090d9f53f3f1e32a67fe1a3e543f98a1ad
5ede67aa096b7cfc9df5456fceabf8c940aed21866d4c03446f9ce1b4e166a85
Analyzer Verdict Alert quad9 Sinkholed
GET /6b89af69f49621c6c443dd9b71e61d32/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 03:00:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 78d58028ee1d0540f37ddb1fac595beb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.highperformancedisplayformat.com/fb866e7b401f197b5e12a2b78590cd45/invoke.js
173.233.137.52200 OK 9.8 kB URL HTTP/1.1 www.highperformancedisplayformat.com/fb866e7b401f197b5e12a2b78590cd45/invoke.js
IP 173.233.137.52:0
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash a994a9cbd46ee85c27be52264b8ad6bc
a2e41acc2fc8de37f2f8d8d15539b13d87ec3174
4784a190426480a603582aa6aca716e1eb7c3ab52ca7953c891011161d18ddec
Analyzer Verdict Alert quad9 Sinkholed
GET /fb866e7b401f197b5e12a2b78590cd45/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 03:00:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 530d84017d2d385afb94fe35c9a01cad
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
spiritualdiscussing.com/43db73d118f408de255d93e402b10dd5/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 spiritualdiscussing.com/43db73d118f408de255d93e402b10dd5/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26953), with no line terminators
Hash 2445d4f0608aa7177e3a51d5418851ef
6f0898090d9f53f3f1e32a67fe1a3e543f98a1ad
5ede67aa096b7cfc9df5456fceabf8c940aed21866d4c03446f9ce1b4e166a85
Analyzer Verdict Alert quad9 Sinkholed
GET /43db73d118f408de255d93e402b10dd5/invoke.js HTTP/1.1
Host: spiritualdiscussing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 03:00:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6ea02efef25b52f6e9659f79b9982237
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d4a65a7ef2375a9ffd3fd6d709f671d3
def53740ba6ae4dc0eab3f5f923245d995dec54d
c3a5694e62ac490c8ced17753e123691016c2910008b70a2d02e0343adbed4bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C3A5694E62AC490C8CED17753E123691016C2910008B70A2D02E0343ADBED4BF"
Last-Modified: Sun, 04 Dec 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9179
Expires: Mon, 05 Dec 2022 05:33:13 GMT
Date: Mon, 05 Dec 2022 03:00:14 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
IP 216.58.211.3:0
Hash 4b27c2aa776b00f09dcc77db0256eaa7
d6525e43ba066844973b91756ad3f83f12e8129e
ba4f66020366b210c45be8ffcccef58aa3670cb864832b7cb5dd50f61e9e7f03
POST /s/gts1p5/CdZu0duK_F8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
IP 216.58.211.3:0
Hash 4b27c2aa776b00f09dcc77db0256eaa7
d6525e43ba066844973b91756ad3f83f12e8129e
ba4f66020366b210c45be8ffcccef58aa3670cb864832b7cb5dd50f61e9e7f03
POST /s/gts1p5/CdZu0duK_F8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.highperformancedisplayformat.com/6b89af69f49621c6c443dd9b71e61d32/invoke.js
173.233.137.52200 OK 9.8 kB URL HTTP/1.1 www.highperformancedisplayformat.com/6b89af69f49621c6c443dd9b71e61d32/invoke.js
IP 173.233.137.52:0
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash a994a9cbd46ee85c27be52264b8ad6bc
a2e41acc2fc8de37f2f8d8d15539b13d87ec3174
4784a190426480a603582aa6aca716e1eb7c3ab52ca7953c891011161d18ddec
Analyzer Verdict Alert quad9 Sinkholed
GET /6b89af69f49621c6c443dd9b71e61d32/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 03:00:14 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d5858e04bd7282cae3ce56015701f9a5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
IP 216.58.211.3:0
Hash 4b27c2aa776b00f09dcc77db0256eaa7
d6525e43ba066844973b91756ad3f83f12e8129e
ba4f66020366b210c45be8ffcccef58aa3670cb864832b7cb5dd50f61e9e7f03
POST /s/gts1p5/CdZu0duK_F8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 527994e385a6f5ebb6aac670b153ae92
4876f3fec6cdd15ecb8999d65c79cb2661ca46b1
dd40d802cba5644946c4ff1a5293f94d220d5236a04f51407fd43dc21cb2989d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD40D802CBA5644946C4FF1A5293F94D220D5236A04F51407FD43DC21CB2989D"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15093
Expires: Mon, 05 Dec 2022 07:11:47 GMT
Date: Mon, 05 Dec 2022 03:00:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8b4b7c8d747e7cb569ca2675435c44d5
286069964fcf13c16a22b1c877da784f6a045a62
02b9fce2ffec75706a7a1cf7f26bd3456144b9bb92ced55f94f9fa24de0da9ee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02B9FCE2FFEC75706A7A1CF7F26BD3456144B9BB92CED55F94F9FA24DE0DA9EE"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18093
Expires: Mon, 05 Dec 2022 08:01:47 GMT
Date: Mon, 05 Dec 2022 03:00:14 GMT
Connection: keep-alive
organexpectationsmaintain.com/watch.391941722277.js?key=8e51e259fd1a1aa9fcd9c3a978dc532d&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1
192.243.59.13307 Temporary Redirect 0 B URL HTTP/1.1 organexpectationsmaintain.com/watch.391941722277.js?key=8e51e259fd1a1aa9fcd9c3a978dc532d&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.391941722277.js?key=8e51e259fd1a1aa9fcd9c3a978dc532d&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1 HTTP/1.1
Host: organexpectationsmaintain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 03:00:14 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Location: https://organexpectationsmaintain.com/watch.391941722277.js?key=8e51e259fd1a1aa9fcd9c3a978dc532d&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1&shu=704a58241687e9cb6255fbe12e2533c8bd7ba745d263108842887338841e90b780f405a901374281426fa5f63fd436930b81b2ab375fe6d47c00ff464b4aeadcce62718c77c5e2c3dfca1af8d2a939db31fc7fd9ef081c8a127d7d66f3220e&pst=1670209274&rmtc=t
Set-Cookie: u_pl=17672177; expires=Tue, 06 Dec 2022 03:00:14 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjE3NywiayI6IjhlNTFlMjU5ZmQxYTFhYTlmY2Q5YzNhOTc4ZGM1MzJkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InRrZGtyaTAzciIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5zZXJpYWxlLXNocWlwMTIzLmNvbS8ifX0.f6AO_37PU3Nib27Piiyulwe3iH3ZXw0rc4fhWPzBIDc; expires=Mon, 05 Dec 2022 03:01:14 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d4a2473589b958907724d7d6483396bc
Strict-Transport-Security: max-age=0; includeSubdomains
www.highperformancedisplayformat.com/fb866e7b401f197b5e12a2b78590cd45/invoke.js
173.233.137.52200 OK 9.8 kB URL HTTP/1.1 www.highperformancedisplayformat.com/fb866e7b401f197b5e12a2b78590cd45/invoke.js
IP 173.233.137.52:0
File type exported SGML document, ASCII text, with very long lines (26963), with no line terminators
Hash 5d9bc22591d0f645cfdb3346ce009faf
232813e94647a98c17804e61604a333d9ef1cd71
bbe89e694de452755d3a54a2f21d14c24a9e8d0fce1a51348a2aaf688ded350a
Analyzer Verdict Alert quad9 Sinkholed
GET /fb866e7b401f197b5e12a2b78590cd45/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 03:00:14 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f4ffe229ef749a6c442885ba12ffb844
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
captivateholscrook.com/watch.1294702919125.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1
173.233.137.44307 Temporary Redirect 0 B URL HTTP/1.1 captivateholscrook.com/watch.1294702919125.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1294702919125.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1 HTTP/1.1
Host: captivateholscrook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 03:00:14 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Location: https://captivateholscrook.com/watch.1294702919125.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1&shu=a81938e9304cd0c35d2fcce5c87da43ab14a2fbffcdfd8c3c0a5e9f3442d3c5aa3eea3183dde82141f6d12c7af8f58dc41831c227f5ec470b0518070b4b276a7054ca21bab37401cf792c4183bd059cacc1a467caeb218747f60e3904aea8fa603ca7fc94eb0&pst=1670209274&rmtc=t
Set-Cookie: u_pl=17672407; expires=Tue, 06 Dec 2022 03:00:14 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjQwNywiayI6IjZiODlhZjY5ZjQ5NjIxYzZjNDQzZGQ5YjcxZTYxZDMyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5ZXFlbjlyN250IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.WuxPO8nvgaCS--rBk_i4BOwhkUzxbGpnB-_-e_ma1GA; expires=Mon, 05 Dec 2022 03:01:14 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 66859f5050a187903bfdf82d701cef91
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f12c8c3e6de2976db785a9c12744739c
862d664ed49531dcb5a20f6603658fdb1f4f68df
4399fd4c2767008bfb6d03bd3c46dcfd953eb53782c40f6de3573c8a5b4fe472
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4399FD4C2767008BFB6D03BD3C46DCFD953EB53782C40F6DE3573C8A5B4FE472"
Last-Modified: Sat, 03 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12803
Expires: Mon, 05 Dec 2022 06:33:37 GMT
Date: Mon, 05 Dec 2022 03:00:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8b4b7c8d747e7cb569ca2675435c44d5
286069964fcf13c16a22b1c877da784f6a045a62
02b9fce2ffec75706a7a1cf7f26bd3456144b9bb92ced55f94f9fa24de0da9ee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02B9FCE2FFEC75706A7A1CF7F26BD3456144B9BB92CED55F94F9FA24DE0DA9EE"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18093
Expires: Mon, 05 Dec 2022 08:01:47 GMT
Date: Mon, 05 Dec 2022 03:00:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8b4b7c8d747e7cb569ca2675435c44d5
286069964fcf13c16a22b1c877da784f6a045a62
02b9fce2ffec75706a7a1cf7f26bd3456144b9bb92ced55f94f9fa24de0da9ee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02B9FCE2FFEC75706A7A1CF7F26BD3456144B9BB92CED55F94F9FA24DE0DA9EE"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18093
Expires: Mon, 05 Dec 2022 08:01:47 GMT
Date: Mon, 05 Dec 2022 03:00:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f12c8c3e6de2976db785a9c12744739c
862d664ed49531dcb5a20f6603658fdb1f4f68df
