seriale-shqip123.com/
216.239.36.21301 Moved Permanently 229 B IP 216.239.36.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 03624e37e152a1c4219020d5873de96f
928572c956e865200cee05e1a38c727e401122fe
409ece6bce78a63be17eba0ee4887c7a48703e54e148d76b0947fe5437e3e91b
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: seriale-shqip123.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: http://www.seriale-shqip123.com/
Date: Mon, 28 Nov 2022 23:24:58 GMT
Content-Type: text/html; charset=UTF-8
Server: ghs
Content-Length: 229
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3835
Expires: Tue, 29 Nov 2022 00:28:53 GMT
Date: Mon, 28 Nov 2022 23:24:58 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3593
Cache-Control: max-age=129976
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:58 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 11:31:14 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 23:17:50 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 428
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7478
Expires: Tue, 29 Nov 2022 01:29:36 GMT
Date: Mon, 28 Nov 2022 23:24:58 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: O6Ewuu70NHCxUTWrJBJwEAqJBfCuuTcBXLV8SAWUl3Q08iTOp9GJJm9cQblJLsYoV/1RgspW/sM=
x-amz-request-id: MAGMRM4MH5MX9N3J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 22:42:15 GMT
age: 2563
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 23:24:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.seriale-shqip123.com/
142.250.74.83301 Moved Permanently 181 B URL HTTP/1.1 www.seriale-shqip123.com/
IP 142.250.74.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c0cdc588fcc1b50c6fb03989c2691d9f
70dc73ed31870c67a299fa50b81ee0b818867df1
ed5ecf4fe7ac526559c0e4b62c4803a0dc141a37c93dcf9085407f73a95ad591
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.seriale-shqip123.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.seriale-shqip123.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 28 Nov 2022 23:24:58 GMT
Expires: Mon, 28 Nov 2022 23:24:58 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 181
Server: GSE
ocsp.pki.goog/s/gts1d4/hvOXnEUejGU
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/hvOXnEUejGU
IP 142.250.74.35:0
Hash 4af432bd12e0a7e6e6dc42afc33ab699
5026bf21a31bf19b78290f9374837b3e7fea1b0e
207ddeedf39da1e58984e8d6303315b1308ae51a9b06a088a9f2af71aa885201
POST /s/gts1d4/hvOXnEUejGU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 23:11:12 GMT
cache-control: public,max-age=3600
age: 827
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5861
Cache-Control: max-age=127177
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:44:36 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
www.seriale-shqip123.com/
142.250.74.83200 OK 26 kB URL HTTP/2 www.seriale-shqip123.com/
IP 142.250.74.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1495)
Hash 034cb4d28b4cbcfb9535fe069351392c
bc94b265b770922f7becbaabe09495b7e8ee68d7
e44933ead2e1331591464aefd53465d36609c2346d7166bf28aea4658875d993
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.seriale-shqip123.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Mon, 28 Nov 2022 23:24:59 GMT
date: Mon, 28 Nov 2022 23:24:59 GMT
cache-control: private, max-age=0
last-modified: Mon, 28 Nov 2022 21:41:16 GMT
etag: W/"ab95026b7825595e6d79d4cfc70a2674480ed7bfaac1338ad57ad27057302ad4"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 26138
server: GSE
X-Firefox-Spdy: h2
www.seriale-shqip123.com/js/cookienotice.js
142.250.74.83200 OK 2.0 kB URL HTTP/2 www.seriale-shqip123.com/js/cookienotice.js
IP 142.250.74.83:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Phishing
GET /js/cookienotice.js HTTP/1.1
Host: www.seriale-shqip123.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Mon, 28 Nov 2022 23:24:59 GMT
expires: Mon, 05 Dec 2022 23:24:59 GMT
cache-control: public, max-age=604800
last-modified: Mon, 28 Nov 2022 22:53:48 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 13c870f9d0256a3e5dd72fc47aea94e9
55b39d22353b9f020626c9ad5067adbb4e0a4761
a7af66142920ccb78d06c97456b0c48fc4596b853bf3f5eef60940857bcd6fd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
142.250.74.105200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 142.250.74.105:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 18:12:52 GMT
expires: Wed, 22 Nov 2023 18:12:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 18:53:15 GMT
content-type: text/css
age: 537127
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 9f2751b862f1815bef2869dc411f6021
cf001bd30b74c30190683c05ac81c97e5ccd9c3e
464e9f5b8f9e6a87b46b2cde3f4b554ff3641732f1506c2f2a6edf40dd972d6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 998e0b25e77b8c23e52ea918d3fc2a29
0f684f95e3c60ef17ff082bfda21de480eff9fb4
360e9b02287b38174bb5bfb64862d049d9e4f998ef8aba036a1bc97bbf30d606
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 2734f94ccee461103a4c42296934948d
57af4a7dfbc298f14e47d9cf98c1a33c8f9078ae
e067ad8019cd032e033758f033c9eaa9e8dd7250a79b7c750f24cdc055a3ec87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 998e0b25e77b8c23e52ea918d3fc2a29
0f684f95e3c60ef17ff082bfda21de480eff9fb4
360e9b02287b38174bb5bfb64862d049d9e4f998ef8aba036a1bc97bbf30d606
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2342155703-widgets.js
142.250.74.105200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 16:02:03 GMT
expires: Tue, 28 Nov 2023 16:02:03 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 27 Nov 2022 15:52:40 GMT
content-type: text/javascript
age: 26576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 636ab52e8412c404c27b203b7dde8958
adcaadc8107cf64e0bf312f21b78cf0db5a8d72a
8551d69b33cdb90d88ac0f282c8c1e3fd7a28f697d326ecf68627a5ac7761060
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 636ab52e8412c404c27b203b7dde8958
adcaadc8107cf64e0bf312f21b78cf0db5a8d72a
8551d69b33cdb90d88ac0f282c8c1e3fd7a28f697d326ecf68627a5ac7761060
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/DHcwKSZHUvM/maxresdefault.jpg
142.250.74.54200 OK 103 kB URL HTTP/2 i.ytimg.com/vi/DHcwKSZHUvM/maxresdefault.jpg
IP 142.250.74.54:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 103 kB (103306 bytes)
Hash 8cb8e3565e13317db8beeff9dad1759b
80a214655cb0040a9a65317ff27ce8ab75c4955c
94078f229d145af541518c9f48709c20d3ff31e41d9ee2f0705ef5c3a05c9fd8
GET /vi/DHcwKSZHUvM/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 103306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 23:10:42 GMT
expires: Tue, 29 Nov 2022 01:10:42 GMT
cache-control: public, max-age=7200
age: 857
etag: "1669151417"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/Jb_AiRh0Xtg/mqdefault.jpg
142.250.74.54200 OK 13 kB URL HTTP/2 i.ytimg.com/vi/Jb_AiRh0Xtg/mqdefault.jpg
IP 142.250.74.54:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 772cd307439e421867364399125dd401
a0b57d496c7a3243d8ae4f59b94cc481bb090afd
61aa15d0cc361a4a2f1be012b80921cbb695c82b1df36c2307b309b88ee6011e
GET /vi/Jb_AiRh0Xtg/mqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 12938
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 22:51:48 GMT
expires: Tue, 29 Nov 2022 00:51:48 GMT
cache-control: public, max-age=7200
etag: "1669366718"
content-type: image/jpeg
age: 1991
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-yLg7EfHkaJk/Xbci2i9Ry7I/AAAAAAAADRw/9keSGio6ra4_fzouG_A8Cx43eEZ3dLciwCLcBGAsYHQ/s1600/banner3.jpg
142.250.74.161200 OK 33 kB URL HTTP/2 1.bp.blogspot.com/-yLg7EfHkaJk/Xbci2i9Ry7I/AAAAAAAADRw/9keSGio6ra4_fzouG_A8Cx43eEZ3dLciwCLcBGAsYHQ/s1600/banner3.jpg
IP 142.250.74.161:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1150x186, components 3\012- data
Hash 05d536aa482722103750da836074972d
58388e5d9acbb334dbbf92a84d7390992f9880a3
356739893f997c348033a5c13b9acb0313ae16b3428732b85394048af7afa4b1
GET /-yLg7EfHkaJk/Xbci2i9Ry7I/AAAAAAAADRw/9keSGio6ra4_fzouG_A8Cx43eEZ3dLciwCLcBGAsYHQ/s1600/banner3.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="banner3.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 32754
x-xss-protection: 0
date: Mon, 28 Nov 2022 23:24:59 GMT
expires: Wed, 16 Nov 2022 18:20:34 GMT
cache-control: public, max-age=86400, no-transform
etag: "vd1d"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/T2yjfiVskeg/maxresdefault.jpg
142.250.74.54200 OK 199 kB URL HTTP/2 i.ytimg.com/vi/T2yjfiVskeg/maxresdefault.jpg
IP 142.250.74.54:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 199 kB (199328 bytes)
Hash 6d3cf0f507cdf995156e484be2556844
aa05e8fb672812f527dbad2e13680677efe9aada
92b1f71b4ed849d20ddd5d21440b88d0b748e9a967809f2ff70d9865f7a7f50f
GET /vi/T2yjfiVskeg/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 199328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 23:24:59 GMT
expires: Tue, 29 Nov 2022 01:24:59 GMT
cache-control: public, max-age=7200
etag: "1668191953"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-mLEW87QkkgQ/Xbci2TZjGFI/AAAAAAAADRs/PboPo8Hz0fsONwiIAbgEyv4QbG2BKOfMgCLcBGAsYHQ/s1600/banner2.jpg
142.250.74.161200 OK 34 kB URL HTTP/2 1.bp.blogspot.com/-mLEW87QkkgQ/Xbci2TZjGFI/AAAAAAAADRs/PboPo8Hz0fsONwiIAbgEyv4QbG2BKOfMgCLcBGAsYHQ/s1600/banner2.jpg
IP 142.250.74.161:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1150x186, components 3\012- data
Hash 19a18c113003b5a5f2c72095cef80474
35daa174c33013a8196d6b9253deba88ec5ed2ca
76fa58b43bfbc20262b82b4065306205316cda37a452e0c676fd9d909ef1ff6c
GET /-mLEW87QkkgQ/Xbci2TZjGFI/AAAAAAAADRs/PboPo8Hz0fsONwiIAbgEyv4QbG2BKOfMgCLcBGAsYHQ/s1600/banner2.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="banner2.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 34070
x-xss-protection: 0
date: Mon, 28 Nov 2022 23:24:59 GMT
expires: Mon, 28 Nov 2022 12:57:51 GMT
cache-control: public, max-age=86400, no-transform
etag: "vd1d"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 13c870f9d0256a3e5dd72fc47aea94e9
55b39d22353b9f020626c9ad5067adbb4e0a4761
a7af66142920ccb78d06c97456b0c48fc4596b853bf3f5eef60940857bcd6fd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 998e0b25e77b8c23e52ea918d3fc2a29
0f684f95e3c60ef17ff082bfda21de480eff9fb4
360e9b02287b38174bb5bfb64862d049d9e4f998ef8aba036a1bc97bbf30d606
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7207a5076b63fb5f39b9436ced9fb18f
cdd84ecfe85882601e81f11783d9f63b30084de3
6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 636ab52e8412c404c27b203b7dde8958
adcaadc8107cf64e0bf312f21b78cf0db5a8d72a
8551d69b33cdb90d88ac0f282c8c1e3fd7a28f697d326ecf68627a5ac7761060
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.162.52.254101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.52.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MNu5zne9OIRk3e/Yz6fTzA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3xk0WPWNhk/FZq0T4yJa9YFF+5g=
1.bp.blogspot.com/-UFyaNMQZgEc/Ya9VJnETMuI/AAAAAAAAAQg/V7v70VKUHpo1lfLOJn7c7n2t-OFwokA0ACNcBGAsYHQ/s803/FB_IMG_1638880449574.jpg
142.250.74.161200 OK 10 kB URL HTTP/2 1.bp.blogspot.com/-UFyaNMQZgEc/Ya9VJnETMuI/AAAAAAAAAQg/V7v70VKUHpo1lfLOJn7c7n2t-OFwokA0ACNcBGAsYHQ/s803/FB_IMG_1638880449574.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], progressive, precision 8, 803x453, components 3\012- data
Hash c9e15fce287d59739a2b8fcb2db25382
5cf3cb244bd33fca22345b5300bc3878cae532dd
174ad67da3a5f7d611c4e0abb7fb41db98ee86adb837399c29ba876d7be12734
GET /-UFyaNMQZgEc/Ya9VJnETMuI/AAAAAAAAAQg/V7v70VKUHpo1lfLOJn7c7n2t-OFwokA0ACNcBGAsYHQ/s803/FB_IMG_1638880449574.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="FB_IMG_1638880449574.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 10348
x-xss-protection: 0
date: Mon, 28 Nov 2022 23:24:59 GMT
expires: Mon, 28 Nov 2022 12:57:51 GMT
cache-control: public, max-age=86400, no-transform
etag: "v109"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 359b3c840e45aca7bc335661d3e4774c
fcb4f114ed595a783f7a011caeba6511b9fde8fa
c139fb6925b39d9cededc8ace77d1e74f67b09021bd1ab9071eb3e304090520b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C139FB6925B39D9CEDEDC8ACE77D1E74F67B09021BD1AB9071EB3E304090520B"
Last-Modified: Sun, 27 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2804
Expires: Tue, 29 Nov 2022 00:11:44 GMT
Date: Mon, 28 Nov 2022 23:25:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b7361e0e13d49e1c906b9e1667bbd16b
af4d0567cc8bb420ea1487abce056d0c6af93aec
f572499b3ea5577fb5b0641645a5c735d2c5b6aad918de009978d3a8b9d9378c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F572499B3EA5577FB5B0641645A5C735D2C5B6AAD918DE009978D3A8B9D9378C"
Last-Modified: Mon, 28 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21565
Expires: Tue, 29 Nov 2022 05:24:25 GMT
Date: Mon, 28 Nov 2022 23:25:00 GMT
Connection: keep-alive
spiritualdiscussing.com/2542b9376e69e7c9ab59020b52823532/invoke.js
173.233.137.44200 OK 9.3 kB URL HTTP/1.1 spiritualdiscussing.com/2542b9376e69e7c9ab59020b52823532/invoke.js
IP 173.233.137.44:0
File type Unicode text, UTF-8 text, with very long lines (25114), with no line terminators
Hash 771f897c113c42d2b52193e2f61c905c
f0b293e35a87868f2ba504b67575608c194d7257
6cbc3fc67304186bbb61416d9e0525a37ca3468b6383f64511c39b87101da723
GET /2542b9376e69e7c9ab59020b52823532/invoke.js HTTP/1.1
Host: spiritualdiscussing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 91d7a2b2083a13c5ac72df0ad602e294
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl17772624.profitablegatetocontent.com/56/04/92/5604922e93a976af1c03625784afd2ff.js
192.243.59.20200 OK 21 kB URL HTTP/1.1 pl17772624.profitablegatetocontent.com/56/04/92/5604922e93a976af1c03625784afd2ff.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60150), with no line terminators
Hash 4fb0fc47ee5e1e6db353ba65011f9d23
e68c7c9574f95acb293ebdca006f5038adc9787c
076c796e01f03716277674cf5131f57f7e8fbaca622d8726026997911817c58d
Analyzer Verdict Alert quad9 Sinkholed
GET /56/04/92/5604922e93a976af1c03625784afd2ff.js HTTP/1.1
Host: pl17772624.profitablegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 28 Nov 2022 23:25:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2b204f689e9ee428cfe05445bc2ad0c4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 94d394d6beaad25971b7f1e02d93b841
07359fac8e3e5c10dee86bdb0d2a468ab90d8f9a
06c4f25efd09668ee6bc8cc7b4d278841c5abb5d31c0e029cda8b43c4ee4a489
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141525
Date: Mon, 28 Nov 2022 23:25:00 GMT
Etag: "6384b816-1d7"
Expires: Wed, 30 Nov 2022 14:43:45 GMT
Last-Modified: Mon, 28 Nov 2022 13:31:02 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: O7fLVJpHLHgqvurSQYI2y_BY_ACPIT1zozC7M25jNJ6X7mXbZg6yeg==
Age: 4363
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 57188f903a82effb34ce19c914dfb747
b144829a128ebe6eec80e7bb58f375ad4d9fd5dc
dd6f1b7c2d8131397fc1cd5bb8e1266577d24c0c075235427ec6053b86fd2dd4
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:00 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.seriale-shqip123.com
access-control-allow-credentials: true
set-cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1; expires=Thu, 25 Nov 2032 23:25:00 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 627775c3a804fa2b204735ad46d1de68
71155acfaa5212049108b355b07665432467cc1a
937e883cae16f19760094e80022ae925e2723678dfde030638ebd64e72523820
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "937E883CAE16F19760094E80022AE925E2723678DFDE030638EBD64E72523820"
Last-Modified: Sun, 27 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7750
Expires: Tue, 29 Nov 2022 01:34:10 GMT
Date: Mon, 28 Nov 2022 23:25:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 78535b0b98937c6f2c46d6c63f86397f
a699c800dd11471c66c906e35f5db3c37a3db571
bbb7e8e737f830c110d78f3d1e6ec5fa4eea832471eb1ecc5c872a3bdbfe1a38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BBB7E8E737F830C110D78F3D1E6EC5FA4EEA832471EB1ECC5C872A3BDBFE1A38"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14022
Expires: Tue, 29 Nov 2022 03:18:42 GMT
Date: Mon, 28 Nov 2022 23:25:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6839
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 23:25:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6839
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 23:25:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6839
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 23:25:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 823e92f62ff7b3c2093828817d7f2866
c501de9eaa581a10b0b5fce40b54bb10f57f7c29
7d89669e23682f167b2fe1eff9edc5939112ec66b6b4e6389ef8aec78ccbdfe5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8921
x-amzn-requestid: 98baf100-c007-4c44-89aa-b9cf55fa3f94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnwFYToAMFoWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852964-1227b5a9100c206e0c64f4b2;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: awi49MMMlK51wHPbyBrBkL4N4g9lX3ea40LxyrYbYxe_FsfqelTcTQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:57:05 GMT
etag: "c501de9eaa581a10b0b5fce40b54bb10f57f7c29"
content-type: image/jpeg
age: 5275
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4058fd62595d15c58b3d3266de9865a
d0dff35eb78f129b5da407043037bcf9c27e55c0
ab996c23d58871a2ad53f0c34688c87f0d7c0eac5d0c1d8265b86951248449fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4871
x-amzn-requestid: e2dfa7b8-ded7-4104-a913-1b84746a3c6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLDUUEy_oAMFgSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638118e8-0b229e0f60ff019d26800dd9;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 19:35:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9BUuT9WFwAQMnl8JiTDKo-zHgDL0AdjAAAIh0Mx405zbGwhvRouebQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 12:30:42 GMT
age: 39258
etag: "d0dff35eb78f129b5da407043037bcf9c27e55c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f728a04-45b0-4726-b646-628601e2ebbc.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f728a04-45b0-4726-b646-628601e2ebbc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b7d3821d0bd11c196724846a7b9fe22
5b1700fa9cd4f1aaafda28ac28a0e2086fa8499c
b4f820555c4daf6e112c1a395bc57e22f0ef8e2e4299a0ffbb54e0bf18c87f47
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f728a04-45b0-4726-b646-628601e2ebbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8578
x-amzn-requestid: 4f948bb9-74db-4a5d-927d-a6b893735531
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFxnWHq-IAMF4LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637efc95-2f9e98ca2dad65a80e2195c2;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 05:09:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vSvGc0JIh4JOWTlagt4uDD_CDPiWOSfYYEI4lUBPsQb4qJMOEbBcmw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 04:09:24 GMT
