Report - seriale-shqip123.com/

Report Overview

Submitted URL
seriale-shqip123.com/
IP
216.239.36.21
ASN
#15169 GOOGLE
Submitted
2022-11-28 23:25:12
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
98

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	10 kB	20 kB	142.250.74.35
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.162.52.254
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	48 kB	34.120.237.76
lh3.googleusercontent.com	66	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	15 kB	142.250.74.33
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	425 B	164 kB	142.250.74.163
commentsengine.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	754 B	1.9 kB	172.67.190.246
strategicperplexanswered.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	551 B	19 kB	192.243.61.227
pagead2.googlesyndication.com	101	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	970 B	100 kB	142.250.74.66
seriale-shqip123.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	352 B	466 B	216.239.36.21
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
lightssyrupdecree.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.2 kB	10 kB	192.243.59.20
reproductiontape.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	4.3 kB	192.243.59.20
blogger.googleusercontent.com	16485	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	170 kB	142.250.74.33
veilsuccessfully.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	35 kB	192.243.61.227
imasdk.googleapis.com	11661	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	127 kB	142.250.74.138
unpkg.com	11693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	33 kB	104.16.122.175
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
www.seriale-shqip123.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	30 kB	142.250.74.83
1.bp.blogspot.com	8403	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	79 kB	142.250.74.161
www.highperformancedisplayformat.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	63 kB	192.243.61.225
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	193 kB	104.17.24.14
testingmetriksbre.ru	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	7.3 kB	104.26.1.119
alleviatepracticableaddicted.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	806 B	23 kB	192.243.61.227
integrityprinciplesthorough.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	30 kB	173.233.137.52
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.2 kB	93.184.220.29
www.blogger.com	8975	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	819 B	66 kB	142.250.74.105
i.ytimg.com	109	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	318 kB	142.250.74.54
pl17772624.profitablegatetocontent.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	427 B	21 kB	192.243.59.20
wastedinvaluable.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	5.6 kB	173.233.137.36
adservice.google.no	96969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	415 B	1.1 kB	142.250.74.66
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.2 kB	23.36.76.226
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	1.2 kB	142.250.74.164
hqq.to	57515	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.2 kB	225 kB	190.115.19.71
dood.re	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.3 kB	382 kB	104.26.4.50
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.9 kB	104.18.20.226
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.4 kB	20 kB	23.36.76.226
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.0 kB	143.204.42.158
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	412 B	7.5 kB	151.101.85.229
static.ads-twitter.com	614	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.7 kB	5.4 kB	151.101.84.157
partner.googleadservices.com	798	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	480 B	694 B	172.217.21.162
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.3 kB	47 kB	52.28.211.11
voe.sx	52042	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	10 kB	254 kB	186.2.163.208
discriminationprovide.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.1 kB	206 kB	173.233.137.36
spiritualdiscussing.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	820 B	20 kB	173.233.137.44
specialistinsensitive.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.0 kB	9.0 kB	173.233.137.36
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	408 B	81 kB	142.250.74.10
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	485 B	39 kB	216.58.207.195

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-28	medium	seriale-shqip123.com/	Phishing
2022-11-28	medium	www.seriale-shqip123.com/	Phishing
2022-11-28	medium	www.seriale-shqip123.com/	Phishing
2022-11-28	medium	www.seriale-shqip123.com/js/cookienotice.js	Phishing
2022-11-28	medium	integrityprinciplesthorough.com/f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-28	medium	profitablegatetocontent.com	Sinkholed
2022-11-28	medium	lightssyrupdecree.com	Sinkholed
2022-11-28	medium	highperformancedisplayformat.com	Sinkholed
2022-11-28	medium	highperformancedisplayformat.com	Sinkholed
2022-11-28	medium	highperformancedisplayformat.com	Sinkholed
2022-11-28	medium	lightssyrupdecree.com	Sinkholed
2022-11-28	medium	highperformancedisplayformat.com	Sinkholed
2022-11-28	medium	lightssyrupdecree.com	Sinkholed
2022-11-28	medium	highperformancedisplayformat.com	Sinkholed
2022-11-28	medium	reproductiontape.com	Sinkholed
2022-11-28	medium	lightssyrupdecree.com	Sinkholed
2022-11-28	medium	highperformancedisplayformat.com	Sinkholed
2022-11-28	medium	wastedinvaluable.com	Sinkholed
2022-11-28	medium	lightssyrupdecree.com	Sinkholed
2022-11-28	medium	reproductiontape.com	Sinkholed
2022-11-28	medium	veilsuccessfully.com	Sinkholed
2022-11-28	medium	specialistinsensitive.com	Sinkholed
2022-11-28	medium	strategicperplexanswered.com	Sinkholed
2022-11-28	medium	discriminationprovide.com	Sinkholed
2022-11-28	medium	discriminationprovide.com	Sinkholed
2022-11-28	medium	discriminationprovide.com	Sinkholed
2022-11-28	medium	discriminationprovide.com	Sinkholed
2022-11-28	medium	discriminationprovide.com	Sinkholed
2022-11-28	medium	wastedinvaluable.com	Sinkholed
2022-11-28	medium	discriminationprovide.com	Sinkholed
2022-11-28	medium	discriminationprovide.com	Sinkholed
2022-11-28	medium	veilsuccessfully.com	Sinkholed
2022-11-28	medium	discriminationprovide.com	Sinkholed
2022-11-28	medium	specialistinsensitive.com	Sinkholed
2022-11-28	medium	specialistinsensitive.com	Sinkholed
2022-11-28	medium	discriminationprovide.com	Sinkholed
2022-11-28	medium	discriminationprovide.com	Sinkholed
2022-11-28	medium	discriminationprovide.com	Sinkholed
2022-11-28	medium	discriminationprovide.com	Sinkholed
2022-11-28	medium	discriminationprovide.com	Sinkholed
2022-11-28	medium	discriminationprovide.com	Sinkholed
2022-11-28	medium	discriminationprovide.com	Sinkholed
2022-11-28	medium	alleviatepracticableaddicted.com	Sinkholed
2022-11-28	medium	discriminationprovide.com	Sinkholed
2022-11-28	medium	discriminationprovide.com	Sinkholed
2022-11-28	medium	alleviatepracticableaddicted.com	Sinkholed
2022-11-28	medium	discriminationprovide.com	Sinkholed
2022-11-28	medium	veilsuccessfully.com	Sinkholed
2022-11-28	medium	integrityprinciplesthorough.com	Sinkholed

JavaScript (178)

	URL	Size	First Seen	Last Seen
	hqq.to/js/embed.205.js?736	170 kB	2023-03-07	2023-03-17
Pretty URL hqq.to/js/embed.205.js?736 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:25 Last Seen2023-03-17 12:45:01 Times Seen1 Hash bbea281c69e15e901abfffd6f25989f5 c5b456647325cc53c727320eabed6a1eb9b9be39 ef850b290948938d1178c99dd961524ed8a93088edaf2097ae1d7c47692c8cac Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	295 B	2023-03-07	2024-04-28
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:08 Last Seen2024-04-28 23:23:27 Times Seen557 Hash 34886b9b57786b6109c58c0bebfc061a fd2b6d4b8c314d02990ceb44104ea8c7c6f5bcb0 500dbaf065fd815346ccdc9026843d69e8e3bf83f31047baa7194b5521b444cd Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	2.2 kB	2023-03-11	2023-03-11
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash ccdf25e79b1560beacc73af7f6139b68 63e444522f0843ffe0288d4d3099f8f4cfd951d3 abea558a32d80abadb103389c605ca2de30961dd94cd84506269ad8b5fcad557 Loading...

	hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09	8.6 kB	2023-03-11	2023-03-11
Pretty URL hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 5aa2c4b7d4b6ba867d8e37237e626be5 1f2cee2283340205ea2df99e5250b606a797cbb3 cfbd462bf51cc0d4d0533a187782571a7786149b3483b41c028ac1d0b6db9fe4 Loading...

	dood.re/e/bnx3fas0chf5	1.4 kB	2023-03-11	2023-03-11
Pretty URL dood.re/e/bnx3fas0chf5 IP 104.26.4.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash d1b48ec1e9cefe5380cbca64a5440eae 020cd0aae0e46330f70413ef81e6c41baa26abf9 0fad24c5ac1412a6aaf7364686fda061dfbcb9e0210d763bd23d9a4972ec591f Loading...

	voe.sx/e/f1wnvbowoxee	7.0 kB	2023-03-11	2023-03-11
Pretty URL voe.sx/e/f1wnvbowoxee IP 186.2.163.208 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 9fdf4cff76f121c496ee427aae48c465 52270efa164b6bed37a195ae5e2b406308b7776d 2256553e5c6b2738b25f7f15d0a740a23791bb81f6c4cae894f96f772c9628db Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-05-02
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-02 00:06:19 Times Seen140668 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	dood.re/e/ydwvwldo7qj3	1.4 kB	2023-03-11	2023-03-11
Pretty URL dood.re/e/ydwvwldo7qj3 IP 104.26.4.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash dbc39abf0c999cac9055be6fbbd13add 4940627d49fe6113cec2a635c84593e79e1114aa 539706243b9100ec4c81ad1cad0a055de71bfe098627813c354307fdeec2c491 Loading...

	http:blank	580 B	2023-03-11	2023-03-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash f6444f3789d708166339fb14397d8552 efd3c6cf5db4746c605af0ae7f8d33191abab3ba 88b3d506fdbd35626f92033f3250bc46b518bba8ae48b6ab1c0a9d2ba3ea16a3 Loading...

	hqq.to/e/YTRVQkhzQ3RwWEpaTk5ZRjFNVnZKZz09	291 B	2023-03-11	2023-03-11
Pretty URL hqq.to/e/YTRVQkhzQ3RwWEpaTk5ZRjFNVnZKZz09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 79813f57c592fd1a1e76dada4d6bb803 5e373ff1abe93f7dfee90010947b1fbc19069825 2c692da9bc9f7eb20c03c9decbe07d6705ecefe8acebce71efb6d9f4b01838fd Loading...

	partner.googleadservices.com/gampad/cookie.js?domain=www.seriale-shqip123.com&callback=_gfp_s_&client=ca-pub-6174233946807485&gpid_exp=1	12 B	2023-03-07	2023-12-09
Pretty URL partner.googleadservices.com/gampad/cookie.js?domain=www.seriale-shqip123.com&callback=_gfp_s_&client=ca-pub-6174233946807485&gpid_exp=1 IP 172.217.21.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:30 Last Seen2023-12-09 21:56:03 Times Seen980 Hash 124d3918819ab4c349a7f9fa979bef07 6ad167d76a8768130783cd19aa6d8143c0b1bf37 daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f Loading...

	www.seriale-shqip123.com/	341 B	2023-03-08	2023-03-11
Pretty URL www.seriale-shqip123.com/ IP 142.250.74.83 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:31:35 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 5218a06163f2c523c5314f611b482e30 e6e6dd772277d25211dcd76df798aeabeb6b6a23 05c1cee071a1b200919b995b54c22aa73f284786232554ca8b0843937c4d1748 Loading...

	www.seriale-shqip123.com/	789 B	2023-03-07	2024-02-13
Pretty URL www.seriale-shqip123.com/ IP 142.250.74.83 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-02-13 16:43:35 Times Seen49861 Hash 0699fb3015610319b1639f47466451f0 5f4d8a4022f3a687921d7b3dce01cfc5bd62248f 2443e5c9c4ba5a75e030860f998bcf800907b0d4b3c4017999c2ed7ac84eeefa Loading...

	static.ads-twitter.com/uwt.js	58 kB	2023-03-08	2024-04-20
Pretty URL static.ads-twitter.com/uwt.js IP 151.101.84.157 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:46 Last Seen2024-04-20 17:48:03 Times Seen4329 Hash 32ad004436155ec972bc50e6238b5b67 9b2cdb645c2fa5b98a9d05dcdca521fed4a17b7b cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee Loading...

	testingmetriksbre.ru/netu.php	1.2 kB	2023-03-08	2023-07-29
Pretty URL testingmetriksbre.ru/netu.php IP 104.26.1.119 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:39:34 Last Seen2023-07-29 00:33:59 Times Seen191 Hash baa63433faa92016515f9548f230dcf5 747df134f2150c134bfb62d50e3703adbe89247a fd45bb46808611318ab74c39100ef0aa9aa78e5ad508e6219d0ec8d4d52f2a46 Loading...

	hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09	2.3 kB	2023-03-11	2023-03-11
Pretty URL hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 4fa4b64bb57b78bedb7ea6e2df14866f 73de1f8bd711da8df78dca42c80f23ff6e12fd7a afeb01baa5f7b523346a4ff672cfdf57ffc2584b575526120dc5c999c36c9dd6 Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	351 B	2023-03-07	2023-07-02
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:25 Last Seen2023-07-02 19:42:53 Times Seen46 Hash 29bb00c31a44a3a0e323415ef8dd9a92 8787410213f013980b532251325ce4032dfe05fb 2192c15658a9b28b995d7db912794c06c9364318dc2072d15e10a8d1b577681e Loading...

	hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09	26 kB	2023-03-11	2023-03-11
Pretty URL hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 897c9262e7dff40d1fedc6e3354189d9 52e4cd43150d4d49ba1e0ca86138d8552b33caba d442892afc3fc2ff394b9a8963ca19288f2a01d4df7f60a50648321401f70fe8 Loading...

	http:blank	580 B	2023-03-11	2023-03-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 7f9118fe501623cf6791e84af6c8f10f d400676f3e74b9a7af79fc4ce6bca03929daec82 70f04379fbe6a05fa15c05b9e5cff447e56bf4d19127714ba2739cca15bc6757 Loading...

	http:blank	580 B	2023-03-11	2023-03-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 67255e767b9e106055045dfca83e85c5 9c36d5c736477f7dbc9b91177b654e492e3bbb48 4b89eb2c9dfc204654ad78fd9fc875a2fe9b3b8462fb234fc9af271c8062c66f Loading...

	voe.sx/e/y1aae48mmx2r	7.0 kB	2023-03-11	2023-03-11
Pretty URL voe.sx/e/y1aae48mmx2r IP 186.2.163.208 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 56dd1e8e4d6da15e7e27338344c0cb17 8000378c2d840f6d8ae13026241271bac5a1659d 714fb8e8f826efd5808b7c9c333e54a1466dfcde1c5ed2bf5defceae847ec3bb Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	357 B	2023-03-11	2023-03-11
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 7f3d9854821ca04eb04ea77176c4edab ce617b89e60808da20b30fd96a4f82b2021eaf55 ed3a8b295423bd91e61762ee8929f4c26e3ab59b85b3fb2b8336840692ec0b51 Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	26 kB	2023-03-11	2023-03-11
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 8adc07a84f9f547b3341c96a64b002f5 9ad362443ed88c073badd2351417b0ad665d2f67 e3a84cc6b2cb745bef77e1ac3008d44fb3756b9bc44545eb3f6a42c5084b7cbb Loading...

	dood.re/e/ll5fi4zmswql	1.4 kB	2023-03-11	2023-03-11
Pretty URL dood.re/e/ll5fi4zmswql IP 104.26.4.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 9762a39e610e9a57c7ff5b0977fc3191 40220078ea341097308f14680e5c4384df32635a c31b631bc4264fced68bb8a960dfc382bfaa95e858693b4d8f4f9cdf1e45000b Loading...

	http:blank	580 B	2023-03-11	2023-03-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 9fc0c1b7afcdf947cb883872d03b964b 880c4b81107a9c55eccf429b3ee042c923ea2dc2 d7fcb0202c4bc9cb1659d207973522ffd8b615b139eecd2e48f2424672016d74 Loading...

	voe.sx/e/8csmsi3a5uqb	7.0 kB	2023-03-11	2023-03-11
Pretty URL voe.sx/e/8csmsi3a5uqb IP 186.2.163.208 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash b58fdf67df726af4a162298097fb1626 91175c8a6aab707c5f1eeee1525b3b325d30051a fa6fb5b29926c58bb31b0e4a384bd0b66dcfed5b80a64e5defcd4c21f51ff3c5 Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	700 B	2023-03-11	2023-03-11
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash f76e53cc5bf879bde80d2f6034afe528 6640a33d37776612e8a57788ecb328ce1dec5ad4 48e088992eeb9d1b4b385ce8b8fd19ae48199ebc9936cbda36c30bcad7a5b826 Loading...

	dood.re/e/ic4ay5zfpu12	1.4 kB	2023-03-11	2023-03-11
Pretty URL dood.re/e/ic4ay5zfpu12 IP 104.26.4.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash f376a5e9565bb753128c8db8176775c8 b3e665f63723947d519ffdf79435f4346bae0483 497412f3a3c3f81139fe01e57001d3b4719a97dabf98090ee5b6d2ae4c7cef17 Loading...

	dood.re/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=7716dc461d44b4ed	34 kB	2023-03-11	2023-03-11
Pretty URL dood.re/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=7716dc461d44b4ed IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 83c4afa39707f73814443d1e493a992b 316768a8151ad336f82a847226be83735150df01 0e95828401902b789921b04b7c0e9309a43fa48450844f9447633d46fde4ef1d Loading...

	voe.sx/e/sfluplic0txz	7.0 kB	2023-03-11	2023-03-11
Pretty URL voe.sx/e/sfluplic0txz IP 186.2.163.208 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash cec30eb1788d7b835ad802d79cbb8a93 0dc1e79f1c76303e09b91f5f68e1436a67e7c60b 75a81f6b91666adfcee740f0cc6281bca4485397ccaebe034f377030af430b0d Loading...

	www.seriale-shqip123.com/	275 B	2023-03-07	2024-05-01
Pretty URL www.seriale-shqip123.com/ IP 142.250.74.83 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-05-01 23:05:16 Times Seen58030 Hash 38ee2f6ddbe8a478e5795030e72ba35d d332319b04b273e3b9a93ffa22ba9036d59b8e99 97d98978d5864e77cd83bd79a0d31ced40631a6134a154e8f049bcc20f49a319 Loading...

	www.highperformancedisplayformat.com/6b89af69f49621c6c443dd9b71e61d32/invoke.js	27 kB	2023-03-08	2023-03-11
Pretty URL www.highperformancedisplayformat.com/6b89af69f49621c6c443dd9b71e61d32/invoke.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:30 Last Seen2023-03-11 23:34:49 Times Seen1 Hash 032b8bc636b76f265728540ed6e114b2 c7c43a397c16eaf84f844d6fd69f0bce5b69da04 92ce4707a6a39c9099f90316a83277d0efee02b792559651b6f93bef52b9c659 Loading...

	http:blank	145 B	2023-03-11	2023-03-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 557c3f0536be749a678d2692c0e8a33a 43c5571d03b9e7a299319d51a511080f91f5e4d5 52b0874e34dab5a9fb465cd709cf184085dcd8dd7d4e2782730a34b9162ca59f Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs	176 kB	2023-03-08	2023-03-17
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:34 Last Seen2023-03-17 23:14:57 Times Seen1 Hash 56e3c588ced8ba4b5f2fc17026a9d57e 85f89594b97d49984b826d511fb82271bfddb85b b1370ea109344f61415c6a6414837fd2089a02bcd1d6bc88fad765fe7640541a Loading...

	http:blank	580 B	2023-03-11	2023-03-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 78c6e0a8a4e4060cb7903f3b958c5cf5 1114560b725bed3eeaf963c874889558c32d8242 973c281e25aed3dc9f19b98403fb57c8a096ac8415fc065ac1998c2ebfa524ec Loading...

	www.seriale-shqip123.com/	342 B	2023-03-08	2023-03-11
Pretty URL www.seriale-shqip123.com/ IP 142.250.74.83 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:31:35 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 574f59c5a4cdd048be26150dd12c5a4e ef688e5ede3f81da9091a08bae5c644ca7598e28 ffe4af4fc5b1fdcf5944af6f0a58df619ba9cf053b2fd3e628a1ff46897ab73f Loading...

	www.seriale-shqip123.com/	22 kB	2023-03-11	2023-03-11
Pretty URL www.seriale-shqip123.com/ IP 142.250.74.83 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 26eb8325aae55188a6132cfca190b995 b3e1ca540af46a448603e199993260497ddd0e4e ffae599fea6dc6867f616268eac79524fb515c0b578a02b7ce06deef6c1b4933 Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	120 B	2023-03-07	2024-04-30
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:25 Last Seen2024-04-30 17:59:06 Times Seen430 Hash 8830ddcb17f4fc973978f794f2eae2cc 2dffa114c48cac5c0463b33c2c269bd159912b6d 5e8a1acb2492b6b19f3d7bbfa08e4f49b7f7c430d38a1e9654d901a79d234efb Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	421 B	2023-03-07	2024-04-30
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:08 Last Seen2024-04-30 17:59:07 Times Seen556 Hash a7909c015905206faf65c93201f20591 a9d06d8bdac450a7cfe20b2b5ae4052998b65f4a f5dd268a5d2e0621dab38be9211e43435f4b5d5221ffaa67919da53d0cc5d029 Loading...

	www.seriale-shqip123.com/	192 B	2023-03-11	2023-03-11
Pretty URL www.seriale-shqip123.com/ IP 142.250.74.83 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 5b80b4e857403c838fbe7c19b58f9d6c bbb6d556dd07ddf0166e2a92b81a0f92b9849568 8236d218a4ed0a49e2932d1063e830c15e69fc6f08c9d43218d1947adf0ed338 Loading...

	http:blank	3.3 kB	2023-03-11	2023-03-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 6cdfdb7cbe1a2fb834e99d6ff41073a9 9db760fa7320dd58273cbdffc7611bc4c6abad72 ed850769a4331977d1bc1addf82564afa561d804b66a3b6541cd0e8f4aa35e05 Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	817 B	2023-03-11	2023-03-11
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash bddbfa8e0088b88e753b82b8e58b2b3f db02108eb5271017a9a02975160f34c79bee48ad 20b9bf58698c2f97b23063b273b80b27452c87fef3f2c437794dc83e25cd4c2d Loading...

	hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09	4.8 kB	2023-03-11	2023-03-11
Pretty URL hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 38e7bcbf9db7f4078c842ddf7ac121a5 a1368a1191b66f40d1a2e80bc626aee6ad159dcf 4d7ab7a4cdb00c789a2cb877697dd678da9c2aa0121e189597081368e7f3abe0 Loading...

	cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/5.1.3/js/bootstrap.min.js	59 kB	2023-03-07	2024-05-01
Pretty URL cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/5.1.3/js/bootstrap.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-05-01 22:57:29 Times Seen3312 Hash 259e416ef6833be43801b8b68a93b008 19080c3b817985336aab5e1ce6925c99803f2efd 70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	218 B	2023-03-07	2024-02-24
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:25 Last Seen2024-02-24 10:43:54 Times Seen103 Hash ee0e78326df087c5c5e801790aa51cf9 904ba18a2b76dae55c5e7a554d4c4617f4f458cb a1c8b8863a7c1250352742dc4d5db4c87513c6625ab63d992a2b0ef2e0c7ad23 Loading...

	http:blank	580 B	2023-03-11	2023-03-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 6393ed2c788b3281477a6257861a8973 751431d1d3e4520cdeec20580837c1b4f77b00b9 98218ea3e8c907068a4815d0bd0a0c90dd9b2453eb33e80e494deeb09c643cc3 Loading...

	http:blank	580 B	2023-03-11	2023-03-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash a61f2e7ca738d2bfd45362bf40e09ebd e45d7d361b6155b4fd490905ebd87930cb191ded e713779f43f63e2cb968f747d96afd590690424fe5f06acf6c372c3a7a5028a9 Loading...

	hqq.to/e/YTRVQkhzQ3RwWEpaTk5ZRjFNVnZKZz09	207 B	2023-03-11	2023-03-11
Pretty URL hqq.to/e/YTRVQkhzQ3RwWEpaTk5ZRjFNVnZKZz09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash e257be458e37abfbd93ddcfc33328b1c 0fdaf623b2efb888b49a569a704ce53d16e08568 241838e56e1b2529413aa97d2359ad93415b54b0018c8ea349b634e09a4c26b2 Loading...

	dood.re/e/jisaewnrger0	1.4 kB	2023-03-11	2023-03-11
Pretty URL dood.re/e/jisaewnrger0 IP 104.26.4.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 0397bd81aba1e0a8d1e50075ab62f4aa 222f469493fca484a852419c7b34aea3a94bde7d 2aba8b69df2d393b9d2e1051a5577faea36e09856ecbd7b1fc51d8d75c727582 Loading...

	dood.re/e/gwu7u46ltpt8	1.4 kB	2023-03-11	2023-03-11
Pretty URL dood.re/e/gwu7u46ltpt8 IP 104.26.4.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 713ee2f68b2636eec4f37a1d23171e72 1359bfa9cae40d0c6ec98eefb28858744ef087b9 94aad14e35e15fb43f6511ce02e6734873c20d9a62e5d8bac567ea5a680389f8 Loading...

	discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js	32 kB	2023-03-11	2023-03-11
Pretty URL discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 33f8f2b0377b2e028bfcbef99c9e9506 def230712cbd5b94b29d2925962bac5a7540a158 880140111bd0ce5862671a42db81021843666aa9f57c53e4cca4eca72baf6429 Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	31 B	2023-03-07	2024-04-30
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:08 Last Seen2024-04-30 17:59:06 Times Seen577 Hash 3cbccfea930203c4a0898dcc6796283a 5ebc2c574d993aed1b816f2f5b5d3fbc37c9d2a8 c7c0eb4a32154ac22001d7d0a48b34c1c44d290e1193ef9fb8756ef8213913b7 Loading...

	imasdk.googleapis.com/js/sdkloader/ima3.js	379 kB	2023-03-11	2023-03-11
Pretty URL imasdk.googleapis.com/js/sdkloader/ima3.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:41:27 Last Seen2023-03-11 23:05:09 Times Seen1 Hash 39456b650832a319efa4c2e1ec75f0cc 0c27b6a62b6739e4a2bae00bee31c37e1eb110dd 2fb94cc5f4e050854cd18abcf65c8e58f62f512e141acf6b256aadbc27f1a48e Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6174233946807485&host=ca-host-pub-1556223355139109	146 kB	2023-03-11	2023-03-11
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6174233946807485&host=ca-host-pub-1556223355139109 IP 142.250.74.66 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 5dbbee0f83839892d98918d1cad356ae 21172b7fa90a50fc5535d91fea0be799d3fe231f 24bc3cec332277d4025de2f68273b985edd8296b71bb6e433d7617267102ec18 Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	335 B	2023-03-07	2024-04-30
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:08 Last Seen2024-04-30 17:59:06 Times Seen579 Hash f6cc7ebb0893da0f67de29cf822cdff6 57f11efbd2da9989793ed2fe955bb37bdc854787 30cbf97a97009df74dad102432cae66187646f3f8cffaefba797f0fe313d896e Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	12 B	2023-03-07	2024-04-28
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:08 Last Seen2024-04-28 23:23:27 Times Seen558 Hash 477ff416b590061f12d13e71ccb3b2ab ed6e2678e8ee3c138d0e575364d8f75ba6a53ddb 2bb803acb09f2040a3b0a5da75cff9537d9bfa2f4799a9f925adc894be703ec4 Loading...

	discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js	32 kB	2023-03-11	2023-03-11
Pretty URL discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 70fad7f275a37cc678557d86835c801a 155149346b40560dd839a240f383b66baea96955 8dafa722eb5cdb6192d085a8228f88415c2d4f2d427316a80930f904c5c01910 Loading...

	www.seriale-shqip123.com/	269 B	2023-03-07	2024-05-01
Pretty URL www.seriale-shqip123.com/ IP 142.250.74.83 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-05-01 19:09:46 Times Seen28275 Hash 6e880fa46f41c3a142b32e22ca7c06a0 cb7725608bf21d4a5fab1e9050328ab9b024d285 95df5b72788a5634d46797321652a339cd37eeba06d33166541e76a0deb42b61 Loading...

	www.google.com/recaptcha/api.js?render=explicit	852 B	2023-03-08	2023-03-11
Pretty URL www.google.com/recaptcha/api.js?render=explicit IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:31 Last Seen2023-03-11 23:51:55 Times Seen1 Hash 0a9779102047d5d9895bffb15a704c0b bd3885958e498d39a74eebc600b10600bf910818 50ee83be07a71933978e0a2001ecdbf96fe461466a4a00ac93b780ef76655b19 Loading...

	hqq.to/ad/api/popunder.js	21 B	2023-03-07	2024-04-30
Pretty URL hqq.to/ad/api/popunder.js IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:25 Last Seen2024-04-30 17:59:08 Times Seen793 Hash 533a813ddb8f84d7e018bf8e6296c44d 8c95af23d5dc502f1bc3395a6d2e339e696c0d3e a499068cf858aa2cd9b077e2e354b6bf8435eaa8e44c2047f403c7283031977f Loading...

	alleviatepracticableaddicted.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js	32 kB	2023-03-11	2023-03-11
Pretty URL alleviatepracticableaddicted.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 7f372babb3f9c10dfbc84df2d9743393 7c209eead178f54a13054d8a2d20ed6de9e62aff 9cc49fd1a13b6ea78ae277d68f1a80ff74d55cd081be56cfa7c3d7e655d12a4c Loading...

	cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/popper.min.js	19 kB	2023-03-07	2024-05-01
Pretty URL cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/popper.min.js IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-05-01 22:57:29 Times Seen2376 Hash 541aecc95a7faeef0fc27558070f3647 0ec7ca4778ba3ccb4d1b1688094720834fbe9ed3 f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd Loading...

	cdnjs.cloudflare.com/ajax/libs/plyr/3.7.2/plyr.polyfilled.min.js	118 kB	2023-03-09	2023-12-11
Pretty URL cdnjs.cloudflare.com/ajax/libs/plyr/3.7.2/plyr.polyfilled.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:33:41 Last Seen2023-12-11 04:59:49 Times Seen94 Hash bc8c3c73a182a07af65ec7bd4bdda51c a1c3e1ec8335925ca79784f56c620d3fd55d854f 9ce180d4ba02144fe4d5444611bc1934b4f01f133554476b39bd4314f7507e70 Loading...

	unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js	30 kB	2023-03-07	2024-04-28
Pretty URL unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js IP 104.16.122.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:08 Last Seen2024-04-28 23:23:28 Times Seen1102 Hash 013916ab61482481d8de9742a0f95bee 546bb742502faa36f8c2bb954c2f028187660404 73cdea3ea0691f9ac4150be0c937dc2ee7eaa10205168a84e41ef5c9e05784b7 Loading...

	dood.re/e/7ui8vn7cqg4e	1.4 kB	2023-03-11	2023-03-11
Pretty URL dood.re/e/7ui8vn7cqg4e IP 104.26.4.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash e5cbb848e3b5f417bd9737df6ea94e7c 5eefc9eba9c168902de4210eb9c45d8d011e9c6f 521f5faee74e3f2b7239777b86b668815d566d640497e46e1c71855dd79ea799 Loading...

	veilsuccessfully.com/f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js	86 kB	2023-03-11	2023-03-11
Pretty URL veilsuccessfully.com/f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 91a732603e5f92d3abe394ff79d501b1 dee31c10430c8f4040b38e7aa56581568137e4a2 3476027482221bc66d16512df02445140a601d3c349f01eacfebde8ce445323a Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	1.9 kB	2023-03-11	2023-03-11
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 56a01ab5572c41b2ed94405d2358e50c c5e4e38f77ba43d059173219bc402514e40bc104 f39af612ac9a5a248615aee7a622b0a9d089b2d17356a67750d22f2441a74800 Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	151 B	2023-03-11	2023-03-11
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 5344b9d7d0cc0144a1129f23c1f363e2 f63ea2c8f92141b4420129fb973e598bc7529fd1 ca09e796091261232efa4237dd97ff271e7e846f91af3fc1c585cf2aa3c23f38 Loading...

	http:blank	580 B	2023-03-11	2023-03-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 2c18ac11978c5c95589d17a944a122df a54815e4df2afc9536e60cfdabf868f966c17624 2637b9496962e2b46510044d4f3da82a7ff6b125e262405ee69e79da973bc09e Loading...

	voe.sx/e/zpaif5wegj5b	8.2 kB	2023-03-09	2023-03-29
Pretty URL voe.sx/e/zpaif5wegj5b IP 186.2.163.208 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 06:17:47 Last Seen2023-03-29 22:40:25 Times Seen5 Hash d7b8e1d53ed24b02b82276379275d63f bbd1c23d397eaa8d9632766975f723182b674ccb c638d2c36383d9d5600499050a600bf2e7895da5734e2e3ebac597764c9092f0 Loading...