4399fd4c2767008bfb6d03bd3c46dcfd953eb53782c40f6de3573c8a5b4fe472
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4399FD4C2767008BFB6D03BD3C46DCFD953EB53782C40F6DE3573C8A5B4FE472"
Last-Modified: Sat, 03 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12803
Expires: Mon, 05 Dec 2022 06:33:37 GMT
Date: Mon, 05 Dec 2022 03:00:14 GMT
Connection: keep-alive
www.highperformancedisplayformat.com/43db73d118f408de255d93e402b10dd5/invoke.js
173.233.137.52200 OK 9.8 kB URL HTTP/1.1 www.highperformancedisplayformat.com/43db73d118f408de255d93e402b10dd5/invoke.js
IP 173.233.137.52:0
File type exported SGML document, ASCII text, with very long lines (26963), with no line terminators
Hash 5d9bc22591d0f645cfdb3346ce009faf
232813e94647a98c17804e61604a333d9ef1cd71
bbe89e694de452755d3a54a2f21d14c24a9e8d0fce1a51348a2aaf688ded350a
Analyzer Verdict Alert quad9 Sinkholed
GET /43db73d118f408de255d93e402b10dd5/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 03:00:14 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 036332f74671654676ddd62fd83e2eac
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
organexpectationsmaintain.com/watch.391941722277.js?key=8e51e259fd1a1aa9fcd9c3a978dc532d&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1&shu=704a58241687e9cb6255fbe12e2533c8bd7ba745d263108842887338841e90b780f405a901374281426fa5f63fd436930b81b2ab375fe6d47c00ff464b4aeadcce62718c77c5e2c3dfca1af8d2a939db31fc7fd9ef081c8a127d7d66f3220e&pst=1670209274&rmtc=t
192.243.59.13200 OK 642 B URL HTTP/1.1 organexpectationsmaintain.com/watch.391941722277.js?key=8e51e259fd1a1aa9fcd9c3a978dc532d&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1&shu=704a58241687e9cb6255fbe12e2533c8bd7ba745d263108842887338841e90b780f405a901374281426fa5f63fd436930b81b2ab375fe6d47c00ff464b4aeadcce62718c77c5e2c3dfca1af8d2a939db31fc7fd9ef081c8a127d7d66f3220e&pst=1670209274&rmtc=t
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (602)
Hash 114afa95771ac9d9e81a1752f4bee0f2
72e11f29237f69bf523908151e1350d9140eb346
9a27bfb620481cc61226b8452911fee352c586749e4f97daa7270d4d689ca4dc
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.391941722277.js?key=8e51e259fd1a1aa9fcd9c3a978dc532d&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1&shu=704a58241687e9cb6255fbe12e2533c8bd7ba745d263108842887338841e90b780f405a901374281426fa5f63fd436930b81b2ab375fe6d47c00ff464b4aeadcce62718c77c5e2c3dfca1af8d2a939db31fc7fd9ef081c8a127d7d66f3220e&pst=1670209274&rmtc=t HTTP/1.1
Host: organexpectationsmaintain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Referer: https://www.seriale-shqip123.com/
Connection: keep-alive
Cookie: u_pl=17672177; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjE3NywiayI6IjhlNTFlMjU5ZmQxYTFhYTlmY2Q5YzNhOTc4ZGM1MzJkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InRrZGtyaTAzciIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5zZXJpYWxlLXNocWlwMTIzLmNvbS8ifX0.f6AO_37PU3Nib27Piiyulwe3iH3ZXw0rc4fhWPzBIDc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 03:00:14 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=553b6b11-20cc-4707-af26-1e688ce12ca0:2:1; expires=Mon, 12 Dec 2022 03:00:14 GMT; secure; SameSite=None
iprcaeffed3ad3cafec1144953260c2889d0=2717340; expires=Tue, 06 Dec 2022 05:00:14 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 06 Dec 2022 03:00:14 GMT; secure; SameSite=None
uncs=1; expires=Tue, 06 Dec 2022 03:00:14 GMT; secure; SameSite=None
pdhtkv5=true; expires=Tue, 06 Dec 2022 03:00:14 GMT; secure; SameSite=None
uncs5=1; expires=Tue, 06 Dec 2022 03:00:14 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a1fe1cb0c50112cb4b8d9c902fcbef0a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
voe.sx/e/7y8fvd2eek30
186.2.163.208302 Found 2.5 kB IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ef955766fae4c5ad12601cc094b588bb
831fc49b96b38d38ccab461ae86faa8f5528e490
36bb3eae52301c7e6dbc80b9d7782313885601dc59d35cffcc8dcd75557615ff
GET /e/7y8fvd2eek30 HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=sQM3BEdxn9FIdrepudFc; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 05-Dec-2023 03:00:14 GMT
date: Mon, 05 Dec 2022 03:00:14 GMT
content-type: text/html
location: https://20demidistance9elongations.com/e/7y8fvd2eek30
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
captivateholscrook.com/watch.487573303815.js?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1
173.233.137.44307 Temporary Redirect 0 B URL HTTP/1.1 captivateholscrook.com/watch.487573303815.js?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.487573303815.js?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1 HTTP/1.1
Host: captivateholscrook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 03:00:14 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Location: https://captivateholscrook.com/watch.487573303815.js?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1&shu=db1b81b8dec4aecfa3f88a1c85d1f0acb408587c695d1b6fa5f373a1630a3a1b6888ee88908688e6dd6031f7e449b663e5049125b84196fefdd0f4eebf5f9100eeb27977e8a14329ac171990f2b2f4388061efbc3ad86c07c652afc606a05917&pst=1670209274&rmtc=t
Set-Cookie: u_pl=17672268; expires=Tue, 06 Dec 2022 03:00:14 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjI2OCwiayI6IjQzZGI3M2QxMThmNDA4ZGUyNTVkOTNlNDAyYjEwZGQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJwZG40ZTNrNTl5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.JAOdDqTXUIYWlKSvrJJE47-7ji-LIQvYN2i_JZ-VXCk; expires=Mon, 05 Dec 2022 03:01:14 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 81beef805abe5a04731b074f7f59d76a
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
IP 216.58.211.3:0
Hash 4b27c2aa776b00f09dcc77db0256eaa7
d6525e43ba066844973b91756ad3f83f12e8129e
ba4f66020366b210c45be8ffcccef58aa3670cb864832b7cb5dd50f61e9e7f03
POST /s/gts1p5/CdZu0duK_F8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
IP 216.58.211.3:0
Hash 4b27c2aa776b00f09dcc77db0256eaa7
d6525e43ba066844973b91756ad3f83f12e8129e
ba4f66020366b210c45be8ffcccef58aa3670cb864832b7cb5dd50f61e9e7f03
POST /s/gts1p5/CdZu0duK_F8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hqq.to/e/Wk1jUmU5dU8wS1JSem5ZdGhYWWxtUT09
190.115.19.71200 OK 39 kB URL HTTP/2 hqq.to/e/Wk1jUmU5dU8wS1JSem5ZdGhYWWxtUT09
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
Hash 75099372c7531512c6b2d44c0c2a72c3
951fb3c565d198bf288556d7ecbbf5ce089d016e
bc7a32dd0164ace5d56bce599d1b97c7c87f43ed7b90b330e483b02302a9babe
GET /e/Wk1jUmU5dU8wS1JSem5ZdGhYWWxtUT09 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=mMMj1uhvZ8JfEgSt8m5P; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 05-Dec-2023 03:00:14 GMT
date: Mon, 05 Dec 2022 03:00:13 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: MISS
x-inferno-location: player
x-inferno-limit-req: PASSED
X-Firefox-Spdy: h2
hqq.to/js/embed.205.js?736
190.115.19.71200 OK 40 kB URL HTTP/2 hqq.to/js/embed.205.js?736
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type Unicode text, UTF-8 text, with very long lines (3414)
Hash a90103e09bb84e7a40056290782919c7
6df1efda05907116927ee40e029c3f28cb401340
7dc905c2441e5b327b9509396140a655251f9e94c56c80f54b684db09024efd8
GET /js/embed.205.js?736 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/czFYY0NGSHE0VGxHVGFzOENoTU5Ydz09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=9kcZtsIz0sWv8AQfNBo2; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 05-Dec-2023 03:00:14 GMT
date: Mon, 17 Oct 2022 10:45:52 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 04 Aug 2022 18:07:34 GMT
etag: W/"62ec0ae6-298ce"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 4205662
ddg-cache-status: HIT,MISS
content-length: 39845
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1245db08bc06bdc452fdb41b8e959f26
ba2fa041fbea0e124b6fd418724a46225fac0089
d591926f6495b722a0b545d292f16a342cba87889fd7d4f5ca448c3613760be6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6104
Cache-Control: max-age=155193
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:14 GMT
Etag: "638d021f-116"
Expires: Tue, 06 Dec 2022 22:06:47 GMT
Last-Modified: Sun, 04 Dec 2022 20:25:03 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1245db08bc06bdc452fdb41b8e959f26
ba2fa041fbea0e124b6fd418724a46225fac0089
d591926f6495b722a0b545d292f16a342cba87889fd7d4f5ca448c3613760be6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6104
Cache-Control: max-age=155193
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:14 GMT
Etag: "638d021f-116"
Expires: Tue, 06 Dec 2022 22:06:47 GMT
Last-Modified: Sun, 04 Dec 2022 20:25:03 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2e388f1ab4ec88104f57cf23944ee684
39178c45ed645709cc388d5790b1b58a3272a62f
e33b88f6f77d90b65a8fed943a45623e51f1efbdae401a1652f24be68408dba0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7c9e0bb25e8c28e8b10038806b0a7190
9fa6097aeb8eacde8ba7c9ab80a7a7d2405ae2bc
f4864000960be2f888ed7d2467f74130231fed6f56ad48ff15861f5769e95a58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7c9e0bb25e8c28e8b10038806b0a7190
9fa6097aeb8eacde8ba7c9ab80a7a7d2405ae2bc
f4864000960be2f888ed7d2467f74130231fed6f56ad48ff15861f5769e95a58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1efa937117859294070225f789b3dac8
6bb3ddb091804b61d8ffeba477f8111896b6da28
eb951573ab017fd538bfd45546412164a8f2098a06bb8c8892560db6a055e095
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB951573AB017FD538BFD45546412164A8F2098A06BB8C8892560DB6A055E095"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15215
Expires: Mon, 05 Dec 2022 07:13:49 GMT
Date: Mon, 05 Dec 2022 03:00:14 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0017235ac5d9d7ab257ca353b589fc9f