age: 69336
etag: "5b1700fa9cd4f1aaafda28ac28a0e2086fa8499c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 22e7d3e11e78242383e452adb9299016
035a1b4a2a7889787532ec2637d5c21e06daf672
990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3004
x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrFRXoAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iSUNjVxAMdZYo5z7KyOT7WN5VWxPElRWiVO3u2E3AonLWkr8bT9Img==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 02:07:31 GMT
age: 76649
etag: "035a1b4a2a7889787532ec2637d5c21e06daf672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb99c22d6-3187-4d40-8281-7980c7988464.webp
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb99c22d6-3187-4d40-8281-7980c7988464.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06723cdab42df9b5334f540a8c7ebc60
3bbc44cb84a37ce6a067db4301dd81647a77c29f
9f6f064b16044c510650635690c61003fb2f6439021a2e681431136f5e7a08b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb99c22d6-3187-4d40-8281-7980c7988464.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3905
x-amzn-requestid: bf50db76-dd95-44fc-abbe-1a26a5559ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMFcYHE6IAMFmpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638182b5-50b6d010058c6cb75c05c6de;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 03:06:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 73Fr-7-mRcw9_OVt8Wdi4pjFBHkqi_vBa-zgLtbHKEx1ay9s8wDSgQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 06:26:11 GMT
age: 61129
etag: "3bbc44cb84a37ce6a067db4301dd81647a77c29f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b5e2bc1651b37b8e0467c2a6cb860fb3
3348f081a3357490a704592d105d02e81886df89
751c601e075c9338335c05b0f430ba8065b4e97440e6630993afd943f302b253
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6037
x-amzn-requestid: eb17903e-1fd3-4a41-a6d1-8b671d890400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPAJjFa3oAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382ad70-3db95fcd1aeb9c411c55d173;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 00:21:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mFiEmh1axlMNuIBb1YSzcciCdHzHGG7q0f3lQOuHJmjugWgdZKKiSg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 11:27:11 GMT
age: 43069
etag: "3348f081a3357490a704592d105d02e81886df89"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lightssyrupdecree.com/pixel/purst?dl=0&th=0&sc=0&rs=2032&rd=2032&fd=868&bv=22.10.v.9&tmpl=70
192.243.59.20200 OK 0 B URL HTTP/1.1 lightssyrupdecree.com/pixel/purst?dl=0&th=0&sc=0&rs=2032&rd=2032&fd=868&bv=22.10.v.9&tmpl=70
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2032&rd=2032&fd=868&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 28 Nov 2022 23:25:01 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.highperformancedisplayformat.com/8e51e259fd1a1aa9fcd9c3a978dc532d/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 www.highperformancedisplayformat.com/8e51e259fd1a1aa9fcd9c3a978dc532d/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash 2110d7153b493064cd1a9dfaef190af6
f947123d6536a9f49d4a00a34a8ef0eb4feff90f
e9fd21bec879b843e3c72324df2f02061f93eaf706947cfea215122edb367cf8
Analyzer Verdict Alert quad9 Sinkholed
GET /8e51e259fd1a1aa9fcd9c3a978dc532d/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 23:25:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f1185a459caa53739e5d26408eca351a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.highperformancedisplayformat.com/6b89af69f49621c6c443dd9b71e61d32/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 www.highperformancedisplayformat.com/6b89af69f49621c6c443dd9b71e61d32/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash 4f8800eb9c3eb452408cba1a0a54f196
64cfde6d597ebb8e2759140353341eb78be85398
9b580cb995b47252cf2e610bbd155b64b9f3ad540556621c45f0a27b038831d9
Analyzer Verdict Alert quad9 Sinkholed
GET /6b89af69f49621c6c443dd9b71e61d32/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 23:25:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 45d1a9d2db3b6b7ab2c37e08cab46a5a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.highperformancedisplayformat.com/fb866e7b401f197b5e12a2b78590cd45/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 www.highperformancedisplayformat.com/fb866e7b401f197b5e12a2b78590cd45/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash 6973821f2ae6d400843eb152a21951df
16b59408d1b2803dbd5922eb91a129054d67e57d
322ea4095c48fb13a4aa48b0e32294e8bc4bce49c7288f2771d6bd2631747ba1
Analyzer Verdict Alert quad9 Sinkholed
GET /fb866e7b401f197b5e12a2b78590cd45/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 23:25:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c9b088e54d2b1be4859e65a106876285
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
spiritualdiscussing.com/43db73d118f408de255d93e402b10dd5/invoke.js
173.233.137.44200 OK 9.8 kB URL HTTP/1.1 spiritualdiscussing.com/43db73d118f408de255d93e402b10dd5/invoke.js
IP 173.233.137.44:0
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash a0ee7d8e00387af2b23a90b7c64436af
3518fb461b49f013f8f99d6c80d0c933a4460845
0b9dda1702bf00464c890ada2ffea988dad6266b07d93ccc5b831e64532884a1
GET /43db73d118f408de255d93e402b10dd5/invoke.js HTTP/1.1
Host: spiritualdiscussing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a030d01132a5406fd38bd01310580cb4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lightssyrupdecree.com/watch.690049753922.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 lightssyrupdecree.com/watch.690049753922.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.690049753922.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Mon, 28 Nov 2022 23:25:01 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Location: https://lightssyrupdecree.com/watch.690049753922.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=c2e3588d4ca85f373ca1ba62c406160afef638ec5ec0e238510eb5b9889d0147ac6fa83b8998988abbb7b6144c769218c320738dffc6923bc1d00d037eb0ca934911970fd4c1b3aec911b7f8c907918699199f&pst=1669677961&rmtc=t
Set-Cookie: u_pl=17672262; expires=Tue, 29 Nov 2022 23:25:01 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjI2MiwiayI6ImZiODY2ZTdiNDAxZjE5N2I1ZTEyYTJiNzg1OTBjZDQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ4M2k3YmY2d24iLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuc2VyaWFsZS1zaHFpcDEyMy5jb20vIn19.UcpvsW69GtGvzGacq7cy1xokMgZtw_p6MjmqHo4TKZM; expires=Mon, 28 Nov 2022 23:26:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5fc7804ed0a415b61bb1b58b40bc74a6
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
IP 142.250.74.35:0
Hash 308e75f430578c4e0e5865a19b5b4f3e
b7fa29c4ce134f12f19a355c8c891a0be6c37a93
5af42d227f24050c7f00d6ded5fb1bcfd96041f5731b68aad55388a059b2280e
POST /s/gts1p5/CdZu0duK_F8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.highperformancedisplayformat.com/6b89af69f49621c6c443dd9b71e61d32/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 www.highperformancedisplayformat.com/6b89af69f49621c6c443dd9b71e61d32/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26959), with no line terminators
Hash e109677f24dd894b0cc78c8c5a34d0e5
44b354d4e619e407bf4ef6927482f7cdb482f149
b158e0a4a4c56465c214d0376b06ad3d66f179ecb7a57aaacb1b853bccbd2e90
Analyzer Verdict Alert quad9 Sinkholed
GET /6b89af69f49621c6c443dd9b71e61d32/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 23:25:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1abab65d0df1ffa5e23015affd075fbb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lightssyrupdecree.com/watch.690049753922.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=c2e3588d4ca85f373ca1ba62c406160afef638ec5ec0e238510eb5b9889d0147ac6fa83b8998988abbb7b6144c769218c320738dffc6923bc1d00d037eb0ca934911970fd4c1b3aec911b7f8c907918699199f&pst=1669677961&rmtc=t
192.243.59.20200 OK 2.1 kB URL HTTP/1.1 lightssyrupdecree.com/watch.690049753922.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=c2e3588d4ca85f373ca1ba62c406160afef638ec5ec0e238510eb5b9889d0147ac6fa83b8998988abbb7b6144c769218c320738dffc6923bc1d00d037eb0ca934911970fd4c1b3aec911b7f8c907918699199f&pst=1669677961&rmtc=t
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2627)
Hash 7a904ae0af7c03595aa8711fe2b57e4c
0b272e937aa44e10ada5687dcad72c3893d3b266
51a9fa4b464641f8b128e01db43642a851b1e2a690b8cafad2f3b179abac4ead
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.690049753922.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=c2e3588d4ca85f373ca1ba62c406160afef638ec5ec0e238510eb5b9889d0147ac6fa83b8998988abbb7b6144c769218c320738dffc6923bc1d00d037eb0ca934911970fd4c1b3aec911b7f8c907918699199f&pst=1669677961&rmtc=t HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Referer: https://www.seriale-shqip123.com/
Connection: keep-alive
Cookie: u_pl=17672262; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjI2MiwiayI6ImZiODY2ZTdiNDAxZjE5N2I1ZTEyYTJiNzg1OTBjZDQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ4M2k3YmY2d24iLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuc2VyaWFsZS1zaHFpcDEyMy5jb20vIn19.UcpvsW69GtGvzGacq7cy1xokMgZtw_p6MjmqHo4TKZM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 28 Nov 2022 23:25:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1; expires=Mon, 05 Dec 2022 23:25:01 GMT; secure; SameSite=None
iprc04600c990aab5806f11a4b38e3ed5908=3569807; expires=Tue, 29 Nov 2022 03:25:01 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 23:25:01 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 23:25:01 GMT; secure; SameSite=None
pdhtkv27=true; expires=Tue, 29 Nov 2022 23:25:01 GMT; secure; SameSite=None
uncs27=1; expires=Tue, 29 Nov 2022 23:25:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 33654b7b1dd9d85eae7b6ad33d712e95
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
IP 142.250.74.35:0
Hash 308e75f430578c4e0e5865a19b5b4f3e
b7fa29c4ce134f12f19a355c8c891a0be6c37a93
5af42d227f24050c7f00d6ded5fb1bcfd96041f5731b68aad55388a059b2280e
POST /s/gts1p5/CdZu0duK_F8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 949fc6a68c263e9826a31bceed73163e
b0da1f7aed2b0fea560b6ab64afc767eba7e980e
c2261eb9d64ffa5218230a3b4edddda9496061863abab7cf1aaffa428f1f0d1b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2261EB9D64FFA5218230A3B4EDDDDA9496061863ABAB7CF1AAFFA428F1F0D1B"
Last-Modified: Sun, 27 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8661
Expires: Tue, 29 Nov 2022 01:49:22 GMT
Date: Mon, 28 Nov 2022 23:25:01 GMT
Connection: keep-alive
www.highperformancedisplayformat.com/fb866e7b401f197b5e12a2b78590cd45/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 www.highperformancedisplayformat.com/fb866e7b401f197b5e12a2b78590cd45/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash 6973821f2ae6d400843eb152a21951df
16b59408d1b2803dbd5922eb91a129054d67e57d
322ea4095c48fb13a4aa48b0e32294e8bc4bce49c7288f2771d6bd2631747ba1
Analyzer Verdict Alert quad9 Sinkholed
GET /fb866e7b401f197b5e12a2b78590cd45/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 23:25:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 41316a86e72946e777e82e2273490205
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
IP 142.250.74.35:0
Hash 308e75f430578c4e0e5865a19b5b4f3e
b7fa29c4ce134f12f19a355c8c891a0be6c37a93
5af42d227f24050c7f00d6ded5fb1bcfd96041f5731b68aad55388a059b2280e
POST /s/gts1p5/CdZu0duK_F8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:02 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
reproductiontape.com/watch.834203728842.js?key=8e51e259fd1a1aa9fcd9c3a978dc532d&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 reproductiontape.com/watch.834203728842.js?key=8e51e259fd1a1aa9fcd9c3a978dc532d&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.834203728842.js?key=8e51e259fd1a1aa9fcd9c3a978dc532d&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1 HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Mon, 28 Nov 2022 23:25:02 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Location: https://reproductiontape.com/watch.834203728842.js?key=8e51e259fd1a1aa9fcd9c3a978dc532d&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=1919e8d0222b20b828c5cc9d301ac26df7248472418d4bc6c3e589374527da5dcffc4c3f023ff9fc8292b788ddfa033b410b39244108e7ddcf14952b97947dd22940ebf7c7a8214d7e2efba234c9a53e6bd90715047f9023b84fee4340c9357a615857b17a&pst=1669677962&rmtc=t
Set-Cookie: u_pl=17672177; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjE3NywiayI6IjhlNTFlMjU5ZmQxYTFhYTlmY2Q5YzNhOTc4ZGM1MzJkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InRrZGtyaTAzciIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5zZXJpYWxlLXNocWlwMTIzLmNvbS8ifX0.f6AO_37PU3Nib27Piiyulwe3iH3ZXw0rc4fhWPzBIDc; expires=Mon, 28 Nov 2022 23:26:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a1a407d06e4665f9e93ade3e5795a880
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 04fce9d62a1419c44d4d1b179749af9b
63e51bc93aa3138b107946ea9d31a1cce6fd3491
43a89aff0d5663f10018af94cd9c10405d370cd507ab79fab97ec43d04cf4c5c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43A89AFF0D5663F10018AF94CD9C10405D370CD507AB79FAB97EC43D04CF4C5C"
Last-Modified: Sat, 26 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2004
Expires: Mon, 28 Nov 2022 23:58:26 GMT
Date: Mon, 28 Nov 2022 23:25:02 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
IP 142.250.74.35:0
Hash 308e75f430578c4e0e5865a19b5b4f3e
b7fa29c4ce134f12f19a355c8c891a0be6c37a93
5af42d227f24050c7f00d6ded5fb1bcfd96041f5731b68aad55388a059b2280e
POST /s/gts1p5/CdZu0duK_F8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:02 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a15c42293dffc09d92553c2d2dd464b1
8252d6b28a3c252a0f138eca5487f3d388af8c60
2ccfc08c412397bcf4f9df402f2edc215bd33d4543747eeb36f98a119c406c11
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CCFC08C412397BCF4F9DF402F2EDC215BD33D4543747EEB36F98A119C406C11"
Last-Modified: Sun, 27 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6865
Expires: Tue, 29 Nov 2022 01:19:27 GMT
Date: Mon, 28 Nov 2022 23:25:02 GMT
Connection: keep-alive
lightssyrupdecree.com/watch.688846785417.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 lightssyrupdecree.com/watch.688846785417.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.688846785417.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Cookie: u_pl=17672262; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjI2MiwiayI6ImZiODY2ZTdiNDAxZjE5N2I1ZTEyYTJiNzg1OTBjZDQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ4M2k3YmY2d24iLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuc2VyaWFsZS1zaHFpcDEyMy5jb20vIn19.UcpvsW69GtGvzGacq7cy1xokMgZtw_p6MjmqHo4TKZM; uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1; iprc04600c990aab5806f11a4b38e3ed5908=3569807; pdhtkv=true; uncs=1; pdhtkv27=true; uncs27=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Mon, 28 Nov 2022 23:25:02 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Location: https://lightssyrupdecree.com/watch.688846785417.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=d58502f3436c3e01c3b4faefdbe7dfd91d7e700fb76fe3e3aa6fb92e81323a68ac4f9ca778fd01c01c750d42b5bee6a7b8b474c4e357240af45fffa4957761d8d821f0156b4540e111ae72ae4c23f4e8d27f4ce461ee44a8a0e579c9125c6c&pst=1669677962&rmtc=t
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjI2MiwiayI6ImZiODY2ZTdiNDAxZjE5N2I1ZTEyYTJiNzg1OTBjZDQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ4M2k3YmY2d24iLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.THxp3o3hykPvSORQStNFzbGjYZR_vxKG2dAXpB7as2Y; expires=Mon, 28 Nov 2022 23:26:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d1f2868aceb02c1b4db94c0757888376
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a15c42293dffc09d92553c2d2dd464b1
8252d6b28a3c252a0f138eca5487f3d388af8c60
2ccfc08c412397bcf4f9df402f2edc215bd33d4543747eeb36f98a119c406c11
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CCFC08C412397BCF4F9DF402F2EDC215BD33D4543747EEB36F98A119C406C11"
Last-Modified: Sun, 27 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6865
Expires: Tue, 29 Nov 2022 01:19:27 GMT
Date: Mon, 28 Nov 2022 23:25:02 GMT
Connection: keep-alive
www.highperformancedisplayformat.com/43db73d118f408de255d93e402b10dd5/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 www.highperformancedisplayformat.com/43db73d118f408de255d93e402b10dd5/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26959), with no line terminators
Hash e109677f24dd894b0cc78c8c5a34d0e5
44b354d4e619e407bf4ef6927482f7cdb482f149
b158e0a4a4c56465c214d0376b06ad3d66f179ecb7a57aaacb1b853bccbd2e90
Analyzer Verdict Alert quad9 Sinkholed
GET /43db73d118f408de255d93e402b10dd5/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 23:25:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7fb548f99246ac51e798e6a53804e8d5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a15c42293dffc09d92553c2d2dd464b1
8252d6b28a3c252a0f138eca5487f3d388af8c60
2ccfc08c412397bcf4f9df402f2edc215bd33d4543747eeb36f98a119c406c11
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CCFC08C412397BCF4F9DF402F2EDC215BD33D4543747EEB36F98A119C406C11"
Last-Modified: Sun, 27 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6865
Expires: Tue, 29 Nov 2022 01:19:27 GMT
Date: Mon, 28 Nov 2022 23:25:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f14d18e0fbcae5ddd2d6dfcdf01e7c59
e38da905debd44205ebc6abb628d381c8ec3d3d6
21c884064648ce280ecbff448fe69a9e9b25e605d408ff26a0bd1630191e4617
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "21C884064648CE280ECBFF448FE69A9E9B25E605D408FF26A0BD1630191E4617"
Last-Modified: Mon, 28 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2175
Expires: Tue, 29 Nov 2022 00:01:17 GMT
Date: Mon, 28 Nov 2022 23:25:02 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 74fcf5b41902da0bc73ea19d1afce9e7
aef50f0556d364f7ea00ebbd435e56094e054d2a
befd14ed77d4d85d4e45d43c624b75eb32277d2ee0fc115e98c5ee4c519e7331
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6123
Cache-Control: max-age=168127
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:02 GMT
Etag: "63851922-118"
Expires: Wed, 30 Nov 2022 22:07:09 GMT
Last-Modified: Mon, 28 Nov 2022 20:25:06 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 03ad9fc0b00b5df3165dc2fb1e3b0a3e
f8243335a8bc24d989bddd346048a055e1d0bdeb
366b28d491f7fd632e31c1ce97f939555f7dcee14bb6875737ed2d3e96fa32ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 74fcf5b41902da0bc73ea19d1afce9e7