	adservice.google.no/adsid/integrator.js?domain=www.seriale-shqip123.com	107 B	2023-03-07	2024-02-03
Pretty URL adservice.google.no/adsid/integrator.js?domain=www.seriale-shqip123.com IP 142.250.74.66 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-02-03 18:43:04 Times Seen27539 Hash d9c47f48660b656705d0ff86fc850de8 bceb9478f69cdfc2eb87ae6b80e95dbaac8b6769 a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	295 B	2023-03-11	2023-03-11
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 9808254a309f56b9043a870bb42fc88e 59c43b15451222408c0855f2709a4029963e5443 da451adbed2e07fc0eeb545c26edf3c3702d45b2407e0b18e11e478e9f835594 Loading...

	www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js	409 kB	2023-03-08	2023-03-17
Pretty URL www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash b2507198388fcc94ca9e94ed4c5561c5 8853fc86f1c616bd20a73e3e24442036fd90fd2f 02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0 Loading...

	discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js	32 kB	2023-03-11	2023-03-11
Pretty URL discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash f2f1d97e24ad1424abc9e64b52f96068 ee1ce6748c7ea1b6dc827b5b7f48702d2b78edab a4509768ae747d1ae3612583669c1a7d2cf1484549e90f48a164e8fd0599d2c1 Loading...

	voe.sx/e/zn3vdqkhvnk5	7.0 kB	2023-03-11	2023-03-11
Pretty URL voe.sx/e/zn3vdqkhvnk5 IP 186.2.163.208 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash fc08f48c6fb75ca380e2b09efd34f9c1 26e64ea94d1b4cb5cc0ab8cf62902ae6ea05ad45 f85a2c4d3479feb2de8b041e8a46141d8b9c04f7ff7195a1d8ee0d01cf98adff Loading...

	pl17772624.profitablegatetocontent.com/56/04/92/5604922e93a976af1c03625784afd2ff.js	60 kB	2023-03-11	2023-03-11
Pretty URL pl17772624.profitablegatetocontent.com/56/04/92/5604922e93a976af1c03625784afd2ff.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 3febd4c2e89d3224f39fec6973b220d6 bbedee80a0e1554cce4832a06153d0072dd54c06 c4c0b11a7f5b8a4cd2a1ffa1eb2a6b166315e08fb34e25a5fa46aa6560642a45 Loading...

	www.seriale-shqip123.com/	341 B	2023-03-08	2023-03-11
Pretty URL www.seriale-shqip123.com/ IP 142.250.74.83 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:31:35 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 07db90f96a93cbd0e1a192cfcab3f009 276335c9f5d5a6b873c8f081957377fbe36b84cd 28491270f77442e3bd58fc948528bff671842dc82f1b0b5cf5cb5eb29a7e2a7e Loading...

	hqq.to/js/d_check.js?34	3.5 kB	2023-03-07	2023-09-30
Pretty URL hqq.to/js/d_check.js?34 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:25 Last Seen2023-09-30 22:49:03 Times Seen217 Hash 13c9b114ed2734fc250bfde9e68f2161 27b09df0c156185891fde32267c26dba2e9c349f 2a750a5c4cd53d770d99cfd648aab9587e12c2fe9e2f6d0a52b699d2e88e5615 Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	157 B	2023-03-11	2023-03-11
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 0a0f262c0ca4691912c0408c7b00e4d4 e259b700cb125d9e465b894542d66a4a1680958b a212ad53ae9cdcf1346c060af6851a091ce9197d7ea03fb7ce7c5772e8f5ceb7 Loading...

	dood.re/e/srmgt80kffht	1.4 kB	2023-03-11	2023-03-11
Pretty URL dood.re/e/srmgt80kffht IP 104.26.4.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 19b74c6a1940997d09f9f810ee4ca581 8112cd0314717aa5d002b7a98f7dc84fd360a8c5 95cb35c6f79f86d823eb8e0bd9c7de1f557f97f91b01f2094e963161c6e8e566 Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	221 B	2023-03-07	2024-04-30
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:08 Last Seen2024-04-30 17:59:06 Times Seen579 Hash 6ba3d3a77f49c6d677d2acee495802f0 abb77bf7cf21f875d7384e55b02b14e30fe16ec0 08c0fca653d9566f35ee87503bc4623f065da931936ff1efdecb428974cf933e Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	65 B	2023-03-07	2024-04-30
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:08 Last Seen2024-04-30 17:59:07 Times Seen577 Hash a1fb70de4ae61068c881ab07ec99440a d04278110a1411fd73c3589634aa2b3ab1bd6cf5 7f9a01ac59fef91ceb3eeabba254823ec85e227f06f35be9aa23772a49b4d5d3 Loading...

	http:blank	580 B	2023-03-11	2023-03-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash c2adaf59389d268e71d823db7d52204e 9db4f74b897a9cc52dc37b21e2a42906bdf20ed8 d83b57652134a7116c20779f95d9530a975e03b6fccddc748595d87c8445edc7 Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	596 B	2023-03-07	2024-04-30
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:07 Last Seen2024-04-30 17:59:06 Times Seen578 Hash 5c1368acff3a295afea255a4fcaa2b34 fc4e685a7f319aaca3446e9eea4365cb7072ea8c 4c0ae8aa520c685737ceec1cfe25d78e4a51cf2cfbca2afdc4b55386b3618492 Loading...

	hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09	293 B	2023-03-11	2023-03-11
Pretty URL hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 102b0842d6af7cb4721647c4409fc395 c5aa230b53db803b11ae0f9f92debef1fcdf133e a857842a913fb2d747bf9803d0d4a1ba1d54e02ef997ec10b69a3de6aaf74221 Loading...

	voe.sx/assets/n-379412873852/js/site.min.js?c49fd96c54dd560366ff857af838f3bb	11 kB	2023-03-09	2023-03-13
Pretty URL voe.sx/assets/n-379412873852/js/site.min.js?c49fd96c54dd560366ff857af838f3bb IP 186.2.163.208 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 06:17:47 Last Seen2023-03-13 02:54:37 Times Seen1 Hash b79294c0aa910ab912e43343b549df82 2ce5ad5c683199bb1fa0db8d4d9d6373527ffc1b ea8c997398eeae6a31fb3eaeebe4ccc0b2758dea4927f39093cc78b8faa9683c Loading...

	cdnjs.cloudflare.com/ajax/libs/hls.js/1.2.7/hls.min.js	344 kB	2023-03-11	2024-04-28
Pretty URL cdnjs.cloudflare.com/ajax/libs/hls.js/1.2.7/hls.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:24:59 Last Seen2024-04-28 21:33:21 Times Seen233 Hash 1e59b3a541bcfa025fdda12cbbaa9f6e b04d134373a70c5c2c536e0246b99dabdde8db9d 88fa861d6c2d711a4a0e9c186234ab06f7e0f77b7bda6da22ae50eae6c892570 Loading...

	discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js	32 kB	2023-03-11	2023-03-11
Pretty URL discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 1c8cc8ee48bb5b193bc288c1c90dce91 a34d9653f43768aaa3a4319f8ec516d9aa1b556f bad872cf60d6afdae30c4f55d8ab3245ff2beba0a6c2aa48fb76fcd5cfb63805 Loading...

	discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js	32 kB	2023-03-11	2023-03-11
Pretty URL discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 23:45:57 Times Seen1 Hash dce54d824c23c746c029888dded55472 52d4492f7a4557b70d847ee2c8af0da3f86aca42 d89d7f9f00bb98e6d2b8eece38c8d7d749abc97dda6c87634fefcb16c99fc831 Loading...

	dood.re/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1669665600	36 kB	2023-03-11	2023-03-11
Pretty URL dood.re/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1669665600 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 5b14326c9872e4ee1de4d9498a5b31ec 0cce6c105571e4edc80050710d6b5a3f22a8cc12 7040bee30467e6f6ed58bcf2a1accaa5271e5a9f259beec95952a882256c03bc Loading...

	apis.google.com/js/platform.js	55 kB	2023-03-08	2023-03-17
Pretty URL apis.google.com/js/platform.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:23 Last Seen2023-03-17 23:35:13 Times Seen1 Hash 82b37d5e95d1e985a554cf000e9bb15c 8973b2e12ea8de1b8a14c8b7ea3be6c1c25eae07 4c6520efed0ab3222ea84da3fb4d6cdc929353fdfa0ac12422253be3ffcf525a Loading...

	hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09	1.4 kB	2023-03-11	2023-03-11
Pretty URL hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 4c8f047ade23824a9c823c3478e50902 7e3b1d2f41b0d769b85fa08de8dac1d0cc61cdce a27342cf5b24dd4dd306bddf7a3a5f974bde7fdc1a01653e3e718b6c3df946ab Loading...

	hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09	357 B	2023-03-11	2023-03-11
Pretty URL hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash f4dfa7d5f593afa5259be06c4e0228ef fb71202e0553fbdcead44d853a6933ce1691956e 8c40c2f60fce56e65b3072bc050432a9cb6a21b8932de9263112ced1c565e26d Loading...

	voe.sx/e/xy2rdse34ev4	7.0 kB	2023-03-11	2023-03-11
Pretty URL voe.sx/e/xy2rdse34ev4 IP 186.2.163.208 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash cfc19a7605c92895f22820e1e8b2c9ed e8aa30aa132f900ed5ab5db80c57c13ff5ed96f6 d901fc5d5df178e764cd0ea22252f693126c66dcb62316bddc69d72d5019eb5d Loading...

	discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js	32 kB	2023-03-11	2023-03-11
Pretty URL discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:50 Last Seen2023-03-11 22:05:50 Times Seen1 Hash 6625074d2e32fca2e2e1a42e72c13a75 8397844c36f0950c7846e2e6cc9241444356fac2 46f482a6ec8a73cd74c23a8a7f6714ea4f0f6d9932cd51978604e1ed634634a6 Loading...

	alleviatepracticableaddicted.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js	32 kB	2023-03-11	2023-03-11
Pretty URL alleviatepracticableaddicted.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash 9afec42ac7e4d94e8e97cd525eb7ea7e b16cf1bb6f61b1838c66594a346155cf6e01368b 5eed667007fda61a51aa70b79db0a9b8c154adeeed94f918b4a99a4466d294b0 Loading...

	voe.sx/e/eydbdd7fdga1	7.0 kB	2023-03-11	2023-03-11
Pretty URL voe.sx/e/eydbdd7fdga1 IP 186.2.163.208 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash b358a3e470b70c5903f8c7f98f1e05d4 aa2ac2b56e7c17f01e12ae26b9a9b60be4f81610 8c6b461d93fcbb142e5a4a9c9a29d3a0bd4b750b1db02e723ddc7e3452313842 Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6174233946807485	149 kB	2023-03-11	2023-03-11
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6174233946807485 IP 142.250.74.66 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash c35bcbcd22891964a264fcc43fe7be49 796af59fc2daceaa98fcc85b11ad8e224c8bbfdd e2560f65c73774836bf852d958eb5edf86ebd7757e767855ee86c0f8fd540e47 Loading...

	discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js	32 kB	2023-03-11	2023-03-11
Pretty URL discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash 3bccc819065466d14a18c9d9c3844baf ae0ae4a33a8aa2ba1812e08ebd486dcf19de1235 53ea7e1cbb282c0b81353f2d8a87f53ec7bbce3cedf63f308733c02d224b24a8 Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	188 B	2023-03-07	2024-04-28
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:08 Last Seen2024-04-28 16:39:29 Times Seen538 Hash 65f409613e5ca698d095b93ba30481b0 ddd0b13ed3c1e658d6fc86e068a5bc2e1eb6a657 0a9333926889dc4aedc24da892d00bc970bbf12a4053caca458639549f09196f Loading...

	dood.re/e/0nq7oqhrd7lg	1.4 kB	2023-03-11	2023-03-11
Pretty URL dood.re/e/0nq7oqhrd7lg IP 104.26.4.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash d42873949d6b4068774476df35d18201 102816d049fb10b3ac9a63bd4bd5db3d6fae35c1 a13a11ef7668e4676fcd18c8d6a17e2371a69253e3e87a9b3b59f5d0dcd9b672 Loading...

	http:blank	510 B	2023-03-11	2023-03-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash bdbd4b41be1b9a5a7fe634343aaa00fc 1bb48d3bb385a798355d74b383a843283e656c00 f2f67c3bb4d5b37533b9b02880cd9ae7c19eac7e0f41b018593a2bd8f979d237 Loading...

	www.highperformancedisplayformat.com/6b89af69f49621c6c443dd9b71e61d32/invoke.js	27 kB	2023-03-08	2023-03-11
Pretty URL www.highperformancedisplayformat.com/6b89af69f49621c6c443dd9b71e61d32/invoke.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:28:53 Last Seen2023-03-11 23:17:23 Times Seen1 Hash 58ebc82322104a0d9396a310e944681c f7dd2728857fee775323d58ea798484dfb92f862 1a8298ede56ac31657c2d98345413e326835c8a150abedf456203b0093ea5e7f Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	76 B	2023-03-07	2024-04-28
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:08 Last Seen2024-04-28 23:23:27 Times Seen557 Hash 8fedb25202f60ec664b720487c4ff980 52bd0c95cd949054a19891614857d090502aa175 ac27090f988c84b928f3970fb904db0700b219804394331a5b11ba2dfb20eff9 Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	1.4 kB	2023-03-11	2023-03-11
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash d3c76b39f8662ec3f47fb0ec28869352 dd954cb6d6d312ae91e7f12ed8f5380ecbe62504 22cb3618ab96e09d61be9b0960b4b8b6d70e7981a03f40bf204a77084e3051e1 Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	4 B	2023-03-07	2024-05-01
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:07 Last Seen2024-05-01 17:00:41 Times Seen948 Hash 25f283486b425469c532194fffb78ea5 2546b7f00120921d8813f717f276598b3ac11757 d0586d0c3ef8202a3bfe6af7841f4cc85bf265ee95a05711aa1dcb908de0a469 Loading...

	hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09	151 B	2023-03-11	2023-03-11
Pretty URL hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash 90342c4c30525aff19ac2c6f6d73ada7 3c5bac1042e8be54f76e3fb40d6f7f2df5119c1c 373b72bc5a8a2711cc5d2d265a41d4307f6b125b33163b54b8eb493cb2904538 Loading...

	unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js	3.1 kB	2023-03-07	2024-05-01
Pretty URL unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js IP 104.16.122.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:39 Last Seen2024-05-01 22:31:59 Times Seen9222 Hash d5528dde0006c78be04817327c2f9b6f 31e1bcc4cf805a2c2fee21f48ded1e598f64a2a8 b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8 Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	175 B	2023-03-07	2024-04-30
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:08 Last Seen2024-04-30 17:59:07 Times Seen577 Hash 597e311caa87d51520f2a62a80408b73 1a57797c00f87115cf9fe6bbd2af5b8d0b2fb4cf c12a9403d0d7f073dfca9a77c45dee6a37a4da54335f131ba3bf672b014ba41d Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	14 kB	2023-03-08	2023-03-11
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:39:34 Last Seen2023-03-11 23:13:53 Times Seen1 Hash 0f7f357bd5e4da984243aa7214f27591 d74dc7680d9bcb36476be801e44fe2a7f0de5f18 7df9c84bcdf6c2bfc2b6652c96d5b2675cf8d45f06a3a19ceb327bd1acf6c2fa Loading...

	hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09	817 B	2023-03-11	2023-03-11
Pretty URL hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash 3274c19516044b4c2c85f68f3d310af0 3f10c8c8b42e4fd1fba143e3000c5eeffb9e42b2 b7b5e6ba301f49753444b16e8289f9d6ae507d64bbdb7b4231dd48b58e023f13 Loading...

	hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09	45 kB	2023-03-11	2023-03-11
Pretty URL hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash 38fdb39f8467e0304f514e7cdb1e17a9 fa90ef8151a11dcdbaa557957e91d45ac2a6b640 4f0966f8d27432c6b5a97538f30838fd6e24cb876d60f0001b5828fb85a8dff5 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-05-01
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-01 23:56:35 Times Seen264403 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	dood.re/e/6u3675kyxx05	1.4 kB	2023-03-11	2023-03-11
Pretty URL dood.re/e/6u3675kyxx05 IP 104.26.4.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash 152b3deceddc49fc0f46591dabe12439 774cd7dce3fdc7a3448a27c689351951cc0e0271 45be7ccdfd98dd588a8e11c4ea96d7ce99d35c66ad28497a877a2ba48411b604 Loading...

	www.seriale-shqip123.com/js/cookienotice.js	6.5 kB	2023-03-07	2024-05-01
Pretty URL www.seriale-shqip123.com/js/cookienotice.js IP 142.250.74.83 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-05-01 23:05:16 Times Seen114974 Hash a705132a2174f88e196ec3610d68faa8 3bad57a48d973a678fec600d45933010f6edc659 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568 Loading...

	www.highperformancedisplayformat.com/fb866e7b401f197b5e12a2b78590cd45/invoke.js	27 kB	2023-03-08	2023-03-11
Pretty URL www.highperformancedisplayformat.com/fb866e7b401f197b5e12a2b78590cd45/invoke.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:38 Last Seen2023-03-11 23:31:57 Times Seen1 Hash faa25ebb10c56ba872ad57d74cf0d6e6 0f1dbf47f6af6ad06fd1f52469f7d2ffd3925ca9 898ab0ee6e62930750361a9125a909ef53d97bdd5e68a2afe35bd311df6c6b98 Loading...

	spiritualdiscussing.com/43db73d118f408de255d93e402b10dd5/invoke.js	27 kB	2023-03-11	2023-03-11
Pretty URL spiritualdiscussing.com/43db73d118f408de255d93e402b10dd5/invoke.js IP 173.233.137.44 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:20:35 Last Seen2023-03-11 22:38:49 Times Seen1 Hash 5dff0d8b0e7c1ede0d1c31a032b7eaf7 24005e452ea07d6aee99c1c4bd4efabb905ed838 a0ed0e3146692bcdb9cfb31f6b61b46bae15c02da3480d1f6c34209fd6bac5c9 Loading...

	hqq.to/js/adv/fuckadblock.js?2	14 kB	2023-03-07	2024-04-28
Pretty URL hqq.to/js/adv/fuckadblock.js?2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:25 Last Seen2024-04-28 23:23:28 Times Seen662 Hash 626be86ed51eef8b8b4038b6dcb8fcb2 229b2c503c8a0acc4bb1b423c895fc30330a0723 7e5965a6eb681ef5f8a59dacd6e8c8263dcbbb512e441e532fee942a90c4c7ea Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	4.8 kB	2023-03-11	2023-03-11
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash f3a7c48eee83d21e886bba94c588e475 ad7818bacf0756aa04d14cd446dd46793df50d5b d624d5c7e80fa4548602c43d0b58aad3144890573317ffc1181ebfb385c32a17 Loading...

	dood.re/e/dpcvhpjsuww0	1.4 kB	2023-03-11	2023-03-11
Pretty URL dood.re/e/dpcvhpjsuww0 IP 104.26.4.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash 18bcdcf80577de8d2d2d5a73be48bd06 67c2723fa5d74391566c2b15af42e7787aa45b5b 8fffe42cb44af54f686c1f920c777e3c151092192ce64578566f75f35be8f803 Loading...

	pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6174233946807485&plah=www.seriale-shqip123.com&bust=31070923	363 kB	2023-03-11	2023-03-11
Pretty URL pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6174233946807485&plah=www.seriale-shqip123.com&bust=31070923 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:12:47 Last Seen2023-03-11 22:36:19 Times Seen1 Hash 87d35b86830fe79f298921b04dd92496 b63d8ced51b64b3cd80dece7da84af32d8f38196 6eb9bfda6d4845e7627dd5a14685c3e4e1c9f4b8e76cc9ce82938e1f8fcf16a6 Loading...

	unpkg.com/jquery@2.2.4/dist/jquery.min.js	86 kB	2023-03-07	2024-05-02
Pretty URL unpkg.com/jquery@2.2.4/dist/jquery.min.js IP 104.16.122.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-02 00:11:00 Times Seen387032 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	dood.re/e/6e31v7v9humq	1.4 kB	2023-03-11	2023-03-11
Pretty URL dood.re/e/6e31v7v9humq IP 104.26.4.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash ac36ad62333191eca5beaba113679d0c b55b9a6c2f1149b3701d1378585b827a84173bfa 467a4591c9a0964ff600aa3285b61155e4450e341f9d12d68f06da7ba8c9af45 Loading...

	http:blank	580 B	2023-03-11	2023-03-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash ca31c60d5571e887a6a7cfd14432645c aa3aea2426c703c4a936e1dd44404b44468f5e57 cfaa8d5ec61a9d870fa6c95701d913caadf00edbd79d021f993cba30ef98b732 Loading...

	http:blank	580 B	2023-03-11	2023-03-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash ad94a18779a149476f79012e27b38c7b e760c0e306411fe4a997ff8ce1c240b93dfb7581 5711d43c423e61ebe10dc46734a8a1870a7d49b51bbe245553993165f76dea7b Loading...

	dood.re/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=7716dc461d45b4ed	36 kB	2023-03-11	2023-03-11
Pretty URL dood.re/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=7716dc461d45b4ed IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash f626b76c204bd8dafb592057c963b484 c5e81f162cc58f9650a53d680e9e9fcda5d16ba6 b0aa5da415938fbe079fc0c9f46687792db9626939ced6f60f4e87e913dd13fd Loading...

	dood.re/e/hvz4pt3xgeni	1.4 kB	2023-03-11	2023-03-11
Pretty URL dood.re/e/hvz4pt3xgeni IP 104.26.4.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash dc4120cc1a4ccd33f050608411bfcf79 0b944ab610de3321b39edca95249b9009c7de191 ef2f9e2396f1f69d14be7be086740016cc006bfd4d79865f12bbc93e20f40e57 Loading...

	dood.re/e/41rvdoaytsb3	1.4 kB	2023-03-11	2023-03-11
Pretty URL dood.re/e/41rvdoaytsb3 IP 104.26.4.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash d0a265347e50f1cf7f0a6635a3dc41c8 b259ff5e778c5ae2b465a5c2cec3922b7866ed15 0d8846d36332a4b5d512fecd8339bc6afc204ce2253ee4c373969beccbfaf5c4 Loading...

	integrityprinciplesthorough.com/f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js	86 kB	2023-03-11	2023-03-11
Pretty URL integrityprinciplesthorough.com/f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js IP 173.233.137.52 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash 08c220956b1f195d5fe0528937cf4eef c716ef550c024fdea07eb1427bfc8188ca63811d 906c7d1e5f00ea3277cc70cc510eafe814013ac2ac8f0304d8e43164da45b25d Loading...

	unknown	0 B	2023-03-07	2024-05-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-02 00:11:50 Times Seen37258667 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.seriale-shqip123.com/	354 B	2023-03-08	2023-03-11
Pretty URL www.seriale-shqip123.com/ IP 142.250.74.83 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:31:35 Last Seen2023-03-11 22:05:51 Times Seen1 Hash d4f8be52d7f65bb717199c14478a25db adbeae8e6e5872dd9bb1b52b14534c83ae7ee20c 0f6dabd3b05202068f15baaa8cdcd1465a7d32b453bcd9e2fc7eec6b7878a7bb Loading...

	cdnjs.cloudflare.com/ajax/libs/plyr/3.7.2/plyr.min.js	111 kB	2023-03-07	2023-12-11
Pretty URL cdnjs.cloudflare.com/ajax/libs/plyr/3.7.2/plyr.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:30 Last Seen2023-12-11 04:59:49 Times Seen101 Hash 25126b2c2f593f30f507bc4e9c2d233d 8298aa83d9b48f52954503e12fdc83ff8f92aa73 7c52a13dfc5530303daba3ec1cf306ebb96505e81fba44293f4d1632e32f0ec0 Loading...

	hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09	700 B	2023-03-11	2023-03-11
Pretty URL hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash c96501641f0d1b7a8565a3728cd2e0ce bdc2f8676394370c0be7b526e0c99f66be72cd47 80bafe7d172096a2835526727c0ff22d2d3de6b610945268fe47462ff0e383f2 Loading...

	hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09	159 B	2023-03-11	2023-03-11
Pretty URL hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash a65c4dd4bc03526c87c2c149ab0b1833 8f85453044ebf2120cc73db0df7b66de84db37c6 d2c4267551f8b44c8634a580956a63d7ff65daea0fd60e19f17422bcc852af6c Loading...

	www.seriale-shqip123.com/	302 B	2023-03-07	2024-05-01
Pretty URL www.seriale-shqip123.com/ IP 142.250.74.83 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-05-01 23:05:16 Times Seen28980 Hash 5a9442d8fb9a2077b3ebaf7aa6f763fb 1ad7b70635d1b80ddf645acb12b5f17e0ecf0c99 0665437bacd7ab06df7300ed254eac6729ed5e062da4cfb3895416289cfc647a Loading...

	www.seriale-shqip123.com/	341 B	2023-03-08	2023-03-11
Pretty URL www.seriale-shqip123.com/ IP 142.250.74.83 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:31:35 Last Seen2023-03-11 22:05:51 Times Seen1 Hash a9418adfdcabb8de744ef70e79c09767 071d4394f8918e1776ebac6326d5cca8daef3f32 bf82792bcd18a04a1712b943a0008d4ae1f5440dc450a7fac5ac892efae30a01 Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	207 B	2023-03-11	2023-03-11
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash e6f1767c3fe4dd34b6280252c369217f 042c4b7cfa21bba553eaf01dd50817c8cb7acb2d b794063f4383436a44ecc9d11d0774f001231986291e6dce720a2014e06a3970 Loading...

	voe.sx/e/zpaif5wegj5b	7.0 kB	2023-03-11	2023-03-11
Pretty URL voe.sx/e/zpaif5wegj5b IP 186.2.163.208 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash 36f5fcc92435ec6424355b409fc9caf2 1db801577fbeef3115ce4ad65ab770aefa274b58 fbeb6b9db7afd8773a05c05f359e8f66071df9fea4a440a8b1f78e4f12dad8bf Loading...

	voe.sx/e/zpaif5wegj5b	8.5 kB	2023-03-11	2023-03-11
Pretty URL voe.sx/e/zpaif5wegj5b IP 186.2.163.208 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash 29ff585b1b69d966265328af779fe205 7c96dbd741f20444178d64c0d7887d6058494bb1 86d5b210f4721cea65c058dc508125798055330e19895bfe6b7a71f54e33db6c Loading...

	www.seriale-shqip123.com/	1.4 kB	2023-03-11	2023-03-11
Pretty URL www.seriale-shqip123.com/ IP 142.250.74.83 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash 409f811820869cfc86ea0be66c05b6d5 68987c1648c8c31bc5c8c1f1a5a0eec0076ad235 1dc1a9cb23901044e4c28158ece25b064a7e0b85b5a990adcaafa17babe23e86 Loading...

	www.seriale-shqip123.com/	1.4 kB	2023-03-08	2023-03-11
Pretty URL www.seriale-shqip123.com/ IP 142.250.74.83 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:31:35 Last Seen2023-03-11 22:05:51 Times Seen1 Hash e2f5cfd8e700b2e6d53fbb2ac6bfb58e 321640920112ba21f7e3cc808ce94fdbbdb451af cc605f63e37c329b871c114f053a0452bf7a75677d8c7b05c1d2f773a6e21da2 Loading...

	www.seriale-shqip123.com/	341 B	2023-03-08	2023-03-11
Pretty URL www.seriale-shqip123.com/ IP 142.250.74.83 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:31:35 Last Seen2023-03-11 22:05:51 Times Seen1 Hash 947fbfd81142a5ebe1a09b35bc8c282f 9dc55bbf840153815f863a9441c6acf82a2d1b13 6f25acda577ed8544c622eafc3df473f400897f1d32f0b6cdc630e5694fe7237 Loading...

	hqq.to/js/video.jquery_plugs/modernizr.js?12	1.2 kB	2023-03-07	2024-04-28
Pretty URL hqq.to/js/video.jquery_plugs/modernizr.js?12 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:08 Last Seen2024-04-28 23:23:27 Times Seen620 Hash 981ce49e4c69148552b01cbbe30f0858 9cb566fa0e6cfda06fe4721214acc445d443ef07 458cc3be215bef898d5e6a41e25f0c022e6d5d5e61add13f13c01898bb53b9bc Loading...

	pagead2.googlesyndication.com/pagead/js/google_top_exp.js	47 B	2023-03-07	2024-05-01
Pretty URL pagead2.googlesyndication.com/pagead/js/google_top_exp.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-05-01 19:09:47 Times Seen48491 Hash 7f5f2be159837d73b72a4b37616bce44 c93d7f25b530b05c26440d3352213b683d03dcc3 ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2 Loading...

	http:blank	580 B	2023-03-11	2023-03-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash 85a98a3f28efcc134a9748771d773b80 49cd9e48b02805d291517290be2b9938c4f6ea9e a5f6121b2426a5a50e3e79730799eaa255d2dff158f03c3531d01983aab1fddc Loading...

	voe.sx/e/4qtojd0ibk6l	7.0 kB	2023-03-11	2023-03-11
Pretty URL voe.sx/e/4qtojd0ibk6l IP 186.2.163.208 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash 7ba844fe7e8d1cf0038e615579ad1438 3eec1b792780d94b01b2a58c67a8c4948df16283 cdb294ca449820516e59317fc4f69c22e67ecaf50a3cd4ee7aacacd4d389ecc9 Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	550 B	2023-03-08	2023-03-14
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:39:34 Last Seen2023-03-14 03:01:26 Times Seen1 Hash ca7a366fd7118ec1ce4251bddb1ae1bc 3c823e73a19b23b11dac7200acd57c1ac7bc9169 ca9c64905717d78fa5df6c9f6d8f99ee553fde5b31ef30036e5c09f47f9ddb5a Loading...

	spiritualdiscussing.com/2542b9376e69e7c9ab59020b52823532/invoke.js	25 kB	2023-03-11	2023-03-11
Pretty URL spiritualdiscussing.com/2542b9376e69e7c9ab59020b52823532/invoke.js IP 173.233.137.44 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash 0d21a83afb317716e226716c53855d54 510708ca9016e85d0c49d77bf9f9bb4a4aa2fb58 cef34e6ad071e258aa3f066a9738d3a8ffbf51ef52eddb07b58eafb348627520 Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	464 B	2023-03-08	2024-04-28
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:39:34 Last Seen2024-04-28 23:23:27 Times Seen541 Hash ae7f78cd22abc96758e37043ea1b568d 85f8149f45e9ec96a09138634b211ffdf19fbabd 76b641c39ce54349e0eedab42fe297e19bdc197974efd9967ff6b588c778ef54 Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	8.6 kB	2023-03-11	2023-03-11
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash 02a36392ff705312492171605cf8d0c2 672570548853d5448ce8fbea822606f08fee369e 7d5a71600c1f170530c87b386238795782c150403b362c13364290a932091101 Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	296 B	2023-03-07	2023-09-29
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:25 Last Seen2023-09-29 10:29:51 Times Seen59 Hash 3b98088c6675d5b3a9ba8d96d299effb 007e82a1dc37edd3b4baf4c176b0cb47d68bcf54 87c580b9f741f62db5493d9f790b9168cc8f8d8bf3c230c49ccacc98111cae7a Loading...

	hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09	1.9 kB	2023-03-11	2023-03-11
Pretty URL hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash f56a38a1ebf271ae2ba91b2af152641b 5fe43d433dfc3e97e7cf9213e7c1a453d69cdbfe 8837990be1dc2a1ea061799e47e34e8bd5cdab03aae9cc2a4e4cffa5d9e955f3 Loading...

	dood.re/e/8un3xdoa9aqd	715 B	2023-03-07	2023-03-17
Pretty URL dood.re/e/8un3xdoa9aqd IP 104.26.4.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:30 Last Seen2023-03-17 12:47:57 Times Seen1 Hash de2830925e9f61d95de70e9b4d2e0a14 d93996d44cfd574255705f550faa40e844b23766 aea6396eacf3d883b6b802d0c21388a8a33316414afff1b074a80f58e7b7a4fb Loading...

	www.highperformancedisplayformat.com/8e51e259fd1a1aa9fcd9c3a978dc532d/invoke.js	27 kB	2023-03-08	2023-03-11
Pretty URL www.highperformancedisplayformat.com/8e51e259fd1a1aa9fcd9c3a978dc532d/invoke.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:38 Last Seen2023-03-11 22:55:27 Times Seen1 Hash 5ba7b8b1f0cc98cb4e5cce95e9ef04a8 90778feb954047db321709edc5f841d6215724a5 fc90a41f1fa787e56cc7345bc77b9b2e3ec00265966109f6db2b21545fed1387 Loading...

	discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js	32 kB	2023-03-11	2023-03-11
Pretty URL discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash 6c38717f518d7015ba253f3090928af4 2f2ea53381ccad115386f10c5a7e69a0ce7f6d24 6ede36c33dde8136138b895088325afba56fc439edacb6e6694e5882705456fe Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	158 B	2023-03-07	2024-04-28
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:08 Last Seen2024-04-28 23:23:27 Times Seen558 Hash a28a421a2eeab6b52af95bc7d6603a0b 8ad53eb19c28e8c766aae9e1eb034ef254ed3468 3d1f33cb0d03ecc80df5bceddefd0c45325867496284688422fbdbbd53ce965f Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	48 kB	2023-03-11	2023-03-11
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash 0463bf5c9cfe2e66dd4b317a989564da e94208b0f29b910b981d0e89f043a4643755969e 341442ea05577e3063f1ccaec1c90c4bfd40456172f9b30846e573bc55c23b98 Loading...

	hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09	2.0 kB	2023-03-07	2023-09-30
Pretty URL hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:25 Last Seen2023-09-30 22:49:03 Times Seen73 Hash f0440bc233ed83c8b618aaac8c3c4549 ae84e3a7c3c3f705aae8d201d7572b58b50b513a 80a651626488e713729919a18c529e68aa109b6fcb6177c15b69525d22f95d5e Loading...

	www.seriale-shqip123.com/	694 B	2023-03-08	2023-03-11
Pretty URL www.seriale-shqip123.com/ IP 142.250.74.83 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:31:35 Last Seen2023-03-11 22:05:51 Times Seen1 Hash d03067e4b56a093c89a9b242c25718d3 9ed9da209a2c1c2fa167af86e75c67dd22fae126 1dc880f2d7bf6d9c6d6c0625859519d349e4a048016312f26e55ba9bf5404573 Loading...

	dood.re/e/8un3xdoa9aqd	1.4 kB	2023-03-11	2023-03-11
Pretty URL dood.re/e/8un3xdoa9aqd IP 104.26.4.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash c86bf9c7663f270bf281fefa5353215f 92a1cca2d24e971428dad8b0bea6eec1d94b3cbf ad9f6787a4e6e1fc6de2579e1130a2053103068bb4eeb5a18ad28cf5fb54b6b4 Loading...

	hqq.to/js/script-2.12.5.js	20 kB	2023-03-07	2023-09-29
Pretty URL hqq.to/js/script-2.12.5.js IP 190.115.19.71 ASN #262254 DDOS-GUARD CORP. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:25 Last Seen2023-09-29 10:29:52 Times Seen341 Hash 1e2e0c743ab729233c42052a5380e74b 42a1b8940e7ecf8145cd4abac4fe64ebf479d6ca 5776d146edfa1de32f5c74f409ced004eac80e4f8e2b981ab44dfd46ebba1712 Loading...

	http:blank	580 B	2023-03-11	2023-03-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash cce7de3a420c190870bbfe012fec261f 80b7fec11e442880cd5cd8882dd1adf5b681acb9 1befded87424755ba48e428d427b671c8929644f91310f6c4e4931742ba63fae Loading...

	http:blank	510 B	2023-03-11	2023-03-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash a1d6686df7ce365a2b8fadd6b08f6463 474a40f86f159c5edc9337e4c680b2154f0e6663 c9b961a5cf30894659ce6eae0721f20ee0766cd6790420c4780670ff274ba817 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 6343f0c27eb342935d80791fa4f8ac31	2.1 kB	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash 6343f0c27eb342935d80791fa4f8ac31 935e46da34f5690544c521199add2b3d29f12147 87370146eb2526a2c1a6cf1fcb5aa656b88f2ef49f2b7f3e8647d1f407f42844 Loading...