77003fff04bb0bd26d521589142beae923f38a2e
93ccb54bd5e486dea25a89972936a5fb1959409f7ae02da08ca390478b73027b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "93CCB54BD5E486DEA25A89972936A5FB1959409F7AE02DA08CA390478B73027B"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16777
Expires: Mon, 05 Dec 2022 07:39:51 GMT
Date: Mon, 05 Dec 2022 03:00:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 93bfba2d172d4dad608ba2cb353a8965
4b99a8103565dc2771f93c04934d13f426988573
5c9fcf40ae980fa3f2d3bc34a0966f2c4fd9a963013f7f8a23030046cf4913d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C9FCF40AE980FA3F2D3BC34A0966F2C4FD9A963013F7F8A23030046CF4913D1"
Last-Modified: Sat, 03 Dec 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19906
Expires: Mon, 05 Dec 2022 08:32:00 GMT
Date: Mon, 05 Dec 2022 03:00:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 93bfba2d172d4dad608ba2cb353a8965
4b99a8103565dc2771f93c04934d13f426988573
5c9fcf40ae980fa3f2d3bc34a0966f2c4fd9a963013f7f8a23030046cf4913d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C9FCF40AE980FA3F2D3BC34A0966F2C4FD9A963013F7F8A23030046CF4913D1"
Last-Modified: Sat, 03 Dec 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6631
Expires: Mon, 05 Dec 2022 04:50:45 GMT
Date: Mon, 05 Dec 2022 03:00:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 21302ed91b098dd7f69f5a4e784e27f3
d279b4a11cdf81a969039b87e50b2fab781a62b9
e5bfa3ede0411bb157a5f09964f988e4577b485c67dabcb83aa8a3227cea9e1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E5BFA3EDE0411BB157A5F09964F988E4577B485C67DABCB83AA8A3227CEA9E1C"
Last-Modified: Fri, 02 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3114
Expires: Mon, 05 Dec 2022 03:52:08 GMT
Date: Mon, 05 Dec 2022 03:00:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 93bfba2d172d4dad608ba2cb353a8965
4b99a8103565dc2771f93c04934d13f426988573
5c9fcf40ae980fa3f2d3bc34a0966f2c4fd9a963013f7f8a23030046cf4913d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C9FCF40AE980FA3F2D3BC34A0966F2C4FD9A963013F7F8A23030046CF4913D1"
Last-Modified: Sat, 03 Dec 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6631
Expires: Mon, 05 Dec 2022 04:50:45 GMT
Date: Mon, 05 Dec 2022 03:00:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f9e785126682fb498cc73b3181e08014
49114fcca3c70a6f5cec62a8c04e846dce2feef2
7dda5cf5a697f0e2a154f987ed841961e92686f0c484187e842fdd7d4a429c3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7DDA5CF5A697F0E2A154F987ED841961E92686F0C484187E842FDD7D4A429C3A"
Last-Modified: Sat, 03 Dec 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6986
Expires: Mon, 05 Dec 2022 04:56:40 GMT
Date: Mon, 05 Dec 2022 03:00:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 74ad419af503bc1793670c1de7fb305a
f8e9758008028f7b332d8d56d6728990a4a86d49
d9a05bfd5cc726889f8d8210ae75320f2596c5d5aebf1e7001646dea286bc439
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9A05BFD5CC726889F8D8210AE75320F2596C5D5AEBF1E7001646DEA286BC439"
Last-Modified: Mon, 05 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15194
Expires: Mon, 05 Dec 2022 07:13:28 GMT
Date: Mon, 05 Dec 2022 03:00:14 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 5d17643cb7d9da06ff2207534716c5fa
e5570b9aba70d191a4bc1fb5409a4343d76de066
2ebc061d9e88cb42e802089b8dde62b7d8f71c9ccb901e4b56df64fa04b68fc5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3913
Cache-Control: max-age=133204
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:14 GMT
Etag: "638cb4c9-116"
Expires: Tue, 06 Dec 2022 16:00:18 GMT
Last-Modified: Sun, 04 Dec 2022 14:55:05 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f9e785126682fb498cc73b3181e08014
49114fcca3c70a6f5cec62a8c04e846dce2feef2
7dda5cf5a697f0e2a154f987ed841961e92686f0c484187e842fdd7d4a429c3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7DDA5CF5A697F0E2A154F987ED841961E92686F0C484187E842FDD7D4A429C3A"
Last-Modified: Sat, 03 Dec 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8404
Expires: Mon, 05 Dec 2022 05:20:18 GMT
Date: Mon, 05 Dec 2022 03:00:14 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 5d17643cb7d9da06ff2207534716c5fa
e5570b9aba70d191a4bc1fb5409a4343d76de066
2ebc061d9e88cb42e802089b8dde62b7d8f71c9ccb901e4b56df64fa04b68fc5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3913
Cache-Control: max-age=133204
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:14 GMT
Etag: "638cb4c9-116"
Expires: Tue, 06 Dec 2022 16:00:18 GMT
Last-Modified: Sun, 04 Dec 2022 14:55:05 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 5d17643cb7d9da06ff2207534716c5fa
e5570b9aba70d191a4bc1fb5409a4343d76de066
2ebc061d9e88cb42e802089b8dde62b7d8f71c9ccb901e4b56df64fa04b68fc5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3913
Cache-Control: max-age=133204
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:14 GMT
Etag: "638cb4c9-116"
Expires: Tue, 06 Dec 2022 16:00:18 GMT
Last-Modified: Sun, 04 Dec 2022 14:55:05 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c69a25b07dd690540ccbd3dcd885b7d8
3e457a884cdd89322592e571f7c5411a99eba29f
b28b957159b81b77f88525867c2261ddab32ed9a4f3b3fd71e727bd5522d93d7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B28B957159B81B77F88525867C2261DDAB32ED9A4F3B3FD71E727BD5522D93D7"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16611
Expires: Mon, 05 Dec 2022 07:37:05 GMT
Date: Mon, 05 Dec 2022 03:00:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6ddd743262cc2727e40e84514b13c68a
a9e579263bdb29ebc08ed46d9af5d8308f0bf6ea
e927bd50b4fad2320c331c115457c053cf542096113a7668afe3590e1635d911
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E927BD50B4FAD2320C331C115457C053CF542096113A7668AFE3590E1635D911"
Last-Modified: Sun, 04 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12265
Expires: Mon, 05 Dec 2022 06:24:39 GMT
Date: Mon, 05 Dec 2022 03:00:14 GMT
Connection: keep-alive
dood.re/e/3zhrswsy0xw4
104.26.5.50200 OK 23 kB IP 104.26.5.50:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4829), with no line terminators
Hash 3c945bb754439f250100c905d4752ab2
8e15d7ac36010e8e61d80cea9fdafef20e30a936
399b2d0add2188359f164bb9c312c3d8f4b7aa90c1b3c4aaac664af5c1fc6ae2
GET /e/3zhrswsy0xw4 HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:00:14 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 04 Dec 2022 03:00:14 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FsIgduyb0LuPd%2FANTPlLcWGxvmflBLjSsHuXhmZ1us%2FV9uV9Ail0yVzp5mFyH99t2YGGPKWh6ASQxBZLaSX5V8Gv6xl%2Bl7cULYny9fJ2wyEATGn522XAAD0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774987c3bb230b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gratertiedbubble.com/watch.704633130525?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1
173.233.137.52200 OK 1.2 kB URL HTTP/1.1 gratertiedbubble.com/watch.704633130525?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1
IP 173.233.137.52:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (425)
Hash 595d22dd98887ae19d37c4f9368400e4
ce71a72fd03a31c9ad63f876456d21546afc4db3
e90f1109dad861d8583d5b675b25887e0632102c83f219963f700f06f0e8968a
GET /watch.704633130525?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1 HTTP/1.1
Host: gratertiedbubble.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 03:00:14 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17672262; expires=Tue, 06 Dec 2022 03:00:14 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjI2MiwiayI6ImZiODY2ZTdiNDAxZjE5N2I1ZTEyYTJiNzg1OTBjZDQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ4M2k3YmY2d24iLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuc2VyaWFsZS1zaHFpcDEyMy5jb20vIn19.UcpvsW69GtGvzGacq7cy1xokMgZtw_p6MjmqHo4TKZM; expires=Mon, 05 Dec 2022 03:01:14 GMT; secure; SameSite=None
uid_id2=553b6b11-20cc-4707-af26-1e688ce12ca0:2:1; expires=Mon, 12 Dec 2022 03:00:14 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c58de55201da5bdca7e67e29eb6fa7c9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
gratertiedbubble.com/watch.650229163495?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1
173.233.137.52200 OK 1.2 kB URL HTTP/1.1 gratertiedbubble.com/watch.650229163495?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1
IP 173.233.137.52:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (425)
Hash e11a28bdc73fa647abd1b4ff78d0d011
6057fdd21b24fa2bb9a07fd457e0625f4adf723e
6d5b5bb669345a31552ee2a7f6a31c06316075926c7807060a99181a8168606a
GET /watch.650229163495?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1 HTTP/1.1
Host: gratertiedbubble.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 03:00:14 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17672407; expires=Tue, 06 Dec 2022 03:00:14 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjQwNywiayI6IjZiODlhZjY5ZjQ5NjIxYzZjNDQzZGQ5YjcxZTYxZDMyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5ZXFlbjlyN250IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.WuxPO8nvgaCS--rBk_i4BOwhkUzxbGpnB-_-e_ma1GA; expires=Mon, 05 Dec 2022 03:01:14 GMT; secure; SameSite=None
uid_id2=553b6b11-20cc-4707-af26-1e688ce12ca0:2:1; expires=Mon, 12 Dec 2022 03:00:14 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 15e25f2b4375d75f6ac90a0e082b379e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
eveningproclamationarched.com/pixel/nvrwe?error=timeout
173.233.139.164200 OK 0 B URL HTTP/1.1 eveningproclamationarched.com/pixel/nvrwe?error=timeout
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/nvrwe?error=timeout HTTP/1.1
Host: eveningproclamationarched.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 03:00:15 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