aef50f0556d364f7ea00ebbd435e56094e054d2a
befd14ed77d4d85d4e45d43c624b75eb32277d2ee0fc115e98c5ee4c519e7331
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6123
Cache-Control: max-age=168127
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:02 GMT
Etag: "63851922-118"
Expires: Wed, 30 Nov 2022 22:07:09 GMT
Last-Modified: Mon, 28 Nov 2022 20:25:06 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc5267e77886f31e601de57469b12a6a
7c31ba91186eff5d78613e41ad6e4f00da0f0e0a
9a4397d75f08d8eafe861b11fe24747e8a0da5472c8e3594a1fed2fca6918c48
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9A4397D75F08D8EAFE861B11FE24747E8A0DA5472C8E3594A1FED2FCA6918C48"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2185
Expires: Tue, 29 Nov 2022 00:01:27 GMT
Date: Mon, 28 Nov 2022 23:25:02 GMT
Connection: keep-alive
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65451)
Hash 4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 15121606
expires: Sat, 18 Nov 2023 23:25:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqzLGCKIKyjL3VvcexknuQVFvcKCXlDORKBl4WopkhkFpfduXmw1rSf3Ei1ifg9w8GGjiEr%2BsSSPZPlVYQcEhQuowXkC90y6lpcYoNk3y3GEPMdeJYLBWHM0rZivyGHkAV0yR0Fh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7716dc495bfa0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 161038a863934298f7a79326db957f11
57652ba0374e1597ad3d47e5b5b361d81db1eda8
72812f5ea803854ba9705bd5b322ff86aefecf8a88b4f71196aeeb7e75b93e93
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72812F5EA803854BA9705BD5B322FF86AEFECF8A88B4F71196AEEB7E75B93E93"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14688
Expires: Tue, 29 Nov 2022 03:29:50 GMT
Date: Mon, 28 Nov 2022 23:25:02 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
IP 142.250.74.35:0
Hash 308e75f430578c4e0e5865a19b5b4f3e
b7fa29c4ce134f12f19a355c8c891a0be6c37a93
5af42d227f24050c7f00d6ded5fb1bcfd96041f5731b68aad55388a059b2280e
POST /s/gts1p5/CdZu0duK_F8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:02 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=explicit
142.250.74.164200 OK 554 B URL HTTP/2 www.google.com/recaptcha/api.js?render=explicit
IP 142.250.74.164:0
File type ASCII text, with very long lines (852), with no line terminators
Hash 0a628b8a14a877262721824930709597
31bbb380c04a4229a099a1fb6dea09cf717bcb5f
6c63432c24b1f8eed67f792c68214710fd6444ede5c28f56202e966770d20121
GET /recaptcha/api.js?render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 28 Nov 2022 23:25:02 GMT
date: Mon, 28 Nov 2022 23:25:02 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 554
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09
190.115.19.71200 OK 40 kB URL HTTP/2 hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
Hash 67d6e74162e74a0f3baf11562567f7df
920e2ea5a2bcfc81ddd7da9234a6a31244be25c1
60fa5c6c626776b78b7d565f3241901bd4dfa3da9433d2f4623607d3ecf67fa8
GET /e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=0yRNImmGwRtZ1c9vZz3q; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Mon, 28 Nov 2022 23:25:01 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: EXPIRED
x-inferno-location: player
x-inferno-limit-req: PASSED
X-Firefox-Spdy: h2
wastedinvaluable.com/watch.562547319547.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1
173.233.137.36307 Temporary Redirect 0 B URL HTTP/1.1 wastedinvaluable.com/watch.562547319547.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.562547319547.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:02 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Location: https://wastedinvaluable.com/watch.562547319547.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=d352c05ba85fb23175704ae883d5e9aa8f07d3d2d94e5e5e91cf417f46dd338c93ba1c60769c07f8a631714842c43d3e699b307196c63c11c4b7b0d0c547ae1dc150444584b8df1fe310aa5f329e2c408219946fe09904472badb20c81a3a0&pst=1669677962&rmtc=t
Set-Cookie: u_pl=17672407; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjQwNywiayI6IjZiODlhZjY5ZjQ5NjIxYzZjNDQzZGQ5YjcxZTYxZDMyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5ZXFlbjlyN250IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.WuxPO8nvgaCS--rBk_i4BOwhkUzxbGpnB-_-e_ma1GA; expires=Mon, 28 Nov 2022 23:26:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ab78097658fbe4190018d9710d94ca30
Strict-Transport-Security: max-age=0; includeSubdomains
dood.re/e/hvz4pt3xgeni
104.26.4.50200 OK 82 kB IP 104.26.4.50:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4829), with no line terminators
Hash c0e7ebaebf22f3098076157402a10fa2
dcc8c35dd9a286f406bb30aa34d0d56f3361aec9
fc798a08a9a42543dfde1214c1213701ef55bf0e07ec82dd723b67190ea752d2
GET /e/hvz4pt3xgeni HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:01 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:01 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jQUi%2FdXKMFRntFof%2Bsjk9SgspjozLzJVMfbRknO1S37KzU6T2q46qTuA3nXOl01QXTVA9ZtyyUMDrmMThtr6KqwJLpOxRsxFf4LzlE%2B3x306ULZeBXnTp8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc461d59b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hqq.to/js/d_check.js?34
190.115.19.71200 OK 1.0 kB IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (821)
Hash 841e4af4332ce934406a4e59a063aa98
fd8429c4c48157e134268b448d713b642f461af6
fde29879f9e4795b74c36aa1a23b32f35f5f67131fc914be72e42f1fff8740d3
GET /js/d_check.js?34 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=cZGUPJHQoBc6gTS294Ss; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Mon, 17 Oct 2022 10:54:47 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 27 Feb 2020 14:57:53 GMT
etag: W/"5e57d8f1-d8a"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 3673815
ddg-cache-status: HIT,MISS
content-length: 1028
X-Firefox-Spdy: h2
hqq.to/js/video.jquery_plugs/modernizr.js?12
190.115.19.71200 OK 652 B URL HTTP/2 hqq.to/js/video.jquery_plugs/modernizr.js?12
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (1227), with no line terminators
Hash aecce2cd69440bcd1b71a8f0ce204922
7bf5702d34c33349bead0bb2cb7ad2200d699196
b9159c2d62fb50c02489b011962ed2549515067437b550834432787ff25a5dfb
GET /js/video.jquery_plugs/modernizr.js?12 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=Tf3XXpkdvCIwBhRQoGOG; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Mon, 17 Oct 2022 10:45:52 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 03 Jun 2018 17:19:35 GMT
etag: W/"5b142327-4cb"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 3674350
ddg-cache-status: HIT,MISS
content-length: 652
X-Firefox-Spdy: h2
dood.re/e/jisaewnrger0
104.26.4.50200 OK 42 kB IP 104.26.4.50:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4829), with no line terminators
Hash acc3f151241cc19f1b5c9232e2a5f75a
18e3dd80e14049123e8c45c141858ad989d70078
f3101a2b3797cafd8c41715e659c545f753e11e820257cd002f6bf3360bfbc9b
GET /e/jisaewnrger0 HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4CFN1RWqGrLR2TzmVTANWkfLPJQgOjhZJ2eqH9CrfVTG24PN7WGXQK50WKu16rGvtzR8GtiEfewrr%2BM3EHhkojQ3t8zXhx1Y5EXGLPEaJwvbGtNT8g9oEY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc461d3cb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
voe.sx/assets/n-379412873852/css/site.min.css?c49fd96c54dd560366ff857af838f3bb
186.2.163.208200 OK 26 kB URL HTTP/2 voe.sx/assets/n-379412873852/css/site.min.css?c49fd96c54dd560366ff857af838f3bb
IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65157)
Hash d2b3b66b3f1e046a854878afe8f0d59d
4ae145316a24a7cad85e5ce7e572f30e930814e4
768df872b56860dedabe6ac8dd42bb0a0e1044526701e94a75167810ce8b9094
GET /assets/n-379412873852/css/site.min.css?c49fd96c54dd560366ff857af838f3bb HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/e/eydbdd7fdga1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=iZQJvTdP2gDc4oGPotnc; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Sun, 27 Nov 2022 20:54:00 GMT
content-type: text/css
last-modified: Fri, 07 Oct 2022 22:14:49 GMT
vary: Accept-Encoding
etag: W/"6340a4d9-2cc7f"
expires: Tue, 27 Dec 2022 20:54:00 GMT
cache-control: max-age=2592000
content-encoding: br
age: 95462
content-length: 25553
ddg-cache-status: HIT
X-Firefox-Spdy: h2
lightssyrupdecree.com/watch.688846785417.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=d58502f3436c3e01c3b4faefdbe7dfd91d7e700fb76fe3e3aa6fb92e81323a68ac4f9ca778fd01c01c750d42b5bee6a7b8b474c4e357240af45fffa4957761d8d821f0156b4540e111ae72ae4c23f4e8d27f4ce461ee44a8a0e579c9125c6c&pst=1669677962&rmtc=t
192.243.59.20200 OK 642 B URL HTTP/1.1 lightssyrupdecree.com/watch.688846785417.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=d58502f3436c3e01c3b4faefdbe7dfd91d7e700fb76fe3e3aa6fb92e81323a68ac4f9ca778fd01c01c750d42b5bee6a7b8b474c4e357240af45fffa4957761d8d821f0156b4540e111ae72ae4c23f4e8d27f4ce461ee44a8a0e579c9125c6c&pst=1669677962&rmtc=t
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (601)
Hash fd3cfe7bb3cbec14bde506eeecd12018
e9ef6af80fc0c59dda47d3c616865769f8ff5ebf
10d6823d389f26154e877fea75f13433282b1ad841d16e0313d8a0c5e7ce3f98
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.688846785417.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=d58502f3436c3e01c3b4faefdbe7dfd91d7e700fb76fe3e3aa6fb92e81323a68ac4f9ca778fd01c01c750d42b5bee6a7b8b474c4e357240af45fffa4957761d8d821f0156b4540e111ae72ae4c23f4e8d27f4ce461ee44a8a0e579c9125c6c&pst=1669677962&rmtc=t HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Referer: https://www.seriale-shqip123.com/
Connection: keep-alive
Cookie: u_pl=17672262; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjI2MiwiayI6ImZiODY2ZTdiNDAxZjE5N2I1ZTEyYTJiNzg1OTBjZDQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ4M2k3YmY2d24iLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.THxp3o3hykPvSORQStNFzbGjYZR_vxKG2dAXpB7as2Y; uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1; iprc04600c990aab5806f11a4b38e3ed5908=3569807; pdhtkv=true; uncs=1; pdhtkv27=true; uncs27=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 28 Nov 2022 23:25:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1; expires=Mon, 05 Dec 2022 23:25:02 GMT; secure; SameSite=None
iprcbeae88e83c2932183d96c8b7bc28fe1d=2717342; expires=Wed, 30 Nov 2022 01:25:02 GMT; secure; SameSite=None
uncs=2; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
uncs27=2; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 66da3579fc229752cb9a4ffdfa6dfab1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
reproductiontape.com/watch.834203728842.js?key=8e51e259fd1a1aa9fcd9c3a978dc532d&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=1919e8d0222b20b828c5cc9d301ac26df7248472418d4bc6c3e589374527da5dcffc4c3f023ff9fc8292b788ddfa033b410b39244108e7ddcf14952b97947dd22940ebf7c7a8214d7e2efba234c9a53e6bd90715047f9023b84fee4340c9357a615857b17a&pst=1669677962&rmtc=t
192.243.59.20200 OK 642 B URL HTTP/1.1 reproductiontape.com/watch.834203728842.js?key=8e51e259fd1a1aa9fcd9c3a978dc532d&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=1919e8d0222b20b828c5cc9d301ac26df7248472418d4bc6c3e589374527da5dcffc4c3f023ff9fc8292b788ddfa033b410b39244108e7ddcf14952b97947dd22940ebf7c7a8214d7e2efba234c9a53e6bd90715047f9023b84fee4340c9357a615857b17a&pst=1669677962&rmtc=t
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (602)
Hash 114afa95771ac9d9e81a1752f4bee0f2
72e11f29237f69bf523908151e1350d9140eb346
9a27bfb620481cc61226b8452911fee352c586749e4f97daa7270d4d689ca4dc
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.834203728842.js?key=8e51e259fd1a1aa9fcd9c3a978dc532d&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=1919e8d0222b20b828c5cc9d301ac26df7248472418d4bc6c3e589374527da5dcffc4c3f023ff9fc8292b788ddfa033b410b39244108e7ddcf14952b97947dd22940ebf7c7a8214d7e2efba234c9a53e6bd90715047f9023b84fee4340c9357a615857b17a&pst=1669677962&rmtc=t HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Referer: https://www.seriale-shqip123.com/
Connection: keep-alive
Cookie: u_pl=17672177; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjE3NywiayI6IjhlNTFlMjU5ZmQxYTFhYTlmY2Q5YzNhOTc4ZGM1MzJkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InRrZGtyaTAzciIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5zZXJpYWxlLXNocWlwMTIzLmNvbS8ifX0.f6AO_37PU3Nib27Piiyulwe3iH3ZXw0rc4fhWPzBIDc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 28 Nov 2022 23:25:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1; expires=Mon, 05 Dec 2022 23:25:02 GMT; secure; SameSite=None
iprc1101684279d80f793105f367a598d0db=2717340; expires=Wed, 30 Nov 2022 01:25:02 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
pdhtkv5=true; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
uncs5=1; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b97127a312ead91c96e22aa42c214ff6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
voe.sx/assets/n-379412873852/js/site.min.js?c49fd96c54dd560366ff857af838f3bb
186.2.163.208200 OK 3.0 kB URL HTTP/2 voe.sx/assets/n-379412873852/js/site.min.js?c49fd96c54dd560366ff857af838f3bb
IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document, ASCII text, with very long lines (11110), with no line terminators
Hash 53861770da097964d5f9d8a2c48d15b0
36c9682295b88c456acf1a157d5437c826faea4c
7a04b0f5b2ca5d43cb02bb200cd5f72f29de5c522ab07c05464247a40f5942b3
GET /assets/n-379412873852/js/site.min.js?c49fd96c54dd560366ff857af838f3bb HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/e/eydbdd7fdga1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=XCn0hmwyVvWON07GrlKE; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Mon, 21 Nov 2022 22:30:47 GMT
content-type: application/javascript
last-modified: Sat, 05 Nov 2022 00:45:04 GMT
etag: W/"6365b210-2b66"
expires: Wed, 21 Dec 2022 22:30:47 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 608055
content-length: 2993
ddg-cache-status: HIT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5c4e57ec5b27c882948a53229424a984
71a479bbb84930a8c41d934f098301f0eacf5a3b
56137af80aee48fb93fb2d342981c7d34e46cf3ce4e22e857bb5b80352dbde17
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56137AF80AEE48FB93FB2D342981C7D34E46CF3CE4E22E857BB5B80352DBDE17"
Last-Modified: Sat, 26 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2266
Expires: Tue, 29 Nov 2022 00:02:48 GMT
Date: Mon, 28 Nov 2022 23:25:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e946cb0c788ecef674c6c56fd2481db7
19342e6b84f6faa4ef532d995ca5a914d32e0672
3e87cec29350a8b24a5759e6fdb0e6298a581186294cf9d869dca0015d08b8f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E87CEC29350A8B24A5759E6FDB0E6298A581186294CF9D869DCA0015D08B8F3"
Last-Modified: Sun, 27 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3011
Expires: Tue, 29 Nov 2022 00:15:13 GMT
Date: Mon, 28 Nov 2022 23:25:02 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 74fcf5b41902da0bc73ea19d1afce9e7
aef50f0556d364f7ea00ebbd435e56094e054d2a
befd14ed77d4d85d4e45d43c624b75eb32277d2ee0fc115e98c5ee4c519e7331
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6123
Cache-Control: max-age=168127
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:02 GMT
Etag: "63851922-118"
Expires: Wed, 30 Nov 2022 22:07:09 GMT
Last-Modified: Mon, 28 Nov 2022 20:25:06 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
dood.re/e/ydwvwldo7qj3
104.26.4.50200 OK 5.4 kB IP 104.26.4.50:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4841), with no line terminators
Hash c90e19721ead25b2a6a4a7995f492a75
94377dbe3bd2298615ca278b253575756998bea4
1285828ec3c4bba05f4bfb8badbe601ee6a24e463c44ac140eb976794a26cf99
GET /e/ydwvwldo7qj3 HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0d%2FirEZOOWj4ZtEILdGJklj1jLYSbgaHf7hOsTTV74gwmLV9u2U597yFiOoF6L9yiJ2mS0a4FIhOQcE02cODbLxQS0Zrd3Y%2FEFVUVlw8Mca4NJl2N8LNUz8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc461d43b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
veilsuccessfully.com/watch.130096690716.js?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1
192.243.61.227307 Temporary Redirect 0 B URL HTTP/1.1 veilsuccessfully.com/watch.130096690716.js?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.130096690716.js?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1 HTTP/1.1
Host: veilsuccessfully.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 23:25:02 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Location: https://veilsuccessfully.com/watch.130096690716.js?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=6e77445deeeb865c93b4f1f1b099ad47a25d0d44bb39ea708c4eddcf871312d33271f6af1774ab26911aa59dae00c4110d4e2ace687f59e687fdd8db9e3ed3a290514ecc5411f19800a0967718ca445ff56f19&pst=1669677962&rmtc=t
Set-Cookie: u_pl=17672268; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjI2OCwiayI6IjQzZGI3M2QxMThmNDA4ZGUyNTVkOTNlNDAyYjEwZGQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJwZG40ZTNrNTl5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.JAOdDqTXUIYWlKSvrJJE47-7ji-LIQvYN2i_JZ-VXCk; expires=Mon, 28 Nov 2022 23:26:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1248c4a794af599aed154bd003dcfa5c
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/popper.min.js
151.101.85.229200 OK 6.7 kB URL HTTP/2 cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/popper.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (18706)
Hash af62a06145a499ced91af8684d652c30
dc727a6c7630d7414d1499a2c36b7c8fb0a9126c
c2a776c4bc325950b57ced81960260e02df5c2c23caa12c221ea230b72bfb8d9
GET /npm/@popperjs/core@2.10.2/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.10.2
x-jsd-version-type: version
etag: W/"496b-DsfKR3i6PMtNGxaICUcgg0++ntM"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 28 Nov 2022 23:25:02 GMT
age: 18144575
x-served-by: cache-fra19148-FRA, cache-bma1629-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6713
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65447)
Hash d900ca08873ee57d40616d39a44cc0aa
7ab3ac8b1504b7b914a6e94c979b8390bb492f6a
1eea479cc0abe04a0846f41031207f9511f12ffef017a6109d4efb6f5523465b
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1491627
expires: Sat, 18 Nov 2023 23:25:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8PATPQmT%2FreEu8vCWqsN7FyfztYU2WZ%2BJZzoYnoNH0ECBtS8UkPogTAS2KudB9rGPuwBU7fly5g2abMVC4hnUnQqPvZnTWrAxlPKx%2FSgVXku1wmSmyTaUPHe1%2FIlNVdw4B35DO3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7716dc4b4bafb524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
voe.sx/e/f1wnvbowoxee
186.2.163.208200 OK 10 kB IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
Hash 88a1ef267309497f20720e316008d72c
f023a2229f93191458692876a554999e16b4688f