	#2 Eval - ab3b402598fcf3be26880b3670faf0d1	754 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash ab3b402598fcf3be26880b3670faf0d1 44dd5eb1cbc93a4e11b3f6252ed722ff50e32298 5536098ce1412ccc24488be62fe53e63f2039874958bc7f2b55bfde2fd7a126b Loading...

	#3 Eval - 64539b254c378da7771a85e528626ede	65 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 12:05:40 Last Seen2023-03-17 11:34:16 Times Seen1 Hash 64539b254c378da7771a85e528626ede 6f49b19cbaa7ba5313924a4c850649efda0faa89 e95194c60ba35e5329dfc389f1b7e872782b39c8cd16dbbcc38ef192e23dcf4d Loading...

	#4 Eval - b62b4ab9de7d3acb4c2180bc4cf7e56b	469 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash b62b4ab9de7d3acb4c2180bc4cf7e56b d64b186a384580b10bd5639f5ffc52e85e2ab9d2 d1513c4a7f2110bb4abe7307db85891d8c6d864549b4b4c36698c20382103390 Loading...

	#5 Eval - 37cbaeac8ed6875cf70e2cd0483ace05	469 B	2023-03-08	2023-03-11
Pretty Observations First Seen2023-03-08 16:31:35 Last Seen2023-03-11 22:05:51 Times Seen1 Hash 37cbaeac8ed6875cf70e2cd0483ace05 84855a0d0fabefbb30f9b86381c52551cbbbcf5d 598ba5ab2461f32eecbf0b67a151aed765cabf72f372d69ea666610541235e72 Loading...

	#6 Eval - a7ce8bf7c544f76eb89926b3ca618f43	12 B	2023-03-07	2024-05-01
Pretty Observations First Seen2023-03-07 01:07:09 Last Seen2024-05-01 21:44:29 Times Seen1031 Hash a7ce8bf7c544f76eb89926b3ca618f43 313d20acfe186ea3594870fc6d56c119f658fef2 4ab4edee422a7a6e621718d1ae7180b13ba13f18c0ce3e7e3e26fd68e57e119c Loading...

	#7 Eval - 786999bfc817837caf61ec5fd75eaaf0	20 B	2023-03-07	2024-04-30
Pretty Observations First Seen2023-03-07 01:07:09 Last Seen2024-04-30 17:59:07 Times Seen621 Hash 786999bfc817837caf61ec5fd75eaaf0 0cbe6cc1093c2068c537393bbc96de4bc32888f5 fc0d820f6f6693ccd6462b02714dcea358f75a12b72a7fe3f38e24168433f487 Loading...

	#8 Eval - 567171748c5c111903be60030876c327	753 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 22:05:51 Last Seen2023-03-11 22:05:51 Times Seen1 Hash 567171748c5c111903be60030876c327 a71d20dfc4bb51cfb26b4c840f1e365bf4908920 0eed10b03eabb72cc47ff7515902108f4260c301fd10194764c583ce0cd73b73 Loading...

	#9 Eval - 0b0c5117f98c674fff9332fa5480e908	31 B	2023-03-07	2023-11-21
Pretty Observations First Seen2023-03-07 01:02:07 Last Seen2023-11-21 03:43:28 Times Seen7759 Hash 0b0c5117f98c674fff9332fa5480e908 233966d6919f909d7c5fa065bacd49fde58eeb73 6e4c074bba968f3a2899edcbccf9e893ebdad7a5a533463e4d9630f28f3baed1 Loading...

	#10 Eval - 127ac839a41bdd9ab92ad47b7411cdaf	29 B	2023-03-08	2024-01-15
Pretty Observations First Seen2023-03-08 14:23:53 Last Seen2024-01-15 00:09:04 Times Seen889 Hash 127ac839a41bdd9ab92ad47b7411cdaf c2f81b12778c909f055c3967caa638b643c4916a b2ebc210c5c379879d07a4a9e046a4ea803d56dcc91d533db817ec272cbcfaf4 Loading...

		Size	First Seen	Last Seen
	#1 Write - bb853f948387283acd77206f7fb79bc2	134 B	2023-03-08	2023-03-11
Pretty Observations First Seen2023-03-08 16:31:35 Last Seen2023-03-11 22:05:51 Times Seen1 Hash bb853f948387283acd77206f7fb79bc2 2c218a127af473f3a66ab75d80d0e89b20ea401a e182fb0441fd3c9ee4c0afa5737d6bf102b005cb8f917d0acb289a3666f8e074 Loading...

	#2 Write - 2dce8dd6ad376b1f585d9e862afc748b	134 B	2023-03-08	2023-03-11
Pretty Observations First Seen2023-03-08 16:31:35 Last Seen2023-03-11 22:05:51 Times Seen1 Hash 2dce8dd6ad376b1f585d9e862afc748b 868c876192f0e555e1a6da5bb19a3caa23458443 05d127a9387f2c016f38e076762e261c97a387245d2c218550ebcfb10669c147 Loading...

	#3 Write - 2e313999a3e8b27c26c019d7ca2de753	134 B	2023-03-08	2023-03-11
Pretty Observations First Seen2023-03-08 16:31:35 Last Seen2023-03-11 22:05:51 Times Seen1 Hash 2e313999a3e8b27c26c019d7ca2de753 cca8900b2eba5eecc1292938dbc3c48a71d690a6 5debecb30db9b49b2c3b29617cd19ffea8c546df3d56bc080f4ea08fbc0d7579 Loading...

	#4 Write - d5dd6263d0c6c915cf35926e3566a538	121 B	2023-03-08	2023-03-11
Pretty Observations First Seen2023-03-08 16:31:35 Last Seen2023-03-11 22:05:51 Times Seen1 Hash d5dd6263d0c6c915cf35926e3566a538 a861e1a5c652d851d91c2f50de8b7e2d99e6b022 45ffd132813a0336ea17cc6680887642bb101f7c523dd353c41884a314eb7a48 Loading...

	#5 Write - dff682d711aa631fd1b4f710833d8209	134 B	2023-03-08	2023-03-11
Pretty Observations First Seen2023-03-08 16:31:35 Last Seen2023-03-11 22:05:51 Times Seen1 Hash dff682d711aa631fd1b4f710833d8209 0fc8f9ec515d755b66f1e005582649a5ceb4c39c c2a6394c1086ce2f45a67943b031e899383eb2e7514939b819c0db42122bbd57 Loading...

HTTP Transactions (248)

URL IP Response Size

seriale-shqip123.com/

216.239.36.21

301 Moved Permanently

229 B

URL HTTP/1.1
seriale-shqip123.com/
IP
216.239.36.21:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
229 B (229 bytes)
Hash
03624e37e152a1c4219020d5873de96f
928572c956e865200cee05e1a38c727e401122fe
409ece6bce78a63be17eba0ee4887c7a48703e54e148d76b0947fe5437e3e91b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: seriale-shqip123.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Location: http://www.seriale-shqip123.com/
Date: Mon, 28 Nov 2022 23:24:58 GMT
Content-Type: text/html; charset=UTF-8
Server: ghs
Content-Length: 229
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3835
Expires: Tue, 29 Nov 2022 00:28:53 GMT
Date: Mon, 28 Nov 2022 23:24:58 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3593
Cache-Control: max-age=129976
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:58 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 11:31:14 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 23:17:50 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 428
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7478
Expires: Tue, 29 Nov 2022 01:29:36 GMT
Date: Mon, 28 Nov 2022 23:24:58 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: O6Ewuu70NHCxUTWrJBJwEAqJBfCuuTcBXLV8SAWUl3Q08iTOp9GJJm9cQblJLsYoV/1RgspW/sM=
x-amz-request-id: MAGMRM4MH5MX9N3J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 22:42:15 GMT
age: 2563
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 23:24:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.seriale-shqip123.com/

142.250.74.83

301 Moved Permanently

181 B

URL HTTP/1.1
www.seriale-shqip123.com/
IP
142.250.74.83:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
181 B (181 bytes)
Hash
c0cdc588fcc1b50c6fb03989c2691d9f
70dc73ed31870c67a299fa50b81ee0b818867df1
ed5ecf4fe7ac526559c0e4b62c4803a0dc141a37c93dcf9085407f73a95ad591

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.seriale-shqip123.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Location: https://www.seriale-shqip123.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 28 Nov 2022 23:24:58 GMT
Expires: Mon, 28 Nov 2022 23:24:58 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 181
Server: GSE

ocsp.pki.goog/s/gts1d4/hvOXnEUejGU

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/hvOXnEUejGU
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4af432bd12e0a7e6e6dc42afc33ab699
5026bf21a31bf19b78290f9374837b3e7fea1b0e
207ddeedf39da1e58984e8d6303315b1308ae51a9b06a088a9f2af71aa885201

HTTP Headers

POST /s/gts1d4/hvOXnEUejGU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 23:11:12 GMT
cache-control: public,max-age=3600
age: 827
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5861
Cache-Control: max-age=127177
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:44:36 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

www.seriale-shqip123.com/

142.250.74.83

200 OK

26 kB

URL HTTP/2
www.seriale-shqip123.com/
IP
142.250.74.83:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1495)
Size
26 kB (26138 bytes)
Hash
034cb4d28b4cbcfb9535fe069351392c
bc94b265b770922f7becbaabe09495b7e8ee68d7
e44933ead2e1331591464aefd53465d36609c2346d7166bf28aea4658875d993

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.seriale-shqip123.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Mon, 28 Nov 2022 23:24:59 GMT
date: Mon, 28 Nov 2022 23:24:59 GMT
cache-control: private, max-age=0
last-modified: Mon, 28 Nov 2022 21:41:16 GMT
etag: W/"ab95026b7825595e6d79d4cfc70a2674480ed7bfaac1338ad57ad27057302ad4"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 26138
server: GSE
X-Firefox-Spdy: h2

www.seriale-shqip123.com/js/cookienotice.js

142.250.74.83

200 OK

2.0 kB

URL HTTP/2
www.seriale-shqip123.com/js/cookienotice.js
IP
142.250.74.83:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
2.0 kB (2026 bytes)
Hash
c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/cookienotice.js HTTP/1.1
Host: www.seriale-shqip123.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Mon, 28 Nov 2022 23:24:59 GMT
expires: Mon, 05 Dec 2022 23:24:59 GMT
cache-control: public, max-age=604800
last-modified: Mon, 28 Nov 2022 22:53:48 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
13c870f9d0256a3e5dd72fc47aea94e9
55b39d22353b9f020626c9ad5067adbb4e0a4761
a7af66142920ccb78d06c97456b0c48fc4596b853bf3f5eef60940857bcd6fd9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css

142.250.74.105

200 OK

7.8 kB

URL HTTP/2
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP
142.250.74.105:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (35959)
Size
7.8 kB (7776 bytes)
Hash
5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630

HTTP Headers

GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 18:12:52 GMT
expires: Wed, 22 Nov 2023 18:12:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 18:53:15 GMT
content-type: text/css
age: 537127
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9f2751b862f1815bef2869dc411f6021
cf001bd30b74c30190683c05ac81c97e5ccd9c3e
464e9f5b8f9e6a87b46b2cde3f4b554ff3641732f1506c2f2a6edf40dd972d6a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
998e0b25e77b8c23e52ea918d3fc2a29
0f684f95e3c60ef17ff082bfda21de480eff9fb4
360e9b02287b38174bb5bfb64862d049d9e4f998ef8aba036a1bc97bbf30d606

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2734f94ccee461103a4c42296934948d
57af4a7dfbc298f14e47d9cf98c1a33c8f9078ae
e067ad8019cd032e033758f033c9eaa9e8dd7250a79b7c750f24cdc055a3ec87

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
998e0b25e77b8c23e52ea918d3fc2a29
0f684f95e3c60ef17ff082bfda21de480eff9fb4
360e9b02287b38174bb5bfb64862d049d9e4f998ef8aba036a1bc97bbf30d606

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.blogger.com/static/v1/widgets/2342155703-widgets.js

142.250.74.105

200 OK

57 kB

URL HTTP/2
www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP
142.250.74.105:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2221)
Size
57 kB (56726 bytes)
Hash
1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b

HTTP Headers

GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 16:02:03 GMT
expires: Tue, 28 Nov 2023 16:02:03 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 27 Nov 2022 15:52:40 GMT
content-type: text/javascript
age: 26576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
636ab52e8412c404c27b203b7dde8958
adcaadc8107cf64e0bf312f21b78cf0db5a8d72a
8551d69b33cdb90d88ac0f282c8c1e3fd7a28f697d326ecf68627a5ac7761060

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
636ab52e8412c404c27b203b7dde8958
adcaadc8107cf64e0bf312f21b78cf0db5a8d72a
8551d69b33cdb90d88ac0f282c8c1e3fd7a28f697d326ecf68627a5ac7761060

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

i.ytimg.com/vi/DHcwKSZHUvM/maxresdefault.jpg

142.250.74.54

200 OK

103 kB

URL HTTP/2
i.ytimg.com/vi/DHcwKSZHUvM/maxresdefault.jpg
IP
142.250.74.54:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size
103 kB (103306 bytes)
Hash
8cb8e3565e13317db8beeff9dad1759b
80a214655cb0040a9a65317ff27ce8ab75c4955c
94078f229d145af541518c9f48709c20d3ff31e41d9ee2f0705ef5c3a05c9fd8

HTTP Headers

GET /vi/DHcwKSZHUvM/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 103306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 23:10:42 GMT
expires: Tue, 29 Nov 2022 01:10:42 GMT
cache-control: public, max-age=7200
age: 857
etag: "1669151417"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

i.ytimg.com/vi/Jb_AiRh0Xtg/mqdefault.jpg

142.250.74.54

200 OK

13 kB

URL HTTP/2
i.ytimg.com/vi/Jb_AiRh0Xtg/mqdefault.jpg
IP
142.250.74.54:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Size
13 kB (12938 bytes)
Hash
772cd307439e421867364399125dd401
a0b57d496c7a3243d8ae4f59b94cc481bb090afd
61aa15d0cc361a4a2f1be012b80921cbb695c82b1df36c2307b309b88ee6011e

HTTP Headers

GET /vi/Jb_AiRh0Xtg/mqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 12938
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 22:51:48 GMT
expires: Tue, 29 Nov 2022 00:51:48 GMT
cache-control: public, max-age=7200
etag: "1669366718"
content-type: image/jpeg
age: 1991
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

1.bp.blogspot.com/-yLg7EfHkaJk/Xbci2i9Ry7I/AAAAAAAADRw/9keSGio6ra4_fzouG_A8Cx43eEZ3dLciwCLcBGAsYHQ/s1600/banner3.jpg

142.250.74.161

200 OK

33 kB

URL HTTP/2
1.bp.blogspot.com/-yLg7EfHkaJk/Xbci2i9Ry7I/AAAAAAAADRw/9keSGio6ra4_fzouG_A8Cx43eEZ3dLciwCLcBGAsYHQ/s1600/banner3.jpg
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1150x186, components 3\012- data
Size
33 kB (32754 bytes)
Hash
05d536aa482722103750da836074972d
58388e5d9acbb334dbbf92a84d7390992f9880a3
356739893f997c348033a5c13b9acb0313ae16b3428732b85394048af7afa4b1

HTTP Headers

GET /-yLg7EfHkaJk/Xbci2i9Ry7I/AAAAAAAADRw/9keSGio6ra4_fzouG_A8Cx43eEZ3dLciwCLcBGAsYHQ/s1600/banner3.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="banner3.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 32754
x-xss-protection: 0
date: Mon, 28 Nov 2022 23:24:59 GMT
expires: Wed, 16 Nov 2022 18:20:34 GMT
cache-control: public, max-age=86400, no-transform
etag: "vd1d"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

i.ytimg.com/vi/T2yjfiVskeg/maxresdefault.jpg

142.250.74.54

200 OK

199 kB

URL HTTP/2
i.ytimg.com/vi/T2yjfiVskeg/maxresdefault.jpg
IP
142.250.74.54:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size
199 kB (199328 bytes)
Hash
6d3cf0f507cdf995156e484be2556844
aa05e8fb672812f527dbad2e13680677efe9aada
92b1f71b4ed849d20ddd5d21440b88d0b748e9a967809f2ff70d9865f7a7f50f

HTTP Headers

GET /vi/T2yjfiVskeg/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 199328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 23:24:59 GMT
expires: Tue, 29 Nov 2022 01:24:59 GMT
cache-control: public, max-age=7200
etag: "1668191953"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

1.bp.blogspot.com/-mLEW87QkkgQ/Xbci2TZjGFI/AAAAAAAADRs/PboPo8Hz0fsONwiIAbgEyv4QbG2BKOfMgCLcBGAsYHQ/s1600/banner2.jpg

142.250.74.161

200 OK

34 kB

URL HTTP/2
1.bp.blogspot.com/-mLEW87QkkgQ/Xbci2TZjGFI/AAAAAAAADRs/PboPo8Hz0fsONwiIAbgEyv4QbG2BKOfMgCLcBGAsYHQ/s1600/banner2.jpg
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1150x186, components 3\012- data
Size
34 kB (34070 bytes)
Hash
19a18c113003b5a5f2c72095cef80474
35daa174c33013a8196d6b9253deba88ec5ed2ca
76fa58b43bfbc20262b82b4065306205316cda37a452e0c676fd9d909ef1ff6c

HTTP Headers

GET /-mLEW87QkkgQ/Xbci2TZjGFI/AAAAAAAADRs/PboPo8Hz0fsONwiIAbgEyv4QbG2BKOfMgCLcBGAsYHQ/s1600/banner2.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="banner2.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 34070
x-xss-protection: 0
date: Mon, 28 Nov 2022 23:24:59 GMT
expires: Mon, 28 Nov 2022 12:57:51 GMT
cache-control: public, max-age=86400, no-transform
etag: "vd1d"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
13c870f9d0256a3e5dd72fc47aea94e9
55b39d22353b9f020626c9ad5067adbb4e0a4761
a7af66142920ccb78d06c97456b0c48fc4596b853bf3f5eef60940857bcd6fd9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
998e0b25e77b8c23e52ea918d3fc2a29
0f684f95e3c60ef17ff082bfda21de480eff9fb4
360e9b02287b38174bb5bfb64862d049d9e4f998ef8aba036a1bc97bbf30d606

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7207a5076b63fb5f39b9436ced9fb18f
cdd84ecfe85882601e81f11783d9f63b30084de3
6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
636ab52e8412c404c27b203b7dde8958
adcaadc8107cf64e0bf312f21b78cf0db5a8d72a
8551d69b33cdb90d88ac0f282c8c1e3fd7a28f697d326ecf68627a5ac7761060

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

35.162.52.254

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.52.254:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MNu5zne9OIRk3e/Yz6fTzA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3xk0WPWNhk/FZq0T4yJa9YFF+5g=

1.bp.blogspot.com/-UFyaNMQZgEc/Ya9VJnETMuI/AAAAAAAAAQg/V7v70VKUHpo1lfLOJn7c7n2t-OFwokA0ACNcBGAsYHQ/s803/FB_IMG_1638880449574.jpg

142.250.74.161

200 OK

10 kB

URL HTTP/2
1.bp.blogspot.com/-UFyaNMQZgEc/Ya9VJnETMuI/AAAAAAAAAQg/V7v70VKUHpo1lfLOJn7c7n2t-OFwokA0ACNcBGAsYHQ/s803/FB_IMG_1638880449574.jpg
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], progressive, precision 8, 803x453, components 3\012- data
Size
10 kB (10348 bytes)
Hash
c9e15fce287d59739a2b8fcb2db25382
5cf3cb244bd33fca22345b5300bc3878cae532dd
174ad67da3a5f7d611c4e0abb7fb41db98ee86adb837399c29ba876d7be12734

HTTP Headers

GET /-UFyaNMQZgEc/Ya9VJnETMuI/AAAAAAAAAQg/V7v70VKUHpo1lfLOJn7c7n2t-OFwokA0ACNcBGAsYHQ/s803/FB_IMG_1638880449574.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="FB_IMG_1638880449574.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 10348
x-xss-protection: 0
date: Mon, 28 Nov 2022 23:24:59 GMT
expires: Mon, 28 Nov 2022 12:57:51 GMT
cache-control: public, max-age=86400, no-transform
etag: "v109"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
359b3c840e45aca7bc335661d3e4774c
fcb4f114ed595a783f7a011caeba6511b9fde8fa
c139fb6925b39d9cededc8ace77d1e74f67b09021bd1ab9071eb3e304090520b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C139FB6925B39D9CEDEDC8ACE77D1E74F67B09021BD1AB9071EB3E304090520B"
Last-Modified: Sun, 27 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2804
Expires: Tue, 29 Nov 2022 00:11:44 GMT
Date: Mon, 28 Nov 2022 23:25:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b7361e0e13d49e1c906b9e1667bbd16b
af4d0567cc8bb420ea1487abce056d0c6af93aec
f572499b3ea5577fb5b0641645a5c735d2c5b6aad918de009978d3a8b9d9378c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F572499B3EA5577FB5B0641645A5C735D2C5B6AAD918DE009978D3A8B9D9378C"
Last-Modified: Mon, 28 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21565
Expires: Tue, 29 Nov 2022 05:24:25 GMT
Date: Mon, 28 Nov 2022 23:25:00 GMT
Connection: keep-alive

spiritualdiscussing.com/2542b9376e69e7c9ab59020b52823532/invoke.js

173.233.137.44

200 OK

9.3 kB

URL HTTP/1.1
spiritualdiscussing.com/2542b9376e69e7c9ab59020b52823532/invoke.js
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
Unicode text, UTF-8 text, with very long lines (25114), with no line terminators
Size
9.3 kB (9286 bytes)
Hash
771f897c113c42d2b52193e2f61c905c
f0b293e35a87868f2ba504b67575608c194d7257
6cbc3fc67304186bbb61416d9e0525a37ca3468b6383f64511c39b87101da723

HTTP Headers

GET /2542b9376e69e7c9ab59020b52823532/invoke.js HTTP/1.1
Host: spiritualdiscussing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 91d7a2b2083a13c5ac72df0ad602e294
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

pl17772624.profitablegatetocontent.com/56/04/92/5604922e93a976af1c03625784afd2ff.js

192.243.59.20

200 OK

21 kB

URL HTTP/1.1
pl17772624.profitablegatetocontent.com/56/04/92/5604922e93a976af1c03625784afd2ff.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document, ASCII text, with very long lines (60150), with no line terminators
Size
21 kB (20706 bytes)
Hash
4fb0fc47ee5e1e6db353ba65011f9d23
e68c7c9574f95acb293ebdca006f5038adc9787c
076c796e01f03716277674cf5131f57f7e8fbaca622d8726026997911817c58d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /56/04/92/5604922e93a976af1c03625784afd2ff.js HTTP/1.1
Host: pl17772624.profitablegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 28 Nov 2022 23:25:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2b204f689e9ee428cfe05445bc2ad0c4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
94d394d6beaad25971b7f1e02d93b841
07359fac8e3e5c10dee86bdb0d2a468ab90d8f9a
06c4f25efd09668ee6bc8cc7b4d278841c5abb5d31c0e029cda8b43c4ee4a489

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141525
Date: Mon, 28 Nov 2022 23:25:00 GMT
Etag: "6384b816-1d7"
Expires: Wed, 30 Nov 2022 14:43:45 GMT
Last-Modified: Mon, 28 Nov 2022 13:31:02 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: O7fLVJpHLHgqvurSQYI2y_BY_ACPIT1zozC7M25jNJ6X7mXbZg6yeg==
Age: 4363

simplewebanalysis.com/stats

52.28.211.11

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.211.11:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
57188f903a82effb34ce19c914dfb747
b144829a128ebe6eec80e7bb58f375ad4d9fd5dc
dd6f1b7c2d8131397fc1cd5bb8e1266577d24c0c075235427ec6053b86fd2dd4

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:00 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.seriale-shqip123.com
access-control-allow-credentials: true
set-cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1; expires=Thu, 25 Nov 2032 23:25:00 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
627775c3a804fa2b204735ad46d1de68
71155acfaa5212049108b355b07665432467cc1a
937e883cae16f19760094e80022ae925e2723678dfde030638ebd64e72523820

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "937E883CAE16F19760094E80022AE925E2723678DFDE030638EBD64E72523820"
Last-Modified: Sun, 27 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7750
Expires: Tue, 29 Nov 2022 01:34:10 GMT
Date: Mon, 28 Nov 2022 23:25:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
78535b0b98937c6f2c46d6c63f86397f
a699c800dd11471c66c906e35f5db3c37a3db571
bbb7e8e737f830c110d78f3d1e6ec5fa4eea832471eb1ecc5c872a3bdbfe1a38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BBB7E8E737F830C110D78F3D1E6EC5FA4EEA832471EB1ECC5C872A3BDBFE1A38"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14022
Expires: Tue, 29 Nov 2022 03:18:42 GMT
Date: Mon, 28 Nov 2022 23:25:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6839
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 23:25:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6839
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 23:25:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6839
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 23:25:00 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8921 bytes)
Hash
823e92f62ff7b3c2093828817d7f2866
c501de9eaa581a10b0b5fce40b54bb10f57f7c29
7d89669e23682f167b2fe1eff9edc5939112ec66b6b4e6389ef8aec78ccbdfe5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8921
x-amzn-requestid: 98baf100-c007-4c44-89aa-b9cf55fa3f94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnwFYToAMFoWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852964-1227b5a9100c206e0c64f4b2;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: awi49MMMlK51wHPbyBrBkL4N4g9lX3ea40LxyrYbYxe_FsfqelTcTQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:57:05 GMT
etag: "c501de9eaa581a10b0b5fce40b54bb10f57f7c29"
content-type: image/jpeg
age: 5275
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4871 bytes)
Hash
a4058fd62595d15c58b3d3266de9865a
d0dff35eb78f129b5da407043037bcf9c27e55c0
ab996c23d58871a2ad53f0c34688c87f0d7c0eac5d0c1d8265b86951248449fe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4871
x-amzn-requestid: e2dfa7b8-ded7-4104-a913-1b84746a3c6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLDUUEy_oAMFgSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638118e8-0b229e0f60ff019d26800dd9;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 19:35:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9BUuT9WFwAQMnl8JiTDKo-zHgDL0AdjAAAIh0Mx405zbGwhvRouebQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 12:30:42 GMT
age: 39258
etag: "d0dff35eb78f129b5da407043037bcf9c27e55c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f728a04-45b0-4726-b646-628601e2ebbc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8578 bytes)
Hash
4b7d3821d0bd11c196724846a7b9fe22
5b1700fa9cd4f1aaafda28ac28a0e2086fa8499c
b4f820555c4daf6e112c1a395bc57e22f0ef8e2e4299a0ffbb54e0bf18c87f47

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f728a04-45b0-4726-b646-628601e2ebbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8578
x-amzn-requestid: 4f948bb9-74db-4a5d-927d-a6b893735531
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFxnWHq-IAMF4LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637efc95-2f9e98ca2dad65a80e2195c2;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 05:09:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vSvGc0JIh4JOWTlagt4uDD_CDPiWOSfYYEI4lUBPsQb4qJMOEbBcmw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 04:09:24 GMT
age: 69336
etag: "5b1700fa9cd4f1aaafda28ac28a0e2086fa8499c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.0 kB (3004 bytes)
Hash
22e7d3e11e78242383e452adb9299016
035a1b4a2a7889787532ec2637d5c21e06daf672
990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3004
x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrFRXoAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iSUNjVxAMdZYo5z7KyOT7WN5VWxPElRWiVO3u2E3AonLWkr8bT9Img==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 02:07:31 GMT
age: 76649
etag: "035a1b4a2a7889787532ec2637d5c21e06daf672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb99c22d6-3187-4d40-8281-7980c7988464.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.9 kB (3905 bytes)
Hash
06723cdab42df9b5334f540a8c7ebc60
3bbc44cb84a37ce6a067db4301dd81647a77c29f
9f6f064b16044c510650635690c61003fb2f6439021a2e681431136f5e7a08b3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb99c22d6-3187-4d40-8281-7980c7988464.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3905
x-amzn-requestid: bf50db76-dd95-44fc-abbe-1a26a5559ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMFcYHE6IAMFmpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638182b5-50b6d010058c6cb75c05c6de;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 03:06:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 73Fr-7-mRcw9_OVt8Wdi4pjFBHkqi_vBa-zgLtbHKEx1ay9s8wDSgQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 06:26:11 GMT
age: 61129
etag: "3bbc44cb84a37ce6a067db4301dd81647a77c29f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (6037 bytes)
Hash
b5e2bc1651b37b8e0467c2a6cb860fb3
3348f081a3357490a704592d105d02e81886df89
751c601e075c9338335c05b0f430ba8065b4e97440e6630993afd943f302b253