banquetunarmedgrater.com/advertisers.js
173.233.137.60200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 03:00:15 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b26f467581f5d2c8e9bcf277f46298af
Strict-Transport-Security: max-age=0; includeSubdomains
triflingzenithenergetic.com/watch.656013412920?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1
192.243.61.225200 OK 1.2 kB URL HTTP/1.1 triflingzenithenergetic.com/watch.656013412920?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (425)
Hash 5d048b9b4c7d2d77f13c1537163fb8e5
1818af959232714ad99f70e8fd498b77356d9056
e000527e51f23158578db2ffe356b46c355b4d5eb81ee5293ad23a76a02bfb24
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.656013412920?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1 HTTP/1.1
Host: triflingzenithenergetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 03:00:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17672268; expires=Tue, 06 Dec 2022 03:00:15 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjI2OCwiayI6IjQzZGI3M2QxMThmNDA4ZGUyNTVkOTNlNDAyYjEwZGQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJwZG40ZTNrNTl5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.JAOdDqTXUIYWlKSvrJJE47-7ji-LIQvYN2i_JZ-VXCk; expires=Mon, 05 Dec 2022 03:01:15 GMT; secure; SameSite=None
uid_id2=553b6b11-20cc-4707-af26-1e688ce12ca0:2:1; expires=Mon, 12 Dec 2022 03:00:15 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c0e3a1371db2bf15299a72e55f6d74c3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
gratertiedbubble.com/watch.704633130525?shu=01a9d3a6afb9220a7a4e644dd851979cbed2a9eca41e58153dfc6dbd8d3db08a1404e682e5fd540fde10ef2eb22b3019acd7fc3a46d5c4992f656a35f7f968fe34605d2d2c262864532093f03f6ca53116d5500d13c25f1bda6a0fad586e080589&pst=1670209274&rmtc=t&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1&pii=&in=false&key=fb866e7b401f197b5e12a2b78590cd45&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&res=12.1055&kw=%5B%22seriale%22%2C%22shqip%22%5D&tz=0&dev=e
173.233.137.52200 OK 1.8 kB URL HTTP/1.1 gratertiedbubble.com/watch.704633130525?shu=01a9d3a6afb9220a7a4e644dd851979cbed2a9eca41e58153dfc6dbd8d3db08a1404e682e5fd540fde10ef2eb22b3019acd7fc3a46d5c4992f656a35f7f968fe34605d2d2c262864532093f03f6ca53116d5500d13c25f1bda6a0fad586e080589&pst=1670209274&rmtc=t&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1&pii=&in=false&key=fb866e7b401f197b5e12a2b78590cd45&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&res=12.1055&kw=%5B%22seriale%22%2C%22shqip%22%5D&tz=0&dev=e
IP 173.233.137.52:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2526)
Hash 460d8aab91737bda461ca985355b025b
949c829efd0d0d2c7a300fe92d5973a09883e657
0352b56d7b884571f66fa674097821659e7076a0dec49a7011ee8be48511bffa
GET /watch.704633130525?shu=01a9d3a6afb9220a7a4e644dd851979cbed2a9eca41e58153dfc6dbd8d3db08a1404e682e5fd540fde10ef2eb22b3019acd7fc3a46d5c4992f656a35f7f968fe34605d2d2c262864532093f03f6ca53116d5500d13c25f1bda6a0fad586e080589&pst=1670209274&rmtc=t&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1&pii=&in=false&key=fb866e7b401f197b5e12a2b78590cd45&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&res=12.1055&kw=%5B%22seriale%22%2C%22shqip%22%5D&tz=0&dev=e HTTP/1.1
Host: gratertiedbubble.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gratertiedbubble.com/watch.704633130525?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1
Cookie: u_pl=17672407; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjQwNywiayI6IjZiODlhZjY5ZjQ5NjIxYzZjNDQzZGQ5YjcxZTYxZDMyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5ZXFlbjlyN250IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.WuxPO8nvgaCS--rBk_i4BOwhkUzxbGpnB-_-e_ma1GA; uid_id2=553b6b11-20cc-4707-af26-1e688ce12ca0:2:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 03:00:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com/
Access-Control-Allow-Origin: https://www.seriale-shqip123.com/
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17672407,17672262; expires=Tue, 06 Dec 2022 03:00:15 GMT; secure; SameSite=None
uid_id2=553b6b11-20cc-4707-af26-1e688ce12ca0:2:1; expires=Mon, 12 Dec 2022 03:00:15 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 06 Dec 2022 03:00:15 GMT; secure; SameSite=None
uncs=1; expires=Tue, 06 Dec 2022 03:00:15 GMT; secure; SameSite=None
pdhtkv27=true; expires=Tue, 06 Dec 2022 03:00:15 GMT; secure; SameSite=None
uncs27=1; expires=Tue, 06 Dec 2022 03:00:15 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 42dacd3659293ecdd808ca46e94f6d86
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
voe.sx/e/y9gtmrqxd2od
186.2.163.208302 Found 1.3 kB IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 0ec633cb8338abd338bc8497a9e9e1df
e3131bd2470cd987275be72d17670da6278aa254
cecb35d7f1b41d1237eb61a6d918cdc26f0a4ddc8f010f77b45c07af0f712a8f
GET /e/y9gtmrqxd2od HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=Bt6cYYII2LiVHyoxinsl; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 05-Dec-2023 03:00:14 GMT
date: Mon, 05 Dec 2022 03:00:14 GMT
content-type: text/html
location: https://20demidistance9elongations.com/e/y9gtmrqxd2od
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
gratertiedbubble.com/watch.650229163495?shu=35d4899d0c4c03dcf07b8f58e46ad36d5dc8366f29306c211e7bf31614ca54839db9e172228a6f9616d6ccb893a2c316cf7291cfaf082e99d01cb19a95ccf2a250f09d282844d74605f88fd5a65c8ed78b0678cbadd590e4986644a7666163c14f&pst=1670209274&rmtc=t&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1&pii=&in=false&key=6b89af69f49621c6c443dd9b71e61d32&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&kw=%5B%22seriale%22%2C%22shqip%22%5D&tz=0&dev=e&res=12.1055
173.233.137.52200 OK 1.8 kB URL HTTP/1.1 gratertiedbubble.com/watch.650229163495?shu=35d4899d0c4c03dcf07b8f58e46ad36d5dc8366f29306c211e7bf31614ca54839db9e172228a6f9616d6ccb893a2c316cf7291cfaf082e99d01cb19a95ccf2a250f09d282844d74605f88fd5a65c8ed78b0678cbadd590e4986644a7666163c14f&pst=1670209274&rmtc=t&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1&pii=&in=false&key=6b89af69f49621c6c443dd9b71e61d32&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&kw=%5B%22seriale%22%2C%22shqip%22%5D&tz=0&dev=e&res=12.1055
IP 173.233.137.52:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2438)
Hash 18575dea15116445cb8ccf826a89effb
45a84ad3cce68771ca0fb85a47113c59d558053e
bd3dccd21cd5c819ca88e75f65304623772d0fee2611f9a54928eebc8961179c
GET /watch.650229163495?shu=35d4899d0c4c03dcf07b8f58e46ad36d5dc8366f29306c211e7bf31614ca54839db9e172228a6f9616d6ccb893a2c316cf7291cfaf082e99d01cb19a95ccf2a250f09d282844d74605f88fd5a65c8ed78b0678cbadd590e4986644a7666163c14f&pst=1670209274&rmtc=t&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1&pii=&in=false&key=6b89af69f49621c6c443dd9b71e61d32&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&kw=%5B%22seriale%22%2C%22shqip%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: gratertiedbubble.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gratertiedbubble.com/watch.650229163495?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1
Cookie: u_pl=17672407; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjQwNywiayI6IjZiODlhZjY5ZjQ5NjIxYzZjNDQzZGQ5YjcxZTYxZDMyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5ZXFlbjlyN250IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.WuxPO8nvgaCS--rBk_i4BOwhkUzxbGpnB-_-e_ma1GA; uid_id2=553b6b11-20cc-4707-af26-1e688ce12ca0:2:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 03:00:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com/
Access-Control-Allow-Origin: https://www.seriale-shqip123.com/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=553b6b11-20cc-4707-af26-1e688ce12ca0:2:1; expires=Mon, 12 Dec 2022 03:00:15 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 06 Dec 2022 03:00:15 GMT; secure; SameSite=None
uncs=1; expires=Tue, 06 Dec 2022 03:00:15 GMT; secure; SameSite=None
pdhtkv23=true; expires=Tue, 06 Dec 2022 03:00:15 GMT; secure; SameSite=None
uncs23=1; expires=Tue, 06 Dec 2022 03:00:15 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b70d0d5d74585222b0dfc7a25ca4bcc6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/bi/29/be/ce/29becea5c82efcebd9042405c0bd87f4/1654698250.gif
45.133.44.10200 OK 29 kB URL HTTP/2 cdn.cloudimagesb.com/bi/29/be/ce/29becea5c82efcebd9042405c0bd87f4/1654698250.gif
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type GIF image data, version 89a, 468 x 60\012- data
Hash e1088669b8e7b08cf59f1e542bb896f5
9286085d113da9bdd4b3b2b71052c3fb2b43ca86
9b4bd228fb6e499d970509c28e93059e14987c1baac1166fc1dfa960817d0555
GET /bi/29/be/ce/29becea5c82efcebd9042405c0bd87f4/1654698250.gif HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gratertiedbubble.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:00:15 GMT
content-type: image/gif
content-length: 29019
server: nginx/1.17.6
last-modified: Wed, 08 Jun 2022 14:24:18 GMT
etag: "62a0b112-715b"
expires: Wed, 07 Dec 2022 03:00:15 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1a13d9c721e7f13832668c8edefbd95d
f45b7e666c11f9926b0987ea92832c3b6f7b9935
35ccaf676571586c43a2f5056fddbf0d4f5572807c24075af2a3b0c625fa8013
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CCAF676571586C43A2F5056FDDBF0D4F5572807C24075AF2A3B0C625FA8013"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18860
Expires: Mon, 05 Dec 2022 08:14:35 GMT
Date: Mon, 05 Dec 2022 03:00:15 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/08/97/f5/0897f5fd97712cab162ea659e7ab93f0/1627917212.png