86e017977fd34c16ea651b29fdd2c287c327ce0b2c73bec030465ef5af990bc4
GET /e/f1wnvbowoxee HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=RnL0MWY2DYkgaoxjbva3; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6ImUvQ01DS0NxSk01dk8rTzBSZXoxdFE9PSIsInZhbHVlIjoieEh1N3U1dW1xaXFqUWd5M3NtdnMxbGl5MUVsMTBIYVpPcVpOcUJWRFowVEV3TXlHcDVRNjlVc3cvbU5ycUM3M2gxTDZIZVBsbDh1Y3I3TEM2bFJHbEFCeVA4bmpZYkZteFAvalZ4Ti9YdDNscU1LdVh6OVVBK1pkY0ZXZEUwY2EiLCJtYWMiOiJjNWIzZjFjNzBlNDkxNmExMTI1NjMyNDA1YjE3YjFlZDQ4NjA3MTNmZmYxNmRkNDQxMjAxOWI0NzRlNjExNzNlIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6InpJdW5nUTdGcCtsamRhVWp0ZkxHeGc9PSIsInZhbHVlIjoiSzdNMkVaZ0E1eFBlS3FwN09UOTlSUFI1UUp5bWVFbjQ0VEljcUNJamxMM0JBR3JmY1ZyVjNxODJUTC9mRWc0OXBkclBuNGlhU2ZWMVBFNnc0VkNSWlFDQVZBS3o5aXhUdU1aeDVya01xU2packhiVlBGQ2Jab25VN2NYNmd2TzQiLCJtYWMiOiJhNmUyODU0MTFkMDZiMDFjYzI5MjBlMzE4YjhiOWE1YTY5ZmEzYjAxOWM5N2JlNTVkNWY1NjMzMzBjZWNmNWQ3IiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9afed9a93c273c5350f2f0eaa8777947
cb78f9d742387b308ce13c4a2ebb597a1aed2cb2
d3754fbc628af058d0619ed54dfed7176036dfac127cb67cb0046a9141acd8b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 81
Cache-Control: max-age=100155
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:02 GMT
Etag: "63842738-117"
Expires: Wed, 30 Nov 2022 03:14:17 GMT
Last-Modified: Mon, 28 Nov 2022 03:12:56 GMT
Server: ECS (amb/6BA8)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/hls.js/1.2.7/hls.min.js
104.17.24.14200 OK 83 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/hls.js/1.2.7/hls.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7bf8d51855d3a4dc9f8fa48d5f960726
e5b5e977051af25021468bb957e2b6ff090411d0
8ee03212ee32332188e073bc0da21190fa3ffef35ea56a27440ad909b1b86880
GET /ajax/libs/hls.js/1.2.7/hls.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 82604
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "636ff6bc-142ac"
last-modified: Sat, 12 Nov 2022 19:40:44 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1343714
expires: Sat, 18 Nov 2023 23:25:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEUvfc%2FaMJAoNwF1aBvgKoj6MA%2B8lmEzek%2BJh9ukDPBwG0QsS1GoWtKvzrn7AzElN4pTapB0YqvagGT%2FjlMyAnEMibBLcv8S86f%2FIa2eN7LPRWBO82ZgX%2FVqNu8GgHTcigmgUqOB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7716dc4b8bdfb524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ebda5539b32fd20ab6af182e1bc1e20b
4dd11178830150371e491ff52718a5f32b7e6169
7dde43dd3acc5353cc49b96dbced0a6995e47f52b4a055c6d4b35ab44e8f5fca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3766
Cache-Control: max-age=145965
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:02 GMT
Etag: "6384cbc5-117"
Expires: Wed, 30 Nov 2022 15:57:47 GMT
Last-Modified: Mon, 28 Nov 2022 14:55:01 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/5.1.3/js/bootstrap.min.js
104.17.24.14200 OK 15 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/5.1.3/js/bootstrap.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (58940)
Hash 28dbaeb9aa2638e0c4e6d9ffd3d14e9d
3208ed3741e60986bbed3fd759cdfd3b4fa7cf06
ababbb021f57966e125b8e296f9515f38d906b462697f7835e6914465dd0d362
GET /ajax/libs/twitter-bootstrap/5.1.3/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 14584
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6161c4a3-38f8"
last-modified: Sat, 09 Oct 2021 16:34:43 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2268711
expires: Sat, 18 Nov 2023 23:25:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25g%2BpIzwl9sjOmCrn0hHrGIvcp8Ai9uxuzO%2BUPUJf9%2BI4NKehnnV7fOSzw%2BGAPhUyFotJEm0sl2yttn1dxkxtd5QnxI0nWO5fmDFw%2BJGGhBZwABwLXtmv1LV2Sp%2BF%2BnBJ1pCHemb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7716dc4b8be3b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dood.re/e/8un3xdoa9aqd
104.26.4.50200 OK 69 kB IP 104.26.4.50:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4835), with no line terminators
Hash 1cad5dbaabc546b9cf52200507cb2d77
d01c79484ab46eac971e88c6ded11b9fc916000e
94a898475e6241f9dc8f797cdf53d818b8472ab5464f75c50f72063897c391b9
GET /e/8un3xdoa9aqd HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:01 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:01 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3JLv4jBg2quSxTphSgY%2B1DqrV1oxvKqgYc83AHNTNYhbhEkxrbZTczmpZvrRuxvjoGCyQfqBp0BsMZcHTHR8F%2BgHathw%2BFCdXJii3L1kqvb7%2FGaeyxMdKM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc461d5fb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ebda5539b32fd20ab6af182e1bc1e20b
4dd11178830150371e491ff52718a5f32b7e6169
7dde43dd3acc5353cc49b96dbced0a6995e47f52b4a055c6d4b35ab44e8f5fca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4181
Cache-Control: max-age=146380
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:02 GMT
Etag: "6384cbc5-117"
Expires: Wed, 30 Nov 2022 16:04:42 GMT
Last-Modified: Mon, 28 Nov 2022 14:55:01 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
dood.re/e/6e31v7v9humq
104.26.4.50200 OK 1.9 kB IP 104.26.4.50:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4835), with no line terminators
Hash cc500755e55a7742b4948e195e779b04
1471e5c7016c298f206d665c965472e9c2a9e14c
d0bae4457a518875679b2bcf59a4cc2bb005b7a715fa6eeb0fddd7d6d1e8c5a3
GET /e/6e31v7v9humq HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8LNHqrILJQxhOeYZfvOHT6mLgtXTNDrPyUHTJSwjsr%2BOqUz5gP%2F7ZAafXtrFhrisK8qGbALFm40c6PRwgslV%2FuSjFz67GDPx1IArdr5tCd%2B4MpyUYLDt1g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc461d47b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157304 Not Modified 0 B URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers
HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:02 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/plyr/3.7.2/plyr.min.js
104.17.24.14200 OK 29 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/plyr/3.7.2/plyr.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2d8446057a33304014d76f234af5965f
336260e7fb6963edd528aa6f8efb78580f9de2f0
5219ffe71d2f5400b3656bae5dd4d31bf48c05901ed2e0b5473d59c1dd322f06
GET /ajax/libs/plyr/3.7.2/plyr.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 28745
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62600438-7049"
last-modified: Wed, 20 Apr 2022 13:01:44 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 15121846
expires: Sat, 18 Nov 2023 23:25:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEYDQCuqiYdZY9vAeO4FTg4gl3eS3cdnztDOUYz0mq%2Fr1JhXa2wVS8WRt6KVX7XI%2FKd50wYD%2BxOS701CXnHCsbErXd3xhFUPLw3Q%2FFWQOTl%2FSBGDmy7BhRFrxHduWWOVu4Yi%2FZzO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7716dc4c1c50b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
commentsengine.com/js/js.load.1.js?4106537923882439
172.67.190.246200 OK 0 B URL HTTP/2 commentsengine.com/js/js.load.1.js?4106537923882439
IP 172.67.190.246:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/js.load.1.js?4106537923882439 HTTP/1.1
Host: commentsengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: application/javascript; charset=UTF-8
content-length: 0
last-modified: Thu, 14 Apr 2022 12:20:52 GMT
etag: "625811a4-0"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: MISS
x-inferno-location: static
cf-cache-status: HIT
age: 15127227
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCdsjETmaEeEwZ4PvqORcYjX38RhQSeFA1LiyJCPuQmLhTXKWjy5pwxQ7R5drAuTIl44W8jLeu5ucOf1zI93splWpOPmy3%2Bvairki0KS0JBLSzFC6x%2B%2F10QcWsQ0iQSGTVTL6RQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7716dc4c1869b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc5267e77886f31e601de57469b12a6a
7c31ba91186eff5d78613e41ad6e4f00da0f0e0a
9a4397d75f08d8eafe861b11fe24747e8a0da5472c8e3594a1fed2fca6918c48
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9A4397D75F08D8EAFE861B11FE24747E8A0DA5472C8E3594A1FED2FCA6918C48"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2185
Expires: Tue, 29 Nov 2022 00:01:27 GMT
Date: Mon, 28 Nov 2022 23:25:02 GMT
Connection: keep-alive
cdnjs.cloudflare.com/ajax/libs/plyr/3.7.2/plyr.min.css
104.17.24.14200 OK 4.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/plyr/3.7.2/plyr.min.css
IP 104.17.24.14:0
File type Unicode text, UTF-8 text, with very long lines (33771), with no line terminators
Hash 2a571dcd1fbbc6041a23412abf048926
0e5ee09ceadae53acbcc511c1954756eeed98a29
344c089978288b4db8766d500e9d5cc6a8ee663d145d882f4c80dc16b341ceac
GET /ajax/libs/plyr/3.7.2/plyr.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/css; charset=utf-8
content-length: 4586
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62600438-11ea"
last-modified: Wed, 20 Apr 2022 13:01:44 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 14957924
expires: Sat, 18 Nov 2023 23:25:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qNwOx0%2BQL%2FcrSRzztGG%2B2%2Fg2kLlZLb1L0wTRXkxWb9l%2F8TeNrSOW1HHLix4XhTSGa6w9bd4e8r0SpYz7sZkdBuHhO0ChzWMcgUdSBzlrEHjj1sD9DO2niwI2qpsDxaw0M4Ms5WRE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7716dc4c2c5eb524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
commentsengine.com/js/js.load.1.js?6464022831814782
172.67.190.246200 OK 0 B URL HTTP/2 commentsengine.com/js/js.load.1.js?6464022831814782
IP 172.67.190.246:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/js.load.1.js?6464022831814782 HTTP/1.1
Host: commentsengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: application/javascript; charset=UTF-8
content-length: 0
last-modified: Thu, 14 Apr 2022 12:20:52 GMT
etag: "625811a4-0"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: MISS
x-inferno-location: static
cf-cache-status: HIT
age: 15127227
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCDxX6zgQhHimM7yDJMOyME4eVB2CKU5wOpaXf73WeyXM2qsy2rf000fG36Z8pGtrHCdDsdptlhHab4Xncr2Ay1NcxvVoSxVFlQcQt0u%2FvkfAxzM1StCsj6%2F8kgL1uUXOXAeiXo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7716dc4c2871b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157304 Not Modified 0 B URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers
HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:02 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2
voe.sx/e/sfluplic0txz
186.2.163.208200 OK 10 kB IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
Hash 6eb24e61ea519d6e9a8ec6478beba68d
4e424dd94039bc4f759e5b7879b8369c70cae955
6b2a113f524c465078dba09b69cf9ce6eb014caec1807b714d8642179c1971b9
GET /e/sfluplic0txz HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=xXJjCdllDUaaAkBpJfhR; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6IkcvVlJHaFRQUGQxeC9oRWl4WVJlR1E9PSIsInZhbHVlIjoiKytHcnluMVdQcVo1K25zZGRxMm1nZ29jMkxGazFsNktiU3N0RklUaCt3VEhWazgyRi9FMm5TcWQ4TlJjQ2NXSUhtZzBVRyt3VXNKN1JpL0ZGVWVnb29TOThXNlltQ2oxeUc2Nk9Ec1ZpTG50NzZOd2tpWUNrZUdMZ3NlUHBTKzciLCJtYWMiOiIxMjg0NTkyZDViMjM5MGIwYjhhNWZjMjYxZDcyMTQyY2MyMzAxMTMxZThiMzdkZmZmMzYzMzRjN2QwNjUxMDc0IiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6ImdUeHpoV00yRkpURkMybEZXRkczd3c9PSIsInZhbHVlIjoiWWxXL2FwQXRGTm42SFhXMFQ4SkFZYTI0dW12aEtZdUxOMVZ4RDY0L2pYV3k5bDYwYkRsdWR4Tlhtc3pWclhnTEc5cGVCYWZDSlllRkVDamc3UVhuSmNPdG54NjY0QjZaek0vSFlERG5kVnpzUGxQR2FhbjhZU2oxbDlFNzVYRmoiLCJtYWMiOiIzNjlkZjhjNGE2YTcyZTczOTI2ZjE2M2JmY2FiYTk5N2ZlNzk0MWUwNDQ4MDlmOWVjMjBmNGMzMDIwZDA2OTU4IiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 9623d71ecc5c21cc0bf75c9b0b41b77c
2ac493653dbc3e7989f29ecf317bd27209d6caa9
8282f427b747ac064fd8a6688a561abd9b0bea682f6bb50f44d5c2831a721a9c
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 23:25:02 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "E85591EEFB28114EFAB469AFDC016281C9EF6DD5"
Expires: Tue, 29 Nov 2022 11:00:00 GMT
Last-Modified: Mon, 28 Nov 2022 23:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 986
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7716dc4c4cb40b4d-OSL
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
imasdk.googleapis.com/js/sdkloader/ima3.js
142.250.74.138200 OK 127 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (2791)
Size 127 kB (126568 bytes)
Hash d298ebea71faa19cd8237ddf8c37d550
628f6436cdc4db74ecda4fad134b4499f41ad4cb
f02e9221a17b677d0aa0b76876bd82931f57bf5dd1ff9aa24a1ab945838b0e64
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 126568
date: Mon, 28 Nov 2022 23:25:02 GMT
expires: Mon, 28 Nov 2022 23:25:02 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d35f9c88c7fa0222273a234e2a3c7f53
7b4a898b24cbb2e1619e7bf297ceac376b8533a9
9ec326bee03628f311f7fe2a6f109473b20fc639ccca05794ad70993a867cee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9EC326BEE03628F311F7FE2A6F109473B20FC639CCCA05794AD70993A867CEE3"
Last-Modified: Sat, 26 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5653
Expires: Tue, 29 Nov 2022 00:59:15 GMT
Date: Mon, 28 Nov 2022 23:25:02 GMT
Connection: keep-alive
specialistinsensitive.com/watch.226278697781.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1
173.233.137.36307 Temporary Redirect 0 B URL HTTP/1.1 specialistinsensitive.com/watch.226278697781.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.226278697781.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:02 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Location: https://specialistinsensitive.com/watch.226278697781.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=45af026988f1519d3d62d5250bc15883bef220f554e4af1b519418b52c537d0ca6cb1da0696ae5f930a7843144c34fe47c9c83b8c6c8754fcd45865a4a87d82bbc99a8f0a1f7b3416295fe7307de9648e7eb14b11d6bdad4302cd146340c&pst=1669677962&rmtc=t
Set-Cookie: u_pl=17672407; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjQwNywiayI6IjZiODlhZjY5ZjQ5NjIxYzZjNDQzZGQ5YjcxZTYxZDMyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5ZXFlbjlyN250IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.WuxPO8nvgaCS--rBk_i4BOwhkUzxbGpnB-_-e_ma1GA; expires=Mon, 28 Nov 2022 23:26:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 90234f7387b3c1524c008b09efd2fd70
Strict-Transport-Security: max-age=0; includeSubdomains
strategicperplexanswered.com/ntv.json?key=2542b9376e69e7c9ab59020b52823532&vstc=4&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&custom=%7B%22d37e3bc4%22%3A%22b%22%7D
192.243.61.227200 OK 18 kB URL HTTP/1.1 strategicperplexanswered.com/ntv.json?key=2542b9376e69e7c9ab59020b52823532&vstc=4&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&custom=%7B%22d37e3bc4%22%3A%22b%22%7D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (17567), with no line terminators
Hash eb0b5b507ff7dc2b57efb6f90b7c4cd9
4a8df4e12e3c088635958a67eb5ec57130bfa92d
d7ba11e69bf98052c9a1f6a7f014aa01e39e5105780a7582d4ea94b5d3af5283
Analyzer Verdict Alert quad9 Sinkholed
GET /ntv.json?key=2542b9376e69e7c9ab59020b52823532&vstc=4&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&custom=%7B%22d37e3bc4%22%3A%22b%22%7D HTTP/1.1
Host: strategicperplexanswered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 23:25:02 GMT
Content-Type: application/json
Content-Length: 17567
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17674756; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1; expires=Mon, 05 Dec 2022 23:25:02 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
pdhtkv49=true; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
uncs49=1; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
nlec2542b9376e69e7c9ab59020b52823532=[2229214,2106764,2229213,2229212]; expires=Mon, 28 Nov 2022 23:25:07 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 977850abe1aa894adba294b2b663d70e
Strict-Transport-Security: max-age=0; includeSubdomains
testingmetriksbre.ru/netu.php
104.26.1.119200 OK 563 B URL HTTP/2 testingmetriksbre.ru/netu.php
IP 104.26.1.119:0
File type ASCII text, with very long lines (855), with CRLF line terminators
Hash 081cf8d1e2b33b8cb3c607b7d303da5a
ae721689a2931e50dfd6b038e85b5e0b4f091185
21a87b46098de35b4948ce9172bddc1989bbeaaf846ef3730b4fdea357287f05
GET /netu.php HTTP/1.1
Host: testingmetriksbre.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: application/javascript
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVI3rI%2Bfisc3g5p7%2FW8WJCa1EuAYnJajkswxp5hb3nnmmPd3cdDcZs5FnJlVPdpAvu4COuYgTGywKR0zJjxWrfxZenQ%2Fu6wrtYpkkEtnv96PKUuLQI9I5M3BUX1x47QduIdDzszs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc4cac44b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157304 Not Modified 0 B URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers
HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:02 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
173.233.137.36200 OK 11 kB URL HTTP/1.1 discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (32108), with no line terminators
Hash 0f2dc045219d13899b6cc111546693ec
3b1f87c273930e49dc0b6d2bcd92bd5d45cfb81b
2450c39f91bbcd38c06b1e9bd51c6055642e487009c0656319fe6e1440d0621d
Analyzer Verdict Alert quad9 Sinkholed
GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f037acfb45a701b9ebcbf23dacceefc4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
static.ads-twitter.com/uwt.js
151.101.84.157304 Not Modified 0 B URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers
HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:03 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157304 Not Modified 0 B URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers
HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:03 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157304 Not Modified 0 B URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers
HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:03 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157304 Not Modified 0 B URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers
HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:03 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
173.233.137.36200 OK 11 kB URL HTTP/1.1 discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (32138), with no line terminators
Hash 4336f91140eedcc6a57fc1a7fc6553c2
96bc4e4e1cf6978a149a9f89b1cd2bba34d5f955
67ecdb703042f3a0b0b87475ee562fb2180bbfee517ba18257298a1d99ab851c
Analyzer Verdict Alert quad9 Sinkholed
GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: de880892fb5288beb566cb7352acdebe
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
173.233.137.36200 OK 11 kB URL HTTP/1.1 discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (32138), with no line terminators
Hash 4336f91140eedcc6a57fc1a7fc6553c2
96bc4e4e1cf6978a149a9f89b1cd2bba34d5f955
67ecdb703042f3a0b0b87475ee562fb2180bbfee517ba18257298a1d99ab851c
Analyzer Verdict Alert quad9 Sinkholed
GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d9826101b54894b85388925c00415276