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6037
x-amzn-requestid: eb17903e-1fd3-4a41-a6d1-8b671d890400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPAJjFa3oAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382ad70-3db95fcd1aeb9c411c55d173;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 00:21:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mFiEmh1axlMNuIBb1YSzcciCdHzHGG7q0f3lQOuHJmjugWgdZKKiSg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 11:27:11 GMT
age: 43069
etag: "3348f081a3357490a704592d105d02e81886df89"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

lightssyrupdecree.com/pixel/purst?dl=0&th=0&sc=0&rs=2032&rd=2032&fd=868&bv=22.10.v.9&tmpl=70

192.243.59.20

200 OK

0 B

URL HTTP/1.1
lightssyrupdecree.com/pixel/purst?dl=0&th=0&sc=0&rs=2032&rd=2032&fd=868&bv=22.10.v.9&tmpl=70
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2032&rd=2032&fd=868&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 28 Nov 2022 23:25:01 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

www.highperformancedisplayformat.com/8e51e259fd1a1aa9fcd9c3a978dc532d/invoke.js

192.243.61.225

200 OK

9.8 kB

URL HTTP/1.1
www.highperformancedisplayformat.com/8e51e259fd1a1aa9fcd9c3a978dc532d/invoke.js
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Size
9.8 kB (9777 bytes)
Hash
2110d7153b493064cd1a9dfaef190af6
f947123d6536a9f49d4a00a34a8ef0eb4feff90f
e9fd21bec879b843e3c72324df2f02061f93eaf706947cfea215122edb367cf8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /8e51e259fd1a1aa9fcd9c3a978dc532d/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 23:25:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f1185a459caa53739e5d26408eca351a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.highperformancedisplayformat.com/6b89af69f49621c6c443dd9b71e61d32/invoke.js

192.243.61.225

200 OK

9.8 kB

URL HTTP/1.1
www.highperformancedisplayformat.com/6b89af69f49621c6c443dd9b71e61d32/invoke.js
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Size
9.8 kB (9778 bytes)
Hash
4f8800eb9c3eb452408cba1a0a54f196
64cfde6d597ebb8e2759140353341eb78be85398
9b580cb995b47252cf2e610bbd155b64b9f3ad540556621c45f0a27b038831d9

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /6b89af69f49621c6c443dd9b71e61d32/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 23:25:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 45d1a9d2db3b6b7ab2c37e08cab46a5a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.highperformancedisplayformat.com/fb866e7b401f197b5e12a2b78590cd45/invoke.js

192.243.61.225

200 OK

9.8 kB

URL HTTP/1.1
www.highperformancedisplayformat.com/fb866e7b401f197b5e12a2b78590cd45/invoke.js
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Size
9.8 kB (9784 bytes)
Hash
6973821f2ae6d400843eb152a21951df
16b59408d1b2803dbd5922eb91a129054d67e57d
322ea4095c48fb13a4aa48b0e32294e8bc4bce49c7288f2771d6bd2631747ba1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /fb866e7b401f197b5e12a2b78590cd45/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 23:25:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c9b088e54d2b1be4859e65a106876285
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

spiritualdiscussing.com/43db73d118f408de255d93e402b10dd5/invoke.js

173.233.137.44

200 OK

9.8 kB

URL HTTP/1.1
spiritualdiscussing.com/43db73d118f408de255d93e402b10dd5/invoke.js
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Size
9.8 kB (9783 bytes)
Hash
a0ee7d8e00387af2b23a90b7c64436af
3518fb461b49f013f8f99d6c80d0c933a4460845
0b9dda1702bf00464c890ada2ffea988dad6266b07d93ccc5b831e64532884a1

HTTP Headers

GET /43db73d118f408de255d93e402b10dd5/invoke.js HTTP/1.1
Host: spiritualdiscussing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a030d01132a5406fd38bd01310580cb4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

192.243.59.20

307 Temporary Redirect

0 B

URL HTTP/1.1
lightssyrupdecree.com/watch.690049753922.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.690049753922.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Mon, 28 Nov 2022 23:25:01 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Location: https://lightssyrupdecree.com/watch.690049753922.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=c2e3588d4ca85f373ca1ba62c406160afef638ec5ec0e238510eb5b9889d0147ac6fa83b8998988abbb7b6144c769218c320738dffc6923bc1d00d037eb0ca934911970fd4c1b3aec911b7f8c907918699199f&pst=1669677961&rmtc=t
Set-Cookie: u_pl=17672262; expires=Tue, 29 Nov 2022 23:25:01 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjI2MiwiayI6ImZiODY2ZTdiNDAxZjE5N2I1ZTEyYTJiNzg1OTBjZDQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ4M2k3YmY2d24iLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuc2VyaWFsZS1zaHFpcDEyMy5jb20vIn19.UcpvsW69GtGvzGacq7cy1xokMgZtw_p6MjmqHo4TKZM; expires=Mon, 28 Nov 2022 23:26:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5fc7804ed0a415b61bb1b58b40bc74a6
Strict-Transport-Security: max-age=0; includeSubdomains

ocsp.pki.goog/s/gts1p5/CdZu0duK_F8

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
308e75f430578c4e0e5865a19b5b4f3e
b7fa29c4ce134f12f19a355c8c891a0be6c37a93
5af42d227f24050c7f00d6ded5fb1bcfd96041f5731b68aad55388a059b2280e

HTTP Headers

POST /s/gts1p5/CdZu0duK_F8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.highperformancedisplayformat.com/6b89af69f49621c6c443dd9b71e61d32/invoke.js

192.243.61.225

200 OK

9.8 kB

URL HTTP/1.1
www.highperformancedisplayformat.com/6b89af69f49621c6c443dd9b71e61d32/invoke.js
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
exported SGML document, ASCII text, with very long lines (26959), with no line terminators
Size
9.8 kB (9787 bytes)
Hash
e109677f24dd894b0cc78c8c5a34d0e5
44b354d4e619e407bf4ef6927482f7cdb482f149
b158e0a4a4c56465c214d0376b06ad3d66f179ecb7a57aaacb1b853bccbd2e90

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /6b89af69f49621c6c443dd9b71e61d32/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 23:25:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1abab65d0df1ffa5e23015affd075fbb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

lightssyrupdecree.com/watch.690049753922.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=c2e3588d4ca85f373ca1ba62c406160afef638ec5ec0e238510eb5b9889d0147ac6fa83b8998988abbb7b6144c769218c320738dffc6923bc1d00d037eb0ca934911970fd4c1b3aec911b7f8c907918699199f&pst=1669677961&rmtc=t

192.243.59.20

200 OK

2.1 kB

URL HTTP/1.1
lightssyrupdecree.com/watch.690049753922.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=c2e3588d4ca85f373ca1ba62c406160afef638ec5ec0e238510eb5b9889d0147ac6fa83b8998988abbb7b6144c769218c320738dffc6923bc1d00d037eb0ca934911970fd4c1b3aec911b7f8c907918699199f&pst=1669677961&rmtc=t
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text, with very long lines (2627)
Size
2.1 kB (2095 bytes)
Hash
7a904ae0af7c03595aa8711fe2b57e4c
0b272e937aa44e10ada5687dcad72c3893d3b266
51a9fa4b464641f8b128e01db43642a851b1e2a690b8cafad2f3b179abac4ead

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.690049753922.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=c2e3588d4ca85f373ca1ba62c406160afef638ec5ec0e238510eb5b9889d0147ac6fa83b8998988abbb7b6144c769218c320738dffc6923bc1d00d037eb0ca934911970fd4c1b3aec911b7f8c907918699199f&pst=1669677961&rmtc=t HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Referer: https://www.seriale-shqip123.com/
Connection: keep-alive
Cookie: u_pl=17672262; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjI2MiwiayI6ImZiODY2ZTdiNDAxZjE5N2I1ZTEyYTJiNzg1OTBjZDQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ4M2k3YmY2d24iLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuc2VyaWFsZS1zaHFpcDEyMy5jb20vIn19.UcpvsW69GtGvzGacq7cy1xokMgZtw_p6MjmqHo4TKZM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 28 Nov 2022 23:25:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1; expires=Mon, 05 Dec 2022 23:25:01 GMT; secure; SameSite=None
iprc04600c990aab5806f11a4b38e3ed5908=3569807; expires=Tue, 29 Nov 2022 03:25:01 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 23:25:01 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 23:25:01 GMT; secure; SameSite=None
pdhtkv27=true; expires=Tue, 29 Nov 2022 23:25:01 GMT; secure; SameSite=None
uncs27=1; expires=Tue, 29 Nov 2022 23:25:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 33654b7b1dd9d85eae7b6ad33d712e95
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.pki.goog/s/gts1p5/CdZu0duK_F8

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
308e75f430578c4e0e5865a19b5b4f3e
b7fa29c4ce134f12f19a355c8c891a0be6c37a93
5af42d227f24050c7f00d6ded5fb1bcfd96041f5731b68aad55388a059b2280e

HTTP Headers

POST /s/gts1p5/CdZu0duK_F8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
949fc6a68c263e9826a31bceed73163e
b0da1f7aed2b0fea560b6ab64afc767eba7e980e
c2261eb9d64ffa5218230a3b4edddda9496061863abab7cf1aaffa428f1f0d1b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2261EB9D64FFA5218230A3B4EDDDDA9496061863ABAB7CF1AAFFA428F1F0D1B"
Last-Modified: Sun, 27 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8661
Expires: Tue, 29 Nov 2022 01:49:22 GMT
Date: Mon, 28 Nov 2022 23:25:01 GMT
Connection: keep-alive

www.highperformancedisplayformat.com/fb866e7b401f197b5e12a2b78590cd45/invoke.js

192.243.61.225

200 OK

9.8 kB

URL HTTP/1.1
www.highperformancedisplayformat.com/fb866e7b401f197b5e12a2b78590cd45/invoke.js
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Size
9.8 kB (9784 bytes)
Hash
6973821f2ae6d400843eb152a21951df
16b59408d1b2803dbd5922eb91a129054d67e57d
322ea4095c48fb13a4aa48b0e32294e8bc4bce49c7288f2771d6bd2631747ba1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /fb866e7b401f197b5e12a2b78590cd45/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 23:25:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 41316a86e72946e777e82e2273490205
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.pki.goog/s/gts1p5/CdZu0duK_F8

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
308e75f430578c4e0e5865a19b5b4f3e
b7fa29c4ce134f12f19a355c8c891a0be6c37a93
5af42d227f24050c7f00d6ded5fb1bcfd96041f5731b68aad55388a059b2280e

HTTP Headers

POST /s/gts1p5/CdZu0duK_F8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:02 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

192.243.59.20

307 Temporary Redirect

0 B

URL HTTP/1.1
reproductiontape.com/watch.834203728842.js?key=8e51e259fd1a1aa9fcd9c3a978dc532d&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.834203728842.js?key=8e51e259fd1a1aa9fcd9c3a978dc532d&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1 HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Mon, 28 Nov 2022 23:25:02 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Location: https://reproductiontape.com/watch.834203728842.js?key=8e51e259fd1a1aa9fcd9c3a978dc532d&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=1919e8d0222b20b828c5cc9d301ac26df7248472418d4bc6c3e589374527da5dcffc4c3f023ff9fc8292b788ddfa033b410b39244108e7ddcf14952b97947dd22940ebf7c7a8214d7e2efba234c9a53e6bd90715047f9023b84fee4340c9357a615857b17a&pst=1669677962&rmtc=t
Set-Cookie: u_pl=17672177; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjE3NywiayI6IjhlNTFlMjU5ZmQxYTFhYTlmY2Q5YzNhOTc4ZGM1MzJkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InRrZGtyaTAzciIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5zZXJpYWxlLXNocWlwMTIzLmNvbS8ifX0.f6AO_37PU3Nib27Piiyulwe3iH3ZXw0rc4fhWPzBIDc; expires=Mon, 28 Nov 2022 23:26:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a1a407d06e4665f9e93ade3e5795a880
Strict-Transport-Security: max-age=0; includeSubdomains

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
04fce9d62a1419c44d4d1b179749af9b
63e51bc93aa3138b107946ea9d31a1cce6fd3491
43a89aff0d5663f10018af94cd9c10405d370cd507ab79fab97ec43d04cf4c5c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43A89AFF0D5663F10018AF94CD9C10405D370CD507AB79FAB97EC43D04CF4C5C"
Last-Modified: Sat, 26 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2004
Expires: Mon, 28 Nov 2022 23:58:26 GMT
Date: Mon, 28 Nov 2022 23:25:02 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1p5/CdZu0duK_F8

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
308e75f430578c4e0e5865a19b5b4f3e
b7fa29c4ce134f12f19a355c8c891a0be6c37a93
5af42d227f24050c7f00d6ded5fb1bcfd96041f5731b68aad55388a059b2280e

HTTP Headers

POST /s/gts1p5/CdZu0duK_F8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:02 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a15c42293dffc09d92553c2d2dd464b1
8252d6b28a3c252a0f138eca5487f3d388af8c60
2ccfc08c412397bcf4f9df402f2edc215bd33d4543747eeb36f98a119c406c11

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CCFC08C412397BCF4F9DF402F2EDC215BD33D4543747EEB36F98A119C406C11"
Last-Modified: Sun, 27 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6865
Expires: Tue, 29 Nov 2022 01:19:27 GMT
Date: Mon, 28 Nov 2022 23:25:02 GMT
Connection: keep-alive

192.243.59.20

307 Temporary Redirect

0 B

URL HTTP/1.1
lightssyrupdecree.com/watch.688846785417.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.688846785417.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Cookie: u_pl=17672262; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjI2MiwiayI6ImZiODY2ZTdiNDAxZjE5N2I1ZTEyYTJiNzg1OTBjZDQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ4M2k3YmY2d24iLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuc2VyaWFsZS1zaHFpcDEyMy5jb20vIn19.UcpvsW69GtGvzGacq7cy1xokMgZtw_p6MjmqHo4TKZM; uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1; iprc04600c990aab5806f11a4b38e3ed5908=3569807; pdhtkv=true; uncs=1; pdhtkv27=true; uncs27=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Mon, 28 Nov 2022 23:25:02 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Location: https://lightssyrupdecree.com/watch.688846785417.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=d58502f3436c3e01c3b4faefdbe7dfd91d7e700fb76fe3e3aa6fb92e81323a68ac4f9ca778fd01c01c750d42b5bee6a7b8b474c4e357240af45fffa4957761d8d821f0156b4540e111ae72ae4c23f4e8d27f4ce461ee44a8a0e579c9125c6c&pst=1669677962&rmtc=t
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjI2MiwiayI6ImZiODY2ZTdiNDAxZjE5N2I1ZTEyYTJiNzg1OTBjZDQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ4M2k3YmY2d24iLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.THxp3o3hykPvSORQStNFzbGjYZR_vxKG2dAXpB7as2Y; expires=Mon, 28 Nov 2022 23:26:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d1f2868aceb02c1b4db94c0757888376
Strict-Transport-Security: max-age=0; includeSubdomains

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a15c42293dffc09d92553c2d2dd464b1
8252d6b28a3c252a0f138eca5487f3d388af8c60
2ccfc08c412397bcf4f9df402f2edc215bd33d4543747eeb36f98a119c406c11

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CCFC08C412397BCF4F9DF402F2EDC215BD33D4543747EEB36F98A119C406C11"
Last-Modified: Sun, 27 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6865
Expires: Tue, 29 Nov 2022 01:19:27 GMT
Date: Mon, 28 Nov 2022 23:25:02 GMT
Connection: keep-alive

www.highperformancedisplayformat.com/43db73d118f408de255d93e402b10dd5/invoke.js

192.243.61.225

200 OK

9.8 kB

URL HTTP/1.1
www.highperformancedisplayformat.com/43db73d118f408de255d93e402b10dd5/invoke.js
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
exported SGML document, ASCII text, with very long lines (26959), with no line terminators
Size
9.8 kB (9787 bytes)
Hash
e109677f24dd894b0cc78c8c5a34d0e5
44b354d4e619e407bf4ef6927482f7cdb482f149
b158e0a4a4c56465c214d0376b06ad3d66f179ecb7a57aaacb1b853bccbd2e90

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /43db73d118f408de255d93e402b10dd5/invoke.js HTTP/1.1
Host: www.highperformancedisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 23:25:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7fb548f99246ac51e798e6a53804e8d5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a15c42293dffc09d92553c2d2dd464b1
8252d6b28a3c252a0f138eca5487f3d388af8c60
2ccfc08c412397bcf4f9df402f2edc215bd33d4543747eeb36f98a119c406c11

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CCFC08C412397BCF4F9DF402F2EDC215BD33D4543747EEB36F98A119C406C11"
Last-Modified: Sun, 27 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6865
Expires: Tue, 29 Nov 2022 01:19:27 GMT
Date: Mon, 28 Nov 2022 23:25:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f14d18e0fbcae5ddd2d6dfcdf01e7c59
e38da905debd44205ebc6abb628d381c8ec3d3d6
21c884064648ce280ecbff448fe69a9e9b25e605d408ff26a0bd1630191e4617

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "21C884064648CE280ECBFF448FE69A9E9B25E605D408FF26A0BD1630191E4617"
Last-Modified: Mon, 28 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2175
Expires: Tue, 29 Nov 2022 00:01:17 GMT
Date: Mon, 28 Nov 2022 23:25:02 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
74fcf5b41902da0bc73ea19d1afce9e7
aef50f0556d364f7ea00ebbd435e56094e054d2a
befd14ed77d4d85d4e45d43c624b75eb32277d2ee0fc115e98c5ee4c519e7331

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6123
Cache-Control: max-age=168127
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:02 GMT
Etag: "63851922-118"
Expires: Wed, 30 Nov 2022 22:07:09 GMT
Last-Modified: Mon, 28 Nov 2022 20:25:06 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
03ad9fc0b00b5df3165dc2fb1e3b0a3e
f8243335a8bc24d989bddd346048a055e1d0bdeb
366b28d491f7fd632e31c1ce97f939555f7dcee14bb6875737ed2d3e96fa32ec

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
74fcf5b41902da0bc73ea19d1afce9e7
aef50f0556d364f7ea00ebbd435e56094e054d2a
befd14ed77d4d85d4e45d43c624b75eb32277d2ee0fc115e98c5ee4c519e7331

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6123
Cache-Control: max-age=168127
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:02 GMT
Etag: "63851922-118"
Expires: Wed, 30 Nov 2022 22:07:09 GMT
Last-Modified: Mon, 28 Nov 2022 20:25:06 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
bc5267e77886f31e601de57469b12a6a
7c31ba91186eff5d78613e41ad6e4f00da0f0e0a
9a4397d75f08d8eafe861b11fe24747e8a0da5472c8e3594a1fed2fca6918c48

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9A4397D75F08D8EAFE861B11FE24747E8A0DA5472C8E3594A1FED2FCA6918C48"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2185
Expires: Tue, 29 Nov 2022 00:01:27 GMT
Date: Mon, 28 Nov 2022 23:25:02 GMT
Connection: keep-alive

cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

104.17.24.14

200 OK

28 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65451)
Size
28 kB (27958 bytes)
Hash
4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 15121606
expires: Sat, 18 Nov 2023 23:25:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqzLGCKIKyjL3VvcexknuQVFvcKCXlDORKBl4WopkhkFpfduXmw1rSf3Ei1ifg9w8GGjiEr%2BsSSPZPlVYQcEhQuowXkC90y6lpcYoNk3y3GEPMdeJYLBWHM0rZivyGHkAV0yR0Fh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7716dc495bfa0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
161038a863934298f7a79326db957f11
57652ba0374e1597ad3d47e5b5b361d81db1eda8
72812f5ea803854ba9705bd5b322ff86aefecf8a88b4f71196aeeb7e75b93e93

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72812F5EA803854BA9705BD5B322FF86AEFECF8A88B4F71196AEEB7E75B93E93"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14688
Expires: Tue, 29 Nov 2022 03:29:50 GMT
Date: Mon, 28 Nov 2022 23:25:02 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1p5/CdZu0duK_F8

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/CdZu0duK_F8
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
308e75f430578c4e0e5865a19b5b4f3e
b7fa29c4ce134f12f19a355c8c891a0be6c37a93
5af42d227f24050c7f00d6ded5fb1bcfd96041f5731b68aad55388a059b2280e

HTTP Headers

POST /s/gts1p5/CdZu0duK_F8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:02 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?render=explicit

142.250.74.164

200 OK

554 B

URL HTTP/2
www.google.com/recaptcha/api.js?render=explicit
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (852), with no line terminators
Size
554 B (554 bytes)
Hash
0a628b8a14a877262721824930709597
31bbb380c04a4229a099a1fb6dea09cf717bcb5f
6c63432c24b1f8eed67f792c68214710fd6444ede5c28f56202e966770d20121

HTTP Headers

GET /recaptcha/api.js?render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Mon, 28 Nov 2022 23:25:02 GMT
date: Mon, 28 Nov 2022 23:25:02 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 554
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09

190.115.19.71

200 OK

40 kB

URL HTTP/2
hqq.to/e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09
IP
190.115.19.71:0
ASN
#262254 DDOS-GUARD CORP.

File type
data
Size
40 kB (39828 bytes)
Hash
67d6e74162e74a0f3baf11562567f7df
920e2ea5a2bcfc81ddd7da9234a6a31244be25c1
60fa5c6c626776b78b7d565f3241901bd4dfa3da9433d2f4623607d3ecf67fa8

HTTP Headers

GET /e/U1VhTlh1dzJhK3RIRTlzZVJhVU1OUT09 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=0yRNImmGwRtZ1c9vZz3q; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Mon, 28 Nov 2022 23:25:01 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: EXPIRED
x-inferno-location: player
x-inferno-limit-req: PASSED
X-Firefox-Spdy: h2

173.233.137.36

307 Temporary Redirect

0 B

URL HTTP/1.1
wastedinvaluable.com/watch.562547319547.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.562547319547.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:02 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Location: https://wastedinvaluable.com/watch.562547319547.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=d352c05ba85fb23175704ae883d5e9aa8f07d3d2d94e5e5e91cf417f46dd338c93ba1c60769c07f8a631714842c43d3e699b307196c63c11c4b7b0d0c547ae1dc150444584b8df1fe310aa5f329e2c408219946fe09904472badb20c81a3a0&pst=1669677962&rmtc=t
Set-Cookie: u_pl=17672407; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjQwNywiayI6IjZiODlhZjY5ZjQ5NjIxYzZjNDQzZGQ5YjcxZTYxZDMyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5ZXFlbjlyN250IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.WuxPO8nvgaCS--rBk_i4BOwhkUzxbGpnB-_-e_ma1GA; expires=Mon, 28 Nov 2022 23:26:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ab78097658fbe4190018d9710d94ca30
Strict-Transport-Security: max-age=0; includeSubdomains

dood.re/e/hvz4pt3xgeni

104.26.4.50

200 OK

82 kB

URL HTTP/2
dood.re/e/hvz4pt3xgeni
IP
104.26.4.50:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4829), with no line terminators
Size
82 kB (81551 bytes)
Hash
c0e7ebaebf22f3098076157402a10fa2
dcc8c35dd9a286f406bb30aa34d0d56f3361aec9
fc798a08a9a42543dfde1214c1213701ef55bf0e07ec82dd723b67190ea752d2

HTTP Headers

GET /e/hvz4pt3xgeni HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:01 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:01 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jQUi%2FdXKMFRntFof%2Bsjk9SgspjozLzJVMfbRknO1S37KzU6T2q46qTuA3nXOl01QXTVA9ZtyyUMDrmMThtr6KqwJLpOxRsxFf4LzlE%2B3x306ULZeBXnTp8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc461d59b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hqq.to/js/d_check.js?34

190.115.19.71

200 OK

1.0 kB

URL HTTP/2
hqq.to/js/d_check.js?34
IP
190.115.19.71:0
ASN
#262254 DDOS-GUARD CORP.

File type
ASCII text, with very long lines (821)
Size
1.0 kB (1028 bytes)
Hash
841e4af4332ce934406a4e59a063aa98
fd8429c4c48157e134268b448d713b642f461af6
fde29879f9e4795b74c36aa1a23b32f35f5f67131fc914be72e42f1fff8740d3

HTTP Headers

GET /js/d_check.js?34 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=cZGUPJHQoBc6gTS294Ss; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Mon, 17 Oct 2022 10:54:47 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 27 Feb 2020 14:57:53 GMT
etag: W/"5e57d8f1-d8a"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 3673815
ddg-cache-status: HIT,MISS
content-length: 1028
X-Firefox-Spdy: h2

hqq.to/js/video.jquery_plugs/modernizr.js?12

190.115.19.71

200 OK

652 B

URL HTTP/2
hqq.to/js/video.jquery_plugs/modernizr.js?12
IP
190.115.19.71:0
ASN
#262254 DDOS-GUARD CORP.

File type
ASCII text, with very long lines (1227), with no line terminators
Size
652 B (652 bytes)
Hash
aecce2cd69440bcd1b71a8f0ce204922
7bf5702d34c33349bead0bb2cb7ad2200d699196
b9159c2d62fb50c02489b011962ed2549515067437b550834432787ff25a5dfb

HTTP Headers

GET /js/video.jquery_plugs/modernizr.js?12 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=Tf3XXpkdvCIwBhRQoGOG; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Mon, 17 Oct 2022 10:45:52 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 03 Jun 2018 17:19:35 GMT
etag: W/"5b142327-4cb"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 3674350
ddg-cache-status: HIT,MISS
content-length: 652
X-Firefox-Spdy: h2

dood.re/e/jisaewnrger0

104.26.4.50

200 OK

42 kB

URL HTTP/2
dood.re/e/jisaewnrger0
IP
104.26.4.50:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4829), with no line terminators
Size
42 kB (41713 bytes)
Hash
acc3f151241cc19f1b5c9232e2a5f75a
18e3dd80e14049123e8c45c141858ad989d70078
f3101a2b3797cafd8c41715e659c545f753e11e820257cd002f6bf3360bfbc9b

HTTP Headers

GET /e/jisaewnrger0 HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4CFN1RWqGrLR2TzmVTANWkfLPJQgOjhZJ2eqH9CrfVTG24PN7WGXQK50WKu16rGvtzR8GtiEfewrr%2BM3EHhkojQ3t8zXhx1Y5EXGLPEaJwvbGtNT8g9oEY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc461d3cb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

voe.sx/assets/n-379412873852/css/site.min.css?c49fd96c54dd560366ff857af838f3bb

186.2.163.208

200 OK

26 kB

URL HTTP/2
voe.sx/assets/n-379412873852/css/site.min.css?c49fd96c54dd560366ff857af838f3bb
IP
186.2.163.208:0
ASN
#262254 DDOS-GUARD CORP.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65157)
Size
26 kB (25553 bytes)
Hash
d2b3b66b3f1e046a854878afe8f0d59d
4ae145316a24a7cad85e5ce7e572f30e930814e4
768df872b56860dedabe6ac8dd42bb0a0e1044526701e94a75167810ce8b9094

HTTP Headers

GET /assets/n-379412873852/css/site.min.css?c49fd96c54dd560366ff857af838f3bb HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/e/eydbdd7fdga1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=iZQJvTdP2gDc4oGPotnc; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Sun, 27 Nov 2022 20:54:00 GMT
content-type: text/css
last-modified: Fri, 07 Oct 2022 22:14:49 GMT
vary: Accept-Encoding
etag: W/"6340a4d9-2cc7f"
expires: Tue, 27 Dec 2022 20:54:00 GMT
cache-control: max-age=2592000
content-encoding: br
age: 95462
content-length: 25553
ddg-cache-status: HIT
X-Firefox-Spdy: h2

lightssyrupdecree.com/watch.688846785417.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=d58502f3436c3e01c3b4faefdbe7dfd91d7e700fb76fe3e3aa6fb92e81323a68ac4f9ca778fd01c01c750d42b5bee6a7b8b474c4e357240af45fffa4957761d8d821f0156b4540e111ae72ae4c23f4e8d27f4ce461ee44a8a0e579c9125c6c&pst=1669677962&rmtc=t

192.243.59.20

200 OK

642 B

URL HTTP/1.1
lightssyrupdecree.com/watch.688846785417.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=d58502f3436c3e01c3b4faefdbe7dfd91d7e700fb76fe3e3aa6fb92e81323a68ac4f9ca778fd01c01c750d42b5bee6a7b8b474c4e357240af45fffa4957761d8d821f0156b4540e111ae72ae4c23f4e8d27f4ce461ee44a8a0e579c9125c6c&pst=1669677962&rmtc=t
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text, with very long lines (601)
Size
642 B (642 bytes)
Hash
fd3cfe7bb3cbec14bde506eeecd12018
e9ef6af80fc0c59dda47d3c616865769f8ff5ebf
10d6823d389f26154e877fea75f13433282b1ad841d16e0313d8a0c5e7ce3f98

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.688846785417.js?key=fb866e7b401f197b5e12a2b78590cd45&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=d58502f3436c3e01c3b4faefdbe7dfd91d7e700fb76fe3e3aa6fb92e81323a68ac4f9ca778fd01c01c750d42b5bee6a7b8b474c4e357240af45fffa4957761d8d821f0156b4540e111ae72ae4c23f4e8d27f4ce461ee44a8a0e579c9125c6c&pst=1669677962&rmtc=t HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Referer: https://www.seriale-shqip123.com/
Connection: keep-alive
Cookie: u_pl=17672262; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjI2MiwiayI6ImZiODY2ZTdiNDAxZjE5N2I1ZTEyYTJiNzg1OTBjZDQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ4M2k3YmY2d24iLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.THxp3o3hykPvSORQStNFzbGjYZR_vxKG2dAXpB7as2Y; uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1; iprc04600c990aab5806f11a4b38e3ed5908=3569807; pdhtkv=true; uncs=1; pdhtkv27=true; uncs27=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 28 Nov 2022 23:25:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1; expires=Mon, 05 Dec 2022 23:25:02 GMT; secure; SameSite=None
iprcbeae88e83c2932183d96c8b7bc28fe1d=2717342; expires=Wed, 30 Nov 2022 01:25:02 GMT; secure; SameSite=None
uncs=2; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
uncs27=2; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 66da3579fc229752cb9a4ffdfa6dfab1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

reproductiontape.com/watch.834203728842.js?key=8e51e259fd1a1aa9fcd9c3a978dc532d&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=1919e8d0222b20b828c5cc9d301ac26df7248472418d4bc6c3e589374527da5dcffc4c3f023ff9fc8292b788ddfa033b410b39244108e7ddcf14952b97947dd22940ebf7c7a8214d7e2efba234c9a53e6bd90715047f9023b84fee4340c9357a615857b17a&pst=1669677962&rmtc=t

192.243.59.20

200 OK

642 B

URL HTTP/1.1
reproductiontape.com/watch.834203728842.js?key=8e51e259fd1a1aa9fcd9c3a978dc532d&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=1919e8d0222b20b828c5cc9d301ac26df7248472418d4bc6c3e589374527da5dcffc4c3f023ff9fc8292b788ddfa033b410b39244108e7ddcf14952b97947dd22940ebf7c7a8214d7e2efba234c9a53e6bd90715047f9023b84fee4340c9357a615857b17a&pst=1669677962&rmtc=t
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text, with very long lines (602)
Size
642 B (642 bytes)
Hash
114afa95771ac9d9e81a1752f4bee0f2
72e11f29237f69bf523908151e1350d9140eb346
9a27bfb620481cc61226b8452911fee352c586749e4f97daa7270d4d689ca4dc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.834203728842.js?key=8e51e259fd1a1aa9fcd9c3a978dc532d&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=1919e8d0222b20b828c5cc9d301ac26df7248472418d4bc6c3e589374527da5dcffc4c3f023ff9fc8292b788ddfa033b410b39244108e7ddcf14952b97947dd22940ebf7c7a8214d7e2efba234c9a53e6bd90715047f9023b84fee4340c9357a615857b17a&pst=1669677962&rmtc=t HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Referer: https://www.seriale-shqip123.com/
Connection: keep-alive
Cookie: u_pl=17672177; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjE3NywiayI6IjhlNTFlMjU5ZmQxYTFhYTlmY2Q5YzNhOTc4ZGM1MzJkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InRrZGtyaTAzciIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5zZXJpYWxlLXNocWlwMTIzLmNvbS8ifX0.f6AO_37PU3Nib27Piiyulwe3iH3ZXw0rc4fhWPzBIDc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 28 Nov 2022 23:25:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1; expires=Mon, 05 Dec 2022 23:25:02 GMT; secure; SameSite=None
iprc1101684279d80f793105f367a598d0db=2717340; expires=Wed, 30 Nov 2022 01:25:02 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
pdhtkv5=true; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
uncs5=1; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b97127a312ead91c96e22aa42c214ff6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

voe.sx/assets/n-379412873852/js/site.min.js?c49fd96c54dd560366ff857af838f3bb

186.2.163.208

200 OK

3.0 kB

URL HTTP/2
voe.sx/assets/n-379412873852/js/site.min.js?c49fd96c54dd560366ff857af838f3bb
IP
186.2.163.208:0
ASN
#262254 DDOS-GUARD CORP.