45.133.44.10200 OK 45 kB URL HTTP/2 cdn.cloudimagesb.com/cti/08/97/f5/0897f5fd97712cab162ea659e7ab93f0/1627917212.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 728 x 90, 8-bit/color RGB, non-interlaced\012- data
Hash dbde2854f2a693ab43a1ee72cdf0c686
820bc6fb6d40db1cdc8b9a214d4a8b1138f2e3fa
aa648c4116a815deb4a006ed29f17342ccdb8c0d2ca863b54aa2517e1ed88641
GET /cti/08/97/f5/0897f5fd97712cab162ea659e7ab93f0/1627917212.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gratertiedbubble.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:00:15 GMT
content-type: image/png
content-length: 45371
server: nginx/1.17.6
last-modified: Mon, 02 Aug 2021 15:13:41 GMT
etag: "61080ba5-b13b"
expires: Wed, 07 Dec 2022 03:00:15 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
triflingzenithenergetic.com/watch.656013412920?shu=1073b58d4471c4b0ac042bf3f2b06fbf6a20e543e91602ee71d07c4b112c71709ded2c300438d4fc21d1fc695e631c04e6d242b856f6076b6cd5b404f1ae21c8d84c52144295fd6bf8e927cd509aafdb5bffb34f&pst=1670209275&rmtc=t&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1&pii=&in=false&key=43db73d118f408de255d93e402b10dd5&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&dev=e&res=12.1055&kw=%5B%22seriale%22%2C%22shqip%22%5D&tz=0
192.243.61.225200 OK 1.8 kB URL HTTP/1.1 triflingzenithenergetic.com/watch.656013412920?shu=1073b58d4471c4b0ac042bf3f2b06fbf6a20e543e91602ee71d07c4b112c71709ded2c300438d4fc21d1fc695e631c04e6d242b856f6076b6cd5b404f1ae21c8d84c52144295fd6bf8e927cd509aafdb5bffb34f&pst=1670209275&rmtc=t&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1&pii=&in=false&key=43db73d118f408de255d93e402b10dd5&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&dev=e&res=12.1055&kw=%5B%22seriale%22%2C%22shqip%22%5D&tz=0
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2544)
Hash 7b1ae3b85a2eb47d9c6325aa74977a8d
13f040f182e5868f0c714298b4ab79ba3345d724
5689414d5d9f9ed0fb364d87af4d3c49c82cd6dc46e8eafc345e598ef5d068a9
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.656013412920?shu=1073b58d4471c4b0ac042bf3f2b06fbf6a20e543e91602ee71d07c4b112c71709ded2c300438d4fc21d1fc695e631c04e6d242b856f6076b6cd5b404f1ae21c8d84c52144295fd6bf8e927cd509aafdb5bffb34f&pst=1670209275&rmtc=t&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1&pii=&in=false&key=43db73d118f408de255d93e402b10dd5&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&dev=e&res=12.1055&kw=%5B%22seriale%22%2C%22shqip%22%5D&tz=0 HTTP/1.1
Host: triflingzenithenergetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://triflingzenithenergetic.com/watch.656013412920?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1
Cookie: u_pl=17672262; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjI2MiwiayI6ImZiODY2ZTdiNDAxZjE5N2I1ZTEyYTJiNzg1OTBjZDQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ4M2k3YmY2d24iLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuc2VyaWFsZS1zaHFpcDEyMy5jb20vIn19.UcpvsW69GtGvzGacq7cy1xokMgZtw_p6MjmqHo4TKZM; uid_id2=553b6b11-20cc-4707-af26-1e688ce12ca0:2:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 03:00:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com/
Access-Control-Allow-Origin: https://www.seriale-shqip123.com/
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17672262,17672268; expires=Tue, 06 Dec 2022 03:00:15 GMT; secure; SameSite=None
uid_id2=553b6b11-20cc-4707-af26-1e688ce12ca0:2:1; expires=Mon, 12 Dec 2022 03:00:15 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 06 Dec 2022 03:00:15 GMT; secure; SameSite=None
uncs=1; expires=Tue, 06 Dec 2022 03:00:15 GMT; secure; SameSite=None
pdhtkv32=true; expires=Tue, 06 Dec 2022 03:00:15 GMT; secure; SameSite=None
uncs32=1; expires=Tue, 06 Dec 2022 03:00:15 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4d20ae7860a68ad7a111df94b73ef5b5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
triflingzenithenergetic.com/watch.1399736631600?shu=1aa14ad527056462a2cbd7268f33fa038c2f82efe9dbed7bb6eb484bd248b9b09b2426e59c4dbe0e5f457a84a2f53a4950c0d9376c27e1bdb9a2b24274308def1a61e29cd56939ba19d7fa28cce156d5d785ffb384e24ee732ad75908bec30&pst=1670209275&rmtc=t&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1&pii=&in=false&key=fb866e7b401f197b5e12a2b78590cd45&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&kw=%5B%22seriale%22%2C%22shqip%22%5D&tz=0&dev=e&res=12.1055
192.243.61.225200 OK 1.8 kB URL HTTP/1.1 triflingzenithenergetic.com/watch.1399736631600?shu=1aa14ad527056462a2cbd7268f33fa038c2f82efe9dbed7bb6eb484bd248b9b09b2426e59c4dbe0e5f457a84a2f53a4950c0d9376c27e1bdb9a2b24274308def1a61e29cd56939ba19d7fa28cce156d5d785ffb384e24ee732ad75908bec30&pst=1670209275&rmtc=t&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1&pii=&in=false&key=fb866e7b401f197b5e12a2b78590cd45&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&kw=%5B%22seriale%22%2C%22shqip%22%5D&tz=0&dev=e&res=12.1055
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2495)
Hash c9240cf3df6baf7f2ff774a2c708159b
3cd75c15019d4408298ab6dad205afc49c5b38d8
15e7448b43b5069957fcbcbb08b3b47da0b504a6ad59d34661d67c3182632e7c
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1399736631600?shu=1aa14ad527056462a2cbd7268f33fa038c2f82efe9dbed7bb6eb484bd248b9b09b2426e59c4dbe0e5f457a84a2f53a4950c0d9376c27e1bdb9a2b24274308def1a61e29cd56939ba19d7fa28cce156d5d785ffb384e24ee732ad75908bec30&pst=1670209275&rmtc=t&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1&pii=&in=false&key=fb866e7b401f197b5e12a2b78590cd45&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&kw=%5B%22seriale%22%2C%22shqip%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: triflingzenithenergetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://triflingzenithenergetic.com/watch.1399736631600?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=553b6b11-20cc-4707-af26-1e688ce12ca0%3A2%3A1
Cookie: u_pl=17672262; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjI2MiwiayI6ImZiODY2ZTdiNDAxZjE5N2I1ZTEyYTJiNzg1OTBjZDQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ4M2k3YmY2d24iLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuc2VyaWFsZS1zaHFpcDEyMy5jb20vIn19.UcpvsW69GtGvzGacq7cy1xokMgZtw_p6MjmqHo4TKZM; uid_id2=553b6b11-20cc-4707-af26-1e688ce12ca0:2:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 03:00:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com/
Access-Control-Allow-Origin: https://www.seriale-shqip123.com/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=553b6b11-20cc-4707-af26-1e688ce12ca0:2:1; expires=Mon, 12 Dec 2022 03:00:15 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 06 Dec 2022 03:00:15 GMT; secure; SameSite=None
uncs=1; expires=Tue, 06 Dec 2022 03:00:15 GMT; secure; SameSite=None
pdhtkv27=true; expires=Tue, 06 Dec 2022 03:00:15 GMT; secure; SameSite=None
uncs27=1; expires=Tue, 06 Dec 2022 03:00:15 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2bbb868ff5a7f8d8096817e4ca84df7c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/bi/5b/35/cf/5b35cf2ad1fcc6c2666cf7b605967475/1647771510.jpg
45.133.44.10200 OK 42 kB URL HTTP/2 cdn.cloudimagesb.com/bi/5b/35/cf/5b35cf2ad1fcc6c2666cf7b605967475/1647771510.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2022:03:14 17:14:22], baseline, precision 8, 320x50, components 3\012- data
Hash 4422760b0283f45be5e2ecdc7f7febe1
42ec92ab50ede72645ca50bfb52d2ee4d59b6030
f7eabaa21875d9a1543d0cf56bda38e15b5eba986d7bd615bd0e5fbf1deae62f
GET /bi/5b/35/cf/5b35cf2ad1fcc6c2666cf7b605967475/1647771510.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://triflingzenithenergetic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:00:15 GMT
content-type: image/jpeg
content-length: 41505
server: nginx/1.17.6
last-modified: Sun, 20 Mar 2022 10:18:36 GMT
etag: "6236ff7c-a221"
expires: Wed, 07 Dec 2022 03:00:15 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17672177
192.243.61.225200 OK 1.3 kB URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17672177
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash a33015597cdf1ecd66cd8671b1dd57e9
f2400f7099a97cbf120677e65111aefd34288347
f76cc3d0697657eba88bf102e971eeeeb55ad8efd8610a1b02661322b98bfd90
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17672177 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Cookie: u_pl=16122660; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 03:00:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc2NzIxNzciLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoyLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.9Pt13onl6AsT_WAiGs0h3l1kuTIRBREt-ly6tOaRgew; expires=Mon, 05 Dec 2022 03:01:15 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9928295e98718904d61c9c6ccb388231
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.spikereekvelocity.com/dyfc1k09?shu=6e03e3f24302467c0a9439a3723bc698264ea46d36d39c8cc61ee806f844a8a0dd8e25a242d0df45b998fdba5cb5c4e610c16a87a347ae18cb51ad4da7fe506cf9d2ea69dec9571fea8669ae4f5387fba8b406&pst=1670209275&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&psid=17672177
192.243.61.225302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?shu=6e03e3f24302467c0a9439a3723bc698264ea46d36d39c8cc61ee806f844a8a0dd8e25a242d0df45b998fdba5cb5c4e610c16a87a347ae18cb51ad4da7fe506cf9d2ea69dec9571fea8669ae4f5387fba8b406&pst=1670209275&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&psid=17672177