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
voe.sx/e/mapon9naj4ua
186.2.163.208200 OK 15 kB IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
Hash bab84f09ac33ee641062494f59e7ce1d
496178fa2069b8705980d2d12d54fe67c08402f7
bf947dfc08b1939393662231b615831d0dd0ad67e57a4c8c98d56e5e107ace31
GET /e/mapon9naj4ua HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=NHFazo016QKg34kU253W; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6Ik5zdXdBZjBrUDRpSUdXSzkyTGh2U1E9PSIsInZhbHVlIjoia254UnFCVGpBMjV6dXVMV0xtR1BIbGRnR1VGT2JWVDBqbVpCcmpGTkN5T0NvWDg4aTFBcGcwZTJWVkc1TWVZdEpXbytXbjdRcG1QZkVROGpJQXE3dnpGdDFJbm9sKzI0NTRCUS8xelE3bE1qcmNXdWh1VHFPMXAxbGphZnBOL0wiLCJtYWMiOiJhMDdjOTcxNTcxMzJhNzhhNGUwNDIyMmI4OThkM2JkMzM0ZDgxZjQwNzIzMGFlZGM3ODk2ZmU0ZDA2MTRkODgwIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6IlY2WUtNK0REazFmaVIwQzVQUDU2SGc9PSIsInZhbHVlIjoiWDhBVWdhMUJuRTlCK0pUVW5QSHNFTEZKbWpzcm12RmJwYjEyZkJQWWxoekFjODBtKzZtVWhFWjFrQVJrZDZORUZDVnJWOHI4Yk05ZUY5aE9heTBqZWpHRm1DRkR4RjFXc1Y1WFlhNDBVa0FoZExNRmtEM2x5ak5vR0pCZXdsWmMiLCJtYWMiOiIxMjI1YzMyOTZlYjc2ODM0OGNlMjUyOTEyMzIzZmE1MWJmYTAyOThmYjM4YzZhNDBiNzQ1ZWJkNDk0OWRiNTlkIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2
dood.re/e/41rvdoaytsb3
104.26.4.50200 OK 60 kB IP 104.26.4.50:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4771), with no line terminators
Hash 61014dbb4f8a2b1b88e95e729ad1ec8b
faf143eba241374a0f9e6b345f8812a3f040a86d
07cdf810b6c721e75db68852ca744eb7cf6366f43eba3feef95635f2820f3165
GET /e/41rvdoaytsb3 HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWsroePrtaF896KHmSH7uMjQDBJixF5oSlyhe%2BlDtNaSOQRSSQiYysUB3H9Jxa%2FhIczLfz7kocEzIHXBR2Hzpf75leg3XtptwVaZluRHeHFd1r6JtAahVv8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc461d45b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
173.233.137.36200 OK 11 kB URL HTTP/1.1 discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (32138), with no line terminators
Hash 4336f91140eedcc6a57fc1a7fc6553c2
96bc4e4e1cf6978a149a9f89b1cd2bba34d5f955
67ecdb703042f3a0b0b87475ee562fb2180bbfee517ba18257298a1d99ab851c
Analyzer Verdict Alert quad9 Sinkholed
GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dc4a40c8793ff823339589e492a1c39c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
voe.sx/e/hx7suu9o99yz
186.2.163.208200 OK 10 kB IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
Hash 05612c098f5fba76db699cddc9c622a1
dbfcd10f9f8b4f77a22da2fbefe4e6e2e8a96506
fa496dc5937a007744a57ab1d79d1f5bcebdf2dce94bf0f2ba15d9e8bd4ff330
GET /e/hx7suu9o99yz HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=G2x3wxXrjq8q3PfHKByT; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6ImkvMEc3c2JqbENyeDF2SFU2ODNWS0E9PSIsInZhbHVlIjoiSWhnVW43MXhWNWp6V1Vyc0ZPWUYrOSs4TE1yQktjR1pSK1Yvck5MRGpIL3lnd2MrUzNrcWcrSjZyK2U1VHB4aWxTaHpYYnJuUFY4dE0zcnNhQ01wTGdVTjBqWkw5OVJTTm51anZIR0d2YlFPZ29UdW56VWUrZzZuQzRPQlJTd00iLCJtYWMiOiI5MTg4ZGZiOWIzNjA4OWFjNTZlNWYxODJlNWE1NTYzNjE4NzdiYjM4OWU2ZjMxNjU5NWFhYmNjNTNiMjU5ZjRkIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6InpvNkVXc3dETWxVSEMxRytzY3Rvemc9PSIsInZhbHVlIjoiVE5mVFpCWmhUc3BreWtKMlczdWE0RlJhNmRlcjBWNFhpSWJibk8wUThxeXNQOU13SkNXM0lYcG13dHUzS3NRUFNXdUdmNjJHb2Q2bXplSUJaRG9UOFJ4NGJjWEIyRGdHSkVHNnByZVZPWFdLOEJXTDZXSHEveGZaNU1acEJSOU0iLCJtYWMiOiJkMWVlMWEyM2Q0MGJlMWViM2U4OTdjZGVhZjUwZjAyZDBhZTNhYzZjZDIzNGY5NmRhNTNiMDhkZTZkOTVjNGNhIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6174233946807485&host=ca-host-pub-1556223355139109
142.250.74.66200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6174233946807485&host=ca-host-pub-1556223355139109
IP 142.250.74.66:0
File type ASCII text, with very long lines (4885)
Hash 0a805755a31360a74838a4a32bf70b29
31a3bd74d9293df33641f1e913a93e8f06c2a1ce
cb1d40440b86837405e8c35c36f5967a20facb287461910e5cfa0ea6142e058e
GET /pagead/js/adsbygoogle.js?client=ca-pub-6174233946807485&host=ca-host-pub-1556223355139109 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 28 Nov 2022 23:25:03 GMT
expires: Mon, 28 Nov 2022 23:25:03 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 8190809026464596254
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49150
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1VDLNSMWfD0MtEf4HP18j8TIp7SaO9O8bzjBLSwG01RiveDIQLvkNEb2q6zye0lFdRXydy7W5xnVSP7FZaQxZ2k_A2_hVLTiMhN1RFn8VF3KzZ_O7v0nw=w72-h72-pd
142.250.74.33200 OK 2.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1VDLNSMWfD0MtEf4HP18j8TIp7SaO9O8bzjBLSwG01RiveDIQLvkNEb2q6zye0lFdRXydy7W5xnVSP7FZaQxZ2k_A2_hVLTiMhN1RFn8VF3KzZ_O7v0nw=w72-h72-pd
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 68a55cae242d2f64cc4cfb2b69f9c40a
8174581d0d7a26f6203fadec1dc2ea33e73fe11d
cfb3d02bd395d81b57ad600723c864be92be4b24adb16a117bbd9f6e77f54035
GET /blogger_img_proxy/ANbyha1VDLNSMWfD0MtEf4HP18j8TIp7SaO9O8bzjBLSwG01RiveDIQLvkNEb2q6zye0lFdRXydy7W5xnVSP7FZaQxZ2k_A2_hVLTiMhN1RFn8VF3KzZ_O7v0nw=w72-h72-pd HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 29 Nov 2022 23:25:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 23:25:03 GMT
server: fife
content-length: 2728
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha06OprK0znfe8RygFbVd0mrNnDzscISTpHFVE8KVrz0xCNgqchr6qKwLJ73us38s26W-8LyP1ogU1hSWTYr2Onm7E3rk1SOTQ5vxqia9JAvNl73zw=w72-h72-n-k-no-nu
142.250.74.33200 OK 3.1 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha06OprK0znfe8RygFbVd0mrNnDzscISTpHFVE8KVrz0xCNgqchr6qKwLJ73us38s26W-8LyP1ogU1hSWTYr2Onm7E3rk1SOTQ5vxqia9JAvNl73zw=w72-h72-n-k-no-nu
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 17504cafa3a5ba3362bf0e8e0046cf8b
336f22cc707c0dcdcc16fec51b37b238cd8c03eb
f75b4a344ef9b67c9344e6454e3f2cdc9aa78bd172c339ee51f0d4435717c644
GET /blogger_img_proxy/ANbyha06OprK0znfe8RygFbVd0mrNnDzscISTpHFVE8KVrz0xCNgqchr6qKwLJ73us38s26W-8LyP1ogU1hSWTYr2Onm7E3rk1SOTQ5vxqia9JAvNl73zw=w72-h72-n-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 29 Nov 2022 23:25:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 23:25:03 GMT
server: fife
content-length: 3106
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
voe.sx/e/k7tbkwka7o3z
186.2.163.208200 OK 13 kB IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
Hash 517d0f6beaa3e288dcdd412727103845
955852066945de422731910e8d17bcf820fc359c
77506dde8717f37c106b1ec4dc5378d2e2aa8c3a4c79b4c60970da884495c986
GET /e/k7tbkwka7o3z HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=3OMcZvsrpf7Sq7eASTEq; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6ImozQ1h6VXBwY1hHbkh6S05ZaXlZYlE9PSIsInZhbHVlIjoiY2o2bTJQeldvMDZjd1AzamsxSSszQ1pCVnJTd1NrNnpkc2JoKzJ6SzlEYnI2TzQyVEltQWVOd2dJN3I1SU9TYU50bjg0NjNJTWpSQ2pzeVc3Q0IxYStJOUx1L2VvaFhpc1FwZDlBR2VERnFGVVZRWjlOamhyNmpNY0pOQ0djYWkiLCJtYWMiOiJjMmRlYjhmNWE3OGRlMjM5MDU2ZTUxZmU3N2Q2ZmZkMjYzMTllOTJiNzRjN2I2NzY0MDI4NGY2YWE0ZmY2MjUwIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6Ii9Ga3dMKzdGaWVvNzF4am45dmtqM0E9PSIsInZhbHVlIjoieU4vclJRN1IrSTFwNkgyN3ZyV3UrSFJoVFNGYXlhM3ByNnplb3Y4eVlLWXYwVUYvanhjWmI0MTFxZWpuWmtyams1OW8xMTg4YUhpVCtWT0hSSmc4bnV5Q2hPdTJzc052anB2TU9tQzFlaVFzbGlHeEtHTkMwYzN6cjVrcHgzdVkiLCJtYWMiOiIwOTkzZDBlODE3NmZiYjVmNTA3N2ZmNDA5Njc3ZTk5MTg3Yjk3MGZiMzVjMjcwODk4MGYzMmYxYWI0YmUxMjEwIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5011c3ae54f0ee02e53eee57d47da352
ad893bb5928ff835231652809cc9af62d5219f0a
d840efa1d29eff50fc07c0c31315c004f60db98e7da8c8a232e40e3595bba0a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
173.233.137.36200 OK 11 kB URL HTTP/1.1 discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (32138), with no line terminators
Hash 4336f91140eedcc6a57fc1a7fc6553c2
96bc4e4e1cf6978a149a9f89b1cd2bba34d5f955
67ecdb703042f3a0b0b87475ee562fb2180bbfee517ba18257298a1d99ab851c
Analyzer Verdict Alert quad9 Sinkholed
GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5e95d5fee1df70dbf79c93e258433e08
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6174233946807485
142.250.74.66200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6174233946807485
IP 142.250.74.66:0
File type ASCII text, with very long lines (4885)
Hash 5a706402529468db33b51803739cea8e
3ceb934c46095a044c923150635e96466179a11e
b771027819645fea8a7e610a3186dc06ea0163d19d10318725e724731abbaa97
GET /pagead/js/adsbygoogle.js?client=ca-pub-6174233946807485 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 28 Nov 2022 23:25:03 GMT
expires: Mon, 28 Nov 2022 23:25:03 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 379925479736146182
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49331
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
voe.sx/e/8csmsi3a5uqb
186.2.163.208200 OK 10 kB IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8492)
Hash 470f90bb7356c4e13d093ceb22d4ad19
03f984f0f407e29d4e74367f649393507447a590
76cfea4556c3fd4e69601812617fcd2bae2f6130885c3a09e838d503d1812f6f
GET /e/8csmsi3a5uqb HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=5DSrvC11SV5FsCosfPTg; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6ImRRQis2ZVlSY1JIY3BmUERxTHNKa2c9PSIsInZhbHVlIjoiQlFISXMwck82Q2psdkFOdkZXU3VVOHRKbDM0aXlTelZiMkg1MnVNRllGQWkwRXlmWC9IN1FpcTFTdE9rT1NpN1lIYWRQVDlDVk5KNk1QNVI4TkR4bGJOc3lJdXU4SWpUZndpNnNXT0NZVklnbC9Hc3h0MlhGajFQNE9QQ3ZYREsiLCJtYWMiOiI2NjhhOTg2OGY5YTU4N2U5MTYyMDNmZWI3NDhhYTJlNjg0MGNhOWUzYmNjZGVlNzcyNGY0ODgzNDdkYWRhZDBiIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6IldBRkt6dW8vcnRyRGQ2Ui9nYXhaYlE9PSIsInZhbHVlIjoiSGFqbGNtYW5VS2VQeTFVT1FlUmQ4Wk1hNXp4L1pjQ0xLZHRIem0rLzVGL0t3UDNLaWZ0eDdWVHI2UkVLc1hxNUNIcFowMXB1Y3E3aHhjZmh0VmVLa3VwWkYrZlE0bkM5UzJ4SVZFT2J5WVM2UEwvQjdFYkpQaURyRHFUek9idlQiLCJtYWMiOiIyYzE5OTFiNDM4ODc2NzhkZDI4NGI1NGFjOTI4MDkwNTI0NGUwZWE3MDJlNDIxOWM5NzMzZGRkNGFmOTdhNTc3IiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0pqu3_Lkwq82XkZ45ZwuA8B6tCHsIh32CTWk2u2ZpesYqjRP9E_QD-JoOZDwf461Zyetu_c2PyBniol1hTVeEshJAOSuxHEsYhOPM35ygMtVRj8AqjGA=w72-h72-pd
142.250.74.33200 OK 2.6 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0pqu3_Lkwq82XkZ45ZwuA8B6tCHsIh32CTWk2u2ZpesYqjRP9E_QD-JoOZDwf461Zyetu_c2PyBniol1hTVeEshJAOSuxHEsYhOPM35ygMtVRj8AqjGA=w72-h72-pd
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 64efda419328aa9aee71a29b04b6e8c8
4cd5dc4e3a0092d1bf6311f6a9f5056b37559f55
62524fd24ca81febd48202cb96efc7c11bfbc6bf4615bfb5712a70f96a800992
GET /blogger_img_proxy/ANbyha0pqu3_Lkwq82XkZ45ZwuA8B6tCHsIh32CTWk2u2ZpesYqjRP9E_QD-JoOZDwf461Zyetu_c2PyBniol1hTVeEshJAOSuxHEsYhOPM35ygMtVRj8AqjGA=w72-h72-pd HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 29 Nov 2022 23:25:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 23:25:03 GMT
server: fife
content-length: 2625
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0hCAtchE1-L2ZjfCuebEciO_yhXIy3pmhEUZvv46lCc07OQB0j1_cQqDvexpmTqYVNoMi6SSOhaq-hk6BAZAf-KEgRY81hWAyR1s_lYfbXchsysw=w72-h72-n-k-no-nu
142.250.74.33200 OK 4.0 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0hCAtchE1-L2ZjfCuebEciO_yhXIy3pmhEUZvv46lCc07OQB0j1_cQqDvexpmTqYVNoMi6SSOhaq-hk6BAZAf-KEgRY81hWAyR1s_lYfbXchsysw=w72-h72-n-k-no-nu
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 70a347bd8064c675021f69a1a3e768c5
bbc2fbe52fbe453dee30b68272c1c80ce570b752
8a831a61b87b38b71f236048a14f02e3cb8bb8dfb5b3a4dbb3083dd1d958f58a
GET /blogger_img_proxy/ANbyha0hCAtchE1-L2ZjfCuebEciO_yhXIy3pmhEUZvv46lCc07OQB0j1_cQqDvexpmTqYVNoMi6SSOhaq-hk6BAZAf-KEgRY81hWAyR1s_lYfbXchsysw=w72-h72-n-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 29 Nov 2022 23:25:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 23:25:03 GMT
server: fife
content-length: 3970
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 79840cac9f5ae1a38c0faaaf59e7fe82
f76a3e50f566269c574e7f8904021640366dcc56
1f39ccbd6ad4a9c8fcc3e4d7d83c4c21f9e9fd9fd0d98c6b70cd1bbbdfeb7798
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wastedinvaluable.com/watch.562547319547.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=d352c05ba85fb23175704ae883d5e9aa8f07d3d2d94e5e5e91cf417f46dd338c93ba1c60769c07f8a631714842c43d3e699b307196c63c11c4b7b0d0c547ae1dc150444584b8df1fe310aa5f329e2c408219946fe09904472badb20c81a3a0&pst=1669677962&rmtc=t
173.233.137.36200 OK 2.1 kB URL HTTP/1.1 wastedinvaluable.com/watch.562547319547.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=d352c05ba85fb23175704ae883d5e9aa8f07d3d2d94e5e5e91cf417f46dd338c93ba1c60769c07f8a631714842c43d3e699b307196c63c11c4b7b0d0c547ae1dc150444584b8df1fe310aa5f329e2c408219946fe09904472badb20c81a3a0&pst=1669677962&rmtc=t
IP 173.233.137.36:0
File type HTML document, ASCII text, with very long lines (2572)
Hash 64aa68ecb99202cdfbeddf3385732387
14f3944370eb51051caafb63fd439d6c683b2d37
e71285e2144a739afc56d6a9c6a1abe9fc0c447bdae8265d42da6d21331ee43f
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.562547319547.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=d352c05ba85fb23175704ae883d5e9aa8f07d3d2d94e5e5e91cf417f46dd338c93ba1c60769c07f8a631714842c43d3e699b307196c63c11c4b7b0d0c547ae1dc150444584b8df1fe310aa5f329e2c408219946fe09904472badb20c81a3a0&pst=1669677962&rmtc=t HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Referer: https://www.seriale-shqip123.com/
Connection: keep-alive
Cookie: u_pl=17672407; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjQwNywiayI6IjZiODlhZjY5ZjQ5NjIxYzZjNDQzZGQ5YjcxZTYxZDMyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5ZXFlbjlyN250IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.WuxPO8nvgaCS--rBk_i4BOwhkUzxbGpnB-_-e_ma1GA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1; expires=Mon, 05 Dec 2022 23:25:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
pdhtkv23=true; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
uncs23=1; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 438a5dece5bc88ad5daa4dc794dc2cf1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
173.233.137.36200 OK 11 kB URL HTTP/1.1 discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (32129), with no line terminators
Hash 29e21b58c6407d7073f2f56fb1aff2fc
7c4455560f5adb3d479a1e7d04aac53ca971c792
18879c7abe4287d52cf462c17eb2c87006e001ba56d1ecbeda8fe10dc803eb96
Analyzer Verdict Alert quad9 Sinkholed
GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2f46197bd27345e12789837f6701562f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
173.233.137.36200 OK 11 kB URL HTTP/1.1 discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (32129), with no line terminators
Hash 29e21b58c6407d7073f2f56fb1aff2fc
7c4455560f5adb3d479a1e7d04aac53ca971c792
18879c7abe4287d52cf462c17eb2c87006e001ba56d1ecbeda8fe10dc803eb96
Analyzer Verdict Alert quad9 Sinkholed
GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 77d9dac546454a2eb7f0564c1ae03367
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqJlgRwMei7VxmPID7velPVU9XPHJ-6OesEFcBzij0yoCFkfCwhEuQHnc5LRqIYSC4cJRmxKPHm1Q0wAvNoZpwqfXTRSYNczvbkKqa6MetZfwVuxudNSHS8FIwXV-0cS80mfsWGgK9f5tiBWs9pwHKeViIUHrVdUSPykhxJlMhhia5wRPhjkdU0VHR/s320/hqdefault.webp
142.250.74.33200 OK 23 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqJlgRwMei7VxmPID7velPVU9XPHJ-6OesEFcBzij0yoCFkfCwhEuQHnc5LRqIYSC4cJRmxKPHm1Q0wAvNoZpwqfXTRSYNczvbkKqa6MetZfwVuxudNSHS8FIwXV-0cS80mfsWGgK9f5tiBWs9pwHKeViIUHrVdUSPykhxJlMhhia5wRPhjkdU0VHR/s320/hqdefault.webp
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Hash 61f47fb443feceeb26bd2a6dea471679
cbf97104a27e8cfe0f2bf8ae016531ed0714d725
33bc7084deb2933f5356f6b6da37a16d58369317afe4376b5baef5705573c51a
GET /img/b/R29vZ2xl/AVvXsEjqJlgRwMei7VxmPID7velPVU9XPHJ-6OesEFcBzij0yoCFkfCwhEuQHnc5LRqIYSC4cJRmxKPHm1Q0wAvNoZpwqfXTRSYNczvbkKqa6MetZfwVuxudNSHS8FIwXV-0cS80mfsWGgK9f5tiBWs9pwHKeViIUHrVdUSPykhxJlMhhia5wRPhjkdU0VHR/s320/hqdefault.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v88a"
expires: Tue, 29 Nov 2022 23:25:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hqdefault.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 23:25:03 GMT
server: fife
content-length: 22789
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
voe.sx/e/zpaif5wegj5b
186.2.163.208200 OK 14 kB IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
Hash cd02b6d99fbcc58f6730cdda561514d9
d7125780ede6a46f6404bfb85f973aad4ccd99e6
2bca8057b63853adebe33604554d489e1371acb851b3d5a3e422182944e41d9a
GET /e/zpaif5wegj5b HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=is7iS9NZbsoTw8Af8yVP; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6IkZIemQ4czdDb3g5bmx0VkhVMkpCWlE9PSIsInZhbHVlIjoiWlRuS1ZFV3JMQmRSNE5ISEQ3ZFFuN0lDMlg2SjcwaktwZVJCUFFGc2tvMDBkVFNHaTl6Uzk0VWRjUmJ0aWlhemhzZGk2L1hERnk2MENCSUhFZTAyVU8xMUhWQ3pnaW9RajEzUFBjalRRODY0SHkzMEdweHo3d0Q4eHZmT1FEUmUiLCJtYWMiOiI2MDI4ZDY5NGVlY2FmZTBhNDgyMGQ1MzljZTg5YzI2ZjI3MzE5NGI3ZjAyNWIwY2U2Y2ZkNWE3YzY0ZTQzOTM5IiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6IlkwM2hsWXMvVDlNcnZrdzMzSG1FaWc9PSIsInZhbHVlIjoiWlBwcUdLenViTVlFblcvWUR4MXh0enI2eWhiSXY0eWxrd0J5SEtvaURwSy9FZ0hydUZtMnF2UStNeEJGR0dwQ0hORUFaa1FUeDhQS0ZLc1l5NkZ2cnJ3Qnh0UnRrOHhCV1dNN0FuN0g1NXhvNGdtakZmTmxGWmxnUXdmT0RPMUsiLCJtYWMiOiJmNGM2M2U5MTk4ZGVjOWZlZWFiZDE0MzUwOGY0ZTkyYmE4NjQ4NmYxNmQ0ODA2ZjI3ODQ1Yzg1ZmJlY2Y3NTY0IiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgsfalU5fbx3V0hGt0FUgyDn_YV922KKsGvMIgP0GGttch_EELDppYNYX8uVvP0tpC8I_tYLY9Rtbtycap_9cSOjamD6CkDUC3OrW-GD2qsgfJOpkup7Mqua_rkcOm5nr7UdWyyV--pBdYLQNA87uvt149WQzxg8Qnd6KzLXYnufnnrCP5g1-AZDKNl/s320/63177cf9ebc83016b8139f24.jpeg
142.250.74.33200 OK 28 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgsfalU5fbx3V0hGt0FUgyDn_YV922KKsGvMIgP0GGttch_EELDppYNYX8uVvP0tpC8I_tYLY9Rtbtycap_9cSOjamD6CkDUC3OrW-GD2qsgfJOpkup7Mqua_rkcOm5nr7UdWyyV--pBdYLQNA87uvt149WQzxg8Qnd6KzLXYnufnnrCP5g1-AZDKNl/s320/63177cf9ebc83016b8139f24.jpeg
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x183, components 3\012- data
Hash a6ac1270af5ce77550f218a9d872f390
cc293d629d7f63b97de9ed470cd438c7012d4440
ab07af56ca189c976f07f2b7f63ec6cf91492311d0da13e4b1d159dd267eb10f
GET /img/b/R29vZ2xl/AVvXsEgsfalU5fbx3V0hGt0FUgyDn_YV922KKsGvMIgP0GGttch_EELDppYNYX8uVvP0tpC8I_tYLY9Rtbtycap_9cSOjamD6CkDUC3OrW-GD2qsgfJOpkup7Mqua_rkcOm5nr7UdWyyV--pBdYLQNA87uvt149WQzxg8Qnd6KzLXYnufnnrCP5g1-AZDKNl/s320/63177cf9ebc83016b8139f24.jpeg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v88d"
expires: Tue, 29 Nov 2022 23:25:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="63177cf9ebc83016b8139f24.jpeg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 23:25:03 GMT
server: fife
content-length: 28276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhwyfbXafjgN8_rO8OlP7WFwiVzOF5NCkDqrPFFAx8qBqkNK38FUY1_ufOVUdNcYQQ58OI9bRecESYZdGcbCK4wdXfFxdK1IPCuF_bzPduYYdM3Aa_j7A4_auzak_6xqAFAdD9vT56qXZPthH2lnhfXIJvyyxkcLOMWwg2X2CKrwSbgc14UC7QsHlHU/w72-h72-p-k-no-nu/hqdefault.webp