File type
HTML document, ASCII text, with very long lines (11110), with no line terminators
Size
3.0 kB (2993 bytes)
Hash
53861770da097964d5f9d8a2c48d15b0
36c9682295b88c456acf1a157d5437c826faea4c
7a04b0f5b2ca5d43cb02bb200cd5f72f29de5c522ab07c05464247a40f5942b3

HTTP Headers

GET /assets/n-379412873852/js/site.min.js?c49fd96c54dd560366ff857af838f3bb HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/e/eydbdd7fdga1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=XCn0hmwyVvWON07GrlKE; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Mon, 21 Nov 2022 22:30:47 GMT
content-type: application/javascript
last-modified: Sat, 05 Nov 2022 00:45:04 GMT
etag: W/"6365b210-2b66"
expires: Wed, 21 Dec 2022 22:30:47 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 608055
content-length: 2993
ddg-cache-status: HIT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5c4e57ec5b27c882948a53229424a984
71a479bbb84930a8c41d934f098301f0eacf5a3b
56137af80aee48fb93fb2d342981c7d34e46cf3ce4e22e857bb5b80352dbde17

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56137AF80AEE48FB93FB2D342981C7D34E46CF3CE4E22E857BB5B80352DBDE17"
Last-Modified: Sat, 26 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2266
Expires: Tue, 29 Nov 2022 00:02:48 GMT
Date: Mon, 28 Nov 2022 23:25:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e946cb0c788ecef674c6c56fd2481db7
19342e6b84f6faa4ef532d995ca5a914d32e0672
3e87cec29350a8b24a5759e6fdb0e6298a581186294cf9d869dca0015d08b8f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E87CEC29350A8B24A5759E6FDB0E6298A581186294CF9D869DCA0015D08B8F3"
Last-Modified: Sun, 27 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3011
Expires: Tue, 29 Nov 2022 00:15:13 GMT
Date: Mon, 28 Nov 2022 23:25:02 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
74fcf5b41902da0bc73ea19d1afce9e7
aef50f0556d364f7ea00ebbd435e56094e054d2a
befd14ed77d4d85d4e45d43c624b75eb32277d2ee0fc115e98c5ee4c519e7331

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6123
Cache-Control: max-age=168127
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:02 GMT
Etag: "63851922-118"
Expires: Wed, 30 Nov 2022 22:07:09 GMT
Last-Modified: Mon, 28 Nov 2022 20:25:06 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280

dood.re/e/ydwvwldo7qj3

104.26.4.50

200 OK

5.4 kB

URL HTTP/2
dood.re/e/ydwvwldo7qj3
IP
104.26.4.50:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4841), with no line terminators
Size
5.4 kB (5372 bytes)
Hash
c90e19721ead25b2a6a4a7995f492a75
94377dbe3bd2298615ca278b253575756998bea4
1285828ec3c4bba05f4bfb8badbe601ee6a24e463c44ac140eb976794a26cf99

HTTP Headers

GET /e/ydwvwldo7qj3 HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0d%2FirEZOOWj4ZtEILdGJklj1jLYSbgaHf7hOsTTV74gwmLV9u2U597yFiOoF6L9yiJ2mS0a4FIhOQcE02cODbLxQS0Zrd3Y%2FEFVUVlw8Mca4NJl2N8LNUz8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc461d43b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

192.243.61.227

307 Temporary Redirect

0 B

URL HTTP/1.1
veilsuccessfully.com/watch.130096690716.js?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.130096690716.js?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1 HTTP/1.1
Host: veilsuccessfully.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 23:25:02 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Location: https://veilsuccessfully.com/watch.130096690716.js?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=6e77445deeeb865c93b4f1f1b099ad47a25d0d44bb39ea708c4eddcf871312d33271f6af1774ab26911aa59dae00c4110d4e2ace687f59e687fdd8db9e3ed3a290514ecc5411f19800a0967718ca445ff56f19&pst=1669677962&rmtc=t
Set-Cookie: u_pl=17672268; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjI2OCwiayI6IjQzZGI3M2QxMThmNDA4ZGUyNTVkOTNlNDAyYjEwZGQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJwZG40ZTNrNTl5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.JAOdDqTXUIYWlKSvrJJE47-7ji-LIQvYN2i_JZ-VXCk; expires=Mon, 28 Nov 2022 23:26:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1248c4a794af599aed154bd003dcfa5c
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/popper.min.js

151.101.85.229

200 OK

6.7 kB

URL HTTP/2
cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/popper.min.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (18706)
Size
6.7 kB (6713 bytes)
Hash
af62a06145a499ced91af8684d652c30
dc727a6c7630d7414d1499a2c36b7c8fb0a9126c
c2a776c4bc325950b57ced81960260e02df5c2c23caa12c221ea230b72bfb8d9

HTTP Headers

GET /npm/@popperjs/core@2.10.2/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.10.2
x-jsd-version-type: version
etag: W/"496b-DsfKR3i6PMtNGxaICUcgg0++ntM"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 28 Nov 2022 23:25:02 GMT
age: 18144575
x-served-by: cache-fra19148-FRA, cache-bma1629-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6713
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

104.17.24.14

200 OK

28 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65447)
Size
28 kB (27938 bytes)
Hash
d900ca08873ee57d40616d39a44cc0aa
7ab3ac8b1504b7b914a6e94c979b8390bb492f6a
1eea479cc0abe04a0846f41031207f9511f12ffef017a6109d4efb6f5523465b

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1491627
expires: Sat, 18 Nov 2023 23:25:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8PATPQmT%2FreEu8vCWqsN7FyfztYU2WZ%2BJZzoYnoNH0ECBtS8UkPogTAS2KudB9rGPuwBU7fly5g2abMVC4hnUnQqPvZnTWrAxlPKx%2FSgVXku1wmSmyTaUPHe1%2FIlNVdw4B35DO3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7716dc4b4bafb524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

voe.sx/e/f1wnvbowoxee

186.2.163.208

200 OK

10 kB

URL HTTP/2
voe.sx/e/f1wnvbowoxee
IP
186.2.163.208:0
ASN
#262254 DDOS-GUARD CORP.

File type
data
Size
10 kB (10167 bytes)
Hash
88a1ef267309497f20720e316008d72c
f023a2229f93191458692876a554999e16b4688f
86e017977fd34c16ea651b29fdd2c287c327ce0b2c73bec030465ef5af990bc4

HTTP Headers

GET /e/f1wnvbowoxee HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=RnL0MWY2DYkgaoxjbva3; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6ImUvQ01DS0NxSk01dk8rTzBSZXoxdFE9PSIsInZhbHVlIjoieEh1N3U1dW1xaXFqUWd5M3NtdnMxbGl5MUVsMTBIYVpPcVpOcUJWRFowVEV3TXlHcDVRNjlVc3cvbU5ycUM3M2gxTDZIZVBsbDh1Y3I3TEM2bFJHbEFCeVA4bmpZYkZteFAvalZ4Ti9YdDNscU1LdVh6OVVBK1pkY0ZXZEUwY2EiLCJtYWMiOiJjNWIzZjFjNzBlNDkxNmExMTI1NjMyNDA1YjE3YjFlZDQ4NjA3MTNmZmYxNmRkNDQxMjAxOWI0NzRlNjExNzNlIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6InpJdW5nUTdGcCtsamRhVWp0ZkxHeGc9PSIsInZhbHVlIjoiSzdNMkVaZ0E1eFBlS3FwN09UOTlSUFI1UUp5bWVFbjQ0VEljcUNJamxMM0JBR3JmY1ZyVjNxODJUTC9mRWc0OXBkclBuNGlhU2ZWMVBFNnc0VkNSWlFDQVZBS3o5aXhUdU1aeDVya01xU2packhiVlBGQ2Jab25VN2NYNmd2TzQiLCJtYWMiOiJhNmUyODU0MTFkMDZiMDFjYzI5MjBlMzE4YjhiOWE1YTY5ZmEzYjAxOWM5N2JlNTVkNWY1NjMzMzBjZWNmNWQ3IiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
9afed9a93c273c5350f2f0eaa8777947
cb78f9d742387b308ce13c4a2ebb597a1aed2cb2
d3754fbc628af058d0619ed54dfed7176036dfac127cb67cb0046a9141acd8b1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 81
Cache-Control: max-age=100155
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:02 GMT
Etag: "63842738-117"
Expires: Wed, 30 Nov 2022 03:14:17 GMT
Last-Modified: Mon, 28 Nov 2022 03:12:56 GMT
Server: ECS (amb/6BA8)
X-Cache: HIT
Content-Length: 279

cdnjs.cloudflare.com/ajax/libs/hls.js/1.2.7/hls.min.js

104.17.24.14

200 OK

83 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/hls.js/1.2.7/hls.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
83 kB (82604 bytes)
Hash
7bf8d51855d3a4dc9f8fa48d5f960726
e5b5e977051af25021468bb957e2b6ff090411d0
8ee03212ee32332188e073bc0da21190fa3ffef35ea56a27440ad909b1b86880

HTTP Headers

GET /ajax/libs/hls.js/1.2.7/hls.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 82604
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "636ff6bc-142ac"
last-modified: Sat, 12 Nov 2022 19:40:44 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1343714
expires: Sat, 18 Nov 2023 23:25:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEUvfc%2FaMJAoNwF1aBvgKoj6MA%2B8lmEzek%2BJh9ukDPBwG0QsS1GoWtKvzrn7AzElN4pTapB0YqvagGT%2FjlMyAnEMibBLcv8S86f%2FIa2eN7LPRWBO82ZgX%2FVqNu8GgHTcigmgUqOB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7716dc4b8bdfb524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
ebda5539b32fd20ab6af182e1bc1e20b
4dd11178830150371e491ff52718a5f32b7e6169
7dde43dd3acc5353cc49b96dbced0a6995e47f52b4a055c6d4b35ab44e8f5fca

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3766
Cache-Control: max-age=145965
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:02 GMT
Etag: "6384cbc5-117"
Expires: Wed, 30 Nov 2022 15:57:47 GMT
Last-Modified: Mon, 28 Nov 2022 14:55:01 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/5.1.3/js/bootstrap.min.js

104.17.24.14

200 OK

15 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/5.1.3/js/bootstrap.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (58940)
Size
15 kB (14584 bytes)
Hash
28dbaeb9aa2638e0c4e6d9ffd3d14e9d
3208ed3741e60986bbed3fd759cdfd3b4fa7cf06
ababbb021f57966e125b8e296f9515f38d906b462697f7835e6914465dd0d362

HTTP Headers

GET /ajax/libs/twitter-bootstrap/5.1.3/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 14584
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6161c4a3-38f8"
last-modified: Sat, 09 Oct 2021 16:34:43 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2268711
expires: Sat, 18 Nov 2023 23:25:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25g%2BpIzwl9sjOmCrn0hHrGIvcp8Ai9uxuzO%2BUPUJf9%2BI4NKehnnV7fOSzw%2BGAPhUyFotJEm0sl2yttn1dxkxtd5QnxI0nWO5fmDFw%2BJGGhBZwABwLXtmv1LV2Sp%2BF%2BnBJ1pCHemb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7716dc4b8be3b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dood.re/e/8un3xdoa9aqd

104.26.4.50

200 OK

69 kB

URL HTTP/2
dood.re/e/8un3xdoa9aqd
IP
104.26.4.50:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4835), with no line terminators
Size
69 kB (69007 bytes)
Hash
1cad5dbaabc546b9cf52200507cb2d77
d01c79484ab46eac971e88c6ded11b9fc916000e
94a898475e6241f9dc8f797cdf53d818b8472ab5464f75c50f72063897c391b9

HTTP Headers

GET /e/8un3xdoa9aqd HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:01 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:01 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3JLv4jBg2quSxTphSgY%2B1DqrV1oxvKqgYc83AHNTNYhbhEkxrbZTczmpZvrRuxvjoGCyQfqBp0BsMZcHTHR8F%2BgHathw%2BFCdXJii3L1kqvb7%2FGaeyxMdKM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc461d5fb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
ebda5539b32fd20ab6af182e1bc1e20b
4dd11178830150371e491ff52718a5f32b7e6169
7dde43dd3acc5353cc49b96dbced0a6995e47f52b4a055c6d4b35ab44e8f5fca

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4181
Cache-Control: max-age=146380
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:02 GMT
Etag: "6384cbc5-117"
Expires: Wed, 30 Nov 2022 16:04:42 GMT
Last-Modified: Mon, 28 Nov 2022 14:55:01 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

dood.re/e/6e31v7v9humq

104.26.4.50

200 OK

1.9 kB

URL HTTP/2
dood.re/e/6e31v7v9humq
IP
104.26.4.50:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4835), with no line terminators
Size
1.9 kB (1855 bytes)
Hash
cc500755e55a7742b4948e195e779b04
1471e5c7016c298f206d665c965472e9c2a9e14c
d0bae4457a518875679b2bcf59a4cc2bb005b7a715fa6eeb0fddd7d6d1e8c5a3

HTTP Headers

GET /e/6e31v7v9humq HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8LNHqrILJQxhOeYZfvOHT6mLgtXTNDrPyUHTJSwjsr%2BOqUz5gP%2F7ZAafXtrFhrisK8qGbALFm40c6PRwgslV%2FuSjFz67GDPx1IArdr5tCd%2B4MpyUYLDt1g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc461d47b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.ads-twitter.com/uwt.js

151.101.84.157

304 Not Modified

0 B

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers

HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:02 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/plyr/3.7.2/plyr.min.js

104.17.24.14

200 OK

29 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/plyr/3.7.2/plyr.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
29 kB (28745 bytes)
Hash
2d8446057a33304014d76f234af5965f
336260e7fb6963edd528aa6f8efb78580f9de2f0
5219ffe71d2f5400b3656bae5dd4d31bf48c05901ed2e0b5473d59c1dd322f06

HTTP Headers

GET /ajax/libs/plyr/3.7.2/plyr.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 28745
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62600438-7049"
last-modified: Wed, 20 Apr 2022 13:01:44 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 15121846
expires: Sat, 18 Nov 2023 23:25:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEYDQCuqiYdZY9vAeO4FTg4gl3eS3cdnztDOUYz0mq%2Fr1JhXa2wVS8WRt6KVX7XI%2FKd50wYD%2BxOS701CXnHCsbErXd3xhFUPLw3Q%2FFWQOTl%2FSBGDmy7BhRFrxHduWWOVu4Yi%2FZzO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7716dc4c1c50b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

commentsengine.com/js/js.load.1.js?4106537923882439

172.67.190.246

200 OK

0 B

URL HTTP/2
commentsengine.com/js/js.load.1.js?4106537923882439
IP
172.67.190.246:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/js.load.1.js?4106537923882439 HTTP/1.1
Host: commentsengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: application/javascript; charset=UTF-8
content-length: 0
last-modified: Thu, 14 Apr 2022 12:20:52 GMT
etag: "625811a4-0"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: MISS
x-inferno-location: static
cf-cache-status: HIT
age: 15127227
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCdsjETmaEeEwZ4PvqORcYjX38RhQSeFA1LiyJCPuQmLhTXKWjy5pwxQ7R5drAuTIl44W8jLeu5ucOf1zI93splWpOPmy3%2Bvairki0KS0JBLSzFC6x%2B%2F10QcWsQ0iQSGTVTL6RQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7716dc4c1869b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
bc5267e77886f31e601de57469b12a6a
7c31ba91186eff5d78613e41ad6e4f00da0f0e0a
9a4397d75f08d8eafe861b11fe24747e8a0da5472c8e3594a1fed2fca6918c48

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9A4397D75F08D8EAFE861B11FE24747E8A0DA5472C8E3594A1FED2FCA6918C48"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2185
Expires: Tue, 29 Nov 2022 00:01:27 GMT
Date: Mon, 28 Nov 2022 23:25:02 GMT
Connection: keep-alive

cdnjs.cloudflare.com/ajax/libs/plyr/3.7.2/plyr.min.css

104.17.24.14

200 OK

4.6 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/plyr/3.7.2/plyr.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (33771), with no line terminators
Size
4.6 kB (4586 bytes)
Hash
2a571dcd1fbbc6041a23412abf048926
0e5ee09ceadae53acbcc511c1954756eeed98a29
344c089978288b4db8766d500e9d5cc6a8ee663d145d882f4c80dc16b341ceac

HTTP Headers

GET /ajax/libs/plyr/3.7.2/plyr.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/css; charset=utf-8
content-length: 4586
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62600438-11ea"
last-modified: Wed, 20 Apr 2022 13:01:44 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 14957924
expires: Sat, 18 Nov 2023 23:25:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qNwOx0%2BQL%2FcrSRzztGG%2B2%2Fg2kLlZLb1L0wTRXkxWb9l%2F8TeNrSOW1HHLix4XhTSGa6w9bd4e8r0SpYz7sZkdBuHhO0ChzWMcgUdSBzlrEHjj1sD9DO2niwI2qpsDxaw0M4Ms5WRE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7716dc4c2c5eb524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

commentsengine.com/js/js.load.1.js?6464022831814782

172.67.190.246

200 OK

0 B

URL HTTP/2
commentsengine.com/js/js.load.1.js?6464022831814782
IP
172.67.190.246:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/js.load.1.js?6464022831814782 HTTP/1.1
Host: commentsengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: application/javascript; charset=UTF-8
content-length: 0
last-modified: Thu, 14 Apr 2022 12:20:52 GMT
etag: "625811a4-0"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: MISS
x-inferno-location: static
cf-cache-status: HIT
age: 15127227
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCDxX6zgQhHimM7yDJMOyME4eVB2CKU5wOpaXf73WeyXM2qsy2rf000fG36Z8pGtrHCdDsdptlhHab4Xncr2Ay1NcxvVoSxVFlQcQt0u%2FvkfAxzM1StCsj6%2F8kgL1uUXOXAeiXo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7716dc4c2871b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.ads-twitter.com/uwt.js

151.101.84.157

304 Not Modified

0 B

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers

HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:02 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2

voe.sx/e/sfluplic0txz

186.2.163.208

200 OK

10 kB

URL HTTP/2
voe.sx/e/sfluplic0txz
IP
186.2.163.208:0
ASN
#262254 DDOS-GUARD CORP.

File type
data
Size
10 kB (10225 bytes)
Hash
6eb24e61ea519d6e9a8ec6478beba68d
4e424dd94039bc4f759e5b7879b8369c70cae955
6b2a113f524c465078dba09b69cf9ce6eb014caec1807b714d8642179c1971b9

HTTP Headers

GET /e/sfluplic0txz HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=xXJjCdllDUaaAkBpJfhR; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6IkcvVlJHaFRQUGQxeC9oRWl4WVJlR1E9PSIsInZhbHVlIjoiKytHcnluMVdQcVo1K25zZGRxMm1nZ29jMkxGazFsNktiU3N0RklUaCt3VEhWazgyRi9FMm5TcWQ4TlJjQ2NXSUhtZzBVRyt3VXNKN1JpL0ZGVWVnb29TOThXNlltQ2oxeUc2Nk9Ec1ZpTG50NzZOd2tpWUNrZUdMZ3NlUHBTKzciLCJtYWMiOiIxMjg0NTkyZDViMjM5MGIwYjhhNWZjMjYxZDcyMTQyY2MyMzAxMTMxZThiMzdkZmZmMzYzMzRjN2QwNjUxMDc0IiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6ImdUeHpoV00yRkpURkMybEZXRkczd3c9PSIsInZhbHVlIjoiWWxXL2FwQXRGTm42SFhXMFQ4SkFZYTI0dW12aEtZdUxOMVZ4RDY0L2pYV3k5bDYwYkRsdWR4Tlhtc3pWclhnTEc5cGVCYWZDSlllRkVDamc3UVhuSmNPdG54NjY0QjZaek0vSFlERG5kVnpzUGxQR2FhbjhZU2oxbDlFNzVYRmoiLCJtYWMiOiIzNjlkZjhjNGE2YTcyZTczOTI2ZjE2M2JmY2FiYTk5N2ZlNzk0MWUwNDQ4MDlmOWVjMjBmNGMzMDIwZDA2OTU4IiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
9623d71ecc5c21cc0bf75c9b0b41b77c
2ac493653dbc3e7989f29ecf317bd27209d6caa9
8282f427b747ac064fd8a6688a561abd9b0bea682f6bb50f44d5c2831a721a9c

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 23:25:02 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "E85591EEFB28114EFAB469AFDC016281C9EF6DD5"
Expires: Tue, 29 Nov 2022 11:00:00 GMT
Last-Modified: Mon, 28 Nov 2022 23:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 986
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7716dc4c4cb40b4d-OSL

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

imasdk.googleapis.com/js/sdkloader/ima3.js

142.250.74.138

200 OK

127 kB

URL HTTP/2
imasdk.googleapis.com/js/sdkloader/ima3.js
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2791)
Size
127 kB (126568 bytes)
Hash
d298ebea71faa19cd8237ddf8c37d550
628f6436cdc4db74ecda4fad134b4499f41ad4cb
f02e9221a17b677d0aa0b76876bd82931f57bf5dd1ff9aa24a1ab945838b0e64

HTTP Headers

GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 126568
date: Mon, 28 Nov 2022 23:25:02 GMT
expires: Mon, 28 Nov 2022 23:25:02 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d35f9c88c7fa0222273a234e2a3c7f53
7b4a898b24cbb2e1619e7bf297ceac376b8533a9
9ec326bee03628f311f7fe2a6f109473b20fc639ccca05794ad70993a867cee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9EC326BEE03628F311F7FE2A6F109473B20FC639CCCA05794AD70993A867CEE3"
Last-Modified: Sat, 26 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5653
Expires: Tue, 29 Nov 2022 00:59:15 GMT
Date: Mon, 28 Nov 2022 23:25:02 GMT
Connection: keep-alive

173.233.137.36

307 Temporary Redirect

0 B

URL HTTP/1.1
specialistinsensitive.com/watch.226278697781.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.226278697781.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:02 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Location: https://specialistinsensitive.com/watch.226278697781.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=45af026988f1519d3d62d5250bc15883bef220f554e4af1b519418b52c537d0ca6cb1da0696ae5f930a7843144c34fe47c9c83b8c6c8754fcd45865a4a87d82bbc99a8f0a1f7b3416295fe7307de9648e7eb14b11d6bdad4302cd146340c&pst=1669677962&rmtc=t
Set-Cookie: u_pl=17672407; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjQwNywiayI6IjZiODlhZjY5ZjQ5NjIxYzZjNDQzZGQ5YjcxZTYxZDMyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5ZXFlbjlyN250IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.WuxPO8nvgaCS--rBk_i4BOwhkUzxbGpnB-_-e_ma1GA; expires=Mon, 28 Nov 2022 23:26:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 90234f7387b3c1524c008b09efd2fd70
Strict-Transport-Security: max-age=0; includeSubdomains

strategicperplexanswered.com/ntv.json?key=2542b9376e69e7c9ab59020b52823532&vstc=4&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&custom=%7B%22d37e3bc4%22%3A%22b%22%7D

192.243.61.227

200 OK

18 kB

URL HTTP/1.1
strategicperplexanswered.com/ntv.json?key=2542b9376e69e7c9ab59020b52823532&vstc=4&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&custom=%7B%22d37e3bc4%22%3A%22b%22%7D
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , ASCII text, with very long lines (17567), with no line terminators
Size
18 kB (17567 bytes)
Hash
eb0b5b507ff7dc2b57efb6f90b7c4cd9
4a8df4e12e3c088635958a67eb5ec57130bfa92d
d7ba11e69bf98052c9a1f6a7f014aa01e39e5105780a7582d4ea94b5d3af5283

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ntv.json?key=2542b9376e69e7c9ab59020b52823532&vstc=4&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&custom=%7B%22d37e3bc4%22%3A%22b%22%7D HTTP/1.1
Host: strategicperplexanswered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 23:25:02 GMT
Content-Type: application/json
Content-Length: 17567
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17674756; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1; expires=Mon, 05 Dec 2022 23:25:02 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
pdhtkv49=true; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
uncs49=1; expires=Tue, 29 Nov 2022 23:25:02 GMT; secure; SameSite=None
nlec2542b9376e69e7c9ab59020b52823532=[2229214,2106764,2229213,2229212]; expires=Mon, 28 Nov 2022 23:25:07 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 977850abe1aa894adba294b2b663d70e
Strict-Transport-Security: max-age=0; includeSubdomains

testingmetriksbre.ru/netu.php

104.26.1.119

200 OK

563 B

URL HTTP/2
testingmetriksbre.ru/netu.php
IP
104.26.1.119:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (855), with CRLF line terminators
Size
563 B (563 bytes)
Hash
081cf8d1e2b33b8cb3c607b7d303da5a
ae721689a2931e50dfd6b038e85b5e0b4f091185
21a87b46098de35b4948ce9172bddc1989bbeaaf846ef3730b4fdea357287f05

HTTP Headers

GET /netu.php HTTP/1.1
Host: testingmetriksbre.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: application/javascript
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVI3rI%2Bfisc3g5p7%2FW8WJCa1EuAYnJajkswxp5hb3nnmmPd3cdDcZs5FnJlVPdpAvu4COuYgTGywKR0zJjxWrfxZenQ%2Fu6wrtYpkkEtnv96PKUuLQI9I5M3BUX1x47QduIdDzszs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc4cac44b505-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.ads-twitter.com/uwt.js

151.101.84.157

304 Not Modified

0 B

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers

HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:02 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2

discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js

173.233.137.36

200 OK

11 kB

URL HTTP/1.1
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (32108), with no line terminators
Size
11 kB (10736 bytes)
Hash
0f2dc045219d13899b6cc111546693ec
3b1f87c273930e49dc0b6d2bcd92bd5d45cfb81b
2450c39f91bbcd38c06b1e9bd51c6055642e487009c0656319fe6e1440d0621d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f037acfb45a701b9ebcbf23dacceefc4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

static.ads-twitter.com/uwt.js

151.101.84.157

304 Not Modified

0 B

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers

HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:03 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2

static.ads-twitter.com/uwt.js

151.101.84.157

304 Not Modified

0 B

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers

HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:03 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2

static.ads-twitter.com/uwt.js

151.101.84.157

304 Not Modified

0 B

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers

HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:03 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2

static.ads-twitter.com/uwt.js

151.101.84.157

304 Not Modified

0 B

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers

HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:03 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2

discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js

173.233.137.36

200 OK

11 kB

URL HTTP/1.1
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (32138), with no line terminators
Size
11 kB (10744 bytes)
Hash
4336f91140eedcc6a57fc1a7fc6553c2
96bc4e4e1cf6978a149a9f89b1cd2bba34d5f955
67ecdb703042f3a0b0b87475ee562fb2180bbfee517ba18257298a1d99ab851c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: de880892fb5288beb566cb7352acdebe
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js

173.233.137.36

200 OK

11 kB

URL HTTP/1.1
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (32138), with no line terminators
Size
11 kB (10744 bytes)
Hash
4336f91140eedcc6a57fc1a7fc6553c2
96bc4e4e1cf6978a149a9f89b1cd2bba34d5f955
67ecdb703042f3a0b0b87475ee562fb2180bbfee517ba18257298a1d99ab851c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d9826101b54894b85388925c00415276
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

voe.sx/e/mapon9naj4ua

186.2.163.208

200 OK

15 kB

URL HTTP/2
voe.sx/e/mapon9naj4ua
IP
186.2.163.208:0
ASN
#262254 DDOS-GUARD CORP.

File type
data
Size
15 kB (14966 bytes)
Hash
bab84f09ac33ee641062494f59e7ce1d
496178fa2069b8705980d2d12d54fe67c08402f7
bf947dfc08b1939393662231b615831d0dd0ad67e57a4c8c98d56e5e107ace31

HTTP Headers

GET /e/mapon9naj4ua HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=NHFazo016QKg34kU253W; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6Ik5zdXdBZjBrUDRpSUdXSzkyTGh2U1E9PSIsInZhbHVlIjoia254UnFCVGpBMjV6dXVMV0xtR1BIbGRnR1VGT2JWVDBqbVpCcmpGTkN5T0NvWDg4aTFBcGcwZTJWVkc1TWVZdEpXbytXbjdRcG1QZkVROGpJQXE3dnpGdDFJbm9sKzI0NTRCUS8xelE3bE1qcmNXdWh1VHFPMXAxbGphZnBOL0wiLCJtYWMiOiJhMDdjOTcxNTcxMzJhNzhhNGUwNDIyMmI4OThkM2JkMzM0ZDgxZjQwNzIzMGFlZGM3ODk2ZmU0ZDA2MTRkODgwIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6IlY2WUtNK0REazFmaVIwQzVQUDU2SGc9PSIsInZhbHVlIjoiWDhBVWdhMUJuRTlCK0pUVW5QSHNFTEZKbWpzcm12RmJwYjEyZkJQWWxoekFjODBtKzZtVWhFWjFrQVJrZDZORUZDVnJWOHI4Yk05ZUY5aE9heTBqZWpHRm1DRkR4RjFXc1Y1WFlhNDBVa0FoZExNRmtEM2x5ak5vR0pCZXdsWmMiLCJtYWMiOiIxMjI1YzMyOTZlYjc2ODM0OGNlMjUyOTEyMzIzZmE1MWJmYTAyOThmYjM4YzZhNDBiNzQ1ZWJkNDk0OWRiNTlkIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2

dood.re/e/41rvdoaytsb3

104.26.4.50

200 OK

60 kB

URL HTTP/2
dood.re/e/41rvdoaytsb3
IP
104.26.4.50:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4771), with no line terminators
Size
60 kB (59597 bytes)
Hash
61014dbb4f8a2b1b88e95e729ad1ec8b
faf143eba241374a0f9e6b345f8812a3f040a86d
07cdf810b6c721e75db68852ca744eb7cf6366f43eba3feef95635f2820f3165

HTTP Headers

GET /e/41rvdoaytsb3 HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWsroePrtaF896KHmSH7uMjQDBJixF5oSlyhe%2BlDtNaSOQRSSQiYysUB3H9Jxa%2FhIczLfz7kocEzIHXBR2Hzpf75leg3XtptwVaZluRHeHFd1r6JtAahVv8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc461d45b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js

173.233.137.36

200 OK

11 kB

URL HTTP/1.1
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (32138), with no line terminators
Size
11 kB (10744 bytes)
Hash
4336f91140eedcc6a57fc1a7fc6553c2
96bc4e4e1cf6978a149a9f89b1cd2bba34d5f955
67ecdb703042f3a0b0b87475ee562fb2180bbfee517ba18257298a1d99ab851c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dc4a40c8793ff823339589e492a1c39c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

voe.sx/e/hx7suu9o99yz

186.2.163.208

200 OK

10 kB

URL HTTP/2
voe.sx/e/hx7suu9o99yz
IP
186.2.163.208:0
ASN
#262254 DDOS-GUARD CORP.