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=6e03e3f24302467c0a9439a3723bc698264ea46d36d39c8cc61ee806f844a8a0dd8e25a242d0df45b998fdba5cb5c4e610c16a87a347ae18cb51ad4da7fe506cf9d2ea69dec9571fea8669ae4f5387fba8b406&pst=1670209275&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&psid=17672177 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc2NzIxNzciLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoyLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.9Pt13onl6AsT_WAiGs0h3l1kuTIRBREt-ly6tOaRgew; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 03:00:15 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: http://dipaka-ead.com/zcvisitor/f17ad623-7448-11ed-b0cc-128373261d07/014d4f70-c126-11e5-9ddc-0afe289da1cd?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51
Set-Cookie: uncs=2; expires=Tue, 06 Dec 2022 03:00:15 GMT
uncs28=2; expires=Tue, 06 Dec 2022 03:00:15 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: edc771293001cab45cbaca709ccfbace
Strict-Transport-Security: max-age=0; includeSubdomains
dipaka-ead.com/zcvisitor/f17ad623-7448-11ed-b0cc-128373261d07/014d4f70-c126-11e5-9ddc-0afe289da1cd?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51
3.212.50.125302 0 B URL HTTP/1.1 dipaka-ead.com/zcvisitor/f17ad623-7448-11ed-b0cc-128373261d07/014d4f70-c126-11e5-9ddc-0afe289da1cd?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51
IP 3.212.50.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zcvisitor/f17ad623-7448-11ed-b0cc-128373261d07/014d4f70-c126-11e5-9ddc-0afe289da1cd?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51 HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Date: Mon, 05 Dec 2022 03:00:16 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Location: https://shopde.pricedeals.shop/go.php?market=no&zrf17ad623744811edb0cc128373261d07fa898aa06f864497b6b22f748693cc08069483c6cd472124e7
Server: CoVvFqYH
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5eb7927960ce41e3ef457eb817020b34
6f4b4b6b47d045d9948235c5635dc418c74631d6
729caa785d1fa36caca999b56682b9515cf32088c06a70ef4f3f14a93855e90b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "729CAA785D1FA36CACA999B56682B9515CF32088C06A70EF4F3F14A93855E90B"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7357
Expires: Mon, 05 Dec 2022 05:02:53 GMT
Date: Mon, 05 Dec 2022 03:00:16 GMT
Connection: keep-alive
shopde.pricedeals.shop/go.php?market=no&zrf17ad623744811edb0cc128373261d07fa898aa06f864497b6b22f748693cc08069483c6cd472124e7
135.181.6.240200 OK 569 B URL HTTP/1.1 shopde.pricedeals.shop/go.php?market=no&zrf17ad623744811edb0cc128373261d07fa898aa06f864497b6b22f748693cc08069483c6cd472124e7
IP 135.181.6.240:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (449)
Hash ce83d44bb0f883508c49ffca40ebfa0f
bf78061afc6c24df709dc2b63c160513b7189704
6c1f1dc69179f8d032296401613240b55c28a0f1745bc4a421b247576281802e
GET /go.php?market=no&zrf17ad623744811edb0cc128373261d07fa898aa06f864497b6b22f748693cc08069483c6cd472124e7 HTTP/1.1
Host: shopde.pricedeals.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 03:00:16 GMT
Server: Apache/2.4.54 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 569
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
shopde.pricedeals.shop/favicon.ico
135.181.6.240404 Not Found 285 B URL HTTP/1.1 shopde.pricedeals.shop/favicon.ico
IP 135.181.6.240:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cd85cf7b8f9a014ae145681b1f5e73d
a574403ec64b443a802d0980e3bd368bafebe2d9
cb5d0086c43932c164cc6892b9f762fb4128c182d3dbdbf476036a2783f0023b
GET /favicon.ico HTTP/1.1
Host: shopde.pricedeals.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/go.php?market=no&zrf17ad623744811edb0cc128373261d07fa898aa06f864497b6b22f748693cc08069483c6cd472124e7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 05 Dec 2022 03:00:16 GMT
Server: Apache/2.4.54 (Debian)
Content-Length: 285
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
shopde.pricedeals.shop/redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzAxMjk0NTM1OTcmLnNpZz14a2tXLmh2YUtuandlR1hzNTF5ZW9ZZlVfRWMtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTQyOTk5MTMmY291bnRyeT1ubyZvZmZlcklkPTEyMTFlYTBhNTFiNTZlNTUyMjNiMTc3YjcyODA0ZGEwJnNlcnZpY2U9MzcmdG9rZW5JZD0zMmYzNDMxMi1mMjAzLTQwNzAtODY4NS01NDJmYjEyN2IxMTAmd2FpdD10cnVlJmFkZGVkUGFyYW1zPXRydWUmY3VzdG9tMT01MSY
135.181.6.240200 OK 465 B URL HTTP/1.1 shopde.pricedeals.shop/redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzAxMjk0NTM1OTcmLnNpZz14a2tXLmh2YUtuandlR1hzNTF5ZW9ZZlVfRWMtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTQyOTk5MTMmY291bnRyeT1ubyZvZmZlcklkPTEyMTFlYTBhNTFiNTZlNTUyMjNiMTc3YjcyODA0ZGEwJnNlcnZpY2U9MzcmdG9rZW5JZD0zMmYzNDMxMi1mMjAzLTQwNzAtODY4NS01NDJmYjEyN2IxMTAmd2FpdD10cnVlJmFkZGVkUGFyYW1zPXRydWUmY3VzdG9tMT01MSY
IP 135.181.6.240:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (362)
Hash 6e5f6d843ee45cfb2ca86d959cb554bc
8564d3f90fb9a20307e8ee0dedfc4257b01da5cd
6dcd7f2d3d7674c9dc6575a3c635a37306d6e30fad7fc1eed047da21cb89d84f
GET /redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzAxMjk0NTM1OTcmLnNpZz14a2tXLmh2YUtuandlR1hzNTF5ZW9ZZlVfRWMtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTQyOTk5MTMmY291bnRyeT1ubyZvZmZlcklkPTEyMTFlYTBhNTFiNTZlNTUyMjNiMTc3YjcyODA0ZGEwJnNlcnZpY2U9MzcmdG9rZW5JZD0zMmYzNDMxMi1mMjAzLTQwNzAtODY4NS01NDJmYjEyN2IxMTAmd2FpdD10cnVlJmFkZGVkUGFyYW1zPXRydWUmY3VzdG9tMT01MSY HTTP/1.1
Host: shopde.pricedeals.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/go.php?market=no&zrf17ad623744811edb0cc128373261d07fa898aa06f864497b6b22f748693cc08069483c6cd472124e7
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 03:00:17 GMT
Server: Apache/2.4.54 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 465
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b479c27a6e6909ff43b5650238b5af27
e81427361cd3d797f1d6d047aa5efb768b5f23a7
e477a0350b397c500a6bb6fa46aa3dc4012a1cd0eceff505bc339c177e4562fb
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4028
Cache-Control: max-age=142653
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:00:18 GMT
Etag: "638cd943-1d7"
Expires: Tue, 06 Dec 2022 18:37:51 GMT
Last-Modified: Sun, 04 Dec 2022 17:30:43 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670129453597&.sig=xkkW.hvaKnjweGXs51yeoYfU_Ec-&affiliationId=96979714&comId=14299913&country=no&offerId=1211ea0a51b56e55223b177b72804da0&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=51&
95.211.116.27200 OK 29 kB URL HTTP/1.1 no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670129453597&.sig=xkkW.hvaKnjweGXs51yeoYfU_Ec-&affiliationId=96979714&comId=14299913&country=no&offerId=1211ea0a51b56e55223b177b72804da0&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=51&
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002)
Hash b79b443518e1d9b4d4ea0a4797544958
ec90ba76dffa60e3f54762cd0c521128d4906bc7
107b34953fb5515e715c96afbf015414ed856b7f44b8c77f3ca4eaa65fd83c9c
GET /ctl/go/offersearchGo?.ts=1670129453597&.sig=xkkW.hvaKnjweGXs51yeoYfU_Ec-&affiliationId=96979714&comId=14299913&country=no&offerId=1211ea0a51b56e55223b177b72804da0&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=51& HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 03:00:18 GMT
leadId: dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670209218501_2062541
clickId: 107698148_1670209218494_12684961
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.036465S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 29322
Set-Cookie: datadome=5Va_ax~eJlbVUqKNdbj4KV733P03pqJFG5DqWs141JO4YDqH43J_gLsQfH8EQPgtv8meEkNsFw1wG7SkSfvZ8HMkOLc5OUSE4ZW~cT91pGRKFsfZPAiUsmqAkMKkZ3h8; Max-Age=31536000; Expires=Tue, 05 Dec 2023 03:00:18 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c6294-184e03a27be-3cc766; Max-Age=31536000; Expires=Tue, 05 Dec 2023 03:00:18 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=81
Connection: Keep-Alive
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2ba82a2f4f1daadc81beac60d0f0fdd606f7e0e4a7f9dd8c0001e4060da492807930cacbf8c7f8db71fefee800453975ed87e9caf6f3041ee9732e8d708614f23ebcc99a30b1b479d53f7cb70cccb56e6ca5f6577f48cc6b26e43fe04ac6d979bb371fef6b925a916f4f549092f53f06c3125127a891bbe9f4ecf134607ea3b498b3d8fd9d858d40dc3dc6950fe549eb8f861ae0a328031db2324e1ce588b40de&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670209218501_2062541&clickId=107698148_1670209218494_12684961
95.211.116.27200 OK 68 B URL HTTP/1.1 no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2ba82a2f4f1daadc81beac60d0f0fdd606f7e0e4a7f9dd8c0001e4060da492807930cacbf8c7f8db71fefee800453975ed87e9caf6f3041ee9732e8d708614f23ebcc99a30b1b479d53f7cb70cccb56e6ca5f6577f48cc6b26e43fe04ac6d979bb371fef6b925a916f4f549092f53f06c3125127a891bbe9f4ecf134607ea3b498b3d8fd9d858d40dc3dc6950fe549eb8f861ae0a328031db2324e1ce588b40de&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670209218501_2062541&clickId=107698148_1670209218494_12684961
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2ba82a2f4f1daadc81beac60d0f0fdd606f7e0e4a7f9dd8c0001e4060da492807930cacbf8c7f8db71fefee800453975ed87e9caf6f3041ee9732e8d708614f23ebcc99a30b1b479d53f7cb70cccb56e6ca5f6577f48cc6b26e43fe04ac6d979bb371fef6b925a916f4f549092f53f06c3125127a891bbe9f4ecf134607ea3b498b3d8fd9d858d40dc3dc6950fe549eb8f861ae0a328031db2324e1ce588b40de&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670209218501_2062541&clickId=107698148_1670209218494_12684961 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670129453597&.sig=xkkW.hvaKnjweGXs51yeoYfU_Ec-&affiliationId=96979714&comId=14299913&country=no&offerId=1211ea0a51b56e55223b177b72804da0&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=51&
Connection: keep-alive
Cookie: datadome=5Va_ax~eJlbVUqKNdbj4KV733P03pqJFG5DqWs141JO4YDqH43J_gLsQfH8EQPgtv8meEkNsFw1wG7SkSfvZ8HMkOLc5OUSE4ZW~cT91pGRKFsfZPAiUsmqAkMKkZ3h8; kelkooID=a4c6294-184e03a27be-3cc766
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 03:00:18 GMT