142.250.74.33200 OK 3.4 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhwyfbXafjgN8_rO8OlP7WFwiVzOF5NCkDqrPFFAx8qBqkNK38FUY1_ufOVUdNcYQQ58OI9bRecESYZdGcbCK4wdXfFxdK1IPCuF_bzPduYYdM3Aa_j7A4_auzak_6xqAFAdD9vT56qXZPthH2lnhfXIJvyyxkcLOMWwg2X2CKrwSbgc14UC7QsHlHU/w72-h72-p-k-no-nu/hqdefault.webp
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 32ce012be7293ae122366f8a2492de4a
33919410311d37d6a658019ff8c7a3ce8825ba23
8073e5cec06fe5d90ef3ef7706294471fc5bba559949c7e2c22498310292c042
GET /img/b/R29vZ2xl/AVvXsEhwyfbXafjgN8_rO8OlP7WFwiVzOF5NCkDqrPFFAx8qBqkNK38FUY1_ufOVUdNcYQQ58OI9bRecESYZdGcbCK4wdXfFxdK1IPCuF_bzPduYYdM3Aa_j7A4_auzak_6xqAFAdD9vT56qXZPthH2lnhfXIJvyyxkcLOMWwg2X2CKrwSbgc14UC7QsHlHU/w72-h72-p-k-no-nu/hqdefault.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v669"
expires: Tue, 29 Nov 2022 23:25:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hqdefault.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 23:25:03 GMT
server: fife
content-length: 3442
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
104.16.122.175200 OK 31 kB URL HTTP/2 unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
IP 104.16.122.175:0
File type ASCII text, with very long lines (29325)
Hash 3c89b0e9a9f706cc4c532e7d97821935
d0f0e457c9f7a125224cd7af7323550d1643779f
3f6c4117b99266c5c4b92a7293a94a6d7c517a2a25e7e035277517a17bf1092b
GET /progressbar.js@1.1.0/dist/progressbar.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7315-VGu3QlAvqjb4wruVTC8CgYdmBAQ"
via: 1.1 fly.io
fly-request-id: 01F3YGTHVETVB9B7TG2TW5GR8F
cf-cache-status: HIT
age: 18988666
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7716dc4c2874b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
veilsuccessfully.com/watch.130096690716.js?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=6e77445deeeb865c93b4f1f1b099ad47a25d0d44bb39ea708c4eddcf871312d33271f6af1774ab26911aa59dae00c4110d4e2ace687f59e687fdd8db9e3ed3a290514ecc5411f19800a0967718ca445ff56f19&pst=1669677962&rmtc=t
192.243.61.227200 OK 2.0 kB URL HTTP/1.1 veilsuccessfully.com/watch.130096690716.js?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=6e77445deeeb865c93b4f1f1b099ad47a25d0d44bb39ea708c4eddcf871312d33271f6af1774ab26911aa59dae00c4110d4e2ace687f59e687fdd8db9e3ed3a290514ecc5411f19800a0967718ca445ff56f19&pst=1669677962&rmtc=t
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2533)
Hash c9c69a8189f38548a69d38206b0aa146
2de27b63a6e87bb66ddbad3a16f7dd2c70bdd431
a8e89f0cfdef34c915a250d3ca7cb4ca3976faf2bc1b509d0a18bbe81abbab4f
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.130096690716.js?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=6e77445deeeb865c93b4f1f1b099ad47a25d0d44bb39ea708c4eddcf871312d33271f6af1774ab26911aa59dae00c4110d4e2ace687f59e687fdd8db9e3ed3a290514ecc5411f19800a0967718ca445ff56f19&pst=1669677962&rmtc=t HTTP/1.1
Host: veilsuccessfully.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Referer: https://www.seriale-shqip123.com/
Connection: keep-alive
Cookie: u_pl=17672268; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjI2OCwiayI6IjQzZGI3M2QxMThmNDA4ZGUyNTVkOTNlNDAyYjEwZGQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJwZG40ZTNrNTl5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.JAOdDqTXUIYWlKSvrJJE47-7ji-LIQvYN2i_JZ-VXCk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 23:25:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1; expires=Mon, 05 Dec 2022 23:25:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
pdhtkv32=true; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
uncs32=1; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a15f18a9ed388114c22a33e693562847
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
static.ads-twitter.com/uwt.js
151.101.84.157304 Not Modified 0 B URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers
HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:03 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2
voe.sx/e/xy2rdse34ev4
186.2.163.208200 OK 13 kB IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
Hash 6b966563d97be29210266fdd10e1776d
cd5c773bbdd31b12cc4ee8e91f0720b704c314d1
8ece7f4240c57757770a0222aaac94a484e2f3c3b9b424153327fa48a636d523
GET /e/xy2rdse34ev4 HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=XrJnpld2IbiBzrwJFRhE; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6ImptMGViY3RJajRGNENjZDBjUEdIakE9PSIsInZhbHVlIjoiMnQwTWxaczZDTFNuMWdYTldteTZuUWJpTjdVcW5xSVdGNkR3OE8vK244TVlicTNHMXoxbzU3UG5yalM2SnN1aURuVGhnV0srM0Y2MjBKQzhDbVhWSFhPTGNCU2h1NTBlb0VSQ3Jsb1ZFMmdJUXRBWVBuMlNLQzdjNWhrSVFCN2oiLCJtYWMiOiJiMzUyZTlmZDJmYzkwZWM4NzYwODM2Yjc1MjQ2MzUyYmQ1YzZjYTNhODVkMGYwYmIwZGVmNGY4NTE3ODRlYWRmIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6IllDL1hiZTB2Yk5VT1dGYzhvMitYaGc9PSIsInZhbHVlIjoiaFJkd3c3QmpGcHMyTlNONWR2bEh4ZnluV3NJVXdmM3p3WStidDdaQkxrYmhlaVlmUTZ0aE5HNkExcVo4M3QzN0xVdldVRFozV1ZDYnJ0MlAzL3U0NEVJU2c1T250dXhqTEtBbGIxL2U4YzVTeUNpaTd4SDgwR000M2Z2cHJSTkciLCJtYWMiOiIzNjgzMjFlOTQwYjRjY2ExZGM3MWQ5NTZkZmIwNzU1MmZiYTk1MjgzMzlhZjlkMWVjOTFiNDc4ZTI1NTRjNThmIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
173.233.137.36200 OK 11 kB URL HTTP/1.1 discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (32129), with no line terminators
Hash 29e21b58c6407d7073f2f56fb1aff2fc
7c4455560f5adb3d479a1e7d04aac53ca971c792
18879c7abe4287d52cf462c17eb2c87006e001ba56d1ecbeda8fe10dc803eb96
Analyzer Verdict Alert quad9 Sinkholed
GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 161923e4374bd98d71ae23bf7d4ef58f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
static.ads-twitter.com/uwt.js
151.101.84.157304 Not Modified 0 B URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers
HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:03 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhOQnYdphOmb1w0iUmcK6clg1ojNOMleAV4xF6Ok4NNSxVEY0TbJA2rXuhm6MYHjtp7aFAOyRr18yZP9lPLbp1qidMpja_ayRTXqpyHTNdiIZCxsg5lu6kA_3eqQTE565IJDtjkDcfRtLdsImS8ncQAhIP3sDOkx3I_nIJfgdrca0QJQBhAdS3ZU6FZ/s320/Beni%20Birakma%20-%20(Mos%20m%C3%AB%20Braktis).jpg
142.250.74.33200 OK 114 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhOQnYdphOmb1w0iUmcK6clg1ojNOMleAV4xF6Ok4NNSxVEY0TbJA2rXuhm6MYHjtp7aFAOyRr18yZP9lPLbp1qidMpja_ayRTXqpyHTNdiIZCxsg5lu6kA_3eqQTE565IJDtjkDcfRtLdsImS8ncQAhIP3sDOkx3I_nIJfgdrca0QJQBhAdS3ZU6FZ/s320/Beni%20Birakma%20-%20(Mos%20m%C3%AB%20Braktis).jpg
IP 142.250.74.33:0
File type PNG image data, 320 x 188, 8-bit/color RGBA, non-interlaced\012- data
Size 114 kB (113590 bytes)
Hash 3c29ef33eccac05d7fcd485f6dab0b7a
7bb6664db977cfd00bd703ea6b9375a455519add
4b93fe674a12a2692d7dd51540828d3c52d09caf3c72c09d9a0a1dd1607391c8
GET /img/b/R29vZ2xl/AVvXsEhOQnYdphOmb1w0iUmcK6clg1ojNOMleAV4xF6Ok4NNSxVEY0TbJA2rXuhm6MYHjtp7aFAOyRr18yZP9lPLbp1qidMpja_ayRTXqpyHTNdiIZCxsg5lu6kA_3eqQTE565IJDtjkDcfRtLdsImS8ncQAhIP3sDOkx3I_nIJfgdrca0QJQBhAdS3ZU6FZ/s320/Beni%20Birakma%20-%20(Mos%20m%C3%AB%20Braktis).jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v891"
expires: Tue, 29 Nov 2022 23:25:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Beni Birakma - (Mos m_ Braktis).png";filename*=UTF-8''Beni%20Birakma%20-%20(Mos%20m%C3%AB%20Braktis).png
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 23:25:03 GMT
server: fife
content-length: 113590
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
specialistinsensitive.com/watch.447376465800.js?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=c61798cf86a73c27017ef21b3d901e2485f8046fba51d9ab2a46f74929bd8344762408f1bba6a6dbfe9e73d5d688bbe821ba60be07e11d5ab217b7f68596f3d8bf790ea36f12c5a0d29a586b1743dc894d0dbb4c847ebfd38bbce315f0be&pst=1669677962&rmtc=t
173.233.137.36200 OK 2.1 kB URL HTTP/1.1 specialistinsensitive.com/watch.447376465800.js?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=c61798cf86a73c27017ef21b3d901e2485f8046fba51d9ab2a46f74929bd8344762408f1bba6a6dbfe9e73d5d688bbe821ba60be07e11d5ab217b7f68596f3d8bf790ea36f12c5a0d29a586b1743dc894d0dbb4c847ebfd38bbce315f0be&pst=1669677962&rmtc=t
IP 173.233.137.36:0
File type HTML document, ASCII text, with very long lines (2575)
Hash e9a59b4f19e350dac830d826e7cf229f
1b863a84179feb58e16e68a2eb8f6b4d9adf15af
22db126d3ca1b2fe5180954b1597a830c9790fcf202b8f1371052bdcd7997e73
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.447376465800.js?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=c61798cf86a73c27017ef21b3d901e2485f8046fba51d9ab2a46f74929bd8344762408f1bba6a6dbfe9e73d5d688bbe821ba60be07e11d5ab217b7f68596f3d8bf790ea36f12c5a0d29a586b1743dc894d0dbb4c847ebfd38bbce315f0be&pst=1669677962&rmtc=t HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Referer: https://www.seriale-shqip123.com/
Connection: keep-alive
Cookie: u_pl=17672407; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjQwNywiayI6IjZiODlhZjY5ZjQ5NjIxYzZjNDQzZGQ5YjcxZTYxZDMyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5ZXFlbjlyN250IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.WuxPO8nvgaCS--rBk_i4BOwhkUzxbGpnB-_-e_ma1GA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17672407,17672268; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1; expires=Mon, 05 Dec 2022 23:25:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
pdhtkv32=true; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
uncs32=1; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c718c4711f0e026c5789b183819f7d1e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
voe.sx/e/eydbdd7fdga1
186.2.163.208200 OK 14 kB IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
Hash 90cad9fdfa817b0a4d04d0c21689dd00
b556f0935bb83931c4c0274be269382a07d67043
abe151c4f993280b8eb98bd37bcf63621ca55eb81c0f7ba8a1f1c1046973d011
GET /e/eydbdd7fdga1 HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=1yjhwT5aYQoqDKIWEXNK; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6IjVWQUxjWmpUME5JUjE3UWZzdXRjNkE9PSIsInZhbHVlIjoiOHpVMndpMmhad3prVmNlVW02K1pPZ0h2ajNyNXlORTlWRnlObC9qcGlsM293alQwaGRSd1BCMjZvd1dIc3RMcWY0WjNiM1dvdjAwNWdrc2hzL3F3SFJ1d09tNEhhOU10NUg1U09YeTArY2NVa2lSem5GcEs1cFlTZDFUQUo5T1kiLCJtYWMiOiI2Njg2OTk3ZDQyNDUyMThlMjhkYTM1MTY1YjI3ODVjMWQ4NWU3YzFkNzQyNDdhM2M1ZGFjNWZhZDc3YzE1OTViIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6IkhmeUdvcEpJYVQyRWovNTdIVVhZNVE9PSIsInZhbHVlIjoiZGZGajNRZmZIMExTOVNtNUxWdDB2alFOd1pHYUVVRytzTzhsVmZiL3VpdEVtUlZLTnNsZ3FFTG5ZOU8zYWNIY00rMWpPM0hrOXdrOGJZZ1BRaG1zbUJRZFQ0QkxERVBSOExxOE9sa0hwRzlRaDVBR0lCTG0vTmp1NTkrbW91ZjgiLCJtYWMiOiI2YjM5MTUyYjc3ZDllYTRlZGU2ZmMxMTg2OWQ3ZjNlNGJiYTQ4OTQ5YTBmY2RkZjQ2MDRhNmM2OGQ1OWM4ZmZiIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157304 Not Modified 0 B URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers
HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:03 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2
specialistinsensitive.com/watch.226278697781.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=45af026988f1519d3d62d5250bc15883bef220f554e4af1b519418b52c537d0ca6cb1da0696ae5f930a7843144c34fe47c9c83b8c6c8754fcd45865a4a87d82bbc99a8f0a1f7b3416295fe7307de9648e7eb14b11d6bdad4302cd146340c&pst=1669677962&rmtc=t
173.233.137.36200 OK 2.1 kB URL HTTP/1.1 specialistinsensitive.com/watch.226278697781.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=45af026988f1519d3d62d5250bc15883bef220f554e4af1b519418b52c537d0ca6cb1da0696ae5f930a7843144c34fe47c9c83b8c6c8754fcd45865a4a87d82bbc99a8f0a1f7b3416295fe7307de9648e7eb14b11d6bdad4302cd146340c&pst=1669677962&rmtc=t
IP 173.233.137.36:0
File type HTML document, ASCII text, with very long lines (2546)
Hash 90516e5d73d32865f51dd1bc737b66c9
f65bb39e70e65ad10608789d731826e14b9741ac
d1970089b23331f9b9bb5a157d7cf8b06d1855f2af6bfae4cc59d9375ca364d2
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.226278697781.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=45af026988f1519d3d62d5250bc15883bef220f554e4af1b519418b52c537d0ca6cb1da0696ae5f930a7843144c34fe47c9c83b8c6c8754fcd45865a4a87d82bbc99a8f0a1f7b3416295fe7307de9648e7eb14b11d6bdad4302cd146340c&pst=1669677962&rmtc=t HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Referer: https://www.seriale-shqip123.com/
Connection: keep-alive
Cookie: u_pl=17672407; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjQwNywiayI6IjZiODlhZjY5ZjQ5NjIxYzZjNDQzZGQ5YjcxZTYxZDMyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5ZXFlbjlyN250IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.WuxPO8nvgaCS--rBk_i4BOwhkUzxbGpnB-_-e_ma1GA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1; expires=Mon, 05 Dec 2022 23:25:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
pdhtkv23=true; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
uncs23=1; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f4aa9fd5c605ca2c0e9026ba4f1d18b1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
static.ads-twitter.com/uwt.js
151.101.84.157304 Not Modified 0 B URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers
HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:03 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2
hqq.to/js/script-2.12.5.js
190.115.19.71200 OK 4.4 kB URL HTTP/2 hqq.to/js/script-2.12.5.js
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (1242)
Hash f2d89553185a342a98893760b5a27460
449a755c7c3e03946b5fab3ea9195b06c43b9ac1
28a5e10daa981bd5e7c28feb373ad68518723bd9eb5a1aabd9124a8d17fa5d2c
GET /js/script-2.12.5.js HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09
Cookie: uid=pn75tW1MUE1UyX7Tx*L9*z9p8WV6trX4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=ZZrRl4H7zGDhL6x15B2t; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:04 GMT
date: Mon, 17 Oct 2022 10:54:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Dec 2020 19:28:37 GMT
etag: W/"5fc69965-4cb8"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 3673813
ddg-cache-status: HIT,MISS
content-length: 4429
X-Firefox-Spdy: h2
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
173.233.137.36200 OK 11 kB URL HTTP/1.1 discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (32105), with no line terminators
Hash b4ecbf39fe8e9c1229662281b4d87922
b8884daec40b1e29fcdeaa67bf4be8cf5e6218a6
43070ce5b9284ff8da12f1474d43c0398f09f5b2d43efb11d735f2df899b2030
Analyzer Verdict Alert quad9 Sinkholed
GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e769194cfff09365c2603b2186a96408
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
static.ads-twitter.com/uwt.js
151.101.84.157304 Not Modified 0 B URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers
HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:04 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
173.233.137.36200 OK 11 kB URL HTTP/1.1 discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (32108), with no line terminators
Hash ffd76afce2f452eadd04f2e09579e2fe
c3d43c7247e2ce3049cc12a9753e67e1507f2ea6
76c77ac996c76b235cf505555fb57df479ba54f2b3827902daabfb2e3165072c
Analyzer Verdict Alert quad9 Sinkholed
GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c3a286c3b78a117fceaa4e2a1dc7e745
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
static.ads-twitter.com/uwt.js
151.101.84.157304 Not Modified 0 B URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers
HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:04 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap
142.250.74.10200 OK 80 kB URL HTTP/2 fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap
IP 142.250.74.10:0
Hash d489237a144bd8c04d2fc06d61814b23
af0730e87210c9c6b335f8d49f2b5fd7fe7d2758
3907225726fe21c562c5f95a3943ec7653ce6c3b524824462696da1eb31611ea
GET /css2?family=Inter:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 23:25:02 GMT
date: Mon, 28 Nov 2022 23:25:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hqq.to/cdn-cgi/trace
190.115.19.71404 Not Found 85 kB IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4d094472143470ba42e80d12c4e50ac4
7ebca0b0a7d872da3ef97ad39b7fdf058fc98369
fe630e6d3f56af4192eeeac890bc257faef5bd51a8ec2ce295557995d37be640
GET /cdn-cgi/trace HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09
Cookie: uid=pn75tW1MUE1UyX7Tx*L9*z9p8WV6trX4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: ddos-guard
set-cookie: __ddg1_=oVqRNkF5J9PhBtzFF6EW; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:04 GMT
date: Mon, 28 Nov 2022 23:25:03 GMT
content-type: text/html; charset=UTF-8
x-origin-location: /
x-cache-status-inferno: MISS
x-inferno-location: /
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
173.233.137.36200 OK 11 kB URL HTTP/1.1 discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (32105), with no line terminators
Hash e93dcd8425fa97b32420c788372d8d2a
01dd49125ed8c2108dea498a10bcf25e4af6d50f
104032393555cc0f2c29199fad1d8e74c2968597394187780785705d5f4f87e1
Analyzer Verdict Alert quad9 Sinkholed
GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fc0c0d04eec58132ecc3ab065ba28c36
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
voe.sx/e/zn3vdqkhvnk5
186.2.163.208200 OK 80 kB IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
Hash 333950d08be0b3baf39fdac7445d4445
d2c25f766cb3046c5ce46f316171b844f3058c2b
ed6d94f8b8472ce97bb731328fac3126982040e6996e707960cda2bf86632a09
GET /e/zn3vdqkhvnk5 HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=SxicV5R4IeXKUXGgp4ij; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6IkVrN2I5RVI2MEJEZE5EM2JsYUhKcWc9PSIsInZhbHVlIjoiRUViTE81Vnk5dzBnS3Fvc2xIVlJPdk1VcGppeGszK3dzbmxEck8wZVgxMmVsdzdnSDRCMHVUL1dIYysrclRaN3RTUFM3NG83R25GeEdKM3BNWnhnNHVEMlJLd1A5NWdpc3JaUjVXMVQ4WXg0Tm9lR1Q0S20zanFTclVHWGVXTzYiLCJtYWMiOiI1ODc1Y2U5NmRiOWJjZDAxZjdiYTliMzI4ZDk5MDI2NTRhMDAwNWU3ZjA5NjJkZjM0ZjFlNmM5NWNiZDAyNGIzIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6IlF0U29sVG5Cc1lIQ2tPWVM3ZTNwc1E9PSIsInZhbHVlIjoiNlZJT2pseXZOYkxWV0R3b2ZMV0xjNjVLazVpNG12L0I0Ui9RaXRhQjRkWTZrQjRDcUEwM2Jtc1ZwOHkyQzZvcjdxV0xnc0JRWDE4NHJmVWpSOW9SMHlDYStCV2pVS1JENmNienJhenkrek40ZUJoNE9IT0RmbTFtV2N0WmJ2bEgiLCJtYWMiOiI4NjhhOWEyZmUxMjM5MWVmMzJjMDNkNGRmYWUwMjAxNmZmMGQ0ODFjNDJmYzFjYzMyY2M3NDBiNTZmNmJhMWNkIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157304 Not Modified 0 B URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers
HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:04 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157304 Not Modified 0 B URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers
HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:04 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2
dood.re/e/dpcvhpjsuww0
104.26.4.50200 OK 101 kB IP 104.26.4.50:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4835), with no line terminators
Size 101 kB (101223 bytes)
Hash f7330c5f55026f9773211880c14a5497