File type
data
Size
10 kB (10353 bytes)
Hash
05612c098f5fba76db699cddc9c622a1
dbfcd10f9f8b4f77a22da2fbefe4e6e2e8a96506
fa496dc5937a007744a57ab1d79d1f5bcebdf2dce94bf0f2ba15d9e8bd4ff330

HTTP Headers

GET /e/hx7suu9o99yz HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=G2x3wxXrjq8q3PfHKByT; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6ImkvMEc3c2JqbENyeDF2SFU2ODNWS0E9PSIsInZhbHVlIjoiSWhnVW43MXhWNWp6V1Vyc0ZPWUYrOSs4TE1yQktjR1pSK1Yvck5MRGpIL3lnd2MrUzNrcWcrSjZyK2U1VHB4aWxTaHpYYnJuUFY4dE0zcnNhQ01wTGdVTjBqWkw5OVJTTm51anZIR0d2YlFPZ29UdW56VWUrZzZuQzRPQlJTd00iLCJtYWMiOiI5MTg4ZGZiOWIzNjA4OWFjNTZlNWYxODJlNWE1NTYzNjE4NzdiYjM4OWU2ZjMxNjU5NWFhYmNjNTNiMjU5ZjRkIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6InpvNkVXc3dETWxVSEMxRytzY3Rvemc9PSIsInZhbHVlIjoiVE5mVFpCWmhUc3BreWtKMlczdWE0RlJhNmRlcjBWNFhpSWJibk8wUThxeXNQOU13SkNXM0lYcG13dHUzS3NRUFNXdUdmNjJHb2Q2bXplSUJaRG9UOFJ4NGJjWEIyRGdHSkVHNnByZVZPWFdLOEJXTDZXSHEveGZaNU1acEJSOU0iLCJtYWMiOiJkMWVlMWEyM2Q0MGJlMWViM2U4OTdjZGVhZjUwZjAyZDBhZTNhYzZjZDIzNGY5NmRhNTNiMDhkZTZkOTVjNGNhIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6174233946807485&host=ca-host-pub-1556223355139109

142.250.74.66

200 OK

49 kB

URL HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6174233946807485&host=ca-host-pub-1556223355139109
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (4885)
Size
49 kB (49150 bytes)
Hash
0a805755a31360a74838a4a32bf70b29
31a3bd74d9293df33641f1e913a93e8f06c2a1ce
cb1d40440b86837405e8c35c36f5967a20facb287461910e5cfa0ea6142e058e

HTTP Headers

GET /pagead/js/adsbygoogle.js?client=ca-pub-6174233946807485&host=ca-host-pub-1556223355139109 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 28 Nov 2022 23:25:03 GMT
expires: Mon, 28 Nov 2022 23:25:03 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 8190809026464596254
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49150
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lh3.googleusercontent.com/blogger_img_proxy/ANbyha1VDLNSMWfD0MtEf4HP18j8TIp7SaO9O8bzjBLSwG01RiveDIQLvkNEb2q6zye0lFdRXydy7W5xnVSP7FZaQxZ2k_A2_hVLTiMhN1RFn8VF3KzZ_O7v0nw=w72-h72-pd

142.250.74.33

200 OK

2.7 kB

URL HTTP/2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1VDLNSMWfD0MtEf4HP18j8TIp7SaO9O8bzjBLSwG01RiveDIQLvkNEb2q6zye0lFdRXydy7W5xnVSP7FZaQxZ2k_A2_hVLTiMhN1RFn8VF3KzZ_O7v0nw=w72-h72-pd
IP
142.250.74.33:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Size
2.7 kB (2728 bytes)
Hash
68a55cae242d2f64cc4cfb2b69f9c40a
8174581d0d7a26f6203fadec1dc2ea33e73fe11d
cfb3d02bd395d81b57ad600723c864be92be4b24adb16a117bbd9f6e77f54035

HTTP Headers

GET /blogger_img_proxy/ANbyha1VDLNSMWfD0MtEf4HP18j8TIp7SaO9O8bzjBLSwG01RiveDIQLvkNEb2q6zye0lFdRXydy7W5xnVSP7FZaQxZ2k_A2_hVLTiMhN1RFn8VF3KzZ_O7v0nw=w72-h72-pd HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 29 Nov 2022 23:25:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 23:25:03 GMT
server: fife
content-length: 2728
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lh3.googleusercontent.com/blogger_img_proxy/ANbyha06OprK0znfe8RygFbVd0mrNnDzscISTpHFVE8KVrz0xCNgqchr6qKwLJ73us38s26W-8LyP1ogU1hSWTYr2Onm7E3rk1SOTQ5vxqia9JAvNl73zw=w72-h72-n-k-no-nu

142.250.74.33

200 OK

3.1 kB

URL HTTP/2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha06OprK0znfe8RygFbVd0mrNnDzscISTpHFVE8KVrz0xCNgqchr6qKwLJ73us38s26W-8LyP1ogU1hSWTYr2Onm7E3rk1SOTQ5vxqia9JAvNl73zw=w72-h72-n-k-no-nu
IP
142.250.74.33:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Size
3.1 kB (3106 bytes)
Hash
17504cafa3a5ba3362bf0e8e0046cf8b
336f22cc707c0dcdcc16fec51b37b238cd8c03eb
f75b4a344ef9b67c9344e6454e3f2cdc9aa78bd172c339ee51f0d4435717c644

HTTP Headers

GET /blogger_img_proxy/ANbyha06OprK0znfe8RygFbVd0mrNnDzscISTpHFVE8KVrz0xCNgqchr6qKwLJ73us38s26W-8LyP1ogU1hSWTYr2Onm7E3rk1SOTQ5vxqia9JAvNl73zw=w72-h72-n-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 29 Nov 2022 23:25:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 23:25:03 GMT
server: fife
content-length: 3106
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

voe.sx/e/k7tbkwka7o3z

186.2.163.208

200 OK

13 kB

URL HTTP/2
voe.sx/e/k7tbkwka7o3z
IP
186.2.163.208:0
ASN
#262254 DDOS-GUARD CORP.

File type
data
Size
13 kB (12589 bytes)
Hash
517d0f6beaa3e288dcdd412727103845
955852066945de422731910e8d17bcf820fc359c
77506dde8717f37c106b1ec4dc5378d2e2aa8c3a4c79b4c60970da884495c986

HTTP Headers

GET /e/k7tbkwka7o3z HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=3OMcZvsrpf7Sq7eASTEq; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6ImozQ1h6VXBwY1hHbkh6S05ZaXlZYlE9PSIsInZhbHVlIjoiY2o2bTJQeldvMDZjd1AzamsxSSszQ1pCVnJTd1NrNnpkc2JoKzJ6SzlEYnI2TzQyVEltQWVOd2dJN3I1SU9TYU50bjg0NjNJTWpSQ2pzeVc3Q0IxYStJOUx1L2VvaFhpc1FwZDlBR2VERnFGVVZRWjlOamhyNmpNY0pOQ0djYWkiLCJtYWMiOiJjMmRlYjhmNWE3OGRlMjM5MDU2ZTUxZmU3N2Q2ZmZkMjYzMTllOTJiNzRjN2I2NzY0MDI4NGY2YWE0ZmY2MjUwIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6Ii9Ga3dMKzdGaWVvNzF4am45dmtqM0E9PSIsInZhbHVlIjoieU4vclJRN1IrSTFwNkgyN3ZyV3UrSFJoVFNGYXlhM3ByNnplb3Y4eVlLWXYwVUYvanhjWmI0MTFxZWpuWmtyams1OW8xMTg4YUhpVCtWT0hSSmc4bnV5Q2hPdTJzc052anB2TU9tQzFlaVFzbGlHeEtHTkMwYzN6cjVrcHgzdVkiLCJtYWMiOiIwOTkzZDBlODE3NmZiYjVmNTA3N2ZmNDA5Njc3ZTk5MTg3Yjk3MGZiMzVjMjcwODk4MGYzMmYxYWI0YmUxMjEwIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5011c3ae54f0ee02e53eee57d47da352
ad893bb5928ff835231652809cc9af62d5219f0a
d840efa1d29eff50fc07c0c31315c004f60db98e7da8c8a232e40e3595bba0a6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js

173.233.137.36

200 OK

11 kB

URL HTTP/1.1
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (32138), with no line terminators
Size
11 kB (10744 bytes)
Hash
4336f91140eedcc6a57fc1a7fc6553c2
96bc4e4e1cf6978a149a9f89b1cd2bba34d5f955
67ecdb703042f3a0b0b87475ee562fb2180bbfee517ba18257298a1d99ab851c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5e95d5fee1df70dbf79c93e258433e08
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6174233946807485

142.250.74.66

200 OK

49 kB

URL HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6174233946807485
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (4885)
Size
49 kB (49331 bytes)
Hash
5a706402529468db33b51803739cea8e
3ceb934c46095a044c923150635e96466179a11e
b771027819645fea8a7e610a3186dc06ea0163d19d10318725e724731abbaa97

HTTP Headers

GET /pagead/js/adsbygoogle.js?client=ca-pub-6174233946807485 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 28 Nov 2022 23:25:03 GMT
expires: Mon, 28 Nov 2022 23:25:03 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 379925479736146182
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49331
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

voe.sx/e/8csmsi3a5uqb

186.2.163.208

200 OK

10 kB

URL HTTP/2
voe.sx/e/8csmsi3a5uqb
IP
186.2.163.208:0
ASN
#262254 DDOS-GUARD CORP.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8492)
Size
10 kB (9952 bytes)
Hash
470f90bb7356c4e13d093ceb22d4ad19
03f984f0f407e29d4e74367f649393507447a590
76cfea4556c3fd4e69601812617fcd2bae2f6130885c3a09e838d503d1812f6f

HTTP Headers

GET /e/8csmsi3a5uqb HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=5DSrvC11SV5FsCosfPTg; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6ImRRQis2ZVlSY1JIY3BmUERxTHNKa2c9PSIsInZhbHVlIjoiQlFISXMwck82Q2psdkFOdkZXU3VVOHRKbDM0aXlTelZiMkg1MnVNRllGQWkwRXlmWC9IN1FpcTFTdE9rT1NpN1lIYWRQVDlDVk5KNk1QNVI4TkR4bGJOc3lJdXU4SWpUZndpNnNXT0NZVklnbC9Hc3h0MlhGajFQNE9QQ3ZYREsiLCJtYWMiOiI2NjhhOTg2OGY5YTU4N2U5MTYyMDNmZWI3NDhhYTJlNjg0MGNhOWUzYmNjZGVlNzcyNGY0ODgzNDdkYWRhZDBiIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6IldBRkt6dW8vcnRyRGQ2Ui9nYXhaYlE9PSIsInZhbHVlIjoiSGFqbGNtYW5VS2VQeTFVT1FlUmQ4Wk1hNXp4L1pjQ0xLZHRIem0rLzVGL0t3UDNLaWZ0eDdWVHI2UkVLc1hxNUNIcFowMXB1Y3E3aHhjZmh0VmVLa3VwWkYrZlE0bkM5UzJ4SVZFT2J5WVM2UEwvQjdFYkpQaURyRHFUek9idlQiLCJtYWMiOiIyYzE5OTFiNDM4ODc2NzhkZDI4NGI1NGFjOTI4MDkwNTI0NGUwZWE3MDJlNDIxOWM5NzMzZGRkNGFmOTdhNTc3IiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2

lh3.googleusercontent.com/blogger_img_proxy/ANbyha0pqu3_Lkwq82XkZ45ZwuA8B6tCHsIh32CTWk2u2ZpesYqjRP9E_QD-JoOZDwf461Zyetu_c2PyBniol1hTVeEshJAOSuxHEsYhOPM35ygMtVRj8AqjGA=w72-h72-pd

142.250.74.33

200 OK

2.6 kB

URL HTTP/2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0pqu3_Lkwq82XkZ45ZwuA8B6tCHsIh32CTWk2u2ZpesYqjRP9E_QD-JoOZDwf461Zyetu_c2PyBniol1hTVeEshJAOSuxHEsYhOPM35ygMtVRj8AqjGA=w72-h72-pd
IP
142.250.74.33:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Size
2.6 kB (2625 bytes)
Hash
64efda419328aa9aee71a29b04b6e8c8
4cd5dc4e3a0092d1bf6311f6a9f5056b37559f55
62524fd24ca81febd48202cb96efc7c11bfbc6bf4615bfb5712a70f96a800992

HTTP Headers

GET /blogger_img_proxy/ANbyha0pqu3_Lkwq82XkZ45ZwuA8B6tCHsIh32CTWk2u2ZpesYqjRP9E_QD-JoOZDwf461Zyetu_c2PyBniol1hTVeEshJAOSuxHEsYhOPM35ygMtVRj8AqjGA=w72-h72-pd HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 29 Nov 2022 23:25:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 23:25:03 GMT
server: fife
content-length: 2625
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lh3.googleusercontent.com/blogger_img_proxy/ANbyha0hCAtchE1-L2ZjfCuebEciO_yhXIy3pmhEUZvv46lCc07OQB0j1_cQqDvexpmTqYVNoMi6SSOhaq-hk6BAZAf-KEgRY81hWAyR1s_lYfbXchsysw=w72-h72-n-k-no-nu

142.250.74.33

200 OK

4.0 kB

URL HTTP/2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0hCAtchE1-L2ZjfCuebEciO_yhXIy3pmhEUZvv46lCc07OQB0j1_cQqDvexpmTqYVNoMi6SSOhaq-hk6BAZAf-KEgRY81hWAyR1s_lYfbXchsysw=w72-h72-n-k-no-nu
IP
142.250.74.33:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Size
4.0 kB (3970 bytes)
Hash
70a347bd8064c675021f69a1a3e768c5
bbc2fbe52fbe453dee30b68272c1c80ce570b752
8a831a61b87b38b71f236048a14f02e3cb8bb8dfb5b3a4dbb3083dd1d958f58a

HTTP Headers

GET /blogger_img_proxy/ANbyha0hCAtchE1-L2ZjfCuebEciO_yhXIy3pmhEUZvv46lCc07OQB0j1_cQqDvexpmTqYVNoMi6SSOhaq-hk6BAZAf-KEgRY81hWAyR1s_lYfbXchsysw=w72-h72-n-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 29 Nov 2022 23:25:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 23:25:03 GMT
server: fife
content-length: 3970
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79840cac9f5ae1a38c0faaaf59e7fe82
f76a3e50f566269c574e7f8904021640366dcc56
1f39ccbd6ad4a9c8fcc3e4d7d83c4c21f9e9fd9fd0d98c6b70cd1bbbdfeb7798

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

wastedinvaluable.com/watch.562547319547.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=d352c05ba85fb23175704ae883d5e9aa8f07d3d2d94e5e5e91cf417f46dd338c93ba1c60769c07f8a631714842c43d3e699b307196c63c11c4b7b0d0c547ae1dc150444584b8df1fe310aa5f329e2c408219946fe09904472badb20c81a3a0&pst=1669677962&rmtc=t

173.233.137.36

200 OK

2.1 kB

URL HTTP/1.1
wastedinvaluable.com/watch.562547319547.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=d352c05ba85fb23175704ae883d5e9aa8f07d3d2d94e5e5e91cf417f46dd338c93ba1c60769c07f8a631714842c43d3e699b307196c63c11c4b7b0d0c547ae1dc150444584b8df1fe310aa5f329e2c408219946fe09904472badb20c81a3a0&pst=1669677962&rmtc=t
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
HTML document, ASCII text, with very long lines (2572)
Size
2.1 kB (2077 bytes)
Hash
64aa68ecb99202cdfbeddf3385732387
14f3944370eb51051caafb63fd439d6c683b2d37
e71285e2144a739afc56d6a9c6a1abe9fc0c447bdae8265d42da6d21331ee43f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.562547319547.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=d352c05ba85fb23175704ae883d5e9aa8f07d3d2d94e5e5e91cf417f46dd338c93ba1c60769c07f8a631714842c43d3e699b307196c63c11c4b7b0d0c547ae1dc150444584b8df1fe310aa5f329e2c408219946fe09904472badb20c81a3a0&pst=1669677962&rmtc=t HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Referer: https://www.seriale-shqip123.com/
Connection: keep-alive
Cookie: u_pl=17672407; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjQwNywiayI6IjZiODlhZjY5ZjQ5NjIxYzZjNDQzZGQ5YjcxZTYxZDMyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5ZXFlbjlyN250IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.WuxPO8nvgaCS--rBk_i4BOwhkUzxbGpnB-_-e_ma1GA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1; expires=Mon, 05 Dec 2022 23:25:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
pdhtkv23=true; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
uncs23=1; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 438a5dece5bc88ad5daa4dc794dc2cf1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js

173.233.137.36

200 OK

11 kB

URL HTTP/1.1
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (32129), with no line terminators
Size
11 kB (10745 bytes)
Hash
29e21b58c6407d7073f2f56fb1aff2fc
7c4455560f5adb3d479a1e7d04aac53ca971c792
18879c7abe4287d52cf462c17eb2c87006e001ba56d1ecbeda8fe10dc803eb96

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2f46197bd27345e12789837f6701562f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js

173.233.137.36

200 OK

11 kB

URL HTTP/1.1
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (32129), with no line terminators
Size
11 kB (10745 bytes)
Hash
29e21b58c6407d7073f2f56fb1aff2fc
7c4455560f5adb3d479a1e7d04aac53ca971c792
18879c7abe4287d52cf462c17eb2c87006e001ba56d1ecbeda8fe10dc803eb96

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 77d9dac546454a2eb7f0564c1ae03367
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqJlgRwMei7VxmPID7velPVU9XPHJ-6OesEFcBzij0yoCFkfCwhEuQHnc5LRqIYSC4cJRmxKPHm1Q0wAvNoZpwqfXTRSYNczvbkKqa6MetZfwVuxudNSHS8FIwXV-0cS80mfsWGgK9f5tiBWs9pwHKeViIUHrVdUSPykhxJlMhhia5wRPhjkdU0VHR/s320/hqdefault.webp

142.250.74.33

200 OK

23 kB

URL HTTP/2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqJlgRwMei7VxmPID7velPVU9XPHJ-6OesEFcBzij0yoCFkfCwhEuQHnc5LRqIYSC4cJRmxKPHm1Q0wAvNoZpwqfXTRSYNczvbkKqa6MetZfwVuxudNSHS8FIwXV-0cS80mfsWGgK9f5tiBWs9pwHKeViIUHrVdUSPykhxJlMhhia5wRPhjkdU0VHR/s320/hqdefault.webp
IP
142.250.74.33:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Size
23 kB (22789 bytes)
Hash
61f47fb443feceeb26bd2a6dea471679
cbf97104a27e8cfe0f2bf8ae016531ed0714d725
33bc7084deb2933f5356f6b6da37a16d58369317afe4376b5baef5705573c51a

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEjqJlgRwMei7VxmPID7velPVU9XPHJ-6OesEFcBzij0yoCFkfCwhEuQHnc5LRqIYSC4cJRmxKPHm1Q0wAvNoZpwqfXTRSYNczvbkKqa6MetZfwVuxudNSHS8FIwXV-0cS80mfsWGgK9f5tiBWs9pwHKeViIUHrVdUSPykhxJlMhhia5wRPhjkdU0VHR/s320/hqdefault.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v88a"
expires: Tue, 29 Nov 2022 23:25:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hqdefault.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 23:25:03 GMT
server: fife
content-length: 22789
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

voe.sx/e/zpaif5wegj5b

186.2.163.208

200 OK

14 kB

URL HTTP/2
voe.sx/e/zpaif5wegj5b
IP
186.2.163.208:0
ASN
#262254 DDOS-GUARD CORP.

File type
data
Size
14 kB (13681 bytes)
Hash
cd02b6d99fbcc58f6730cdda561514d9
d7125780ede6a46f6404bfb85f973aad4ccd99e6
2bca8057b63853adebe33604554d489e1371acb851b3d5a3e422182944e41d9a

HTTP Headers

GET /e/zpaif5wegj5b HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=is7iS9NZbsoTw8Af8yVP; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6IkZIemQ4czdDb3g5bmx0VkhVMkpCWlE9PSIsInZhbHVlIjoiWlRuS1ZFV3JMQmRSNE5ISEQ3ZFFuN0lDMlg2SjcwaktwZVJCUFFGc2tvMDBkVFNHaTl6Uzk0VWRjUmJ0aWlhemhzZGk2L1hERnk2MENCSUhFZTAyVU8xMUhWQ3pnaW9RajEzUFBjalRRODY0SHkzMEdweHo3d0Q4eHZmT1FEUmUiLCJtYWMiOiI2MDI4ZDY5NGVlY2FmZTBhNDgyMGQ1MzljZTg5YzI2ZjI3MzE5NGI3ZjAyNWIwY2U2Y2ZkNWE3YzY0ZTQzOTM5IiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6IlkwM2hsWXMvVDlNcnZrdzMzSG1FaWc9PSIsInZhbHVlIjoiWlBwcUdLenViTVlFblcvWUR4MXh0enI2eWhiSXY0eWxrd0J5SEtvaURwSy9FZ0hydUZtMnF2UStNeEJGR0dwQ0hORUFaa1FUeDhQS0ZLc1l5NkZ2cnJ3Qnh0UnRrOHhCV1dNN0FuN0g1NXhvNGdtakZmTmxGWmxnUXdmT0RPMUsiLCJtYWMiOiJmNGM2M2U5MTk4ZGVjOWZlZWFiZDE0MzUwOGY0ZTkyYmE4NjQ4NmYxNmQ0ODA2ZjI3ODQ1Yzg1ZmJlY2Y3NTY0IiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgsfalU5fbx3V0hGt0FUgyDn_YV922KKsGvMIgP0GGttch_EELDppYNYX8uVvP0tpC8I_tYLY9Rtbtycap_9cSOjamD6CkDUC3OrW-GD2qsgfJOpkup7Mqua_rkcOm5nr7UdWyyV--pBdYLQNA87uvt149WQzxg8Qnd6KzLXYnufnnrCP5g1-AZDKNl/s320/63177cf9ebc83016b8139f24.jpeg

142.250.74.33

200 OK

28 kB

URL HTTP/2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgsfalU5fbx3V0hGt0FUgyDn_YV922KKsGvMIgP0GGttch_EELDppYNYX8uVvP0tpC8I_tYLY9Rtbtycap_9cSOjamD6CkDUC3OrW-GD2qsgfJOpkup7Mqua_rkcOm5nr7UdWyyV--pBdYLQNA87uvt149WQzxg8Qnd6KzLXYnufnnrCP5g1-AZDKNl/s320/63177cf9ebc83016b8139f24.jpeg
IP
142.250.74.33:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x183, components 3\012- data
Size
28 kB (28276 bytes)
Hash
a6ac1270af5ce77550f218a9d872f390
cc293d629d7f63b97de9ed470cd438c7012d4440
ab07af56ca189c976f07f2b7f63ec6cf91492311d0da13e4b1d159dd267eb10f

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEgsfalU5fbx3V0hGt0FUgyDn_YV922KKsGvMIgP0GGttch_EELDppYNYX8uVvP0tpC8I_tYLY9Rtbtycap_9cSOjamD6CkDUC3OrW-GD2qsgfJOpkup7Mqua_rkcOm5nr7UdWyyV--pBdYLQNA87uvt149WQzxg8Qnd6KzLXYnufnnrCP5g1-AZDKNl/s320/63177cf9ebc83016b8139f24.jpeg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v88d"
expires: Tue, 29 Nov 2022 23:25:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="63177cf9ebc83016b8139f24.jpeg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 23:25:03 GMT
server: fife
content-length: 28276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhwyfbXafjgN8_rO8OlP7WFwiVzOF5NCkDqrPFFAx8qBqkNK38FUY1_ufOVUdNcYQQ58OI9bRecESYZdGcbCK4wdXfFxdK1IPCuF_bzPduYYdM3Aa_j7A4_auzak_6xqAFAdD9vT56qXZPthH2lnhfXIJvyyxkcLOMWwg2X2CKrwSbgc14UC7QsHlHU/w72-h72-p-k-no-nu/hqdefault.webp

142.250.74.33

200 OK

3.4 kB

URL HTTP/2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhwyfbXafjgN8_rO8OlP7WFwiVzOF5NCkDqrPFFAx8qBqkNK38FUY1_ufOVUdNcYQQ58OI9bRecESYZdGcbCK4wdXfFxdK1IPCuF_bzPduYYdM3Aa_j7A4_auzak_6xqAFAdD9vT56qXZPthH2lnhfXIJvyyxkcLOMWwg2X2CKrwSbgc14UC7QsHlHU/w72-h72-p-k-no-nu/hqdefault.webp
IP
142.250.74.33:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size
3.4 kB (3442 bytes)
Hash
32ce012be7293ae122366f8a2492de4a
33919410311d37d6a658019ff8c7a3ce8825ba23
8073e5cec06fe5d90ef3ef7706294471fc5bba559949c7e2c22498310292c042

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEhwyfbXafjgN8_rO8OlP7WFwiVzOF5NCkDqrPFFAx8qBqkNK38FUY1_ufOVUdNcYQQ58OI9bRecESYZdGcbCK4wdXfFxdK1IPCuF_bzPduYYdM3Aa_j7A4_auzak_6xqAFAdD9vT56qXZPthH2lnhfXIJvyyxkcLOMWwg2X2CKrwSbgc14UC7QsHlHU/w72-h72-p-k-no-nu/hqdefault.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v669"
expires: Tue, 29 Nov 2022 23:25:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hqdefault.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 23:25:03 GMT
server: fife
content-length: 3442
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js

104.16.122.175

200 OK

31 kB

URL HTTP/2
unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
IP
104.16.122.175:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (29325)
Size
31 kB (31378 bytes)
Hash
3c89b0e9a9f706cc4c532e7d97821935
d0f0e457c9f7a125224cd7af7323550d1643779f
3f6c4117b99266c5c4b92a7293a94a6d7c517a2a25e7e035277517a17bf1092b

HTTP Headers

GET /progressbar.js@1.1.0/dist/progressbar.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7315-VGu3QlAvqjb4wruVTC8CgYdmBAQ"
via: 1.1 fly.io
fly-request-id: 01F3YGTHVETVB9B7TG2TW5GR8F
cf-cache-status: HIT
age: 18988666
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7716dc4c2874b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

veilsuccessfully.com/watch.130096690716.js?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=6e77445deeeb865c93b4f1f1b099ad47a25d0d44bb39ea708c4eddcf871312d33271f6af1774ab26911aa59dae00c4110d4e2ace687f59e687fdd8db9e3ed3a290514ecc5411f19800a0967718ca445ff56f19&pst=1669677962&rmtc=t

192.243.61.227

200 OK

2.0 kB

URL HTTP/1.1
veilsuccessfully.com/watch.130096690716.js?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=6e77445deeeb865c93b4f1f1b099ad47a25d0d44bb39ea708c4eddcf871312d33271f6af1774ab26911aa59dae00c4110d4e2ace687f59e687fdd8db9e3ed3a290514ecc5411f19800a0967718ca445ff56f19&pst=1669677962&rmtc=t
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document, ASCII text, with very long lines (2533)
Size
2.0 kB (2041 bytes)
Hash
c9c69a8189f38548a69d38206b0aa146
2de27b63a6e87bb66ddbad3a16f7dd2c70bdd431
a8e89f0cfdef34c915a250d3ca7cb4ca3976faf2bc1b509d0a18bbe81abbab4f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.130096690716.js?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=6e77445deeeb865c93b4f1f1b099ad47a25d0d44bb39ea708c4eddcf871312d33271f6af1774ab26911aa59dae00c4110d4e2ace687f59e687fdd8db9e3ed3a290514ecc5411f19800a0967718ca445ff56f19&pst=1669677962&rmtc=t HTTP/1.1
Host: veilsuccessfully.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Referer: https://www.seriale-shqip123.com/
Connection: keep-alive
Cookie: u_pl=17672268; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjI2OCwiayI6IjQzZGI3M2QxMThmNDA4ZGUyNTVkOTNlNDAyYjEwZGQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJwZG40ZTNrNTl5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.JAOdDqTXUIYWlKSvrJJE47-7ji-LIQvYN2i_JZ-VXCk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 23:25:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1; expires=Mon, 05 Dec 2022 23:25:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
pdhtkv32=true; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
uncs32=1; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a15f18a9ed388114c22a33e693562847
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

static.ads-twitter.com/uwt.js

151.101.84.157

304 Not Modified

0 B

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers

HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:03 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2

voe.sx/e/xy2rdse34ev4

186.2.163.208

200 OK

13 kB

URL HTTP/2
voe.sx/e/xy2rdse34ev4
IP
186.2.163.208:0
ASN
#262254 DDOS-GUARD CORP.

File type
data
Size
13 kB (13264 bytes)
Hash
6b966563d97be29210266fdd10e1776d
cd5c773bbdd31b12cc4ee8e91f0720b704c314d1
8ece7f4240c57757770a0222aaac94a484e2f3c3b9b424153327fa48a636d523

HTTP Headers

GET /e/xy2rdse34ev4 HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=XrJnpld2IbiBzrwJFRhE; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6ImptMGViY3RJajRGNENjZDBjUEdIakE9PSIsInZhbHVlIjoiMnQwTWxaczZDTFNuMWdYTldteTZuUWJpTjdVcW5xSVdGNkR3OE8vK244TVlicTNHMXoxbzU3UG5yalM2SnN1aURuVGhnV0srM0Y2MjBKQzhDbVhWSFhPTGNCU2h1NTBlb0VSQ3Jsb1ZFMmdJUXRBWVBuMlNLQzdjNWhrSVFCN2oiLCJtYWMiOiJiMzUyZTlmZDJmYzkwZWM4NzYwODM2Yjc1MjQ2MzUyYmQ1YzZjYTNhODVkMGYwYmIwZGVmNGY4NTE3ODRlYWRmIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6IllDL1hiZTB2Yk5VT1dGYzhvMitYaGc9PSIsInZhbHVlIjoiaFJkd3c3QmpGcHMyTlNONWR2bEh4ZnluV3NJVXdmM3p3WStidDdaQkxrYmhlaVlmUTZ0aE5HNkExcVo4M3QzN0xVdldVRFozV1ZDYnJ0MlAzL3U0NEVJU2c1T250dXhqTEtBbGIxL2U4YzVTeUNpaTd4SDgwR000M2Z2cHJSTkciLCJtYWMiOiIzNjgzMjFlOTQwYjRjY2ExZGM3MWQ5NTZkZmIwNzU1MmZiYTk1MjgzMzlhZjlkMWVjOTFiNDc4ZTI1NTRjNThmIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2

discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js

173.233.137.36

200 OK

11 kB

URL HTTP/1.1
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (32129), with no line terminators
Size
11 kB (10745 bytes)
Hash
29e21b58c6407d7073f2f56fb1aff2fc
7c4455560f5adb3d479a1e7d04aac53ca971c792
18879c7abe4287d52cf462c17eb2c87006e001ba56d1ecbeda8fe10dc803eb96

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 161923e4374bd98d71ae23bf7d4ef58f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

static.ads-twitter.com/uwt.js

151.101.84.157

304 Not Modified

0 B

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers

HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:03 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhOQnYdphOmb1w0iUmcK6clg1ojNOMleAV4xF6Ok4NNSxVEY0TbJA2rXuhm6MYHjtp7aFAOyRr18yZP9lPLbp1qidMpja_ayRTXqpyHTNdiIZCxsg5lu6kA_3eqQTE565IJDtjkDcfRtLdsImS8ncQAhIP3sDOkx3I_nIJfgdrca0QJQBhAdS3ZU6FZ/s320/Beni%20Birakma%20-%20(Mos%20m%C3%AB%20Braktis).jpg

142.250.74.33

200 OK

114 kB

URL HTTP/2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhOQnYdphOmb1w0iUmcK6clg1ojNOMleAV4xF6Ok4NNSxVEY0TbJA2rXuhm6MYHjtp7aFAOyRr18yZP9lPLbp1qidMpja_ayRTXqpyHTNdiIZCxsg5lu6kA_3eqQTE565IJDtjkDcfRtLdsImS8ncQAhIP3sDOkx3I_nIJfgdrca0QJQBhAdS3ZU6FZ/s320/Beni%20Birakma%20-%20(Mos%20m%C3%AB%20Braktis).jpg
IP
142.250.74.33:0
ASN
#15169 GOOGLE

File type
PNG image data, 320 x 188, 8-bit/color RGBA, non-interlaced\012- data
Size
114 kB (113590 bytes)
Hash
3c29ef33eccac05d7fcd485f6dab0b7a
7bb6664db977cfd00bd703ea6b9375a455519add
4b93fe674a12a2692d7dd51540828d3c52d09caf3c72c09d9a0a1dd1607391c8

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEhOQnYdphOmb1w0iUmcK6clg1ojNOMleAV4xF6Ok4NNSxVEY0TbJA2rXuhm6MYHjtp7aFAOyRr18yZP9lPLbp1qidMpja_ayRTXqpyHTNdiIZCxsg5lu6kA_3eqQTE565IJDtjkDcfRtLdsImS8ncQAhIP3sDOkx3I_nIJfgdrca0QJQBhAdS3ZU6FZ/s320/Beni%20Birakma%20-%20(Mos%20m%C3%AB%20Braktis).jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v891"
expires: Tue, 29 Nov 2022 23:25:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Beni Birakma - (Mos m_ Braktis).png";filename*=UTF-8''Beni%20Birakma%20-%20(Mos%20m%C3%AB%20Braktis).png
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 23:25:03 GMT
server: fife
content-length: 113590
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

specialistinsensitive.com/watch.447376465800.js?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=c61798cf86a73c27017ef21b3d901e2485f8046fba51d9ab2a46f74929bd8344762408f1bba6a6dbfe9e73d5d688bbe821ba60be07e11d5ab217b7f68596f3d8bf790ea36f12c5a0d29a586b1743dc894d0dbb4c847ebfd38bbce315f0be&pst=1669677962&rmtc=t

173.233.137.36

200 OK

2.1 kB

URL HTTP/1.1
specialistinsensitive.com/watch.447376465800.js?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=c61798cf86a73c27017ef21b3d901e2485f8046fba51d9ab2a46f74929bd8344762408f1bba6a6dbfe9e73d5d688bbe821ba60be07e11d5ab217b7f68596f3d8bf790ea36f12c5a0d29a586b1743dc894d0dbb4c847ebfd38bbce315f0be&pst=1669677962&rmtc=t
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
HTML document, ASCII text, with very long lines (2575)
Size
2.1 kB (2079 bytes)
Hash
e9a59b4f19e350dac830d826e7cf229f
1b863a84179feb58e16e68a2eb8f6b4d9adf15af
22db126d3ca1b2fe5180954b1597a830c9790fcf202b8f1371052bdcd7997e73

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.447376465800.js?key=43db73d118f408de255d93e402b10dd5&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=c61798cf86a73c27017ef21b3d901e2485f8046fba51d9ab2a46f74929bd8344762408f1bba6a6dbfe9e73d5d688bbe821ba60be07e11d5ab217b7f68596f3d8bf790ea36f12c5a0d29a586b1743dc894d0dbb4c847ebfd38bbce315f0be&pst=1669677962&rmtc=t HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Referer: https://www.seriale-shqip123.com/
Connection: keep-alive
Cookie: u_pl=17672407; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjQwNywiayI6IjZiODlhZjY5ZjQ5NjIxYzZjNDQzZGQ5YjcxZTYxZDMyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5ZXFlbjlyN250IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.WuxPO8nvgaCS--rBk_i4BOwhkUzxbGpnB-_-e_ma1GA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17672407,17672268; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1; expires=Mon, 05 Dec 2022 23:25:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
pdhtkv32=true; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
uncs32=1; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c718c4711f0e026c5789b183819f7d1e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

voe.sx/e/eydbdd7fdga1

186.2.163.208

200 OK

14 kB

URL HTTP/2
voe.sx/e/eydbdd7fdga1
IP
186.2.163.208:0
ASN
#262254 DDOS-GUARD CORP.