Request-Time: PT0.001507S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: image/png
Content-Length: 68
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=98
Connection: Keep-Alive
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2ba82a2f4f1daadc81beac60d0f0fdd606f7e0e4a7f9dd8c0001e4060da492807930cacbf8c7f8db71fefee800453975ed87e9caf6f3041ee9732e8d708614f23ebcc99a30b1b479d53f7cb70cccb56e6ca5f6577f48cc6b26e43fe04ac6d979bb371fef6b925a916f4f549092f53f06c3125127a891bbe9f4ecf134607ea3b498b3d8fd9d858d40dc3dc6950fe549eb8f861ae0a328031db2324e1ce588b40de&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670209218501_2062541&clickId=107698148_1670209218494_12684961
95.211.116.27200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2ba82a2f4f1daadc81beac60d0f0fdd606f7e0e4a7f9dd8c0001e4060da492807930cacbf8c7f8db71fefee800453975ed87e9caf6f3041ee9732e8d708614f23ebcc99a30b1b479d53f7cb70cccb56e6ca5f6577f48cc6b26e43fe04ac6d979bb371fef6b925a916f4f549092f53f06c3125127a891bbe9f4ecf134607ea3b498b3d8fd9d858d40dc3dc6950fe549eb8f861ae0a328031db2324e1ce588b40de&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670209218501_2062541&clickId=107698148_1670209218494_12684961
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2ba82a2f4f1daadc81beac60d0f0fdd606f7e0e4a7f9dd8c0001e4060da492807930cacbf8c7f8db71fefee800453975ed87e9caf6f3041ee9732e8d708614f23ebcc99a30b1b479d53f7cb70cccb56e6ca5f6577f48cc6b26e43fe04ac6d979bb371fef6b925a916f4f549092f53f06c3125127a891bbe9f4ecf134607ea3b498b3d8fd9d858d40dc3dc6950fe549eb8f861ae0a328031db2324e1ce588b40de&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670209218501_2062541&clickId=107698148_1670209218494_12684961 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670129453597&.sig=xkkW.hvaKnjweGXs51yeoYfU_Ec-&affiliationId=96979714&comId=14299913&country=no&offerId=1211ea0a51b56e55223b177b72804da0&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=51&
Content-Type: text/plain;charset=utf-8
Content-Length: 548
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=5Va_ax~eJlbVUqKNdbj4KV733P03pqJFG5DqWs141JO4YDqH43J_gLsQfH8EQPgtv8meEkNsFw1wG7SkSfvZ8HMkOLc5OUSE4ZW~cT91pGRKFsfZPAiUsmqAkMKkZ3h8; kelkooID=a4c6294-184e03a27be-3cc766; _ga=GA1.2.1894647637.1670209216; _gid=GA1.2.38163491.1670209216
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 03:00:18 GMT
Request-Time: PT0.002509S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=97
Connection: Keep-Alive
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2ba82a2f4f1daadc81beac60d0f0fdd606f7e0e4a7f9dd8c0001e4060da492807930cacbf8c7f8db71fefee800453975ed87e9caf6f3041ee9732e8d708614f23ebcc99a30b1b479d53f7cb70cccb56e6ca5f6577f48cc6b26e43fe04ac6d979bb371fef6b925a916f4f549092f53f06c3125127a891bbe9f4ecf134607ea3b498b3d8fd9d858d40dc3dc6950fe549eb8f861ae0a328031db2324e1ce588b40de&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670209218501_2062541&clickId=107698148_1670209218494_12684961&url=https%3A%2F%2Ftrack.productsup.io%2Fclick.redir%3Fsiteid%3D469050%26version%3D1.0%26pup_e%3D7%26pup_cid%3D79446%26pup_id%3D9949058%26redir%3Dhttps%253A%252F%252Fwww.lampegiganten.no%252Flindby-jarte-utendors-led-vegglampe-20-cm-up-down.html%253Fkk%253Da4c6294-184e03a27be-3cc766%2526utm_medium%253Dpv%2526utm_source%253Dkelkoo%2526utm_campaign%253Dcpc_no%2526utm_content%253D9949058%2526utm_term%253D139&initiator=timeout
95.211.116.27303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2ba82a2f4f1daadc81beac60d0f0fdd606f7e0e4a7f9dd8c0001e4060da492807930cacbf8c7f8db71fefee800453975ed87e9caf6f3041ee9732e8d708614f23ebcc99a30b1b479d53f7cb70cccb56e6ca5f6577f48cc6b26e43fe04ac6d979bb371fef6b925a916f4f549092f53f06c3125127a891bbe9f4ecf134607ea3b498b3d8fd9d858d40dc3dc6950fe549eb8f861ae0a328031db2324e1ce588b40de&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670209218501_2062541&clickId=107698148_1670209218494_12684961&url=https%3A%2F%2Ftrack.productsup.io%2Fclick.redir%3Fsiteid%3D469050%26version%3D1.0%26pup_e%3D7%26pup_cid%3D79446%26pup_id%3D9949058%26redir%3Dhttps%253A%252F%252Fwww.lampegiganten.no%252Flindby-jarte-utendors-led-vegglampe-20-cm-up-down.html%253Fkk%253Da4c6294-184e03a27be-3cc766%2526utm_medium%253Dpv%2526utm_source%253Dkelkoo%2526utm_campaign%253Dcpc_no%2526utm_content%253D9949058%2526utm_term%253D139&initiator=timeout
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2ba82a2f4f1daadc81beac60d0f0fdd606f7e0e4a7f9dd8c0001e4060da492807930cacbf8c7f8db71fefee800453975ed87e9caf6f3041ee9732e8d708614f23ebcc99a30b1b479d53f7cb70cccb56e6ca5f6577f48cc6b26e43fe04ac6d979bb371fef6b925a916f4f549092f53f06c3125127a891bbe9f4ecf134607ea3b498b3d8fd9d858d40dc3dc6950fe549eb8f861ae0a328031db2324e1ce588b40de&leadId=dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670209218501_2062541&clickId=107698148_1670209218494_12684961&url=https%3A%2F%2Ftrack.productsup.io%2Fclick.redir%3Fsiteid%3D469050%26version%3D1.0%26pup_e%3D7%26pup_cid%3D79446%26pup_id%3D9949058%26redir%3Dhttps%253A%252F%252Fwww.lampegiganten.no%252Flindby-jarte-utendors-led-vegglampe-20-cm-up-down.html%253Fkk%253Da4c6294-184e03a27be-3cc766%2526utm_medium%253Dpv%2526utm_source%253Dkelkoo%2526utm_campaign%253Dcpc_no%2526utm_content%253D9949058%2526utm_term%253D139&initiator=timeout HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670129453597&.sig=xkkW.hvaKnjweGXs51yeoYfU_Ec-&affiliationId=96979714&comId=14299913&country=no&offerId=1211ea0a51b56e55223b177b72804da0&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=51&
Connection: keep-alive
Cookie: datadome=5Va_ax~eJlbVUqKNdbj4KV733P03pqJFG5DqWs141JO4YDqH43J_gLsQfH8EQPgtv8meEkNsFw1wG7SkSfvZ8HMkOLc5OUSE4ZW~cT91pGRKFsfZPAiUsmqAkMKkZ3h8; kelkooID=a4c6294-184e03a27be-3cc766; _ga=GA1.2.1894647637.1670209216; _gid=GA1.2.38163491.1670209216
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 303 See Other
Date: Mon, 05 Dec 2022 03:00:18 GMT
leadId: dc1-kls-prod-ls-03.prod.dc1.kelkoo.net_1670209218501_2062541
clickId: 107698148_1670209218494_12684961
country: no
Location: https://track.productsup.io/click.redir?siteid=469050&version=1.0&pup_e=7&pup_cid=79446&pup_id=9949058&redir=https%3A%2F%2Fwww.lampegiganten.no%2Flindby-jarte-utendors-led-vegglampe-20-cm-up-down.html%3Fkk%3Da4c6294-184e03a27be-3cc766%26utm_medium%3Dpv%26utm_source%3Dkelkoo%26utm_campaign%3Dcpc_no%26utm_content%3D9949058%26utm_term%3D139
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.01589S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=7FJVKkigOeTN0275nQ8ChZpvVEVRt3GMBcm-mWfzdf0LvDg7LD5l64NEaI7Jow6oRNPS50xVVXamhY~IdfOkm__LNCUTl67YgGEpoI~D_~vvfZqCdRbh7qU0KMFJolCv; Max-Age=31536000; Expires=Tue, 05 Dec 2023 03:00:18 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=87
Connection: Keep-Alive
Content-Type: text/plain
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 235f70681ca25bb655f5549f107d8660
474c10f4146a80b496138d5f2328fe5a6654c8d2
acc0a761ccaa949867b9b54307d3d6ab4809cd6d1ccd6b9126b06af70de6a5f2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 03:00:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 04:00:23 GMT
Expires: Sat, 10 Dec 2022 04:00:22 GMT
Etag: "474c10f4146a80b496138d5f2328fe5a6654c8d2"
Cache-Control: max-age=435003,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774987e258e6b523-OSL
track.productsup.io/click.redir?siteid=469050&version=1.0&pup_e=7&pup_cid=79446&pup_id=9949058&redir=https%3A%2F%2Fwww.lampegiganten.no%2Flindby-jarte-utendors-led-vegglampe-20-cm-up-down.html%3Fkk%3Da4c6294-184e03a27be-3cc766%26utm_medium%3Dpv%26utm_source%3Dkelkoo%26utm_campaign%3Dcpc_no%26utm_content%3D9949058%26utm_term%3D139
95.217.208.241301 Moved Permanently 191 B URL HTTP/1.1 track.productsup.io/click.redir?siteid=469050&version=1.0&pup_e=7&pup_cid=79446&pup_id=9949058&redir=https%3A%2F%2Fwww.lampegiganten.no%2Flindby-jarte-utendors-led-vegglampe-20-cm-up-down.html%3Fkk%3Da4c6294-184e03a27be-3cc766%26utm_medium%3Dpv%26utm_source%3Dkelkoo%26utm_campaign%3Dcpc_no%26utm_content%3D9949058%26utm_term%3D139
IP 95.217.208.241:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 071fd8ecafea25912fcd3ac36da047f8
1df9fbcde3170de426d4ca7fa23870e69ac7f5a7
6a0441175769a66b712c9e317a0c46df05120400370b4f9fc9828d30e9338b08
GET /click.redir?siteid=469050&version=1.0&pup_e=7&pup_cid=79446&pup_id=9949058&redir=https%3A%2F%2Fwww.lampegiganten.no%2Flindby-jarte-utendors-led-vegglampe-20-cm-up-down.html%3Fkk%3Da4c6294-184e03a27be-3cc766%26utm_medium%3Dpv%26utm_source%3Dkelkoo%26utm_campaign%3Dcpc_no%26utm_content%3D9949058%26utm_term%3D139 HTTP/1.1
Host: track.productsup.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: openresty/1.13.6.2
Date: Mon, 05 Dec 2022 03:00:18 GMT
Content-Type: text/html
Content-Length: 191
Connection: close
Location: https://www.lampegiganten.no/lindby-jarte-utendors-led-vegglampe-20-cm-up-down.html?kk=a4c6294-184e03a27be-3cc766&utm_medium=pv&utm_source=kelkoo&utm_campaign=cpc_no&utm_content=9949058&utm_term=139
X-CW-LOC: PAGE 1.3.4
Pragma: no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: post-check=0, pre-check=0
P3P: CP="NOI DSP COR LAW CUR ADM TAI PSA PSD IVA IVD HIS OUR SAM OTR LEG UNI COM NAV DEM CNT LOC"
Set-Cookie: _auid=7176093956160453215;Domain=.productsup.io;Path=/;Max-Age=2592000;SameSite=None;Secure;
voe.sx/e/4uxo1px9v6kg
186.2.163.208302 Found 0 B IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
GET /e/4uxo1px9v6kg HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=f7QTswA7En9v4Kl6MCqz; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 05-Dec-2023 03:00:14 GMT
date: Mon, 05 Dec 2022 03:00:14 GMT
content-type: text/html