04696bddb5853e57f99e78b7bd27a6bcbd501a3d
e602059d3f7129bddb259f7b119fb0968f6d240fa97c6032235bdd76c862cefb
GET /e/dpcvhpjsuww0 HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mU9iFbwRccuSa%2BcnZtGbRfKG36Gr6vIKsqNBZqiZ2%2FaVVNl3%2B8oeIKXF8Jzjif1SXwYPjwPosKkm1g%2FjVsZCBwEvjm0cIIEgSgtUuEhEtWgHPKVBZumijYw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc461d49b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157304 Not Modified 0 B URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers
HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:04 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
173.233.137.36200 OK 11 kB URL HTTP/1.1 discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (32105), with no line terminators
Hash e93dcd8425fa97b32420c788372d8d2a
01dd49125ed8c2108dea498a10bcf25e4af6d50f
104032393555cc0f2c29199fad1d8e74c2968597394187780785705d5f4f87e1
Analyzer Verdict Alert quad9 Sinkholed
GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 35e5390e87846410eb2fb6f7e65d5f1d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
216.58.207.195200 OK 38 kB URL HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://voe.sx
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 06:03:56 GMT
expires: Fri, 24 Nov 2023 06:03:56 GMT
cache-control: public, max-age=31536000
age: 408068
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
173.233.137.36200 OK 11 kB URL HTTP/1.1 discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (32129), with no line terminators
Hash 889237166d044402e6335f6066643fc3
6ec0a3da27475df91523a96488f4a9650953c96f
280adbbaec9a9dc995f0ecb4422116709af89ec4524dcaa5af5ab6bdc7296b51
Analyzer Verdict Alert quad9 Sinkholed
GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 181b46d23f709d1132740997baa92304
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 766d6878d080d03024bb8267393f1307
d5b71ed0cb73e97e9fc047159c20964db7bf8450
34c5ecc9b207da415157c804c7cfadb103363f6bd6f00c623c9d911621388118
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34C5ECC9B207DA415157C804C7CFADB103363F6BD6F00C623C9D911621388118"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6761
Expires: Tue, 29 Nov 2022 01:17:45 GMT
Date: Mon, 28 Nov 2022 23:25:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 766d6878d080d03024bb8267393f1307
d5b71ed0cb73e97e9fc047159c20964db7bf8450
34c5ecc9b207da415157c804c7cfadb103363f6bd6f00c623c9d911621388118
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34C5ECC9B207DA415157C804C7CFADB103363F6BD6F00C623C9D911621388118"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6761
Expires: Tue, 29 Nov 2022 01:17:45 GMT
Date: Mon, 28 Nov 2022 23:25:04 GMT
Connection: keep-alive
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
173.233.137.36200 OK 11 kB URL HTTP/1.1 discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (32105), with no line terminators
Hash b4ecbf39fe8e9c1229662281b4d87922
b8884daec40b1e29fcdeaa67bf4be8cf5e6218a6
43070ce5b9284ff8da12f1474d43c0398f09f5b2d43efb11d735f2df899b2030
Analyzer Verdict Alert quad9 Sinkholed
GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 33ada6f1c5fbd3d430c06eceb69ca9b4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
173.233.137.36200 OK 11 kB URL HTTP/1.1 discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (32108), with no line terminators
Hash ffd76afce2f452eadd04f2e09579e2fe
c3d43c7247e2ce3049cc12a9753e67e1507f2ea6
76c77ac996c76b235cf505555fb57df479ba54f2b3827902daabfb2e3165072c
Analyzer Verdict Alert quad9 Sinkholed
GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 659d2873659f709a0cb31da3dac467b7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
alleviatepracticableaddicted.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js
192.243.61.227200 OK 11 kB URL HTTP/1.1 alleviatepracticableaddicted.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (32139), with no line terminators
Hash ae5b0aee29310c892502500c64a50cb1
1b5e81a9e599c3b3ef93cf90754eadf4774a62cd
d5bda50766592c212ba785183c8d812c67ac3882ca93a7b38580cfa27d091e3e
Analyzer Verdict Alert quad9 Sinkholed
GET /ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js HTTP/1.1
Host: alleviatepracticableaddicted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 23:25:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b5b2213698c5085884cc7ec1dbc1e5f7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
173.233.137.36200 OK 11 kB URL HTTP/1.1 discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (32129), with no line terminators
Hash 889237166d044402e6335f6066643fc3
6ec0a3da27475df91523a96488f4a9650953c96f
280adbbaec9a9dc995f0ecb4422116709af89ec4524dcaa5af5ab6bdc7296b51
Analyzer Verdict Alert quad9 Sinkholed
GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e0749c85a874f591a46c4a8a9d1a6391
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:26:04 GMT
expires: Sun, 26 Nov 2023 21:26:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 179940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
173.233.137.36200 OK 11 kB URL HTTP/1.1 discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (32105), with no line terminators
Hash b4ecbf39fe8e9c1229662281b4d87922
b8884daec40b1e29fcdeaa67bf4be8cf5e6218a6
43070ce5b9284ff8da12f1474d43c0398f09f5b2d43efb11d735f2df899b2030
Analyzer Verdict Alert quad9 Sinkholed
GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c4b04c345a7128093e2518f9ce63ddfb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
alleviatepracticableaddicted.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js
192.243.61.227200 OK 11 kB URL HTTP/1.1 alleviatepracticableaddicted.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (32172), with no line terminators
Hash 9a0dfae29337e02737b582ba66d54bd5
e9f9a5e8135f171a89934ffc42d5ffe12ada161b
21b5d3134ff10ed000a3e06d994c6e96513186ec37b2fda7b1a7e690fb40cd59
Analyzer Verdict Alert quad9 Sinkholed
GET /ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js HTTP/1.1
Host: alleviatepracticableaddicted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 23:25:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2a9ab7d58e5e81637d79c0fd87211ded
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
dood.re/e/7ui8vn7cqg4e
104.26.4.50200 OK 4.4 kB IP 104.26.4.50:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4829), with no line terminators
Hash 98f451492fc77dbe154ff67e1f3991df
0e7fb3d3753b45365b8a5a2bf428cff06bfb4b14
cf403a4865f452c68d93dc110e1c08f36dbb9bbadae1acbbe9f7ea04d782de49
GET /e/7ui8vn7cqg4e HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7F7Soa7sBBoLoUnaD0pXySWVESZImvBjIrZLibM1s9KIT5ADiAgT1sc0tsf6tsHBq1rK%2FMFWBJ8zrPD%2FUCt4e0B4Ho2K%2F3J74AQYfgSb9a4xwe08S8OzABw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc461d50b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
173.233.137.36200 OK 11 kB URL HTTP/1.1 discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (32111), with no line terminators
Hash 4ac96d089f1e328311764aa05c239f50
ca33318476b16ada94ba1d2b3fefb034743fb58e
ecfc6758e721c1d44b6817e8acccb7c694e4c0bada15d7179eba321a03431c13
Analyzer Verdict Alert quad9 Sinkholed
GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 50104af2df34e180559831e756bf369c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 57188f903a82effb34ce19c914dfb747
b144829a128ebe6eec80e7bb58f375ad4d9fd5dc
dd6f1b7c2d8131397fc1cd5bb8e1266577d24c0c075235427ec6053b86fd2dd4
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hqq.to
Connection: keep-alive
Referer: https://hqq.to/
Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://hqq.to
access-control-allow-credentials: true
X-Firefox-Spdy: h2
dood.re/e/4sfb9dteh5jq
104.26.4.50200 OK 1.9 kB IP 104.26.4.50:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4835), with no line terminators
Hash 9c88e1db534cf8e373d72172946bfd76
19bfd942937961c1a338979021fe2084899871a4
a0eed64c633016946bb2e6af53977eca4636bdc77456d70d9655c40c20f7b3b2
GET /e/4sfb9dteh5jq HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jx8IvmZGL1gInE2Qwh963pSO%2BDtHmc8Fa1JzcDT1OVMAns6TAZPEGiSMz5x96jNwgZYzqxJvgjO0R7H6OMLfOfsfAm9N%2FetEXmIGY7ynCzqsh8MJNO7AS6M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc488fddb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dood.re/e/3y3g182d5jdo
104.26.4.50200 OK 2.2 kB IP 104.26.4.50:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4835), with no line terminators
Hash eb4af0a5cac05e8b065915dc07cd56d5
4493b48e5409dbaaa7c9532f794bcb57ff4ded44
20db6e2de20799c4ab8feb93e8e18641172fa30c97c91a3564db65cadd01738b
GET /e/3y3g182d5jdo HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2oLwczY4sArMlBszFqOw3gAMKgsjnnZQtcA7b8H2mYCxE%2Fz6fVf6KbjyApsOdiZWyn2XjKvAiQzcaWF%2BS306IEiWuWeo4DtQnlqa4iNADpYHWNOhUMIwWQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc47fef0b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
testingmetriksbre.ru/netu.php
104.26.1.119200 OK 563 B URL HTTP/2 testingmetriksbre.ru/netu.php
IP 104.26.1.119:0
File type ASCII text, with very long lines (855), with CRLF line terminators
Hash 081cf8d1e2b33b8cb3c607b7d303da5a
ae721689a2931e50dfd6b038e85b5e0b4f091185
21a87b46098de35b4948ce9172bddc1989bbeaaf846ef3730b4fdea357287f05
GET /netu.php HTTP/1.1
Host: testingmetriksbre.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:06 GMT
content-type: application/javascript
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBP8Gkp7YTCzQ5ND%2FD%2Bu3ve51Jpl4hVhwaaA3XjeypUQ%2BVUfxssbveJ48dci60fPJHZR9XAHvMkn8BRG%2FtWxNObOLaKKRMUYorPy%2BY4vI6RjEosXFZUv3NJUgm%2B9vSoHQw7LCz4Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc63de00b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a857eec26a095f97806facc4251f4048
21bcf238687fd5f4fbefaf9704786f7c498f305e
b44b50b7e234fd05080699152a9bc0055a703a93ec2642ecb6b1f717effe7933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
voe.sx/e/gn9wr6fs4ezh
186.2.163.208200 OK 10 kB IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
Hash 50fb9bdef97bc3971e3fe92d96c2a85d
f62b74e9187b3e737592f0e3a5eeab44813a3656
c3c9e2b3a4db66a699fe43942c63ae69a8b1e45c554bc8b116165b5d897f393d
GET /e/gn9wr6fs4ezh HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=7pHzgpHXj0tYujLZptBv; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6IlZvRWJIUU9hMm9SdkpwS0FjVDlCc0E9PSIsInZhbHVlIjoiTUYyK2lCS29qYXJ4eFdGTWdTUzR4NTBjRmc1RWVlWTA1aVlKN2paUnJQMTBqME1nWWVPTnRiTTZSV2RBVjl2S0UyNkR4VXpZU3NhVC80azV2SmVVOHRJUGlTd1pWVXVPS3FOWHR4OCtYWnY4L0ZWR2dTWW8vSVhYK0JuL0xDMDkiLCJtYWMiOiJmNjkyMTEwZjUxMTIzMGFhM2VkYWE3MDczMTFkYzk1YTRkZDliZmY1ZDE3NjAwZGI2ZmI3YjZmODdjYTY0MmJlIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6IklCdEhCNVk3Q2FrMzA4TlhNckFiRVE9PSIsInZhbHVlIjoiMEcwODNFeG1ZOG0rMEsvVmRVUzVvRGY1VDVPSnQ3ZFpTZ0RPdnBCNlRiMmZ6ZVZQMGdsSXRud1NFK1VWU2o2RzBXSk5JaHZKVEErN0tLWTArcVRSNjBQbXVKT3R4TVozN0hQbnFPRElLSTVKT2pGdFdOZ0RoUE5za2ZFUlNLUnoiLCJtYWMiOiJiMjBiODVkMTZkMGY0OTFkN2VkMzAwN2UwODc3ZDdlMjNlYjBlYzUwYzE4ZTMwZTFlMDRhYzQ5YmEzZjNlMzZjIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=www.seriale-shqip123.com&callback=_gfp_s_&client=ca-pub-6174233946807485&gpid_exp=1
172.217.21.162200 OK 32 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www.seriale-shqip123.com&callback=_gfp_s_&client=ca-pub-6174233946807485&gpid_exp=1
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash e003723bb43e8e216426c5cd897b3a9f
85f6260d04937794cddbf58b46caa5dd7a7dd489
ebb110f380b85f1eadd52e180b12c2ad3c10bba0edddda63a3a79d4ca3673b78
GET /gampad/cookie.js?domain=www.seriale-shqip123.com&callback=_gfp_s_&client=ca-pub-6174233946807485&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 28 Nov 2022 23:25:06 GMT
server: cafe
cache-control: private
content-length: 32
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09
190.115.19.71200 OK 38 kB URL HTTP/2 hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6037)
Hash 9b24067b1ca1dcadf29cde6130a7faed
29b327741b4287d329add7056d5725a719836d29
d0640cc8a93016aff776202a90c6c011f418b0a0748a9cd27108c2c6ad08c7a7
GET /e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=3AwudtPsBPUX1sjLp4So; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Mon, 28 Nov 2022 23:25:01 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: EXPIRED
x-inferno-location: player
x-inferno-limit-req: PASSED
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 879cba431d8b6f2717a750acd5ca7156
1d4eb23583d48dd6801a104aa20046b34acd0efe
31223aada310e8d8e3fa41e22ee23019a07b362b3b062ccdc10600c22071bd78
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=www.seriale-shqip123.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.seriale-shqip123.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.seriale-shqip123.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 28 Nov 2022 23:25:06 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 150ea2873eff251c72d1decbf77f983b
490f1e694eac882e2939c95d7a294bfb85c45670
8c7069c27bff404a4e5cfa31f0405bc2bec2838a0be469e06effc33574290634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C7069C27BFF404A4E5CFA31F0405BC2BEC2838A0BE469E06EFFC33574290634"
Last-Modified: Sun, 27 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11324
Expires: Tue, 29 Nov 2022 02:33:51 GMT
Date: Mon, 28 Nov 2022 23:25:07 GMT
Connection: keep-alive
hqq.to/ad/api/popunder.js
190.115.19.71200 OK 498 B URL HTTP/2 hqq.to/ad/api/popunder.js
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with no line terminators
Hash f589bec6da844567cb8b0cfdb91a0a86
fd720e91f95e1e74ffcd27dd221ad84e432d3760
3e3bbabedaaa7d8585a91c0843a93674eff45111bbea6ad5c333b28ded93a30e
GET /ad/api/popunder.js HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=uFzvZ7z8gke6ckECdeQm; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Fri, 15 Jul 2022 10:51:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 15 Sep 2021 14:06:22 GMT
etag: W/"6141fdde-15"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
accept-ranges: bytes
age: 11795663
ddg-cache-status: HIT,HIT
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55703d3bfe2eb684148ed6c064f04955
7ebd83b433d0f21d992c54c5cb686fac8031a0cf
ace43109e30792780c3b526994d017abac37d7bedec0382de7b0fb3a10d62041
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "ACE43109E30792780C3B526994D017ABAC37D7BEDEC0382DE7B0FB3A10D62041"
Last-Modified: Sun, 27 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6388
Expires: Tue, 29 Nov 2022 01:11:35 GMT
Date: Mon, 28 Nov 2022 23:25:07 GMT
Connection: keep-alive
veilsuccessfully.com/f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js
192.243.61.227200 OK 29 kB URL HTTP/1.1 veilsuccessfully.com/f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 6101a00a4358bd0ba9d04a1a4ad0079a
99345d86f5b65c56227a4297e396ec5ccc9ff21e
4dbcd7ac3a8b1004c85b04a22bd5cf35486080b738c748891bb762f5e80b5acd
Analyzer Verdict Alert quad9 Sinkholed
GET /f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js HTTP/1.1
Host: veilsuccessfully.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Cookie: u_pl=17672268; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjI2OCwiayI6IjQzZGI3M2QxMThmNDA4ZGUyNTVkOTNlNDAyYjEwZGQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJwZG40ZTNrNTl5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.JAOdDqTXUIYWlKSvrJJE47-7ji-LIQvYN2i_JZ-VXCk; uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1; pdhtkv=true; uncs=1; pdhtkv32=true; uncs32=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 23:25:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e6bd1c135f18c98e7252dbccaf34d26c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 798c6088f000b3a2464e23a92271c24d
2a53b3d3bd4a9104c79595f664276db5b32b9bad
dcccfc9bb4da634286d08301fcf23be3ae26bb429b35349fb72dde530fdb3ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
integrityprinciplesthorough.com/f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js
173.233.137.52200 OK 29 kB URL HTTP/1.1 integrityprinciplesthorough.com/f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js
IP 173.233.137.52:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 2e25b1cc759e525500c142fb5aae9aeb
c85090a96e1a14aae254cacda1853da8228af9f0
49dac5d36202def3243dbc936f55c71b10eb7cb544f9f1bf109666c7441ecd1c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 79a276e59705486afdfba73e100d5603
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
testingmetriksbre.ru/f.php?sid=212040
104.26.1.119200 OK 3.7 kB URL HTTP/2 testingmetriksbre.ru/f.php?sid=212040
IP 104.26.1.119:0
Hash 1403c52f54d81ae1ece0ac7e4cc9887c
9797bb79442ed17899be1a44a16b3f8af410469a
bf47f33196cd2ed1d222ba1568c8dab7be2a89e34950921d9741f606a1ab9e19
GET /f.php?sid=212040 HTTP/1.1
Host: testingmetriksbre.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:04 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h09X%2FZoJ1BkI0yJzDMJ2JnCp6GOn6kg9vZlh%2FxvVRTDXUwTsLOamCg4pWr38%2BsbqDP5MHJCU7tJyTh9F52MJ%2BM0Zud8MYnko9U0eMcMMYMYCxB5KpGlaw%2BLhj2jia5uxrGzIH%2Bi2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc54daadb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 44 kB URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
Hash f8eb273ad90e449ccaa18c504b471536
818f46362e995594574e872a2f9dd7cf9ac7305f
62b11e8a84fed033213841d9289007497b6de21f675a9eb7d488ba92191e4ad5
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Referer: https://voe.sx/
Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://voe.sx
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 57188f903a82effb34ce19c914dfb747
b144829a128ebe6eec80e7bb58f375ad4d9fd5dc
dd6f1b7c2d8131397fc1cd5bb8e1266577d24c0c075235427ec6053b86fd2dd4
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Referer: https://voe.sx/
Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://voe.sx
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 57188f903a82effb34ce19c914dfb747
b144829a128ebe6eec80e7bb58f375ad4d9fd5dc
dd6f1b7c2d8131397fc1cd5bb8e1266577d24c0c075235427ec6053b86fd2dd4
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Referer: https://voe.sx/
Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://voe.sx
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 57188f903a82effb34ce19c914dfb747
b144829a128ebe6eec80e7bb58f375ad4d9fd5dc
dd6f1b7c2d8131397fc1cd5bb8e1266577d24c0c075235427ec6053b86fd2dd4
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Referer: https://voe.sx/
Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://voe.sx
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 57188f903a82effb34ce19c914dfb747
b144829a128ebe6eec80e7bb58f375ad4d9fd5dc
dd6f1b7c2d8131397fc1cd5bb8e1266577d24c0c075235427ec6053b86fd2dd4