File type
data
Size
14 kB (14336 bytes)
Hash
90cad9fdfa817b0a4d04d0c21689dd00
b556f0935bb83931c4c0274be269382a07d67043
abe151c4f993280b8eb98bd37bcf63621ca55eb81c0f7ba8a1f1c1046973d011

HTTP Headers

GET /e/eydbdd7fdga1 HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=1yjhwT5aYQoqDKIWEXNK; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6IjVWQUxjWmpUME5JUjE3UWZzdXRjNkE9PSIsInZhbHVlIjoiOHpVMndpMmhad3prVmNlVW02K1pPZ0h2ajNyNXlORTlWRnlObC9qcGlsM293alQwaGRSd1BCMjZvd1dIc3RMcWY0WjNiM1dvdjAwNWdrc2hzL3F3SFJ1d09tNEhhOU10NUg1U09YeTArY2NVa2lSem5GcEs1cFlTZDFUQUo5T1kiLCJtYWMiOiI2Njg2OTk3ZDQyNDUyMThlMjhkYTM1MTY1YjI3ODVjMWQ4NWU3YzFkNzQyNDdhM2M1ZGFjNWZhZDc3YzE1OTViIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6IkhmeUdvcEpJYVQyRWovNTdIVVhZNVE9PSIsInZhbHVlIjoiZGZGajNRZmZIMExTOVNtNUxWdDB2alFOd1pHYUVVRytzTzhsVmZiL3VpdEVtUlZLTnNsZ3FFTG5ZOU8zYWNIY00rMWpPM0hrOXdrOGJZZ1BRaG1zbUJRZFQ0QkxERVBSOExxOE9sa0hwRzlRaDVBR0lCTG0vTmp1NTkrbW91ZjgiLCJtYWMiOiI2YjM5MTUyYjc3ZDllYTRlZGU2ZmMxMTg2OWQ3ZjNlNGJiYTQ4OTQ5YTBmY2RkZjQ2MDRhNmM2OGQ1OWM4ZmZiIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2

static.ads-twitter.com/uwt.js

151.101.84.157

304 Not Modified

0 B

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers

HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:03 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2

specialistinsensitive.com/watch.226278697781.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=45af026988f1519d3d62d5250bc15883bef220f554e4af1b519418b52c537d0ca6cb1da0696ae5f930a7843144c34fe47c9c83b8c6c8754fcd45865a4a87d82bbc99a8f0a1f7b3416295fe7307de9648e7eb14b11d6bdad4302cd146340c&pst=1669677962&rmtc=t

173.233.137.36

200 OK

2.1 kB

URL HTTP/1.1
specialistinsensitive.com/watch.226278697781.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=45af026988f1519d3d62d5250bc15883bef220f554e4af1b519418b52c537d0ca6cb1da0696ae5f930a7843144c34fe47c9c83b8c6c8754fcd45865a4a87d82bbc99a8f0a1f7b3416295fe7307de9648e7eb14b11d6bdad4302cd146340c&pst=1669677962&rmtc=t
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
HTML document, ASCII text, with very long lines (2546)
Size
2.1 kB (2065 bytes)
Hash
90516e5d73d32865f51dd1bc737b66c9
f65bb39e70e65ad10608789d731826e14b9741ac
d1970089b23331f9b9bb5a157d7cf8b06d1855f2af6bfae4cc59d9375ca364d2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.226278697781.js?key=6b89af69f49621c6c443dd9b71e61d32&kw=%5B%22seriale%22%2C%22shqip%22%5D&refer=https%3A%2F%2Fwww.seriale-shqip123.com%2F&tz=0&dev=e&res=12.1055&uuid=a26ac362-8201-46b4-8817-de4595d053f3%3A3%3A1&shu=45af026988f1519d3d62d5250bc15883bef220f554e4af1b519418b52c537d0ca6cb1da0696ae5f930a7843144c34fe47c9c83b8c6c8754fcd45865a4a87d82bbc99a8f0a1f7b3416295fe7307de9648e7eb14b11d6bdad4302cd146340c&pst=1669677962&rmtc=t HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seriale-shqip123.com
Referer: https://www.seriale-shqip123.com/
Connection: keep-alive
Cookie: u_pl=17672407; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjQwNywiayI6IjZiODlhZjY5ZjQ5NjIxYzZjNDQzZGQ5YjcxZTYxZDMyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5ZXFlbjlyN250IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.WuxPO8nvgaCS--rBk_i4BOwhkUzxbGpnB-_-e_ma1GA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seriale-shqip123.com
Access-Control-Allow-Origin: https://www.seriale-shqip123.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1; expires=Mon, 05 Dec 2022 23:25:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
pdhtkv23=true; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
uncs23=1; expires=Tue, 29 Nov 2022 23:25:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f4aa9fd5c605ca2c0e9026ba4f1d18b1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

static.ads-twitter.com/uwt.js

151.101.84.157

304 Not Modified

0 B

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers

HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:03 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2

hqq.to/js/script-2.12.5.js

190.115.19.71

200 OK

4.4 kB

URL HTTP/2
hqq.to/js/script-2.12.5.js
IP
190.115.19.71:0
ASN
#262254 DDOS-GUARD CORP.

File type
ASCII text, with very long lines (1242)
Size
4.4 kB (4429 bytes)
Hash
f2d89553185a342a98893760b5a27460
449a755c7c3e03946b5fab3ea9195b06c43b9ac1
28a5e10daa981bd5e7c28feb373ad68518723bd9eb5a1aabd9124a8d17fa5d2c

HTTP Headers

GET /js/script-2.12.5.js HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09
Cookie: uid=pn75tW1MUE1UyX7Tx*L9*z9p8WV6trX4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=ZZrRl4H7zGDhL6x15B2t; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:04 GMT
date: Mon, 17 Oct 2022 10:54:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Dec 2020 19:28:37 GMT
etag: W/"5fc69965-4cb8"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 3673813
ddg-cache-status: HIT,MISS
content-length: 4429
X-Firefox-Spdy: h2

discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js

173.233.137.36

200 OK

11 kB

URL HTTP/1.1
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (32105), with no line terminators
Size
11 kB (10738 bytes)
Hash
b4ecbf39fe8e9c1229662281b4d87922
b8884daec40b1e29fcdeaa67bf4be8cf5e6218a6
43070ce5b9284ff8da12f1474d43c0398f09f5b2d43efb11d735f2df899b2030

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e769194cfff09365c2603b2186a96408
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

static.ads-twitter.com/uwt.js

151.101.84.157

304 Not Modified

0 B

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers

HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:04 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2

discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js

173.233.137.36

200 OK

11 kB

URL HTTP/1.1
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (32108), with no line terminators
Size
11 kB (10736 bytes)
Hash
ffd76afce2f452eadd04f2e09579e2fe
c3d43c7247e2ce3049cc12a9753e67e1507f2ea6
76c77ac996c76b235cf505555fb57df479ba54f2b3827902daabfb2e3165072c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c3a286c3b78a117fceaa4e2a1dc7e745
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

static.ads-twitter.com/uwt.js

151.101.84.157

304 Not Modified

0 B

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers

HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:04 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap

142.250.74.10

200 OK

80 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
80 kB (80087 bytes)
Hash
d489237a144bd8c04d2fc06d61814b23
af0730e87210c9c6b335f8d49f2b5fd7fe7d2758
3907225726fe21c562c5f95a3943ec7653ce6c3b524824462696da1eb31611ea

HTTP Headers

GET /css2?family=Inter:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 23:25:02 GMT
date: Mon, 28 Nov 2022 23:25:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

hqq.to/cdn-cgi/trace

190.115.19.71

404 Not Found

85 kB

URL HTTP/2
hqq.to/cdn-cgi/trace
IP
190.115.19.71:0
ASN
#262254 DDOS-GUARD CORP.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
85 kB (84610 bytes)
Hash
4d094472143470ba42e80d12c4e50ac4
7ebca0b0a7d872da3ef97ad39b7fdf058fc98369
fe630e6d3f56af4192eeeac890bc257faef5bd51a8ec2ce295557995d37be640

HTTP Headers

GET /cdn-cgi/trace HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09
Cookie: uid=pn75tW1MUE1UyX7Tx*L9*z9p8WV6trX4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: ddos-guard
set-cookie: __ddg1_=oVqRNkF5J9PhBtzFF6EW; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:04 GMT
date: Mon, 28 Nov 2022 23:25:03 GMT
content-type: text/html; charset=UTF-8
x-origin-location: /
x-cache-status-inferno: MISS
x-inferno-location: /
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2

discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js

173.233.137.36

200 OK

11 kB

URL HTTP/1.1
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (32105), with no line terminators
Size
11 kB (10740 bytes)
Hash
e93dcd8425fa97b32420c788372d8d2a
01dd49125ed8c2108dea498a10bcf25e4af6d50f
104032393555cc0f2c29199fad1d8e74c2968597394187780785705d5f4f87e1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fc0c0d04eec58132ecc3ab065ba28c36
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

voe.sx/e/zn3vdqkhvnk5

186.2.163.208

200 OK

80 kB

URL HTTP/2
voe.sx/e/zn3vdqkhvnk5
IP
186.2.163.208:0
ASN
#262254 DDOS-GUARD CORP.

File type
data
Size
80 kB (79771 bytes)
Hash
333950d08be0b3baf39fdac7445d4445
d2c25f766cb3046c5ce46f316171b844f3058c2b
ed6d94f8b8472ce97bb731328fac3126982040e6996e707960cda2bf86632a09

HTTP Headers

GET /e/zn3vdqkhvnk5 HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=SxicV5R4IeXKUXGgp4ij; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6IkVrN2I5RVI2MEJEZE5EM2JsYUhKcWc9PSIsInZhbHVlIjoiRUViTE81Vnk5dzBnS3Fvc2xIVlJPdk1VcGppeGszK3dzbmxEck8wZVgxMmVsdzdnSDRCMHVUL1dIYysrclRaN3RTUFM3NG83R25GeEdKM3BNWnhnNHVEMlJLd1A5NWdpc3JaUjVXMVQ4WXg0Tm9lR1Q0S20zanFTclVHWGVXTzYiLCJtYWMiOiI1ODc1Y2U5NmRiOWJjZDAxZjdiYTliMzI4ZDk5MDI2NTRhMDAwNWU3ZjA5NjJkZjM0ZjFlNmM5NWNiZDAyNGIzIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6IlF0U29sVG5Cc1lIQ2tPWVM3ZTNwc1E9PSIsInZhbHVlIjoiNlZJT2pseXZOYkxWV0R3b2ZMV0xjNjVLazVpNG12L0I0Ui9RaXRhQjRkWTZrQjRDcUEwM2Jtc1ZwOHkyQzZvcjdxV0xnc0JRWDE4NHJmVWpSOW9SMHlDYStCV2pVS1JENmNienJhenkrek40ZUJoNE9IT0RmbTFtV2N0WmJ2bEgiLCJtYWMiOiI4NjhhOWEyZmUxMjM5MWVmMzJjMDNkNGRmYWUwMjAxNmZmMGQ0ODFjNDJmYzFjYzMyY2M3NDBiNTZmNmJhMWNkIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2

static.ads-twitter.com/uwt.js

151.101.84.157

304 Not Modified

0 B

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers

HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:04 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2

static.ads-twitter.com/uwt.js

151.101.84.157

304 Not Modified

0 B

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers

HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:04 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2

dood.re/e/dpcvhpjsuww0

104.26.4.50

200 OK

101 kB

URL HTTP/2
dood.re/e/dpcvhpjsuww0
IP
104.26.4.50:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4835), with no line terminators
Size
101 kB (101223 bytes)
Hash
f7330c5f55026f9773211880c14a5497
04696bddb5853e57f99e78b7bd27a6bcbd501a3d
e602059d3f7129bddb259f7b119fb0968f6d240fa97c6032235bdd76c862cefb

HTTP Headers

GET /e/dpcvhpjsuww0 HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mU9iFbwRccuSa%2BcnZtGbRfKG36Gr6vIKsqNBZqiZ2%2FaVVNl3%2B8oeIKXF8Jzjif1SXwYPjwPosKkm1g%2FjVsZCBwEvjm0cIIEgSgtUuEhEtWgHPKVBZumijYw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc461d49b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.ads-twitter.com/uwt.js

151.101.84.157

304 Not Modified

0 B

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
TE: trailers

HTTP/2 304 Not Modified
date: Mon, 28 Nov 2022 23:25:04 GMT
cache-control: no-cache
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
x-served-by: cache-bma1655-BMA
x-cache: HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
X-Firefox-Spdy: h2

discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js

173.233.137.36

200 OK

11 kB

URL HTTP/1.1
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (32105), with no line terminators
Size
11 kB (10740 bytes)
Hash
e93dcd8425fa97b32420c788372d8d2a
01dd49125ed8c2108dea498a10bcf25e4af6d50f
104032393555cc0f2c29199fad1d8e74c2968597394187780785705d5f4f87e1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 35e5390e87846410eb2fb6f7e65d5f1d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.195

200 OK

38 kB

URL HTTP/2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Size
38 kB (37924 bytes)
Hash
e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

HTTP Headers

GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://voe.sx
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 06:03:56 GMT
expires: Fri, 24 Nov 2023 06:03:56 GMT
cache-control: public, max-age=31536000
age: 408068
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js

173.233.137.36

200 OK

11 kB

URL HTTP/1.1
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (32129), with no line terminators
Size
11 kB (10744 bytes)
Hash
889237166d044402e6335f6066643fc3
6ec0a3da27475df91523a96488f4a9650953c96f
280adbbaec9a9dc995f0ecb4422116709af89ec4524dcaa5af5ab6bdc7296b51

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 181b46d23f709d1132740997baa92304
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
766d6878d080d03024bb8267393f1307
d5b71ed0cb73e97e9fc047159c20964db7bf8450
34c5ecc9b207da415157c804c7cfadb103363f6bd6f00c623c9d911621388118

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34C5ECC9B207DA415157C804C7CFADB103363F6BD6F00C623C9D911621388118"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6761
Expires: Tue, 29 Nov 2022 01:17:45 GMT
Date: Mon, 28 Nov 2022 23:25:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
766d6878d080d03024bb8267393f1307
d5b71ed0cb73e97e9fc047159c20964db7bf8450
34c5ecc9b207da415157c804c7cfadb103363f6bd6f00c623c9d911621388118

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34C5ECC9B207DA415157C804C7CFADB103363F6BD6F00C623C9D911621388118"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6761
Expires: Tue, 29 Nov 2022 01:17:45 GMT
Date: Mon, 28 Nov 2022 23:25:04 GMT
Connection: keep-alive

discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js

173.233.137.36

200 OK

11 kB

URL HTTP/1.1
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (32105), with no line terminators
Size
11 kB (10738 bytes)
Hash
b4ecbf39fe8e9c1229662281b4d87922
b8884daec40b1e29fcdeaa67bf4be8cf5e6218a6
43070ce5b9284ff8da12f1474d43c0398f09f5b2d43efb11d735f2df899b2030

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 33ada6f1c5fbd3d430c06eceb69ca9b4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js

173.233.137.36

200 OK

11 kB

URL HTTP/1.1
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (32108), with no line terminators
Size
11 kB (10736 bytes)
Hash
ffd76afce2f452eadd04f2e09579e2fe
c3d43c7247e2ce3049cc12a9753e67e1507f2ea6
76c77ac996c76b235cf505555fb57df479ba54f2b3827902daabfb2e3165072c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 659d2873659f709a0cb31da3dac467b7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

alleviatepracticableaddicted.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js

192.243.61.227

200 OK

11 kB

URL HTTP/1.1
alleviatepracticableaddicted.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (32139), with no line terminators
Size
11 kB (10762 bytes)
Hash
ae5b0aee29310c892502500c64a50cb1
1b5e81a9e599c3b3ef93cf90754eadf4774a62cd
d5bda50766592c212ba785183c8d812c67ac3882ca93a7b38580cfa27d091e3e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js HTTP/1.1
Host: alleviatepracticableaddicted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 23:25:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b5b2213698c5085884cc7ec1dbc1e5f7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js

173.233.137.36

200 OK

11 kB

URL HTTP/1.1
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (32129), with no line terminators
Size
11 kB (10744 bytes)
Hash
889237166d044402e6335f6066643fc3
6ec0a3da27475df91523a96488f4a9650953c96f
280adbbaec9a9dc995f0ecb4422116709af89ec4524dcaa5af5ab6bdc7296b51

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e0749c85a874f591a46c4a8a9d1a6391
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

142.250.74.163

200 OK

163 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (730)
Size
163 kB (162976 bytes)
Hash
79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6

HTTP Headers

GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:26:04 GMT
expires: Sun, 26 Nov 2023 21:26:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 179940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js

173.233.137.36

200 OK

11 kB

URL HTTP/1.1
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (32105), with no line terminators
Size
11 kB (10738 bytes)
Hash
b4ecbf39fe8e9c1229662281b4d87922
b8884daec40b1e29fcdeaa67bf4be8cf5e6218a6
43070ce5b9284ff8da12f1474d43c0398f09f5b2d43efb11d735f2df899b2030

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c4b04c345a7128093e2518f9ce63ddfb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

alleviatepracticableaddicted.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js

192.243.61.227

200 OK

11 kB

URL HTTP/1.1
alleviatepracticableaddicted.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (32172), with no line terminators
Size
11 kB (10768 bytes)
Hash
9a0dfae29337e02737b582ba66d54bd5
e9f9a5e8135f171a89934ffc42d5ffe12ada161b
21b5d3134ff10ed000a3e06d994c6e96513186ec37b2fda7b1a7e690fb40cd59

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js HTTP/1.1
Host: alleviatepracticableaddicted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 23:25:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2a9ab7d58e5e81637d79c0fd87211ded
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

dood.re/e/7ui8vn7cqg4e

104.26.4.50

200 OK

4.4 kB

URL HTTP/2
dood.re/e/7ui8vn7cqg4e
IP
104.26.4.50:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4829), with no line terminators
Size
4.4 kB (4386 bytes)
Hash
98f451492fc77dbe154ff67e1f3991df
0e7fb3d3753b45365b8a5a2bf428cff06bfb4b14
cf403a4865f452c68d93dc110e1c08f36dbb9bbadae1acbbe9f7ea04d782de49

HTTP Headers

GET /e/7ui8vn7cqg4e HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7F7Soa7sBBoLoUnaD0pXySWVESZImvBjIrZLibM1s9KIT5ADiAgT1sc0tsf6tsHBq1rK%2FMFWBJ8zrPD%2FUCt4e0B4Ho2K%2F3J74AQYfgSb9a4xwe08S8OzABw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc461d50b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js

173.233.137.36

200 OK

11 kB

URL HTTP/1.1
discriminationprovide.com/4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (32111), with no line terminators
Size
11 kB (10739 bytes)
Hash
4ac96d089f1e328311764aa05c239f50
ca33318476b16ada94ba1d2b3fefb034743fb58e
ecfc6758e721c1d44b6817e8acccb7c694e4c0bada15d7179eba321a03431c13

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4a/0c/19/4a0c19b0102707e35ee9c357b0b42199.js HTTP/1.1
Host: discriminationprovide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 50104af2df34e180559831e756bf369c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

simplewebanalysis.com/stats

52.28.211.11

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.211.11:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
57188f903a82effb34ce19c914dfb747
b144829a128ebe6eec80e7bb58f375ad4d9fd5dc
dd6f1b7c2d8131397fc1cd5bb8e1266577d24c0c075235427ec6053b86fd2dd4

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hqq.to
Connection: keep-alive
Referer: https://hqq.to/
Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://hqq.to
access-control-allow-credentials: true
X-Firefox-Spdy: h2

dood.re/e/4sfb9dteh5jq

104.26.4.50

200 OK

1.9 kB

URL HTTP/2
dood.re/e/4sfb9dteh5jq
IP
104.26.4.50:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4835), with no line terminators
Size
1.9 kB (1872 bytes)
Hash
9c88e1db534cf8e373d72172946bfd76
19bfd942937961c1a338979021fe2084899871a4
a0eed64c633016946bb2e6af53977eca4636bdc77456d70d9655c40c20f7b3b2

HTTP Headers

GET /e/4sfb9dteh5jq HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jx8IvmZGL1gInE2Qwh963pSO%2BDtHmc8Fa1JzcDT1OVMAns6TAZPEGiSMz5x96jNwgZYzqxJvgjO0R7H6OMLfOfsfAm9N%2FetEXmIGY7ynCzqsh8MJNO7AS6M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc488fddb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dood.re/e/3y3g182d5jdo

104.26.4.50

200 OK

2.2 kB

URL HTTP/2
dood.re/e/3y3g182d5jdo
IP
104.26.4.50:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4835), with no line terminators
Size
2.2 kB (2203 bytes)
Hash
eb4af0a5cac05e8b065915dc07cd56d5
4493b48e5409dbaaa7c9532f794bcb57ff4ded44
20db6e2de20799c4ab8feb93e8e18641172fa30c97c91a3564db65cadd01738b

HTTP Headers

GET /e/3y3g182d5jdo HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2oLwczY4sArMlBszFqOw3gAMKgsjnnZQtcA7b8H2mYCxE%2Fz6fVf6KbjyApsOdiZWyn2XjKvAiQzcaWF%2BS306IEiWuWeo4DtQnlqa4iNADpYHWNOhUMIwWQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc47fef0b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

testingmetriksbre.ru/netu.php

104.26.1.119

200 OK

563 B

URL HTTP/2
testingmetriksbre.ru/netu.php
IP
104.26.1.119:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (855), with CRLF line terminators
Size
563 B (563 bytes)
Hash
081cf8d1e2b33b8cb3c607b7d303da5a
ae721689a2931e50dfd6b038e85b5e0b4f091185
21a87b46098de35b4948ce9172bddc1989bbeaaf846ef3730b4fdea357287f05

HTTP Headers

GET /netu.php HTTP/1.1
Host: testingmetriksbre.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:06 GMT
content-type: application/javascript
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBP8Gkp7YTCzQ5ND%2FD%2Bu3ve51Jpl4hVhwaaA3XjeypUQ%2BVUfxssbveJ48dci60fPJHZR9XAHvMkn8BRG%2FtWxNObOLaKKRMUYorPy%2BY4vI6RjEosXFZUv3NJUgm%2B9vSoHQw7LCz4Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc63de00b505-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a857eec26a095f97806facc4251f4048
21bcf238687fd5f4fbefaf9704786f7c498f305e
b44b50b7e234fd05080699152a9bc0055a703a93ec2642ecb6b1f717effe7933

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

voe.sx/e/gn9wr6fs4ezh

186.2.163.208

200 OK

10 kB

URL HTTP/2
voe.sx/e/gn9wr6fs4ezh
IP
186.2.163.208:0
ASN
#262254 DDOS-GUARD CORP.

File type
data
Size
10 kB (10361 bytes)
Hash
50fb9bdef97bc3971e3fe92d96c2a85d
f62b74e9187b3e737592f0e3a5eeab44813a3656
c3c9e2b3a4db66a699fe43942c63ae69a8b1e45c554bc8b116165b5d897f393d

HTTP Headers

GET /e/gn9wr6fs4ezh HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=7pHzgpHXj0tYujLZptBv; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6IlZvRWJIUU9hMm9SdkpwS0FjVDlCc0E9PSIsInZhbHVlIjoiTUYyK2lCS29qYXJ4eFdGTWdTUzR4NTBjRmc1RWVlWTA1aVlKN2paUnJQMTBqME1nWWVPTnRiTTZSV2RBVjl2S0UyNkR4VXpZU3NhVC80azV2SmVVOHRJUGlTd1pWVXVPS3FOWHR4OCtYWnY4L0ZWR2dTWW8vSVhYK0JuL0xDMDkiLCJtYWMiOiJmNjkyMTEwZjUxMTIzMGFhM2VkYWE3MDczMTFkYzk1YTRkZDliZmY1ZDE3NjAwZGI2ZmI3YjZmODdjYTY0MmJlIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6IklCdEhCNVk3Q2FrMzA4TlhNckFiRVE9PSIsInZhbHVlIjoiMEcwODNFeG1ZOG0rMEsvVmRVUzVvRGY1VDVPSnQ3ZFpTZ0RPdnBCNlRiMmZ6ZVZQMGdsSXRud1NFK1VWU2o2RzBXSk5JaHZKVEErN0tLWTArcVRSNjBQbXVKT3R4TVozN0hQbnFPRElLSTVKT2pGdFdOZ0RoUE5za2ZFUlNLUnoiLCJtYWMiOiJiMjBiODVkMTZkMGY0OTFkN2VkMzAwN2UwODc3ZDdlMjNlYjBlYzUwYzE4ZTMwZTFlMDRhYzQ5YmEzZjNlMzZjIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2

partner.googleadservices.com/gampad/cookie.js?domain=www.seriale-shqip123.com&callback=_gfp_s_&client=ca-pub-6174233946807485&gpid_exp=1

172.217.21.162

200 OK

32 B

URL HTTP/2
partner.googleadservices.com/gampad/cookie.js?domain=www.seriale-shqip123.com&callback=_gfp_s_&client=ca-pub-6174233946807485&gpid_exp=1
IP
172.217.21.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
32 B (32 bytes)
Hash
e003723bb43e8e216426c5cd897b3a9f
85f6260d04937794cddbf58b46caa5dd7a7dd489
ebb110f380b85f1eadd52e180b12c2ad3c10bba0edddda63a3a79d4ca3673b78

HTTP Headers

GET /gampad/cookie.js?domain=www.seriale-shqip123.com&callback=_gfp_s_&client=ca-pub-6174233946807485&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 28 Nov 2022 23:25:06 GMT
server: cafe
cache-control: private
content-length: 32
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09

190.115.19.71

200 OK

38 kB

URL HTTP/2
hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09
IP
190.115.19.71:0
ASN
#262254 DDOS-GUARD CORP.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6037)
Size
38 kB (38245 bytes)
Hash
9b24067b1ca1dcadf29cde6130a7faed
29b327741b4287d329add7056d5725a719836d29
d0640cc8a93016aff776202a90c6c011f418b0a0748a9cd27108c2c6ad08c7a7

HTTP Headers

GET /e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=3AwudtPsBPUX1sjLp4So; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Mon, 28 Nov 2022 23:25:01 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: EXPIRED
x-inferno-location: player
x-inferno-limit-req: PASSED
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
879cba431d8b6f2717a750acd5ca7156
1d4eb23583d48dd6801a104aa20046b34acd0efe
31223aada310e8d8e3fa41e22ee23019a07b362b3b062ccdc10600c22071bd78

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.no/adsid/integrator.js?domain=www.seriale-shqip123.com

142.250.74.66

200 OK

100 B

URL HTTP/2
adservice.google.no/adsid/integrator.js?domain=www.seriale-shqip123.com
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac

HTTP Headers

GET /adsid/integrator.js?domain=www.seriale-shqip123.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 28 Nov 2022 23:25:06 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
150ea2873eff251c72d1decbf77f983b
490f1e694eac882e2939c95d7a294bfb85c45670
8c7069c27bff404a4e5cfa31f0405bc2bec2838a0be469e06effc33574290634

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C7069C27BFF404A4E5CFA31F0405BC2BEC2838A0BE469E06EFFC33574290634"
Last-Modified: Sun, 27 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11324
Expires: Tue, 29 Nov 2022 02:33:51 GMT
Date: Mon, 28 Nov 2022 23:25:07 GMT
Connection: keep-alive

hqq.to/ad/api/popunder.js

190.115.19.71

200 OK

498 B

URL HTTP/2
hqq.to/ad/api/popunder.js
IP
190.115.19.71:0
ASN
#262254 DDOS-GUARD CORP.