location: https://20demidistance9elongations.com/e/4uxo1px9v6kg
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
voe.sx/e/kq1pbk7ddu8u
186.2.163.208302 Found 0 B IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
GET /e/kq1pbk7ddu8u HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=H8vFWHw3QZZKu2KJ3s1d; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 05-Dec-2023 03:00:14 GMT
date: Mon, 05 Dec 2022 03:00:14 GMT
content-type: text/html
location: https://20demidistance9elongations.com/e/kq1pbk7ddu8u
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
voe.sx/e/998536e6yw6j
186.2.163.208302 Found 0 B IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
GET /e/998536e6yw6j HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=MaaOevXtYNuX4Plv3pwW; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 05-Dec-2023 03:00:14 GMT
date: Mon, 05 Dec 2022 03:00:14 GMT
content-type: text/html
location: https://20demidistance9elongations.com/e/998536e6yw6j
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
voe.sx/e/4jm1yuzhsfwl
186.2.163.208302 Found 0 B IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
GET /e/4jm1yuzhsfwl HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=5Epzrs1DQZCN1zfFieQG; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 05-Dec-2023 03:00:14 GMT
date: Mon, 05 Dec 2022 03:00:14 GMT
content-type: text/html
location: https://20demidistance9elongations.com/e/4jm1yuzhsfwl
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
dood.re/e/iiib5r5crba8
104.26.5.50200 OK 0 B IP 104.26.5.50:0
GET /e/iiib5r5crba8 HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:00:14 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 04 Dec 2022 03:00:14 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9hdTXEX%2BM0kAuSARNr4jVW8r6Uz8bKlWlLDdehtYQu1qS3GjTsQ%2FW9qwxqgsF5vaO%2FOOd3Sg2Me%2F8ySx1VHLkj%2Bvd7QbY1lKYfOE8GfJgpvGc2rZLb7kZ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774987c40b3b0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dood.re/e/mq9lywt1g900
104.26.5.50200 OK 0 B IP 104.26.5.50:0
GET /e/mq9lywt1g900 HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:00:14 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 04 Dec 2022 03:00:14 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHIntYea8sYBMcn7JbjwtViY78%2B%2FfVbKOffCfAwyQwNYB1Q9GC%2FPHLUXk8r66tFU7a8wX8LLYwIkXI4lYWSYOGgW6JC03NslFRf%2FVmoam92fqZxQMZzGA80%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774987c3bb240b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
voe.sx/e/70mrb03dilfe
186.2.163.208302 Found 0 B IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
GET /e/70mrb03dilfe HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=EbqG1XB6QB7caUo5FCoc; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 05-Dec-2023 03:00:14 GMT
date: Mon, 05 Dec 2022 03:00:14 GMT
content-type: text/html
location: https://20demidistance9elongations.com/e/70mrb03dilfe
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
voe.sx/e/4pftaw8uk83u
186.2.163.208302 Found 0 B IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
GET /e/4pftaw8uk83u HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=MthmDLhGLJiafVfFvVhw; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 05-Dec-2023 03:00:14 GMT
date: Mon, 05 Dec 2022 03:00:14 GMT
content-type: text/html
location: https://20demidistance9elongations.com/e/4pftaw8uk83u
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
voe.sx/e/lc81te4pt0gx
186.2.163.208302 Found 0 B IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
GET /e/lc81te4pt0gx HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=RPJSetsAJLPqwZ2hPNH1; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 05-Dec-2023 03:00:14 GMT
date: Mon, 05 Dec 2022 03:00:14 GMT
content-type: text/html
location: https://20demidistance9elongations.com/e/lc81te4pt0gx
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
voe.sx/e/6wlw25qi9tmp
186.2.163.208302 Found 0 B IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
GET /e/6wlw25qi9tmp HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=AqgO3nEDgbqUEZs5G4CB; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 05-Dec-2023 03:00:14 GMT
date: Mon, 05 Dec 2022 03:00:14 GMT
content-type: text/html
location: https://20demidistance9elongations.com/e/6wlw25qi9tmp
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
voe.sx/e/f1dqqqa9mfp2
186.2.163.208302 Found 0 B IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
GET /e/f1dqqqa9mfp2 HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=6V10yCzoNmtXTOAUXfaj; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 05-Dec-2023 03:00:14 GMT
date: Mon, 05 Dec 2022 03:00:14 GMT
content-type: text/html
location: https://20demidistance9elongations.com/e/f1dqqqa9mfp2
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
voe.sx/e/ceezuaemztnb
186.2.163.208302 Found 0 B IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
GET /e/ceezuaemztnb HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=zPiAvVGjTseETGEYPd1n; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 05-Dec-2023 03:00:14 GMT
date: Mon, 05 Dec 2022 03:00:14 GMT
content-type: text/html
location: https://20demidistance9elongations.com/e/ceezuaemztnb
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
i.ytimg.com/vi/QACnt6qesas/maxresdefault.jpg
142.250.74.118200 OK 0 B URL HTTP/2 i.ytimg.com/vi/QACnt6qesas/maxresdefault.jpg
IP 142.250.74.118:0
GET /vi/QACnt6qesas/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 101733
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 01:19:32 GMT
expires: Mon, 05 Dec 2022 03:19:32 GMT
cache-control: public, max-age=7200
age: 6039
etag: "1669926772"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dood.re/e/ixqkm8uf707r
104.26.5.50200 OK 0 B IP 104.26.5.50:0
GET /e/ixqkm8uf707r HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:00:14 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 04 Dec 2022 03:00:14 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BFc9XMFYP1zC3HZ%2BPwS13PdHYpOVD5Axrv48SpUmw1ourjE4OXgA9Fbqi%2BjuFvJiT1gLcVfJHACPX%2Fclmzs%2F1SWObDcfQwEfqU9nvSe2Gtqmr2xtDOmr87k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774987c3bb270b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
voe.sx/e/ixx8njt9qeub
186.2.163.208302 Found 0 B IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
GET /e/ixx8njt9qeub HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=L5Xnyota3tLI7UYZCGXL; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 05-Dec-2023 03:00:14 GMT
date: Mon, 05 Dec 2022 03:00:14 GMT
content-type: text/html
location: https://20demidistance9elongations.com/e/ixx8njt9qeub
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
voe.sx/e/4vg9g1e58zon
186.2.163.208302 Found 0 B IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
GET /e/4vg9g1e58zon HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=GHCRnL8Y82MVQgEcGmws; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 05-Dec-2023 03:00:14 GMT
date: Mon, 05 Dec 2022 03:00:14 GMT
content-type: text/html
location: https://20demidistance9elongations.com/e/4vg9g1e58zon
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
hqq.to/e/czFYY0NGSHE0VGxHVGFzOENoTU5Ydz09
190.115.19.71200 OK 0 B URL HTTP/2 hqq.to/e/czFYY0NGSHE0VGxHVGFzOENoTU5Ydz09
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /e/czFYY0NGSHE0VGxHVGFzOENoTU5Ydz09 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=GJYxobVLUlLfgV69kcrv; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 05-Dec-2023 03:00:14 GMT
date: Mon, 05 Dec 2022 03:00:13 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: EXPIRED
x-inferno-location: player
x-inferno-limit-req: PASSED
X-Firefox-Spdy: h2
dood.re/e/ih2bbk9bsuqq
104.26.5.50200 OK 0 B IP 104.26.5.50:0
GET /e/ih2bbk9bsuqq HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:00:14 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 04 Dec 2022 03:00:14 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwaLIm%2BBOgRj%2FqRz6QT%2BnChGw%2BlYXHrAKNtBmpPhv7ngfKyKbZdE0gUQqwnLuVRZ16R7%2ByUAeWQCKjVKQbI%2BAJDmAceXOujPgBAFw0EFLFYSaXqvRg%2B5ZBk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774987c3bb1e0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
voe.sx/e/zo22diq1nbor
186.2.163.208302 Found 0 B IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
GET /e/zo22diq1nbor HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=PWzGla1cDmyFDdM31LxG; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 05-Dec-2023 03:00:14 GMT
date: Mon, 05 Dec 2022 03:00:14 GMT
content-type: text/html
location: https://20demidistance9elongations.com/e/zo22diq1nbor
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
voe.sx/e/dqihblbf3o9u
186.2.163.208302 Found 0 B IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
GET /e/dqihblbf3o9u HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=QqWIy6B99ry8YrZwFf56; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 05-Dec-2023 03:00:14 GMT
date: Mon, 05 Dec 2022 03:00:14 GMT
content-type: text/html
location: https://20demidistance9elongations.com/e/dqihblbf3o9u
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
voe.sx/e/mg609014p9mi
186.2.163.208302 Found 0 B IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
GET /e/mg609014p9mi HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=qgjkbDBt9gjlm16zb8vd; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 05-Dec-2023 03:00:14 GMT
date: Mon, 05 Dec 2022 03:00:14 GMT
content-type: text/html
location: https://20demidistance9elongations.com/e/mg609014p9mi
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2