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Referer: https://voe.sx/
Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://voe.sx
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 57188f903a82effb34ce19c914dfb747
b144829a128ebe6eec80e7bb58f375ad4d9fd5dc
dd6f1b7c2d8131397fc1cd5bb8e1266577d24c0c075235427ec6053b86fd2dd4
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Referer: https://voe.sx/
Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://voe.sx
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 57188f903a82effb34ce19c914dfb747
b144829a128ebe6eec80e7bb58f375ad4d9fd5dc
dd6f1b7c2d8131397fc1cd5bb8e1266577d24c0c075235427ec6053b86fd2dd4
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Referer: https://voe.sx/
Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:08 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://voe.sx
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 57188f903a82effb34ce19c914dfb747
b144829a128ebe6eec80e7bb58f375ad4d9fd5dc
dd6f1b7c2d8131397fc1cd5bb8e1266577d24c0c075235427ec6053b86fd2dd4
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Referer: https://voe.sx/
Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:08 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://voe.sx
access-control-allow-credentials: true
X-Firefox-Spdy: h2
voe.sx/assets/n-379412873852/images/logos/voe-logo-2.svg
186.2.163.208200 OK 239 B URL HTTP/2 voe.sx/assets/n-379412873852/images/logos/voe-logo-2.svg
IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (473), with no line terminators
Hash 3c20522bf55bf89d4781ebfcd71825df
1d1a641f02d3d89dd4c25eed993db05ce52bd4c6
eec9abb04d714d627b7cbf1888405d242796ab1181a3d0a83337e098649de8ed
GET /assets/n-379412873852/images/logos/voe-logo-2.svg HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/e/zpaif5wegj5b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=CSCqcpAbBfIZlmraZLOf; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:08 GMT
date: Tue, 22 Nov 2022 21:54:01 GMT
content-type: image/svg+xml
last-modified: Fri, 07 Oct 2022 22:14:49 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
etag: "6340a4d9-1d9"
expires: Thu, 22 Dec 2022 21:54:01 GMT
age: 523867
content-length: 239
ddg-cache-status: HIT
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 57188f903a82effb34ce19c914dfb747
b144829a128ebe6eec80e7bb58f375ad4d9fd5dc
dd6f1b7c2d8131397fc1cd5bb8e1266577d24c0c075235427ec6053b86fd2dd4
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hqq.to
Connection: keep-alive
Referer: https://hqq.to/
Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:08 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://hqq.to
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 57188f903a82effb34ce19c914dfb747
b144829a128ebe6eec80e7bb58f375ad4d9fd5dc
dd6f1b7c2d8131397fc1cd5bb8e1266577d24c0c075235427ec6053b86fd2dd4
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hqq.to
Connection: keep-alive
Referer: https://hqq.to/
Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:08 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://hqq.to
access-control-allow-credentials: true
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 03:31:10 GMT
age: 71638
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hqq.to/e/UmlOZVlmTUwvNVZMK2ZMUE1YVFBFdz09
190.115.19.71200 OK 38 kB URL HTTP/2 hqq.to/e/UmlOZVlmTUwvNVZMK2ZMUE1YVFBFdz09
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5994)
Hash b1806701be2c5baeaab3584f4ab81da5
b913c9429fd0f4adf066c44aeedfe0d4fcb6d642
f553439c6e7cc37083565a4ef317da5ff3d7d3e4a63e4e792898cd237f9b363c
GET /e/UmlOZVlmTUwvNVZMK2ZMUE1YVFBFdz09 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=Q3Xi4bcAQnwfpBpZopA7; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Mon, 28 Nov 2022 23:25:06 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: EXPIRED
x-inferno-location: player
x-inferno-limit-req: DELAYED
X-Firefox-Spdy: h2
voe.sx/e/h9imclcek28s
186.2.163.208200 OK 0 B IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
GET /e/h9imclcek28s HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=LPoozGa2y6O8Y4eIzWy1; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6IlZMbWVJd3J2eTBycXRISm5kY0l4aXc9PSIsInZhbHVlIjoidnVvTDExQVEzcDNaSHBzMXV4aVBGc1lNcmlBdlFpV3J6RHFMZjYxcDh6dTcxL21lOHhRYW9iK252cnF4WEgzQ3hoNHdvaTBLVGNnOTAvN0dkcWFHYXoyZE1tcWh5ejd3ajNzc3hUalFqUWpwRzgvM25tNzA4bVh3ay9WQTVGYWUiLCJtYWMiOiIwNTc1NWE4ZDQyZDUxNDNhMTdiZWU3YzIxMjk4NjRhMmVkNzE1NDRjZTcwNmM0MjE1YjQ0ZjgyOTY1MWVjNWQwIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6Im1zN0pVS3NCNGpzSkxiZHhjVzRxT1E9PSIsInZhbHVlIjoiMGljMGZzUE5KMWFaOC9LN3hLT2FaOWlFNGx3ZUhQZ3BuT1FmeEU5V25mQU51UnVXUFNtZ1hvS25CUWo3TmlkaWJkWTBIUUFmOTdDM1o0dm9GZ1BFeHpnRXdaeFNQa2JRdUhqRm9randQUlhPb2lONDNwNldsOFF4eEd5WGpmTUwiLCJtYWMiOiI0MThkYjE4NTg4ZDZmM2FiMjViNWVjYWM0YjhhYjRhZTMyMDQ5NjJmMmRiYTNjNWM5NDBmZjhjZjc5Nzk2ZTRlIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2
voe.sx/e/nzoya3niyhs0
186.2.163.208200 OK 0 B IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
GET /e/nzoya3niyhs0 HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=Ifoju92sBrHgRu5QOg6r; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6IjRzUUE2UUZCM2w5SnhuR1NJS2xRSmc9PSIsInZhbHVlIjoiKzNQcVo3cUQ1Qm5PL082citVc0djY1NQMExsYVdyMVZ4R21wSlZGSjVOOGZkSXBRL2ZwUTAwUmd4OXRHbVdudzZpS3lORXhCeHAxc1Rxd3RJRGdHTVMzdmlGU3RWbGxyVEdENVJFTU9iLzFIZmV5NzBOSTEvcXlQZGQ5TVd2eHIiLCJtYWMiOiJiMzUyMTcwOWU5NTNmOWUzYTBjNDNjYmFkOTJmOTMzNzA2YjJlMWRkYTVlNDk0ZWUwY2IwNDMxZTA5ZWVkZDk5IiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6InhBVzZFc3RpTVQwU2FGM1JBeGlRNEE9PSIsInZhbHVlIjoiaFBtOHFQS3RwRkozMmlnNTQ1SFdINEZ4SGZkVEdYU0V1cFlRdnY2c094VUp0RFp4ZGFaSVZmdkZJREpYRmtsN1FtTk9EekMvSEhXVEFJRW9oRWhMaFRMY2o2TFk4aTVVSWlKNU4xWnJiYmJISHBaTzd4V1ZJYklzUXM5MTA1d1YiLCJtYWMiOiI3MzMyZWU2YzRmNjIwYzZjMmEyYzk0ZGNhZWViYWQ1YzFlMWU1MzdkYjg3NDcyMDlkMDg0YzkyZmEyZTlhYmRkIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2
unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
104.16.122.175200 OK 0 B URL HTTP/2 unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
IP 104.16.122.175:0
GET /jquery.cookie@1.4.1/jquery.cookie.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sun, 27 Apr 2014 20:04:54 GMT
etag: W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
via: 1.1 fly.io
fly-request-id: 01G75513388K1MR4R8RW1AYXTV-fra
cf-cache-status: HIT
age: 12721403
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7716dc4c287eb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
hqq.to/e/VStsYVBLaXFrQldDdkIyeEpRMnFFdz09
190.115.19.71200 OK 0 B URL HTTP/2 hqq.to/e/VStsYVBLaXFrQldDdkIyeEpRMnFFdz09
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /e/VStsYVBLaXFrQldDdkIyeEpRMnFFdz09 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=fcXZfZQMiQHzGeV04y8I; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Mon, 28 Nov 2022 23:25:05 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: EXPIRED
x-inferno-location: player
x-inferno-limit-req: DELAYED
X-Firefox-Spdy: h2
voe.sx/e/ie6adviv8dg5
186.2.163.208200 OK 0 B IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
GET /e/ie6adviv8dg5 HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=4iHhVo7GCwP5BZVaKDGx; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6Ikw1Z1RnVTNLV0NhWFgrcEEzQ0tTUlE9PSIsInZhbHVlIjoid2UrWEtMeWJDRTl2YzNrbWs4d1B0aE1TK1ZKK2paTitnalhGZHFmQm5YT3I5amg5MGtJc2hoRkdlSWpZTXpVWThnbTI4VURlNjYxcnR4V2R5a0JmRUlVY0doNXJUTklsSDVCdlpsWkh1Ungva1pMUGQ0Z1NwWmQ4V04wa0VibGUiLCJtYWMiOiI2NTM2YTUwYWNmYzc4Mjg5YzRlNjlmNGUwMWNlZWYyMTNlMDg4ZmEyMzU1MDc1MTdiNGY4MWRjZGQyMDY4MzVhIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6IjFnVnpKUUxCR2RrMmh4aXlMdHJod3c9PSIsInZhbHVlIjoiWTgrVFlqeFV2elJMbm1UdEhXTlliSFJvdGFIU285Um5jNWdmK25jSEh5UVVsNlc4ZkVJbER0bW94UWlvQVJBd1FZTitHTzVtTE5DTVBHaEYvTjhmWDFNVEcxdU5ZTkhtTmpCb2oxcGtETStTMXRGVm1XbUJ0ak5pRTUwNGtOcGsiLCJtYWMiOiJjMjQzMDBjMjMzZmEwYTQ0ZDUyNGMyZDMxZmUwMTA3ZDJhZjVjODEzNDVjY2Y5YmE2OTE1NjNmM2ZmYmJmYmQ0IiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2
dood.re/e/m525mgs6tq2c
104.26.4.50200 OK 0 B IP 104.26.4.50:0
GET /e/m525mgs6tq2c HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9BPd6GiUjVTeDGzER3VMbk6G9skiQFTbWwsVtfeUeK2G97GeIMMu8l7uX%2BHt0ISU84E8Wbha3f8BCn2sZglSDMWcvkmWzF%2F1o6Tt6X1r5FTZGK0wzCI%2B4Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc489803b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dood.re/e/gwu7u46ltpt8
104.26.4.50200 OK 0 B IP 104.26.4.50:0
GET /e/gwu7u46ltpt8 HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5%2B3mas0s4pci8i9gJGsmLuHfPgRfXhcyoCm6huRb2WHZE90Adwp1bWNFe0rRMm%2B1siTJTpSW%2BzQCEmsQ7Ja%2Bx4POLACfTDPWPyBtQNvKEV5GKFsGKYv28U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc461d44b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dood.re/e/bnx3fas0chf5
104.26.4.50200 OK 0 B IP 104.26.4.50:0
GET /e/bnx3fas0chf5 HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49PZ0iy%2BDhvNhwyoEcY%2F6VXztsqgWn4ECcWz0QsVllCXr7QegUY%2BRl9q8gMUF3%2FPGq%2BBGVwKmQR7ZHjEO1MX24yYNJSlu0C%2Bi2%2BRORawiqCFfK1%2ByS%2FsjVs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc461d4cb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
voe.sx/e/y1aae48mmx2r
186.2.163.208200 OK 0 B IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
GET /e/y1aae48mmx2r HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=JNSzP8isKzOqhJOxHaMg; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6IjNadGx4aVJrMDhIYXpYeUx4ZS9xMGc9PSIsInZhbHVlIjoiY1hiL0tDclpaUmtFK1ZPV3FQTStJL1NWZW5rK29XclBnOTVxWityb2RUZWRnam44alVVRE5kczdnWGlGMDlxRU1Dd0hLMElpZVI3Z2t4NjdRdzhYcHREY01sZnpzdDdBQ2tRRXpnS3d6YjRBOHU3NkVxaGxMYXFvam15WmpyT3QiLCJtYWMiOiI4MzNiMzEwZTM3M2U3NDA3NzZkMGRhOTlhZWZiODcwYjg1Yzg4NGFkZTM4ZWEyYmJlNmMxMDM0ODQ1OWU3NjcxIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6IldOOUhYTmtPV3dpTzlVeXRJemZqTWc9PSIsInZhbHVlIjoiVnUydGt6eGhMRmFDWGhsT3REWG5kQlgzQ3JxREt5V2psRGgwVEFXUXFZejNTL0VaQmJ6N0I3cEQwTVdBODFMK1FyNE5JbnBicDJuOTdZbEVlS2g5V1RpUmFOUndkZ0gxTyttcEF2Mk5ncWxSL3VGY0YzUWxRakpuVkpXY0NmeHEiLCJtYWMiOiI5ZTVlN2QyNDlkNzUzMjRkMjI0Njc5OWJiYjg3MmM2NDE3NTViZWZjMGIyY2ZmMmQxZGY3ODkwMjg4NTNkNWVkIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2
unpkg.com/jquery@2.2.4/dist/jquery.min.js
104.16.122.175200 OK 0 B URL HTTP/2 unpkg.com/jquery@2.2.4/dist/jquery.min.js
IP 104.16.122.175:0
GET /jquery@2.2.4/dist/jquery.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Fri, 20 May 2016 17:24:42 GMT
etag: W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
via: 1.1 fly.io
fly-request-id: 01G754SVY4BFC19MXYRYRMED91-fra
cf-cache-status: HIT
age: 12721403
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7716dc4c1870b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
dood.re/e/6u3675kyxx05
104.26.4.50200 OK 0 B IP 104.26.4.50:0
GET /e/6u3675kyxx05 HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sq8p%2FxWAp0QRUWaFlweXHupf%2Btd7H%2BgxggrXdT6g7nBK1Cb9vmIIvV9FC4HgPOAUw9Zov02W7vVnwVy8%2BWM2TolKZ2Z1WaE3BoiK8D6v8QoRWKNC9x6G4XY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc461d46b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dood.re/e/0nq7oqhrd7lg
104.26.4.50200 OK 0 B IP 104.26.4.50:0
GET /e/0nq7oqhrd7lg HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dz2zZ3TmPHhNaA5qOCejUAeorGmSmsg2FWFY3gGUiGf2naSAj5qPGm6GNJdMBxdn2Jn2uz1J%2ByJ4d%2FZNUNuUdCYtmEp3u9IDrVSA0tS3oZwQydEoSMobObc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc461d65b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
voe.sx/e/4qtojd0ibk6l
186.2.163.208200 OK 0 B IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
GET /e/4qtojd0ibk6l HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=E3C9MSxB60QAt0wWoGWP; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6IjJ5QjJYeUFLeFZNOGRIeXBuNC9HUlE9PSIsInZhbHVlIjoiUUZOaWFla0RXNFYySE9qbTdnTENYRDljMmpjMVE2L1pndHpVVGdsRHdvRnpDdit0ZmRYS2ZEQ3BKbkNBMVRmUGRlQTc2dGEwaFFQRzJEQWtzTmxNQW4xdDBXd3U2b3BGR2Q3N2dwaFFsb2c5ZVlEN2NKalNJOXdZbzdIKzYrWmoiLCJtYWMiOiJkYzdiYzAxMDU2ZDc5NDAxMGJmOWFlZDg4YTYwOTFjYzJhMDhjMDJkZGU1NTcyZjYwOTZjYTRjODIxZDExYjYxIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6InYvVzJGMlI4MnVoN2JGcVpZTXVkK3c9PSIsInZhbHVlIjoiNU9CT0xINVR2ZUhVbTdPSjdBRzFxM2NrMW5RTXRLL1pvMWV2RUpJa2hYTVRNbmIzUllEUzM3UmhSclVGVE9tTTJ0NUxBMXpzY3lNSHdMUUM5RjNsVzdHL1ZEUmppSFdZK1p1UFpwNWQ2RWNRV0tyNXIzVFIyd0duRVQ3SnR5ZnAiLCJtYWMiOiJjZjJmMjg2ZDI4OTgxYTMxOGQ3NDY3YWE3NDgwNjBjMzI2MzJiN2FlNGVlYmI0YWU1NjJhNDFlYjBhOTI1YzVjIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2
testingmetriksbre.ru/f.php?sid=212040
104.26.1.119200 OK 0 B URL HTTP/2 testingmetriksbre.ru/f.php?sid=212040
IP 104.26.1.119:0
GET /f.php?sid=212040 HTTP/1.1
Host: testingmetriksbre.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:04 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGbZE%2FKDInAAqg3jYDViqN2zZuO16oE7TKsVp4HoiJMhFYZ4mAC3FLhfZQS0corZPbc8IG6TVtn9LGAY8ToMyEysyvuBcVDm5lb34vdwIObkFXex4risWmbk11PmI5WnjMvV4Fky"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc546a63b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
dood.re/e/ic4ay5zfpu12
104.26.4.50200 OK 0 B IP 104.26.4.50:0
GET /e/ic4ay5zfpu12 HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ul6qBmq3ZRTdIsziZ%2Facr9qGi60fty8xFFkpRBcwum2xtEkn2KptNfYN7f5DzIC%2BC1HmZ9Qxa4%2FJ3jBqnP8%2FJk%2Fkq4%2F4%2BUKX8nLyhvw10un40MaqUvYbk6k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc46fe38b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dood.re/e/ll5fi4zmswql
104.26.4.50200 OK 0 B IP 104.26.4.50:0
GET /e/ll5fi4zmswql HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Z9N%2FoXZQWYG%2BOmHRhPIBO4wtLuPXP%2BD7j8yrF6PHeWh32Ev9BJ68tuwhS7thlunKXw7OwJhU8U1Mb1B2iAAlzW%2B4RBNjkl5gTCMM%2BCNACAW1ZouNDX6jRQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc462d6cb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
voe.sx/e/tuuhivyqsm27
186.2.163.208200 OK 0 B IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
GET /e/tuuhivyqsm27 HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=1v3xqGjmIvDV2Gtouqen; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6ImNXZFhUWlJiRE5YcFdiN1dOcUw1UGc9PSIsInZhbHVlIjoiWmNZcVAzL2UwQmZvRG1CaWJpcVZNVzdkaDBtQnpaeEtEVzhNanh3V3VZeGF3ZUhhcHpRK3J5d3pReGM2TUlkU1prMU1BTXk3N3ptMFVMVlAvNHNtbk5lVXRBYzJCaG5sU3VhcC9yelpLR0VLeDdybEZtRUVqamFXUUxhMFRkQngiLCJtYWMiOiI4NGFkZDBiNzc2YzZkOGUyOWFhMWIxN2U1ZmJhMDA5MDYyOTRiZDVmNDE3YTlmOTE4NDFhNzJiNmYxYjRkZmU4IiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6IlB4MmF2WkRmbzNNV3YzTGg2MCtmbUE9PSIsInZhbHVlIjoiL2trL0p3S1Z2ZTNYYU8wbGx0eG9FN0FJeEp1dzU4SzI1YURNZU5TQjZmRVV6czlMdFdWZWZWdmhCWlhib2grblFlRFJRVVdaSWdQN3cvQVM5dVhKMjRuaTN1QWdpT0xBRlRzc3VGUndXWlQ3ZlRXdFkzZC96cnQ1STJ5NzkxWnYiLCJtYWMiOiI2YjJjNzBlZWI0ZDliOTY0ZTY5ZDlkMmQ5Yzg0ZGZjYjI5MjU1NTNkMmRmZjg4NmMxMWNjN2YzNzEzNjUyYzlhIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 0 B IP 142.250.74.35:0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hqq.to/e/eFpwOU54MHRpYXFZOHlUejBCUVphQT09
190.115.19.71200 OK 0 B URL HTTP/2 hqq.to/e/eFpwOU54MHRpYXFZOHlUejBCUVphQT09
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /e/eFpwOU54MHRpYXFZOHlUejBCUVphQT09 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=yQBQMun0lU1ed7DB4tJ0; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Mon, 28 Nov 2022 23:25:07 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: HIT
x-inferno-location: player
x-inferno-limit-req: DELAYED
X-Firefox-Spdy: h2
hqq.to/e/YTRVQkhzQ3RwWEpaTk5ZRjFNVnZKZz09
190.115.19.71200 OK 0 B URL HTTP/2 hqq.to/e/YTRVQkhzQ3RwWEpaTk5ZRjFNVnZKZz09
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /e/YTRVQkhzQ3RwWEpaTk5ZRjFNVnZKZz09 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=0XT3AHRCL1keg93mrQlM; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: EXPIRED
x-inferno-location: player
x-inferno-limit-req: DELAYED
X-Firefox-Spdy: h2
hqq.to/e/OTlXWTEwL29mcDVCNE9raFJIZE1yQT09
190.115.19.71200 OK 0 B URL HTTP/2 hqq.to/e/OTlXWTEwL29mcDVCNE9raFJIZE1yQT09
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /e/OTlXWTEwL29mcDVCNE9raFJIZE1yQT09 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=btnGsSeX6cRa6p1YCElk; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Mon, 28 Nov 2022 23:25:03 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: EXPIRED
x-inferno-location: player
x-inferno-limit-req: DELAYED
X-Firefox-Spdy: h2
hqq.to/e/Tm1RTG1MTldhVDZZTndSWSt1blkrZz09
190.115.19.71200 OK 0 B URL HTTP/2 hqq.to/e/Tm1RTG1MTldhVDZZTndSWSt1blkrZz09
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /e/Tm1RTG1MTldhVDZZTndSWSt1blkrZz09 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=UqXaItX0hUH9CsDu0hF5; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Mon, 28 Nov 2022 23:25:04 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: EXPIRED
x-inferno-location: player
x-inferno-limit-req: DELAYED
X-Firefox-Spdy: h2
dood.re/e/srmgt80kffht
104.26.4.50200 OK 0 B IP 104.26.4.50:0
GET /e/srmgt80kffht HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:01 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLyIQ7IjAMRXZ3ZLXfFuSweMUr1AUO6XvGY5VT%2BLUgAtbNnx6wN8jSL0dUvf7vimSw%2B4uns62m76ihK9FdSci26%2BMjN8ZJ0pdsVleAW7PjA0LpL%2BKRtJBhQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc460d39b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
voe.sx/e/wd1ektaxzwsm
186.2.163.208200 OK 0 B IP 186.2.163.208:0
ASN #262254 DDOS-GUARD CORP.
GET /e/wd1ektaxzwsm HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=zZfmpZ0gmoeoU8fldvCs; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6ImpydXVvcy8zbjRsN1FtOGxSY0lHRlE9PSIsInZhbHVlIjoiOGN5YUxzYUI3K0U3blBXUDk5eXMxaDFNNU5pVkFuMzF3T3FPQUFEMTlpM1Zsb3QybTM4T2E5S1U3Q0d4dFAvcHB4bSs3RXkxdEh3NnFTbWxRV2tsV3V4TDBXbmV6UU04NTMxaW1RK2dEUGxuYnRqanNMVFE5b3ExbXphZWJZV0QiLCJtYWMiOiIxMTBlOGVlZDg3MDQwNjQ4MjA2NmQwM2QxZTBjMzg1NzU5MzkwOGM2NWY4NTk3MjZiMmQzY2Q4Y2RhNTBiYzc5IiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6ImE1QXBtUyt1QW5VNzNWUzNYQ3U0emc9PSIsInZhbHVlIjoiYVdaYXNFNlJnTnY4TnJYaFh2cklWR2pwSDF1MjZmbWkrTzM4aVdlc3Bsd3UvRlp6MmdlVlQzUmdIR3NzVUZqTjhYc2U3aVVWV3RDSUlqOUx4S1ppelFTVVVvVkN3Yld1K1Q4Z0ZLL0pMTkVvVTE0bmRUSThFR2R6ZnBKTllvdHEiLCJtYWMiOiIzMzFiYzEzODFjYzVlY2FhNWU4ZmRkYTA4NjMwNTdjZmNhOTEzOWY2NjE1YzdjODYzODEyNDY1ZjcxMzlmM2RjIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2
dood.re/e/6t12jqejl6z8
104.26.4.50200 OK 0 B IP 104.26.4.50:0
GET /e/6t12jqejl6z8 HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18zZEBL9GxPPNWZGWwm%2FUni1Cb5WBgYpuxqHTPLQAnSMF4%2B%2BQE85%2Fy3PoHGxze11e0Wzo5%2BdrIJulxgbSbURKOvRNom7p0K4jQD%2BPhlLiT%2BY17aD1HS4VXY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc48b821b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2