File type
ASCII text, with no line terminators
Size
498 B (498 bytes)
Hash
f589bec6da844567cb8b0cfdb91a0a86
fd720e91f95e1e74ffcd27dd221ad84e432d3760
3e3bbabedaaa7d8585a91c0843a93674eff45111bbea6ad5c333b28ded93a30e

HTTP Headers

GET /ad/api/popunder.js HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/b3Y3REpIblJmRU5odmdLZldhSXdsUT09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=uFzvZ7z8gke6ckECdeQm; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Fri, 15 Jul 2022 10:51:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 15 Sep 2021 14:06:22 GMT
etag: W/"6141fdde-15"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
accept-ranges: bytes
age: 11795663
ddg-cache-status: HIT,HIT
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
55703d3bfe2eb684148ed6c064f04955
7ebd83b433d0f21d992c54c5cb686fac8031a0cf
ace43109e30792780c3b526994d017abac37d7bedec0382de7b0fb3a10d62041

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "ACE43109E30792780C3B526994D017ABAC37D7BEDEC0382DE7B0FB3A10D62041"
Last-Modified: Sun, 27 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6388
Expires: Tue, 29 Nov 2022 01:11:35 GMT
Date: Mon, 28 Nov 2022 23:25:07 GMT
Connection: keep-alive

veilsuccessfully.com/f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js

192.243.61.227

200 OK

29 kB

URL HTTP/1.1
veilsuccessfully.com/f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
29 kB (28780 bytes)
Hash
6101a00a4358bd0ba9d04a1a4ad0079a
99345d86f5b65c56227a4297e396ec5ccc9ff21e
4dbcd7ac3a8b1004c85b04a22bd5cf35486080b738c748891bb762f5e80b5acd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js HTTP/1.1
Host: veilsuccessfully.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Cookie: u_pl=17672268; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY3MjI2OCwiayI6IjQzZGI3M2QxMThmNDA4ZGUyNTVkOTNlNDAyYjEwZGQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgzMDY0LCJwaWQiOjU0MzE4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJwZG40ZTNrNTl5IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnNlcmlhbGUtc2hxaXAxMjMuY29tLyJ9fQ.JAOdDqTXUIYWlKSvrJJE47-7ji-LIQvYN2i_JZ-VXCk; uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1; pdhtkv=true; uncs=1; pdhtkv32=true; uncs32=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 28 Nov 2022 23:25:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e6bd1c135f18c98e7252dbccaf34d26c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
798c6088f000b3a2464e23a92271c24d
2a53b3d3bd4a9104c79595f664276db5b32b9bad
dcccfc9bb4da634286d08301fcf23be3ae26bb429b35349fb72dde530fdb3ae4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

integrityprinciplesthorough.com/f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js

173.233.137.52

200 OK

29 kB

URL HTTP/1.1
integrityprinciplesthorough.com/f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
29 kB (28780 bytes)
Hash
2e25b1cc759e525500c142fb5aae9aeb
c85090a96e1a14aae254cacda1853da8228af9f0
49dac5d36202def3243dbc936f55c71b10eb7cb544f9f1bf109666c7441ecd1c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js HTTP/1.1
Host: integrityprinciplesthorough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 23:25:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 79a276e59705486afdfba73e100d5603
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

testingmetriksbre.ru/f.php?sid=212040

104.26.1.119

200 OK

3.7 kB

URL HTTP/2
testingmetriksbre.ru/f.php?sid=212040
IP
104.26.1.119:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
3.7 kB (3712 bytes)
Hash
1403c52f54d81ae1ece0ac7e4cc9887c
9797bb79442ed17899be1a44a16b3f8af410469a
bf47f33196cd2ed1d222ba1568c8dab7be2a89e34950921d9741f606a1ab9e19

HTTP Headers

GET /f.php?sid=212040 HTTP/1.1
Host: testingmetriksbre.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:04 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h09X%2FZoJ1BkI0yJzDMJ2JnCp6GOn6kg9vZlh%2FxvVRTDXUwTsLOamCg4pWr38%2BsbqDP5MHJCU7tJyTh9F52MJ%2BM0Zud8MYnko9U0eMcMMYMYCxB5KpGlaw%2BLhj2jia5uxrGzIH%2Bi2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc54daadb505-OSL
content-encoding: br
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

52.28.211.11

200 OK

44 kB

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.211.11:0
ASN
#16509 AMAZON-02

File type
data
Size
44 kB (43863 bytes)
Hash
f8eb273ad90e449ccaa18c504b471536
818f46362e995594574e872a2f9dd7cf9ac7305f
62b11e8a84fed033213841d9289007497b6de21f675a9eb7d488ba92191e4ad5

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Referer: https://voe.sx/
Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://voe.sx
access-control-allow-credentials: true
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

52.28.211.11

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.211.11:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
57188f903a82effb34ce19c914dfb747
b144829a128ebe6eec80e7bb58f375ad4d9fd5dc
dd6f1b7c2d8131397fc1cd5bb8e1266577d24c0c075235427ec6053b86fd2dd4

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Referer: https://voe.sx/
Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://voe.sx
access-control-allow-credentials: true
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

52.28.211.11

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.211.11:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
57188f903a82effb34ce19c914dfb747
b144829a128ebe6eec80e7bb58f375ad4d9fd5dc
dd6f1b7c2d8131397fc1cd5bb8e1266577d24c0c075235427ec6053b86fd2dd4

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Referer: https://voe.sx/
Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://voe.sx
access-control-allow-credentials: true
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

52.28.211.11

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.211.11:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
57188f903a82effb34ce19c914dfb747
b144829a128ebe6eec80e7bb58f375ad4d9fd5dc
dd6f1b7c2d8131397fc1cd5bb8e1266577d24c0c075235427ec6053b86fd2dd4

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Referer: https://voe.sx/
Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://voe.sx
access-control-allow-credentials: true
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

52.28.211.11

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.211.11:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
57188f903a82effb34ce19c914dfb747
b144829a128ebe6eec80e7bb58f375ad4d9fd5dc
dd6f1b7c2d8131397fc1cd5bb8e1266577d24c0c075235427ec6053b86fd2dd4

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Referer: https://voe.sx/
Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://voe.sx
access-control-allow-credentials: true
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

52.28.211.11

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.211.11:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
57188f903a82effb34ce19c914dfb747
b144829a128ebe6eec80e7bb58f375ad4d9fd5dc
dd6f1b7c2d8131397fc1cd5bb8e1266577d24c0c075235427ec6053b86fd2dd4

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Referer: https://voe.sx/
Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://voe.sx
access-control-allow-credentials: true
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

52.28.211.11

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.211.11:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
57188f903a82effb34ce19c914dfb747
b144829a128ebe6eec80e7bb58f375ad4d9fd5dc
dd6f1b7c2d8131397fc1cd5bb8e1266577d24c0c075235427ec6053b86fd2dd4

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Referer: https://voe.sx/
Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:08 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://voe.sx
access-control-allow-credentials: true
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

52.28.211.11

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.211.11:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
57188f903a82effb34ce19c914dfb747
b144829a128ebe6eec80e7bb58f375ad4d9fd5dc
dd6f1b7c2d8131397fc1cd5bb8e1266577d24c0c075235427ec6053b86fd2dd4

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://voe.sx
Connection: keep-alive
Referer: https://voe.sx/
Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:08 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://voe.sx
access-control-allow-credentials: true
X-Firefox-Spdy: h2

voe.sx/assets/n-379412873852/images/logos/voe-logo-2.svg

186.2.163.208

200 OK

239 B

URL HTTP/2
voe.sx/assets/n-379412873852/images/logos/voe-logo-2.svg
IP
186.2.163.208:0
ASN
#262254 DDOS-GUARD CORP.

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (473), with no line terminators
Size
239 B (239 bytes)
Hash
3c20522bf55bf89d4781ebfcd71825df
1d1a641f02d3d89dd4c25eed993db05ce52bd4c6
eec9abb04d714d627b7cbf1888405d242796ab1181a3d0a83337e098649de8ed

HTTP Headers

GET /assets/n-379412873852/images/logos/voe-logo-2.svg HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://voe.sx/e/zpaif5wegj5b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=CSCqcpAbBfIZlmraZLOf; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:08 GMT
date: Tue, 22 Nov 2022 21:54:01 GMT
content-type: image/svg+xml
last-modified: Fri, 07 Oct 2022 22:14:49 GMT
cache-control: max-age=2592000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
etag: "6340a4d9-1d9"
expires: Thu, 22 Dec 2022 21:54:01 GMT
age: 523867
content-length: 239
ddg-cache-status: HIT
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

52.28.211.11

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.211.11:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
57188f903a82effb34ce19c914dfb747
b144829a128ebe6eec80e7bb58f375ad4d9fd5dc
dd6f1b7c2d8131397fc1cd5bb8e1266577d24c0c075235427ec6053b86fd2dd4

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hqq.to
Connection: keep-alive
Referer: https://hqq.to/
Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:08 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://hqq.to
access-control-allow-credentials: true
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

52.28.211.11

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.211.11:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
57188f903a82effb34ce19c914dfb747
b144829a128ebe6eec80e7bb58f375ad4d9fd5dc
dd6f1b7c2d8131397fc1cd5bb8e1266577d24c0c075235427ec6053b86fd2dd4

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hqq.to
Connection: keep-alive
Referer: https://hqq.to/
Cookie: uid_id2=a26ac362-8201-46b4-8817-de4595d053f3:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:08 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://hqq.to
access-control-allow-credentials: true
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4916 bytes)
Hash
83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 03:31:10 GMT
age: 71638
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

hqq.to/e/UmlOZVlmTUwvNVZMK2ZMUE1YVFBFdz09

190.115.19.71

200 OK

38 kB

URL HTTP/2
hqq.to/e/UmlOZVlmTUwvNVZMK2ZMUE1YVFBFdz09
IP
190.115.19.71:0
ASN
#262254 DDOS-GUARD CORP.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5994)
Size
38 kB (38141 bytes)
Hash
b1806701be2c5baeaab3584f4ab81da5
b913c9429fd0f4adf066c44aeedfe0d4fcb6d642
f553439c6e7cc37083565a4ef317da5ff3d7d3e4a63e4e792898cd237f9b363c

HTTP Headers

GET /e/UmlOZVlmTUwvNVZMK2ZMUE1YVFBFdz09 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=Q3Xi4bcAQnwfpBpZopA7; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Mon, 28 Nov 2022 23:25:06 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: EXPIRED
x-inferno-location: player
x-inferno-limit-req: DELAYED
X-Firefox-Spdy: h2

voe.sx/e/h9imclcek28s

186.2.163.208

200 OK

0 B

URL HTTP/2
voe.sx/e/h9imclcek28s
IP
186.2.163.208:0
ASN
#262254 DDOS-GUARD CORP.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e/h9imclcek28s HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=LPoozGa2y6O8Y4eIzWy1; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6IlZMbWVJd3J2eTBycXRISm5kY0l4aXc9PSIsInZhbHVlIjoidnVvTDExQVEzcDNaSHBzMXV4aVBGc1lNcmlBdlFpV3J6RHFMZjYxcDh6dTcxL21lOHhRYW9iK252cnF4WEgzQ3hoNHdvaTBLVGNnOTAvN0dkcWFHYXoyZE1tcWh5ejd3ajNzc3hUalFqUWpwRzgvM25tNzA4bVh3ay9WQTVGYWUiLCJtYWMiOiIwNTc1NWE4ZDQyZDUxNDNhMTdiZWU3YzIxMjk4NjRhMmVkNzE1NDRjZTcwNmM0MjE1YjQ0ZjgyOTY1MWVjNWQwIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6Im1zN0pVS3NCNGpzSkxiZHhjVzRxT1E9PSIsInZhbHVlIjoiMGljMGZzUE5KMWFaOC9LN3hLT2FaOWlFNGx3ZUhQZ3BuT1FmeEU5V25mQU51UnVXUFNtZ1hvS25CUWo3TmlkaWJkWTBIUUFmOTdDM1o0dm9GZ1BFeHpnRXdaeFNQa2JRdUhqRm9randQUlhPb2lONDNwNldsOFF4eEd5WGpmTUwiLCJtYWMiOiI0MThkYjE4NTg4ZDZmM2FiMjViNWVjYWM0YjhhYjRhZTMyMDQ5NjJmMmRiYTNjNWM5NDBmZjhjZjc5Nzk2ZTRlIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2

voe.sx/e/nzoya3niyhs0

186.2.163.208

200 OK

0 B

URL HTTP/2
voe.sx/e/nzoya3niyhs0
IP
186.2.163.208:0
ASN
#262254 DDOS-GUARD CORP.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e/nzoya3niyhs0 HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=Ifoju92sBrHgRu5QOg6r; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6IjRzUUE2UUZCM2w5SnhuR1NJS2xRSmc9PSIsInZhbHVlIjoiKzNQcVo3cUQ1Qm5PL082citVc0djY1NQMExsYVdyMVZ4R21wSlZGSjVOOGZkSXBRL2ZwUTAwUmd4OXRHbVdudzZpS3lORXhCeHAxc1Rxd3RJRGdHTVMzdmlGU3RWbGxyVEdENVJFTU9iLzFIZmV5NzBOSTEvcXlQZGQ5TVd2eHIiLCJtYWMiOiJiMzUyMTcwOWU5NTNmOWUzYTBjNDNjYmFkOTJmOTMzNzA2YjJlMWRkYTVlNDk0ZWUwY2IwNDMxZTA5ZWVkZDk5IiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6InhBVzZFc3RpTVQwU2FGM1JBeGlRNEE9PSIsInZhbHVlIjoiaFBtOHFQS3RwRkozMmlnNTQ1SFdINEZ4SGZkVEdYU0V1cFlRdnY2c094VUp0RFp4ZGFaSVZmdkZJREpYRmtsN1FtTk9EekMvSEhXVEFJRW9oRWhMaFRMY2o2TFk4aTVVSWlKNU4xWnJiYmJISHBaTzd4V1ZJYklzUXM5MTA1d1YiLCJtYWMiOiI3MzMyZWU2YzRmNjIwYzZjMmEyYzk0ZGNhZWViYWQ1YzFlMWU1MzdkYjg3NDcyMDlkMDg0YzkyZmEyZTlhYmRkIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2

unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js

104.16.122.175

200 OK

0 B

URL HTTP/2
unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
IP
104.16.122.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /jquery.cookie@1.4.1/jquery.cookie.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sun, 27 Apr 2014 20:04:54 GMT
etag: W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
via: 1.1 fly.io
fly-request-id: 01G75513388K1MR4R8RW1AYXTV-fra
cf-cache-status: HIT
age: 12721403
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7716dc4c287eb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

hqq.to/e/VStsYVBLaXFrQldDdkIyeEpRMnFFdz09

190.115.19.71

200 OK

0 B

URL HTTP/2
hqq.to/e/VStsYVBLaXFrQldDdkIyeEpRMnFFdz09
IP
190.115.19.71:0
ASN
#262254 DDOS-GUARD CORP.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e/VStsYVBLaXFrQldDdkIyeEpRMnFFdz09 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=fcXZfZQMiQHzGeV04y8I; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Mon, 28 Nov 2022 23:25:05 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: EXPIRED
x-inferno-location: player
x-inferno-limit-req: DELAYED
X-Firefox-Spdy: h2

voe.sx/e/ie6adviv8dg5

186.2.163.208

200 OK

0 B

URL HTTP/2
voe.sx/e/ie6adviv8dg5
IP
186.2.163.208:0
ASN
#262254 DDOS-GUARD CORP.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e/ie6adviv8dg5 HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=4iHhVo7GCwP5BZVaKDGx; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6Ikw1Z1RnVTNLV0NhWFgrcEEzQ0tTUlE9PSIsInZhbHVlIjoid2UrWEtMeWJDRTl2YzNrbWs4d1B0aE1TK1ZKK2paTitnalhGZHFmQm5YT3I5amg5MGtJc2hoRkdlSWpZTXpVWThnbTI4VURlNjYxcnR4V2R5a0JmRUlVY0doNXJUTklsSDVCdlpsWkh1Ungva1pMUGQ0Z1NwWmQ4V04wa0VibGUiLCJtYWMiOiI2NTM2YTUwYWNmYzc4Mjg5YzRlNjlmNGUwMWNlZWYyMTNlMDg4ZmEyMzU1MDc1MTdiNGY4MWRjZGQyMDY4MzVhIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6IjFnVnpKUUxCR2RrMmh4aXlMdHJod3c9PSIsInZhbHVlIjoiWTgrVFlqeFV2elJMbm1UdEhXTlliSFJvdGFIU285Um5jNWdmK25jSEh5UVVsNlc4ZkVJbER0bW94UWlvQVJBd1FZTitHTzVtTE5DTVBHaEYvTjhmWDFNVEcxdU5ZTkhtTmpCb2oxcGtETStTMXRGVm1XbUJ0ak5pRTUwNGtOcGsiLCJtYWMiOiJjMjQzMDBjMjMzZmEwYTQ0ZDUyNGMyZDMxZmUwMTA3ZDJhZjVjODEzNDVjY2Y5YmE2OTE1NjNmM2ZmYmJmYmQ0IiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2

dood.re/e/m525mgs6tq2c

104.26.4.50

200 OK

0 B

URL HTTP/2
dood.re/e/m525mgs6tq2c
IP
104.26.4.50:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e/m525mgs6tq2c HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9BPd6GiUjVTeDGzER3VMbk6G9skiQFTbWwsVtfeUeK2G97GeIMMu8l7uX%2BHt0ISU84E8Wbha3f8BCn2sZglSDMWcvkmWzF%2F1o6Tt6X1r5FTZGK0wzCI%2B4Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc489803b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dood.re/e/gwu7u46ltpt8

104.26.4.50

200 OK

0 B

URL HTTP/2
dood.re/e/gwu7u46ltpt8
IP
104.26.4.50:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e/gwu7u46ltpt8 HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5%2B3mas0s4pci8i9gJGsmLuHfPgRfXhcyoCm6huRb2WHZE90Adwp1bWNFe0rRMm%2B1siTJTpSW%2BzQCEmsQ7Ja%2Bx4POLACfTDPWPyBtQNvKEV5GKFsGKYv28U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc461d44b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dood.re/e/bnx3fas0chf5

104.26.4.50

200 OK

0 B

URL HTTP/2
dood.re/e/bnx3fas0chf5
IP
104.26.4.50:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e/bnx3fas0chf5 HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49PZ0iy%2BDhvNhwyoEcY%2F6VXztsqgWn4ECcWz0QsVllCXr7QegUY%2BRl9q8gMUF3%2FPGq%2BBGVwKmQR7ZHjEO1MX24yYNJSlu0C%2Bi2%2BRORawiqCFfK1%2ByS%2FsjVs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc461d4cb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

voe.sx/e/y1aae48mmx2r

186.2.163.208

200 OK

0 B

URL HTTP/2
voe.sx/e/y1aae48mmx2r
IP
186.2.163.208:0
ASN
#262254 DDOS-GUARD CORP.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e/y1aae48mmx2r HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=JNSzP8isKzOqhJOxHaMg; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6IjNadGx4aVJrMDhIYXpYeUx4ZS9xMGc9PSIsInZhbHVlIjoiY1hiL0tDclpaUmtFK1ZPV3FQTStJL1NWZW5rK29XclBnOTVxWityb2RUZWRnam44alVVRE5kczdnWGlGMDlxRU1Dd0hLMElpZVI3Z2t4NjdRdzhYcHREY01sZnpzdDdBQ2tRRXpnS3d6YjRBOHU3NkVxaGxMYXFvam15WmpyT3QiLCJtYWMiOiI4MzNiMzEwZTM3M2U3NDA3NzZkMGRhOTlhZWZiODcwYjg1Yzg4NGFkZTM4ZWEyYmJlNmMxMDM0ODQ1OWU3NjcxIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6IldOOUhYTmtPV3dpTzlVeXRJemZqTWc9PSIsInZhbHVlIjoiVnUydGt6eGhMRmFDWGhsT3REWG5kQlgzQ3JxREt5V2psRGgwVEFXUXFZejNTL0VaQmJ6N0I3cEQwTVdBODFMK1FyNE5JbnBicDJuOTdZbEVlS2g5V1RpUmFOUndkZ0gxTyttcEF2Mk5ncWxSL3VGY0YzUWxRakpuVkpXY0NmeHEiLCJtYWMiOiI5ZTVlN2QyNDlkNzUzMjRkMjI0Njc5OWJiYjg3MmM2NDE3NTViZWZjMGIyY2ZmMmQxZGY3ODkwMjg4NTNkNWVkIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2

unpkg.com/jquery@2.2.4/dist/jquery.min.js

104.16.122.175

200 OK

0 B

URL HTTP/2
unpkg.com/jquery@2.2.4/dist/jquery.min.js
IP
104.16.122.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /jquery@2.2.4/dist/jquery.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Fri, 20 May 2016 17:24:42 GMT
etag: W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
via: 1.1 fly.io
fly-request-id: 01G754SVY4BFC19MXYRYRMED91-fra
cf-cache-status: HIT
age: 12721403
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7716dc4c1870b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

dood.re/e/6u3675kyxx05

104.26.4.50

200 OK

0 B

URL HTTP/2
dood.re/e/6u3675kyxx05
IP
104.26.4.50:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e/6u3675kyxx05 HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sq8p%2FxWAp0QRUWaFlweXHupf%2Btd7H%2BgxggrXdT6g7nBK1Cb9vmIIvV9FC4HgPOAUw9Zov02W7vVnwVy8%2BWM2TolKZ2Z1WaE3BoiK8D6v8QoRWKNC9x6G4XY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc461d46b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dood.re/e/0nq7oqhrd7lg

104.26.4.50

200 OK

0 B

URL HTTP/2
dood.re/e/0nq7oqhrd7lg
IP
104.26.4.50:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e/0nq7oqhrd7lg HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dz2zZ3TmPHhNaA5qOCejUAeorGmSmsg2FWFY3gGUiGf2naSAj5qPGm6GNJdMBxdn2Jn2uz1J%2ByJ4d%2FZNUNuUdCYtmEp3u9IDrVSA0tS3oZwQydEoSMobObc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc461d65b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

voe.sx/e/4qtojd0ibk6l

186.2.163.208

200 OK

0 B

URL HTTP/2
voe.sx/e/4qtojd0ibk6l
IP
186.2.163.208:0
ASN
#262254 DDOS-GUARD CORP.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e/4qtojd0ibk6l HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=E3C9MSxB60QAt0wWoGWP; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6IjJ5QjJYeUFLeFZNOGRIeXBuNC9HUlE9PSIsInZhbHVlIjoiUUZOaWFla0RXNFYySE9qbTdnTENYRDljMmpjMVE2L1pndHpVVGdsRHdvRnpDdit0ZmRYS2ZEQ3BKbkNBMVRmUGRlQTc2dGEwaFFQRzJEQWtzTmxNQW4xdDBXd3U2b3BGR2Q3N2dwaFFsb2c5ZVlEN2NKalNJOXdZbzdIKzYrWmoiLCJtYWMiOiJkYzdiYzAxMDU2ZDc5NDAxMGJmOWFlZDg4YTYwOTFjYzJhMDhjMDJkZGU1NTcyZjYwOTZjYTRjODIxZDExYjYxIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6InYvVzJGMlI4MnVoN2JGcVpZTXVkK3c9PSIsInZhbHVlIjoiNU9CT0xINVR2ZUhVbTdPSjdBRzFxM2NrMW5RTXRLL1pvMWV2RUpJa2hYTVRNbmIzUllEUzM3UmhSclVGVE9tTTJ0NUxBMXpzY3lNSHdMUUM5RjNsVzdHL1ZEUmppSFdZK1p1UFpwNWQ2RWNRV0tyNXIzVFIyd0duRVQ3SnR5ZnAiLCJtYWMiOiJjZjJmMjg2ZDI4OTgxYTMxOGQ3NDY3YWE3NDgwNjBjMzI2MzJiN2FlNGVlYmI0YWU1NjJhNDFlYjBhOTI1YzVjIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2

testingmetriksbre.ru/f.php?sid=212040

104.26.1.119

200 OK

0 B

URL HTTP/2
testingmetriksbre.ru/f.php?sid=212040
IP
104.26.1.119:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /f.php?sid=212040 HTTP/1.1
Host: testingmetriksbre.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:04 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGbZE%2FKDInAAqg3jYDViqN2zZuO16oE7TKsVp4HoiJMhFYZ4mAC3FLhfZQS0corZPbc8IG6TVtn9LGAY8ToMyEysyvuBcVDm5lb34vdwIObkFXex4risWmbk11PmI5WnjMvV4Fky"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc546a63b505-OSL
content-encoding: br
X-Firefox-Spdy: h2

dood.re/e/ic4ay5zfpu12

104.26.4.50

200 OK

0 B

URL HTTP/2
dood.re/e/ic4ay5zfpu12
IP
104.26.4.50:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e/ic4ay5zfpu12 HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ul6qBmq3ZRTdIsziZ%2Facr9qGi60fty8xFFkpRBcwum2xtEkn2KptNfYN7f5DzIC%2BC1HmZ9Qxa4%2FJ3jBqnP8%2FJk%2Fkq4%2F4%2BUKX8nLyhvw10un40MaqUvYbk6k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc46fe38b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dood.re/e/ll5fi4zmswql

104.26.4.50

200 OK

0 B

URL HTTP/2
dood.re/e/ll5fi4zmswql
IP
104.26.4.50:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e/ll5fi4zmswql HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Z9N%2FoXZQWYG%2BOmHRhPIBO4wtLuPXP%2BD7j8yrF6PHeWh32Ev9BJ68tuwhS7thlunKXw7OwJhU8U1Mb1B2iAAlzW%2B4RBNjkl5gTCMM%2BCNACAW1ZouNDX6jRQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc462d6cb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

voe.sx/e/tuuhivyqsm27

186.2.163.208

200 OK

0 B

URL HTTP/2
voe.sx/e/tuuhivyqsm27
IP
186.2.163.208:0
ASN
#262254 DDOS-GUARD CORP.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e/tuuhivyqsm27 HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=1v3xqGjmIvDV2Gtouqen; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6ImNXZFhUWlJiRE5YcFdiN1dOcUw1UGc9PSIsInZhbHVlIjoiWmNZcVAzL2UwQmZvRG1CaWJpcVZNVzdkaDBtQnpaeEtEVzhNanh3V3VZeGF3ZUhhcHpRK3J5d3pReGM2TUlkU1prMU1BTXk3N3ptMFVMVlAvNHNtbk5lVXRBYzJCaG5sU3VhcC9yelpLR0VLeDdybEZtRUVqamFXUUxhMFRkQngiLCJtYWMiOiI4NGFkZDBiNzc2YzZkOGUyOWFhMWIxN2U1ZmJhMDA5MDYyOTRiZDVmNDE3YTlmOTE4NDFhNzJiNmYxYjRkZmU4IiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6IlB4MmF2WkRmbzNNV3YzTGg2MCtmbUE9PSIsInZhbHVlIjoiL2trL0p3S1Z2ZTNYYU8wbGx0eG9FN0FJeEp1dzU4SzI1YURNZU5TQjZmRVV6czlMdFdWZWZWdmhCWlhib2grblFlRFJRVVdaSWdQN3cvQVM5dVhKMjRuaTN1QWdpT0xBRlRzc3VGUndXWlQ3ZlRXdFkzZC96cnQ1STJ5NzkxWnYiLCJtYWMiOiI2YjJjNzBlZWI0ZDliOTY0ZTY5ZDlkMmQ5Yzg0ZGZjYjI5MjU1NTNkMmRmZjg4NmMxMWNjN2YzNzEzNjUyYzlhIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

0 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:25:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

hqq.to/e/eFpwOU54MHRpYXFZOHlUejBCUVphQT09

190.115.19.71

200 OK

0 B

URL HTTP/2
hqq.to/e/eFpwOU54MHRpYXFZOHlUejBCUVphQT09
IP
190.115.19.71:0
ASN
#262254 DDOS-GUARD CORP.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e/eFpwOU54MHRpYXFZOHlUejBCUVphQT09 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=yQBQMun0lU1ed7DB4tJ0; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Mon, 28 Nov 2022 23:25:07 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: HIT
x-inferno-location: player
x-inferno-limit-req: DELAYED
X-Firefox-Spdy: h2

hqq.to/e/YTRVQkhzQ3RwWEpaTk5ZRjFNVnZKZz09

190.115.19.71

200 OK

0 B

URL HTTP/2
hqq.to/e/YTRVQkhzQ3RwWEpaTk5ZRjFNVnZKZz09
IP
190.115.19.71:0
ASN
#262254 DDOS-GUARD CORP.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e/YTRVQkhzQ3RwWEpaTk5ZRjFNVnZKZz09 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=0XT3AHRCL1keg93mrQlM; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: EXPIRED
x-inferno-location: player
x-inferno-limit-req: DELAYED
X-Firefox-Spdy: h2

hqq.to/e/OTlXWTEwL29mcDVCNE9raFJIZE1yQT09

190.115.19.71

200 OK

0 B

URL HTTP/2
hqq.to/e/OTlXWTEwL29mcDVCNE9raFJIZE1yQT09
IP
190.115.19.71:0
ASN
#262254 DDOS-GUARD CORP.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e/OTlXWTEwL29mcDVCNE9raFJIZE1yQT09 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=btnGsSeX6cRa6p1YCElk; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Mon, 28 Nov 2022 23:25:03 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: EXPIRED
x-inferno-location: player
x-inferno-limit-req: DELAYED
X-Firefox-Spdy: h2

hqq.to/e/Tm1RTG1MTldhVDZZTndSWSt1blkrZz09

190.115.19.71

200 OK

0 B

URL HTTP/2
hqq.to/e/Tm1RTG1MTldhVDZZTndSWSt1blkrZz09
IP
190.115.19.71:0
ASN
#262254 DDOS-GUARD CORP.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e/Tm1RTG1MTldhVDZZTndSWSt1blkrZz09 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=UqXaItX0hUH9CsDu0hF5; Domain=.hqq.to; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
date: Mon, 28 Nov 2022 23:25:04 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: EXPIRED
x-inferno-location: player
x-inferno-limit-req: DELAYED
X-Firefox-Spdy: h2

dood.re/e/srmgt80kffht

104.26.4.50

200 OK

0 B

URL HTTP/2
dood.re/e/srmgt80kffht
IP
104.26.4.50:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e/srmgt80kffht HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:01 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLyIQ7IjAMRXZ3ZLXfFuSweMUr1AUO6XvGY5VT%2BLUgAtbNnx6wN8jSL0dUvf7vimSw%2B4uns62m76ihK9FdSci26%2BMjN8ZJ0pdsVleAW7PjA0LpL%2BKRtJBhQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc460d39b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

voe.sx/e/wd1ektaxzwsm

186.2.163.208

200 OK

0 B

URL HTTP/2
voe.sx/e/wd1ektaxzwsm
IP
186.2.163.208:0
ASN
#262254 DDOS-GUARD CORP.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e/wd1ektaxzwsm HTTP/1.1
Host: voe.sx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Mon, 28 Nov 2022 23:25:02 GMT
set-cookie: __ddg1_=zZfmpZ0gmoeoU8fldvCs; Domain=.voe.sx; HttpOnly; Path=/; Expires=Tue, 28-Nov-2023 23:25:02 GMT
XSRF-TOKEN=eyJpdiI6ImpydXVvcy8zbjRsN1FtOGxSY0lHRlE9PSIsInZhbHVlIjoiOGN5YUxzYUI3K0U3blBXUDk5eXMxaDFNNU5pVkFuMzF3T3FPQUFEMTlpM1Zsb3QybTM4T2E5S1U3Q0d4dFAvcHB4bSs3RXkxdEh3NnFTbWxRV2tsV3V4TDBXbmV6UU04NTMxaW1RK2dEUGxuYnRqanNMVFE5b3ExbXphZWJZV0QiLCJtYWMiOiIxMTBlOGVlZDg3MDQwNjQ4MjA2NmQwM2QxZTBjMzg1NzU5MzkwOGM2NWY4NTk3MjZiMmQzY2Q4Y2RhNTBiYzc5IiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; samesite=lax
voe_session=eyJpdiI6ImE1QXBtUyt1QW5VNzNWUzNYQ3U0emc9PSIsInZhbHVlIjoiYVdaYXNFNlJnTnY4TnJYaFh2cklWR2pwSDF1MjZmbWkrTzM4aVdlc3Bsd3UvRlp6MmdlVlQzUmdIR3NzVUZqTjhYc2U3aVVWV3RDSUlqOUx4S1ppelFTVVVvVkN3Yld1K1Q4Z0ZLL0pMTkVvVTE0bmRUSThFR2R6ZnBKTllvdHEiLCJtYWMiOiIzMzFiYzEzODFjYzVlY2FhNWU4ZmRkYTA4NjMwNTdjZmNhOTEzOWY2NjE1YzdjODYzODEyNDY1ZjcxMzlmM2RjIiwidGFnIjoiIn0%3D; expires=Tue, 29 Nov 2022 01:25:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
X-Firefox-Spdy: h2

dood.re/e/6t12jqejl6z8

104.26.4.50

200 OK

0 B

URL HTTP/2
dood.re/e/6t12jqejl6z8
IP
104.26.4.50:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /e/6t12jqejl6z8 HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seriale-shqip123.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 23:25:02 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 23:25:02 GMT
set-cookie: lang=1; domain=.dood.re; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18zZEBL9GxPPNWZGWwm%2FUni1Cb5WBgYpuxqHTPLQAnSMF4%2B%2BQE85%2Fy3PoHGxze11e0Wzo5%2BdrIJulxgbSbURKOvRNom7p0K4jQD%2BPhlLiT%2BY17aD1HS4VXY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716dc48b821b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (178)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations