Report - veloxcinetv.ct.ws/

Report Overview

Visited public
2025-03-23 22:25:46
Tags
Submit Tags
URL
veloxcinetv.ct.ws/
Finishing URL
veloxcinetv.ct.ws/?i=1
IP / ASN
185.27.134.202
#34119 Wildcard UK Limited
Title
VeloxCineTV – VeloxCineTV es tu plataforma de entretenimiento en línea, donde encontrarás una amplia selección de películas y series para todos los gustos. Disfruta de contenido en alta calidad, actualizado constantemente, y diseñado para ofrecerte la mejor experiencia de streaming. ¡Bienvenido a la nueva forma de ver cine y TV!

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
veloxcinetv.ct.ws	unknown	2024-11-01	2025-03-23	2025-03-23	18 kB	979 kB	185.27.134.202
image.tmdb.org	17757	2009-09-15	2021-01-09	2025-03-18	1.4 kB	165 kB	185.59.220.199
aiharsoreersu.net	unknown	2024-12-06	2024-12-06	2025-03-21	6.6 kB	86 kB	139.45.197.122
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-03-19	907 B	50 kB	142.250.74.10
tzegilo.com	unknown	2022-01-14	2022-01-14	2025-03-19	412 B	19 kB	172.67.193.52
fleraprt.com	unknown	2022-01-14	2022-01-14	2025-03-23	1.2 kB	912 B	139.45.195.252
ileeckut.com	unknown	2022-08-22	2022-08-22	2025-03-16	9.1 kB	140 kB	139.45.197.115
analyticsstar.com	unknown	2019-07-02	2019-07-02	2025-03-17	1.1 kB	2.1 kB	172.67.132.121
my.rtmark.net	9054	2014-10-29	2015-02-04	2025-03-19	441 B	840 B	172.64.146.234
groleegni.net	unknown	2024-08-26	2024-08-26	2025-03-18	3.8 kB	145 kB	139.45.197.106
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-03-19	2.2 kB	164 kB	142.250.74.35
oomaugnaps.net	unknown	2025-01-21	2025-02-03	2025-03-19	946 B	33 kB	104.21.7.134
trk.trk4u.com	unknown	2024-03-22	2024-04-11	2025-03-18	777 B	1.1 kB	142.250.178.115

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-03-23	medium	aiharsoreersu.net	Sinkholed
2025-03-23	medium	aiharsoreersu.net	Sinkholed
2025-03-23	medium	aiharsoreersu.net	Sinkholed
2025-03-23	medium	aiharsoreersu.net	Sinkholed
2025-03-23	medium	aiharsoreersu.net	Sinkholed
2025-03-23	medium	aiharsoreersu.net	Sinkholed
2025-03-23	medium	groleegni.net	Sinkholed
2025-03-23	medium	aiharsoreersu.net	Sinkholed
2025-03-23	medium	aiharsoreersu.net	Sinkholed
2025-03-23	medium	aiharsoreersu.net	Sinkholed
2025-03-23	medium	oomaugnaps.net	Sinkholed
2025-03-23	medium	oomaugnaps.net	Sinkholed
2025-03-23	medium	aiharsoreersu.net	Sinkholed
2025-03-23	medium	aiharsoreersu.net	Sinkholed
2025-03-23	medium	groleegni.net	Sinkholed
2025-03-23	medium	groleegni.net	Sinkholed
2025-03-23	medium	groleegni.net	Sinkholed
2025-03-23	medium	aiharsoreersu.net	Sinkholed
2025-03-23	medium	aiharsoreersu.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (26)

	URL	From	Size	First Seen	Last Seen
	veloxcinetv.ct.ws/?i=1	ScriptElement	799 B	2025-03-23	2025-03-23
Pretty URL veloxcinetv.ct.ws/?i=1 IP 185.27.134.202 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-23 22:25 Last Seen2025-03-23 22:25 Times Seen1 Hash 65f31c02de217cf44c14abaf89330545 16d4ecc2fffab590dde571f6c5e3a80041cd8784 5c59a953fa1ff7d21b340b3858c9bcabdfdbec9752de9b3aae819d737505943c Loading...

	veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/front.scripts.min.js?ver=2.5.5	ScriptElement	4.8 kB	2023-03-07	2025-07-04
Pretty URL veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/front.scripts.min.js?ver=2.5.5 IP 185.27.134.202 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-04 17:04 Times Seen778 Hash 2731772e163f205b1c9e24a5c6c7b470 81bdbbc6fcb56e622ddfd6a6d28e72493e3f2329 55974bc676581db39c8e596c87ebd046b4439fdb6c381e4270b43f6065393623 Loading...

	veloxcinetv.ct.ws/?i=1	ScriptElement	251 B	2023-03-07	2025-07-04
Pretty URL veloxcinetv.ct.ws/?i=1 IP 185.27.134.202 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-07-04 18:18 Times Seen1093 Hash 04310cf79011cebea3fb86da6f8899ee 520edb1c3b8cf22b346c3b8b120e4b1a163771fd e8da77a33828f2b4837adc6f2cf91a7ed9c3240f1679a195c51d19ac2ebda4a1 Loading...

	veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/front.ajax.min.js?ver=2.5.5	ScriptElement	15 kB	2023-03-07	2025-07-04
Pretty URL veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/front.ajax.min.js?ver=2.5.5 IP 185.27.134.202 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-04 18:18 Times Seen672 Hash 01688e7db55bb122da5ecf1ecd76dc19 127abb99dda567124ed64e89357caafdb672b528 ebc7ea4f07c0230971ae1fbf81c235b1b20b8cff373f76d86dce9d10350b335b Loading...

	veloxcinetv.ct.ws/?i=1	ScriptElement	177 B	2025-03-23	2025-03-23
Pretty URL veloxcinetv.ct.ws/?i=1 IP 185.27.134.202 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-23 22:25 Last Seen2025-03-23 22:25 Times Seen1 Hash abf0f0954981f94cadbcab01af5f7045 4e161dba4e21fba03ad491399b0191c18cc72d10 37ebfcd346180d8bc1371a22e22c3e5f517e225eae52fcae3dab86290a7db170 Loading...

	veloxcinetv.ct.ws/?i=1	ScriptElement	2.6 kB	2025-03-23	2025-03-23
Pretty URL veloxcinetv.ct.ws/?i=1 IP 185.27.134.202 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-23 22:25 Last Seen2025-03-23 22:25 Times Seen1 Hash 7cc0bd452713fd424f5f480cbc32ff1c 579a7dc73786958c5edb9090c808710e7d89d09b ae448a61d257e448c9536ce97a1fe527835ffe440b7202467e84f1688a8bb676 Loading...

	veloxcinetv.ct.ws/?i=1	ScriptElement	28 kB	2025-03-23	2025-03-23
Pretty URL veloxcinetv.ct.ws/?i=1 IP 185.27.134.202 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-23 22:25 Last Seen2025-03-23 22:25 Times Seen1 Hash 284e22c43bde7681216e1caa13fe1118 7b9976436592160f7cf1f14c9ad8d2d99f6295d7 2070c58f71857d8b6bada9af595c9b5da6b440886c4b9e756527637cad4fce2d Loading...

	veloxcinetv.ct.ws/?i=1	EventHandler	8 B	2025-03-23	2025-03-23
Pretty URL veloxcinetv.ct.ws/?i=1 IP 185.27.134.202 ASN #34119 Wildcard UK Limited Introduced by eventHandler Embedded in HTML false Observations First Seen2025-03-23 22:25 Last Seen2025-03-23 22:25 Times Seen1 Hash ae2b5f2da4485c932ace14c9afb6b716 45e4bde3ae57fa7de88a462bcea44cbe82eb384d 80de0481a97dec18d6c48aaa7d66ba028212f793bf807c9cdfcfb589f97c6428 Loading...

	veloxcinetv.ct.ws/?i=1	ScriptElement	67 kB	2025-03-23	2025-03-23
Pretty URL veloxcinetv.ct.ws/?i=1 IP 185.27.134.202 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-23 22:25 Last Seen2025-03-23 22:25 Times Seen1 Hash cdf70e94e0eeab1b1a70f30cf49f5fe5 392da73c4504b79ec8bd73ea60d55e78e5d0889a 0f686cddba270438173e55c52f6689bdefb86869db3ad7251f660883d65528da Loading...

	veloxcinetv.ct.ws/aes.js	ScriptElement	14 kB	2023-10-15	2025-07-05
Pretty URL veloxcinetv.ct.ws/aes.js IP 185.27.134.202 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-15 19:29 Last Seen2025-07-05 02:00 Times Seen3389 Hash fc66e046447092c606f2587837f96874 fcf354a8044f494ee1f9fe868dde3f570f50e593 5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96 Loading...

	veloxcinetv.ct.ws/	ScriptElement	590 B	2025-03-23	2025-03-23
Pretty URL veloxcinetv.ct.ws/ IP 185.27.134.202 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-23 22:25 Last Seen2025-03-23 22:25 Times Seen1 Hash 80a2d106422423a8e2134b5408127382 ce94113d8ceceb949b243d4628cb3baea6c0dc19 f1f8c899a4824c2e9143b3e773d5294b3d38b1b11b15a9be9a96d9edab13f4b2 Loading...

	veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/lib/isrepeater.js?ver=2.5.5	ScriptElement	10 kB	2023-03-07	2025-07-04
Pretty URL veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/lib/isrepeater.js?ver=2.5.5 IP 185.27.134.202 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-04 18:18 Times Seen857 Hash 6ceeb6d8b500945a6aaea27f52f6f5e6 4647a4865cb5ba5dce1057b3765044ec9559eec6 477f24a8aa73997ef9d469763c99d51a9a0e94826db0525b45542d9d7219e214 Loading...

	veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/lib/lazyload.js?ver=2.5.5	ScriptElement	7.2 kB	2023-03-07	2025-07-04
Pretty URL veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/lib/lazyload.js?ver=2.5.5 IP 185.27.134.202 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-04 18:18 Times Seen661 Hash c3acbd4a87d123bc6b7e4ef753e63570 3042ebd6ace02f8a053f22c5eb76c0aaec870065 10b8714eb5a412ab0bece0bef0fcd9553a38cd0bead58a752e346d6779051373 Loading...

	veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/lib/pwsscrollbar.js?ver=2.5.5	ScriptElement	45 kB	2023-03-07	2025-07-04
Pretty URL veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/lib/pwsscrollbar.js?ver=2.5.5 IP 185.27.134.202 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-04 18:18 Times Seen680 Hash 971c9dba00bafafbbefeec7e58dfc432 ea7fbe2e8c2725baccf3aa09fc52244708218620 8d66e5d985349af924510cf978564a7d84164741de08f173d1fa61f0b1c2960c Loading...

	veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/lib/idtabs.js?ver=2.5.5	ScriptElement	1.5 kB	2023-03-07	2025-07-04
Pretty URL veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/lib/idtabs.js?ver=2.5.5 IP 185.27.134.202 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-04 18:18 Times Seen859 Hash 3665ff6f8d2bf5a2af3de5d6e333a7c0 db9f6a2b874f7c24a5827f0f1d679ed3c7d7b7e5 2eb9d605c096771e0669e09ac60207d6171bd255b20416d07a4f14aca62a5df6 Loading...

	veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/front.livesearch.min.js?ver=2.5.5	ScriptElement	4.7 kB	2023-03-07	2025-07-04
Pretty URL veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/front.livesearch.min.js?ver=2.5.5 IP 185.27.134.202 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-04 17:04 Times Seen780 Hash 0eea0408655c01545c25f142ecd898fd 1bb9d98a7fee41318007652d0723141704a658e6 5991b17b41002817f208207448eb82392a618a9b6bf9f4ca2c8e84815769a722 Loading...

	groleegni.net/401/9124084	ScriptElement	136 kB	2025-03-23	2025-03-23
Pretty URL groleegni.net/401/9124084 IP 139.45.197.106 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-23 22:25 Last Seen2025-03-23 22:25 Times Seen1 Hash 80b1c159baa304d11dfeeb118ffcc011 9a7964d8b691d72f0cf8c9e8bd8eefc50510eab5 7c89c5071b8c70f939bc451a0113820a99c32ba2b93ad9667ab9425d0db11ee7 Loading...

	veloxcinetv.ct.ws/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	ScriptElement	88 kB	2023-11-03	2025-07-05
Pretty URL veloxcinetv.ct.ws/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 185.27.134.202 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26 Last Seen2025-07-05 03:56 Times Seen132097 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	veloxcinetv.ct.ws/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	ScriptElement	14 kB	2023-05-09	2025-07-05
Pretty URL veloxcinetv.ct.ws/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP 185.27.134.202 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21 Last Seen2025-07-05 03:53 Times Seen140553 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/lib/owlcarousel.js?ver=2.5.5	ScriptElement	24 kB	2023-03-07	2025-07-04
Pretty URL veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/lib/owlcarousel.js?ver=2.5.5 IP 185.27.134.202 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-04 18:18 Times Seen842 Hash 56e770f95a9cb2ce06d6b044f93c24fa 003bdb37bbd8cfd296bcffff38ce601b6b7df8dd ecc9ea285df7f95f79c647d1cfaca566239d68fcb183aa274fda98f33fce813e Loading...

	veloxcinetv.ct.ws/?i=1	ScriptElement	28 kB	2025-03-23	2025-03-23
Pretty URL veloxcinetv.ct.ws/?i=1 IP 185.27.134.202 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-23 22:25 Last Seen2025-03-23 22:25 Times Seen1 Hash 91d14da35f710d43de3b80f4861ec977 8517e6ad59bf6eab3f35d6e3d76e1764dc0d262b b188ef8f3215a08d3351677299ce974e2f171c5079ea89f744e72ab4e2d0f9be Loading...

	veloxcinetv.ct.ws/?i=1	ScriptElement	243 B	2025-03-23	2025-03-23
Pretty URL veloxcinetv.ct.ws/?i=1 IP 185.27.134.202 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-23 22:25 Last Seen2025-03-23 22:25 Times Seen1 Hash bb78c5495125f73d968be9259b78f7f2 380d3c2362687e5982b9ed40d18b5444e2a84c7a b5962bbeac67348b182d5c5fc5c69ac976f01d18e24313eeeb5951e4d270f93c Loading...

	veloxcinetv.ct.ws/?i=1	ScriptElement	594 B	2025-03-23	2025-03-23
Pretty URL veloxcinetv.ct.ws/?i=1 IP 185.27.134.202 ASN #34119 Wildcard UK Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-23 22:25 Last Seen2025-03-23 22:25 Times Seen1 Hash 9688f9184bd6109a96f7f8067840e73f 3cd35226b0492e51d6c951c1eb64932a47ad3f56 8c095486870d11c985f4d9e11d1ecb5e19bfbd1f5b316cb562cc25b407d4aad1 Loading...

	aiharsoreersu.net/ntfc.php?p=9124076	ScriptElement	12 kB	2025-03-21	2025-03-23
Pretty URL aiharsoreersu.net/ntfc.php?p=9124076 IP 139.45.197.122 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-21 08:47 Last Seen2025-03-23 22:25 Times Seen3 Hash e1f4a392393b496c9432e2331e292d6e 98f27ff7905510c029f039b3016eead598590c6d 44b5e61faf2a4f117415ce4087b8d5f60472ba4b1f14f696a4d51312a40ced8a Loading...

	ileeckut.com/400/9124080	ScriptElement	128 kB	2025-03-23	2025-03-23
Pretty URL ileeckut.com/400/9124080 IP 139.45.197.115 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-23 22:25 Last Seen2025-03-23 22:25 Times Seen1 Hash 31cd025d2ebb461c5232a44bc975240f ba1e156ee553c4c13a146ae33ca17f4908457d92 43e78dac607880f9e07e9611f2a80c088b419f8daab4c44f90f310f101c59a23 Loading...

	tzegilo.com/stattag.js	ScriptElement	18 kB	2024-07-11	2025-07-04
Pretty URL tzegilo.com/stattag.js IP 172.67.193.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-11 16:28 Last Seen2025-07-04 23:12 Times Seen2477 Hash 01227f5edc20e0ff4ed643b27cb8bb68 d71a88f7341f2b1bdaa7deb9a66888607bd52598 75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2 Loading...

HTTP Transactions (76)

URL IP Response Size

GET veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/css/front.style.min.css?ver=2.5.5

185.27.134.202

200 OK

97 kB

URL GET
veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/css/front.style.min.css?ver=2.5.5
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
97 kB (97357 bytes)
Hash
c09b8d324eea3e01ab0f0eb66aba27e8
23a640ee42f0d448a742bcb1f17dcd7661b3c4c9
35a6c6b08117a7c8239667d8c72c17f7e92fbaede64b3491b515642c0b86e677

HTTP Headers

GET /wp-content/themes/dooplay/assets/css/front.style.min.css?ver=2.5.5 HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/?i=1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:25 GMT
Content-Type: text/css
Content-Length: 97357
Connection: keep-alive
Last-Modified: Tue, 26 Nov 2024 23:29:03 GMT
ETag: "17c4d-627d936f27711"
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Expires: Tue, 22 Apr 2025 22:25:25 GMT
Accept-Ranges: bytes

GET veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/lib/pwsscrollbar.js?ver=2.5.5

185.27.134.202

200 OK

45 kB

URL GET
veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/lib/pwsscrollbar.js?ver=2.5.5
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
JavaScript source, ASCII text, with very long lines (45007)
Size
45 kB (45008 bytes)
Hash
971c9dba00bafafbbefeec7e58dfc432
ea7fbe2e8c2725baccf3aa09fc52244708218620
8d66e5d985349af924510cf978564a7d84164741de08f173d1fa61f0b1c2960c

HTTP Headers

GET /wp-content/themes/dooplay/assets/js/lib/pwsscrollbar.js?ver=2.5.5 HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/?i=1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:25 GMT
Content-Type: application/javascript
Content-Length: 45008
Connection: keep-alive
Last-Modified: Tue, 26 Nov 2024 23:29:05 GMT
ETag: "afd0-627d937152ada"
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Expires: Tue, 22 Apr 2025 22:25:25 GMT
Accept-Ranges: bytes

GET veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/lib/owlcarousel.js?ver=2.5.5

185.27.134.202

200 OK

24 kB

URL GET
veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/lib/owlcarousel.js?ver=2.5.5
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
JavaScript source, ASCII text, with very long lines (635), with CRLF line terminators
Size
24 kB (23938 bytes)
Hash
56e770f95a9cb2ce06d6b044f93c24fa
003bdb37bbd8cfd296bcffff38ce601b6b7df8dd
ecc9ea285df7f95f79c647d1cfaca566239d68fcb183aa274fda98f33fce813e

HTTP Headers

GET /wp-content/themes/dooplay/assets/js/lib/owlcarousel.js?ver=2.5.5 HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/?i=1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:26 GMT
Content-Type: application/javascript
Content-Length: 23938
Connection: keep-alive
Last-Modified: Tue, 26 Nov 2024 23:29:05 GMT
ETag: "5d82-627d937151b3a"
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Expires: Tue, 22 Apr 2025 22:25:26 GMT
Accept-Ranges: bytes

GET image.tmdb.org/t/p/w780/tElnmtQ6yz1PjN1kePNl8yMSb59.jpg

185.59.220.199

200 OK

57 kB

URL GET
image.tmdb.org/t/p/w780/tElnmtQ6yz1PjN1kePNl8yMSb59.jpg
IP
185.59.220.199:443
ASN
#60068 Datacamp Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint7B:19:E4:EE:DD:28:30:29:DF:C2:03:43:0E:3C:03:D3:6E:33:07:64
ValiditySat, 15 Feb 2025 15:13:55 GMT - Fri, 16 May 2025 15:13:54 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 780x439, components 3
Size
57 kB (56883 bytes)
Hash
c770b9f3b988ab76a932178d4e928498
fe02a3ba567acd8ff1581ff47e9f29d6e35605d5
62ea96e0604256963ec2b0cc1adf8ea3d5220ca6aaaa7a6c0df511e6e77df554

HTTP Headers

GET /t/p/w780/tElnmtQ6yz1PjN1kePNl8yMSb59.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 23 Mar 2025 22:25:08 GMT
content-type: image/jpeg
content-length: 56883
server: BunnyCDN-DE1-722
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "66bf4b47-de33"
last-modified: Fri, 16 Aug 2024 12:51:19 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 830
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 09/29/2024 02:01:46
cdn-edgestorageid: 863
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 4b1a2ac555ff82864896402f079c0092
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET image.tmdb.org/t/p/w780/msE9bXWt71TzGnhAt5H4Ak2g4xS.jpg

185.59.220.199

200 OK

49 kB

URL GET
image.tmdb.org/t/p/w780/msE9bXWt71TzGnhAt5H4Ak2g4xS.jpg
IP
185.59.220.199:443
ASN
#60068 Datacamp Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint7B:19:E4:EE:DD:28:30:29:DF:C2:03:43:0E:3C:03:D3:6E:33:07:64
ValiditySat, 15 Feb 2025 15:13:55 GMT - Fri, 16 May 2025 15:13:54 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 780x439, components 3
Size
49 kB (49215 bytes)
Hash
246a688ff1b4b322281f2d19912bc72b
e023e952690ddfe10e46f74875ecfafe07ccfbf4
97ef9925a129d997204c6e5d4d7b4ba15bd41013d02195e087debe9620c94aa1

HTTP Headers

GET /t/p/w780/msE9bXWt71TzGnhAt5H4Ak2g4xS.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 23 Mar 2025 22:25:08 GMT
content-type: image/jpeg
content-length: 49215
server: BunnyCDN-DE1-722
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "66420f09-c03f"
last-modified: Mon, 13 May 2024 13:00:57 GMT
cdn-storageserver: NY-427
cdn-requestpullsuccess: True
cdn-fileserver: 751
perma-cache: HIT
cdn-proxyver: 1.19
cdn-requestpullcode: 200
cdn-cachedat: 02/26/2025 17:01:29
cdn-edgestorageid: 1078
cdn-requestid: a33a02461d8e4e59790018cbe4c36d4a
cdn-cache: HIT
cdn-status: 200
cdn-requesttime: 0
accept-ranges: bytes
X-Firefox-Spdy: h2

OPTIONS aiharsoreersu.net/event

139.45.197.122

200 OK

0 B

URL OPTIONS
aiharsoreersu.net/event
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectaiharsoreersu.net
Fingerprint38:E6:6D:5B:7E:FB:32:78:05:E6:89:D8:A5:63:BC:EA:BC:CB:6B:98
ValiditySun, 23 Feb 2025 05:26:03 GMT - Sat, 24 May 2025 05:26:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: aiharsoreersu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://veloxcinetv.ct.ws/
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:27 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://veloxcinetv.ct.ws
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

GET veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/css/front.owl.min.css?ver=2.5.5

185.27.134.202

200 OK

2.3 kB

URL GET
veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/css/front.owl.min.css?ver=2.5.5
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
ASCII text, with very long lines (2302), with no line terminators
Size
2.3 kB (2299 bytes)
Hash
d8d88f8542a7a3b7a2a754c1a68df123
4e71aaf06a7805f3f83ee217b32c2e9f1bfe0c68
c7ee68d6f9ec274bedfd954df61cca2585867b32e7d8ac96955b78e27e2d1f31

HTTP Headers

GET /wp-content/themes/dooplay/assets/css/front.owl.min.css?ver=2.5.5 HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/?i=1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:25 GMT
Content-Type: text/css
Content-Length: 2299
Connection: keep-alive
Last-Modified: Tue, 26 Nov 2024 23:29:03 GMT
ETag: "8fb-627d936f26f41"
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Expires: Tue, 22 Apr 2025 22:25:25 GMT
Accept-Ranges: bytes

GET veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/fontawesome/css/all.min.css?ver=5.15.1

185.27.134.202

200 OK

174 kB

URL GET
veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/fontawesome/css/all.min.css?ver=5.15.1
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
ASCII text, with very long lines (65393)
Size
174 kB (174333 bytes)
Hash
95fe9653f2c45892b7e58090566f510f
be3795caeaada195d12c96bb689a7f0b6f8d63b1
257418de09101ff7791d410f420f9320141ce0436c264b076d46539b0ea0f830

HTTP Headers

GET /wp-content/themes/dooplay/assets/fontawesome/css/all.min.css?ver=5.15.1 HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/?i=1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:25 GMT
Content-Type: text/css
Content-Length: 174333
Connection: keep-alive
Last-Modified: Tue, 26 Nov 2024 23:29:03 GMT
ETag: "2a8fd-627d936f28e82"
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Expires: Tue, 22 Apr 2025 22:25:25 GMT
Accept-Ranges: bytes

POST ileeckut.com/mtg/

139.45.197.115

200 OK

0 B

URL POST
ileeckut.com/mtg/
IP
139.45.197.115:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectileeckut.com
FingerprintCA:F9:0B:97:7B:27:CD:09:F2:17:A4:A8:52:00:D6:98:BD:28:16:22
ValiditySat, 18 Jan 2025 05:13:35 GMT - Fri, 18 Apr 2025 05:13:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /mtg/ HTTP/1.1
Host: ileeckut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/json
Content-Length: 131
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/
Cookie: OAID=080195534d5f45b2e93c0f62b1c73334
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:28 GMT
content-length: 0
x-trace-id: 07f419caebe7b492b68dd564ee48e983
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://veloxcinetv.ct.ws
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

GET analyticsstar.com/offers/?cid=abdx3t3frrqowt7dqfotaw5t&mtlnd&st=1

172.67.132.121

200 OK

326 B

URL GET
analyticsstar.com/offers/?cid=abdx3t3frrqowt7dqfotaw5t&mtlnd&st=1
IP
172.67.132.121:443
ASN
#13335 CLOUDFLARENET

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectanalyticsstar.com
Fingerprint7A:11:87:D9:13:CC:B6:1D:35:4F:76:67:DE:B0:42:CA:F6:3B:51:CB
ValidityThu, 13 Feb 2025 18:11:03 GMT - Wed, 14 May 2025 19:08:43 GMT

File type
HTML document, ASCII text, with very long lines (356), with no line terminators
Size
326 B (326 bytes)
Hash
3d6e7b661cf4c10ae7210e3a4d0ce81e
9140f56eb5fe2676f7584908c836fcfb989d8dff
e38f2fa8e482e96b1634209918fcd2e299abf20abed3bbe1e5dd5c350eaf2fa2

HTTP Headers

GET /offers/?cid=abdx3t3frrqowt7dqfotaw5t&mtlnd&st=1 HTTP/1.1
Host: analyticsstar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 22:25:33 GMT
content-type: text/html
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NqLVV2ST09HRJK9KISnHxK0vywtpuH0tSedzY25oo%2FERtU%2FAKMEBa8EF1C%2BTm0CGbOS9pUuLEB0Iwts%2F1tu9rix78dwSEEXqVqL3jRXPBD05sgpWDaqxuhEUDmYlSvEJqWGmUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92515865c971b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5626&min_rtt=2417&rtt_var=3198&sent=12&recv=6&lost=0&retrans=0&sent_bytes=4081&recv_bytes=1156&delivery_rate=243656&cwnd=12000&unsent_bytes=0&cid=42f0747c367e06b6&ts=247&x=1", cfExtPri, cfHdrFlush;dur=0

GET aiharsoreersu.net/3bT/27mJf/universal.min.js?v=3.1.602

139.45.197.122

200 OK

66 kB

URL GET
aiharsoreersu.net/3bT/27mJf/universal.min.js?v=3.1.602
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectaiharsoreersu.net
Fingerprint38:E6:6D:5B:7E:FB:32:78:05:E6:89:D8:A5:63:BC:EA:BC:CB:6B:98
ValiditySun, 23 Feb 2025 05:26:03 GMT - Sat, 24 May 2025 05:26:02 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
66 kB (66463 bytes)
Hash
35f643e18471d6e8359b2e3df369eff7
32a622b29efc01a7a27cb6ce06cf9f02985a9b9a
962c4dc3fd2b941240daa3763d02be83adfc57024ce1c75ad6462eb8431759c1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /3bT/27mJf/universal.min.js?v=3.1.602 HTTP/1.1
Host: aiharsoreersu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://veloxcinetv.ct.ws/
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:26 GMT
content-type: application/javascript
last-modified: Wed, 19 Mar 2025 14:56:04 GMT
etag: W/"67dadb04-1039f"
access-control-allow-origin: https://veloxcinetv.ct.ws
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

GET my.rtmark.net/gid.js

172.64.146.234

200 OK

65 B

URL GET
my.rtmark.net/gid.js
IP
172.64.146.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectmy.rtmark.net
Fingerprint03:52:6A:BD:35:83:43:81:AF:25:BB:A3:26:97:D1:78:25:73:A4:C9
ValidityTue, 04 Mar 2025 10:39:32 GMT - Mon, 02 Jun 2025 11:39:29 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
65 B (65 bytes)
Hash
5ed0b3aea67271fe9a23e5043b9c9105
950ea0c20fc5bd192f9165010873bb20dade4b4c
d19ac9aba17c9842420cf3b30f27591df50313ec684eff9fd88d453d377d3010

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 23 Mar 2025 22:25:26 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://veloxcinetv.ct.ws
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=080195534d5f45b2e93c0f62b1c73334; expires=Mon, 23 Mar 2026 22:25:26 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 9251583eeaab7130-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

POST aiharsoreersu.net/event

139.45.197.122

200 OK

26 B

URL POST
aiharsoreersu.net/event
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectaiharsoreersu.net
Fingerprint38:E6:6D:5B:7E:FB:32:78:05:E6:89:D8:A5:63:BC:EA:BC:CB:6B:98
ValiditySun, 23 Feb 2025 05:26:03 GMT - Sat, 24 May 2025 05:26:02 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
3dc0c2329e1ae5c0bc64c2ed62d4ebdf
0e95c6d9bf3aff286bb95977941098d07fb965e0
c650d9a1435b17a516d7c876dde1a1a6d0a1b020e1e88099f98b440d46b7faf1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: aiharsoreersu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://veloxcinetv.ct.ws/
Content-Type: application/json
Content-Length: 502
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:27 GMT
content-type: application/json; charset=utf-8
content-length: 26
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://veloxcinetv.ct.ws
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

GET veloxcinetv.ct.ws/wp-content/uploads/2024/11/b0obWWCLRVRqRzlSK1LSGtADkLM-185x278.jpg

185.27.134.202

200 OK

14 kB

URL GET
veloxcinetv.ct.ws/wp-content/uploads/2024/11/b0obWWCLRVRqRzlSK1LSGtADkLM-185x278.jpg
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 185x278, components 3
Size
14 kB (13721 bytes)
Hash
7fa6f501db885daa98355af79ef2b59b
e9ccd586ff4b10e2bdd87d1c4323f079155ceafe
7ba74877e7129764a7c999c9067ebf2b8cd0823c346537a012d0235c2d72b6bf

HTTP Headers

GET /wp-content/uploads/2024/11/b0obWWCLRVRqRzlSK1LSGtADkLM-185x278.jpg HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/?i=1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:26 GMT
Content-Type: image/jpeg
Content-Length: 13721
Connection: keep-alive
Last-Modified: Thu, 28 Nov 2024 16:25:51 GMT
ETag: "3599-627fb89215e34"
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 22 Apr 2025 22:25:26 GMT
Accept-Ranges: bytes

GET veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/css/img/play4.svg

185.27.134.202

200 OK

1.0 kB

URL GET
veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/css/img/play4.svg
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
SVG Scalable Vector Graphics image
Size
1.0 kB (1027 bytes)
Hash
70271f824eee80042f974950d9c9625c
04416b9c2a1fecff315a313b822b19dbe6573cd6
bf90513aaa2d576a7f5374db1edc5962351fc533c757b5edc0404aa373d31b46

HTTP Headers

GET /wp-content/themes/dooplay/assets/css/img/play4.svg HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/css/front.style.min.css?ver=2.5.5
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:26 GMT
Content-Type: image/svg+xml
Content-Length: 1027
Connection: keep-alive
Last-Modified: Tue, 26 Nov 2024 23:29:03 GMT
ETag: "403-627d936f282c9"
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Sun, 23 Mar 2025 22:25:26 GMT

POST aiharsoreersu.net/event

139.45.197.122

200 OK

26 B

URL POST
aiharsoreersu.net/event
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectaiharsoreersu.net
Fingerprint38:E6:6D:5B:7E:FB:32:78:05:E6:89:D8:A5:63:BC:EA:BC:CB:6B:98
ValiditySun, 23 Feb 2025 05:26:03 GMT - Sat, 24 May 2025 05:26:02 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
3dc0c2329e1ae5c0bc64c2ed62d4ebdf
0e95c6d9bf3aff286bb95977941098d07fb965e0
c650d9a1435b17a516d7c876dde1a1a6d0a1b020e1e88099f98b440d46b7faf1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: aiharsoreersu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://veloxcinetv.ct.ws/
Content-Type: application/json
Content-Length: 689
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:27 GMT
content-type: application/json; charset=utf-8
content-length: 26
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://veloxcinetv.ct.ws
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

142.250.74.10

200 OK

27 kB

URL GET
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint69:99:38:F9:7C:82:8E:AC:7D:DA:EA:3E:1C:E4:7F:52:1B:36:41:AA
ValidityMon, 10 Mar 2025 08:37:02 GMT - Mon, 02 Jun 2025 08:37:01 GMT

File type
ASCII text, with very long lines (1572)
Size
27 kB (26935 bytes)
Hash
da8ad2595d78edf21895319e7d02fe73
d707ec9d6f68fbcfc0e2ebe711b97ad7d67e9aa9
95bce9ed84dcd1e30d88c5e2b2368d24c4e6c60ca58210293d28b3394d1d629a

HTTP Headers

GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 23 Mar 2025 22:25:32 GMT
date: Sun, 23 Mar 2025 22:25:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS ileeckut.com/500/9124080?excludes=23316440&oaid=080195534d5f45b2e93c0f62b1c73334&js_build=8&sw_version=v1.576.0&dmn=ileeckut.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1

139.45.197.115

200 OK

0 B

URL OPTIONS
ileeckut.com/500/9124080?excludes=23316440&oaid=080195534d5f45b2e93c0f62b1c73334&js_build=8&sw_version=v1.576.0&dmn=ileeckut.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.115:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectileeckut.com
FingerprintCA:F9:0B:97:7B:27:CD:09:F2:17:A4:A8:52:00:D6:98:BD:28:16:22
ValiditySat, 18 Jan 2025 05:13:35 GMT - Fri, 18 Apr 2025 05:13:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /500/9124080?excludes=23316440&oaid=080195534d5f45b2e93c0f62b1c73334&js_build=8&sw_version=v1.576.0&dmn=ileeckut.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: ileeckut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://veloxcinetv.ct.ws/
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:37 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://veloxcinetv.ct.ws
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

GET veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/css/front.crollbar.min.css?ver=2.5.5

185.27.134.202

200 OK

7.2 kB

URL GET
veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/css/front.crollbar.min.css?ver=2.5.5
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
ASCII text, with very long lines (7195), with no line terminators
Size
7.2 kB (7194 bytes)
Hash
b30bab9c30e91117f1c192eb45cbd8ff
61ab6f78dfbe30ee6356a62204ad698ffc2a542f
04cef55eb0b4d3e7f889e467fa8306d516dac734f1e08c1dc7119c07f99576c5

HTTP Headers

GET /wp-content/themes/dooplay/assets/css/front.crollbar.min.css?ver=2.5.5 HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/?i=1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:25 GMT
Content-Type: text/css
Content-Length: 7194
Connection: keep-alive
Last-Modified: Tue, 26 Nov 2024 23:29:03 GMT
ETag: "1c1a-627d936f26b59"
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Expires: Tue, 22 Apr 2025 22:25:25 GMT
Accept-Ranges: bytes

OPTIONS aiharsoreersu.net/event

139.45.197.122

200 OK

0 B

URL OPTIONS
aiharsoreersu.net/event
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectaiharsoreersu.net
Fingerprint38:E6:6D:5B:7E:FB:32:78:05:E6:89:D8:A5:63:BC:EA:BC:CB:6B:98
ValiditySun, 23 Feb 2025 05:26:03 GMT - Sat, 24 May 2025 05:26:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: aiharsoreersu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://veloxcinetv.ct.ws/
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:27 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://veloxcinetv.ct.ws
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

GET tzegilo.com/stattag.js

172.67.193.52

200 OK

18 kB

URL GET
tzegilo.com/stattag.js
IP
172.67.193.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjecttzegilo.com
FingerprintCB:95:E4:2C:B0:9E:53:93:29:36:BD:03:FB:B9:70:C9:D1:93:CA:49
ValidityWed, 19 Mar 2025 12:29:56 GMT - Tue, 17 Jun 2025 13:28:20 GMT

File type
JavaScript source, ASCII text, with very long lines (17229)
Size
18 kB (17879 bytes)
Hash
01227f5edc20e0ff4ed643b27cb8bb68
d71a88f7341f2b1bdaa7deb9a66888607bd52598
75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 23 Mar 2025 22:25:27 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:58 GMT
etag: W/"668fb2be-45d7"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
age: 4282
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vOsvpP0v99vpflo8lQs7ub%2B6eCzpoi2nFiBYi%2Bmy7tH7RS6DpCm5S8RsPoefLQuKnKme1lOsnLrBFgOQKqvo4vAMw9uxOiCnxi4YLPUkvE%2B7vRFJh%2BqAWaw3npgx%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92515840cbe956c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=459&min_rtt=397&rtt_var=107&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3273&recv_bytes=1188&delivery_rate=7956043&cwnd=254&unsent_bytes=0&cid=cc80b08bc348fc49&ts=42&x=0"
X-Firefox-Spdy: h2

POST fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=35fa6523-0fa3-4780-a3ba-b27acf3f44cd

139.45.195.252

200 OK

0 B

URL POST
fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=35fa6523-0fa3-4780-a3ba-b27acf3f44cd
IP
139.45.195.252:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
Fingerprint23:5D:23:03:7B:8D:47:5A:E9:9C:E7:E0:5C:7E:E6:4F:A2:DC:B6:D0
ValidityWed, 11 Dec 2024 00:00:00 GMT - Sun, 11 Jan 2026 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=35fa6523-0fa3-4780-a3ba-b27acf3f44cd HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 803
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Sun, 23 Mar 2025 22:25:28 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://veloxcinetv.ct.ws
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

OPTIONS ileeckut.com/mtg/

139.45.197.115

200 OK

0 B

URL OPTIONS
ileeckut.com/mtg/
IP
139.45.197.115:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectileeckut.com
FingerprintCA:F9:0B:97:7B:27:CD:09:F2:17:A4:A8:52:00:D6:98:BD:28:16:22
ValiditySat, 18 Jan 2025 05:13:35 GMT - Fri, 18 Apr 2025 05:13:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /mtg/ HTTP/1.1
Host: ileeckut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://veloxcinetv.ct.ws/
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:37 GMT
content-length: 0
allow: OPTIONS, POST
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://veloxcinetv.ct.ws
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

GET veloxcinetv.ct.ws/

185.27.134.202

200 OK

829 B

URL User Request GET
veloxcinetv.ct.ws/
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
HTML document, ASCII text, with very long lines (851), with no line terminators
Size
829 B (829 bytes)
Hash
348bcd3409e36ac21ecd5736e2f282ea
0be3de26800222ec63a4608bf16d7bae999f5baa
a736bafa33994966260f8897519d8bb5773b142dfa62187e0bda123b55441775

HTTP Headers

GET / HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:23 GMT
Content-Type: text/html
Content-Length: 829
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache

POST aiharsoreersu.net/event

139.45.197.122

200 OK

81 B

URL POST
aiharsoreersu.net/event
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectaiharsoreersu.net
Fingerprint38:E6:6D:5B:7E:FB:32:78:05:E6:89:D8:A5:63:BC:EA:BC:CB:6B:98
ValiditySun, 23 Feb 2025 05:26:03 GMT - Sat, 24 May 2025 05:26:02 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
81 B (81 bytes)
Hash
2357b8f3d784f694a07cf5b97e1b8031
fd8549c658df568201e8bbe1d30f76b87261a038
0a3781df7a04f77c5ee03bda3287fd4726d6371d7b7d542c9f2d784f5ab8f5dc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: aiharsoreersu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://veloxcinetv.ct.ws/
Content-Type: application/json
Content-Length: 357
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:27 GMT
content-type: application/json; charset=utf-8
content-length: 81
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://veloxcinetv.ct.ws
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

GET veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/fontawesome/webfonts/fa-solid-900.woff2

185.27.134.202

200 OK

141 kB

URL GET
veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/fontawesome/webfonts/fa-solid-900.woff2
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
Web Open Font Format (Version 2), TrueType, length 140996, version 331.-31392
Size
141 kB (140996 bytes)
Hash
25d740d42658b6e2c293ce7b3322aac7
41cc9ae4b5dd70fd3988059dfb864f20f99ae371
8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2

HTTP Headers

GET /wp-content/themes/dooplay/assets/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/fontawesome/css/all.min.css?ver=5.15.1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:26 GMT
Content-Length: 140996
Connection: keep-alive
Last-Modified: Tue, 26 Nov 2024 23:29:05 GMT
ETag: "226c4-627d937130fbb"
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Sun, 23 Mar 2025 22:25:26 GMT

GET groleegni.net/401/9124084

139.45.197.106

200 OK

136 kB

URL GET
groleegni.net/401/9124084
IP
139.45.197.106:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectgroleegni.net
Fingerprint40:E0:43:E9:D0:C5:B5:3A:F3:41:32:D6:CE:93:63:E1:E7:C1:2E:35
ValiditySun, 02 Feb 2025 05:30:10 GMT - Sat, 03 May 2025 05:30:09 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
136 kB (135678 bytes)
Hash
80b1c159baa304d11dfeeb118ffcc011
9a7964d8b691d72f0cf8c9e8bd8eefc50510eab5
7c89c5071b8c70f939bc451a0113820a99c32ba2b93ad9667ab9425d0db11ee7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /401/9124084 HTTP/1.1
Host: groleegni.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:26 GMT
content-type: application/javascript
x-trace-id: 077eb4b28a36a11894bc0f5acf668121
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=030195cbd46b4a12ff33432e4468c569; expires=Mon, 23 Mar 2026 22:25:26 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

HEAD veloxcinetv.ct.ws/?i=1

185.27.134.202

200 OK

0 B

URL HEAD
veloxcinetv.ct.ws/?i=1
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /?i=1 HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/?i=1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:28 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Link: <https://veloxcinetv.ct.ws/wp-json/>; rel="https://api.w.org/"
Cache-Control: max-age=0
Expires: Sun, 23 Mar 2025 22:25:26 GMT

OPTIONS aiharsoreersu.net/event

139.45.197.122

200 OK

0 B

URL OPTIONS
aiharsoreersu.net/event
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectaiharsoreersu.net
Fingerprint38:E6:6D:5B:7E:FB:32:78:05:E6:89:D8:A5:63:BC:EA:BC:CB:6B:98
ValiditySun, 23 Feb 2025 05:26:03 GMT - Sat, 24 May 2025 05:26:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: aiharsoreersu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://veloxcinetv.ct.ws/
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:27 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://veloxcinetv.ct.ws
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

GET ileeckut.com/500/9124080?excludes=&oaid=080195534d5f45b2e93c0f62b1c73334&js_build=8&sw_version=v1.576.0&dmn=ileeckut.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1

139.45.197.115

200 OK

1.8 kB

URL GET
ileeckut.com/500/9124080?excludes=&oaid=080195534d5f45b2e93c0f62b1c73334&js_build=8&sw_version=v1.576.0&dmn=ileeckut.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.115:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectileeckut.com
FingerprintCA:F9:0B:97:7B:27:CD:09:F2:17:A4:A8:52:00:D6:98:BD:28:16:22
ValiditySat, 18 Jan 2025 05:13:35 GMT - Fri, 18 Apr 2025 05:13:34 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1797), with no line terminators
Size
1.8 kB (1771 bytes)
Hash
73e34d963f39ac00c6d4a822c6b4c332
1fb4992db4204f91991d576e9339f92cfd5165a2
b24175fcfa1943aa983e316fa0d9df260e1d7be4931ecd1907e8b0f6ef1672ad

HTTP Headers

GET /500/9124080?excludes=&oaid=080195534d5f45b2e93c0f62b1c73334&js_build=8&sw_version=v1.576.0&dmn=ileeckut.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: ileeckut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/
Cookie: OAID=0301951c403f4b2cfe9424b643ec68f6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:28 GMT
content-type: application/javascript
x-trace-id: dee580750cf3b2864261d230a5760e25
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://veloxcinetv.ct.ws
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=080195534d5f45b2e93c0f62b1c73334; expires=Mon, 23 Mar 2026 22:25:28 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

GET veloxcinetv.ct.ws/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

185.27.134.202

200 OK

14 kB

URL GET
veloxcinetv.ct.ws/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
JavaScript source, ASCII text, with very long lines (13479)
Size
14 kB (13577 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/?i=1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:25 GMT
Content-Type: application/javascript
Content-Length: 13577
Connection: keep-alive
Last-Modified: Fri, 09 Jun 2023 15:19:24 GMT
ETag: "3509-5fdb3e4d9b700"
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Expires: Tue, 22 Apr 2025 22:25:25 GMT
Accept-Ranges: bytes

GET veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/front.livesearch.min.js?ver=2.5.5

185.27.134.202

200 OK

4.7 kB

URL GET
veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/front.livesearch.min.js?ver=2.5.5
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
JavaScript source, ASCII text, with very long lines (5041), with no line terminators
Size
4.7 kB (4741 bytes)
Hash
73e3c77d57116f02217c10a16287853f
4faee3c3f613b49c9495ccd85fc2bd58b137ab75
5c0b3f46d2569f67924cecdf470127f4981e9b4174bb0d5025e211e5dcdf15bb

HTTP Headers

GET /wp-content/themes/dooplay/assets/js/front.livesearch.min.js?ver=2.5.5 HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/?i=1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:26 GMT
Content-Type: application/javascript
Content-Length: 4741
Connection: keep-alive
Last-Modified: Tue, 26 Nov 2024 23:29:05 GMT
ETag: "1285-627d93714e0a0"
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Expires: Tue, 22 Apr 2025 22:25:26 GMT
Accept-Ranges: bytes

HEAD veloxcinetv.ct.ws/?i=1

185.27.134.202

200 OK

0 B

URL HEAD
veloxcinetv.ct.ws/?i=1
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /?i=1 HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/?i=1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:27 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Link: <https://veloxcinetv.ct.ws/wp-json/>; rel="https://api.w.org/"
Cache-Control: max-age=0
Expires: Sun, 23 Mar 2025 22:25:26 GMT

GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B
ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Mar 2025 10:03:46 GMT
expires: Fri, 20 Mar 2026 10:03:46 GMT
cache-control: public, max-age=31536000
age: 303700
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

POST aiharsoreersu.net/event

139.45.197.122

200 OK

26 B

URL POST
aiharsoreersu.net/event
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectaiharsoreersu.net
Fingerprint38:E6:6D:5B:7E:FB:32:78:05:E6:89:D8:A5:63:BC:EA:BC:CB:6B:98
ValiditySun, 23 Feb 2025 05:26:03 GMT - Sat, 24 May 2025 05:26:02 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
3dc0c2329e1ae5c0bc64c2ed62d4ebdf
0e95c6d9bf3aff286bb95977941098d07fb965e0
c650d9a1435b17a516d7c876dde1a1a6d0a1b020e1e88099f98b440d46b7faf1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: aiharsoreersu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://veloxcinetv.ct.ws/
Content-Type: application/json
Content-Length: 391
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:27 GMT
content-type: application/json; charset=utf-8
content-length: 26
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://veloxcinetv.ct.ws
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

OPTIONS ileeckut.com/mtg/

139.45.197.115

200 OK

0 B

URL OPTIONS
ileeckut.com/mtg/
IP
139.45.197.115:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectileeckut.com
FingerprintCA:F9:0B:97:7B:27:CD:09:F2:17:A4:A8:52:00:D6:98:BD:28:16:22
ValiditySat, 18 Jan 2025 05:13:35 GMT - Fri, 18 Apr 2025 05:13:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /mtg/ HTTP/1.1
Host: ileeckut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://veloxcinetv.ct.ws/
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:28 GMT
content-length: 0
allow: OPTIONS, POST
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://veloxcinetv.ct.ws
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

POST ileeckut.com/mtg/

139.45.197.115

200 OK

0 B

URL POST
ileeckut.com/mtg/
IP
139.45.197.115:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectileeckut.com
FingerprintCA:F9:0B:97:7B:27:CD:09:F2:17:A4:A8:52:00:D6:98:BD:28:16:22
ValiditySat, 18 Jan 2025 05:13:35 GMT - Fri, 18 Apr 2025 05:13:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /mtg/ HTTP/1.1
Host: ileeckut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/json
Content-Length: 131
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/
Cookie: OAID=080195534d5f45b2e93c0f62b1c73334
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:37 GMT
content-length: 0
x-trace-id: 250b8fdadc435609e07e02460f080817
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://veloxcinetv.ct.ws
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

GET veloxcinetv.ct.ws/?i=1

185.27.134.202

200 OK

88 kB

URL User Request GET
veloxcinetv.ct.ws/?i=1
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type

Size
88 kB (87498 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?i=1 HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/
Cookie: __test=830b47a6513cb962461838ea20413220
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915; expires=Mon, 23 Mar 2026 22:25:25 GMT; Max-Age=31536000; path=/
Link: <https://veloxcinetv.ct.ws/wp-json/>; rel="https://api.w.org/"
Cache-Control: max-age=0
Expires: Sun, 23 Mar 2025 22:25:24 GMT

GET veloxcinetv.ct.ws/wp-includes/css/dist/block-library/style.min.css?ver=6.7.2

185.27.134.202

200 OK

115 kB

URL GET
veloxcinetv.ct.ws/wp-includes/css/dist/block-library/style.min.css?ver=6.7.2
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type

Size
115 kB (114706 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.7.2 HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/?i=1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:25 GMT
Content-Type: text/css
Content-Length: 114706
Connection: keep-alive
Last-Modified: Mon, 25 Nov 2024 18:26:00 GMT
ETag: "1c012-627c0dd4b559f"
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Expires: Tue, 22 Apr 2025 22:25:25 GMT
Accept-Ranges: bytes

GET ileeckut.com/400/9124080

139.45.197.115

200 OK

128 kB

URL GET
ileeckut.com/400/9124080
IP
139.45.197.115:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectileeckut.com
FingerprintCA:F9:0B:97:7B:27:CD:09:F2:17:A4:A8:52:00:D6:98:BD:28:16:22
ValiditySat, 18 Jan 2025 05:13:35 GMT - Fri, 18 Apr 2025 05:13:34 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
128 kB (128162 bytes)
Hash
31cd025d2ebb461c5232a44bc975240f
ba1e156ee553c4c13a146ae33ca17f4908457d92
43e78dac607880f9e07e9611f2a80c088b419f8daab4c44f90f310f101c59a23

HTTP Headers

GET /400/9124080 HTTP/1.1
Host: ileeckut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:26 GMT
content-type: application/javascript
x-trace-id: b784d64e64e2079dc341d04bc4e81f3c
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0301951c403f4b2cfe9424b643ec68f6; expires=Mon, 23 Mar 2026 22:25:26 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

OPTIONS aiharsoreersu.net/event

139.45.197.122

200 OK

0 B

URL OPTIONS
aiharsoreersu.net/event
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectaiharsoreersu.net
Fingerprint38:E6:6D:5B:7E:FB:32:78:05:E6:89:D8:A5:63:BC:EA:BC:CB:6B:98
ValiditySun, 23 Feb 2025 05:26:03 GMT - Sat, 24 May 2025 05:26:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: aiharsoreersu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://veloxcinetv.ct.ws/
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:27 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://veloxcinetv.ct.ws
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

GET oomaugnaps.net/www/images/31f5bb5f43a7bd2800c6724e3a4125d2.png

104.21.7.134

200 OK

17 kB

URL GET
oomaugnaps.net/www/images/31f5bb5f43a7bd2800c6724e3a4125d2.png
IP
104.21.7.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectoomaugnaps.net
Fingerprint46:88:55:C4:EF:5C:FE:BC:C8:46:42:24:45:00:00:E8:EE:C9:D7:BA
ValiditySat, 22 Mar 2025 09:39:52 GMT - Fri, 20 Jun 2025 10:37:28 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
17 kB (16893 bytes)
Hash
31f5bb5f43a7bd2800c6724e3a4125d2
bc1bcd6aa31ac91dd34359c2fbbcaefb3e15c875
e5dd86d52381d2bff5f1b74d3923443d3d95ced64048662307ed3ec2d52eb61b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /www/images/31f5bb5f43a7bd2800c6724e3a4125d2.png HTTP/1.1
Host: oomaugnaps.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 23 Mar 2025 22:25:28 GMT
content-type: image/png
content-length: 16893
last-modified: Mon, 17 Mar 2025 02:12:20 GMT
etag: "67d78504-41fd"
expires: Mon, 24 Mar 2025 02:20:50 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 72278
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eKSweEVNcOsJlr9ze1ZEDwYyA6u2XCvRC4RSj%2BunyxNT10k6Ov%2BYaQJ5j6Ad8rGTA%2FU8yQ%2FM7EA1tUr%2F0OkPA6HDG1qZi7QonCZ8XrvV3Rs0BlP9XfJo9kGOaVAjVsrEmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 925158491c46b4f1-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=957&min_rtt=523&rtt_var=459&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3209&recv_bytes=1109&delivery_rate=8119626&cwnd=253&unsent_bytes=0&cid=4c834db0c272d918&ts=35&x=0"
X-Firefox-Spdy: h2

GET oomaugnaps.net/www/images/9cfe656b022f79af319216772546ffbb.jpg

104.21.7.134

200 OK

14 kB

URL GET
oomaugnaps.net/www/images/9cfe656b022f79af319216772546ffbb.jpg
IP
104.21.7.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectoomaugnaps.net
Fingerprint46:88:55:C4:EF:5C:FE:BC:C8:46:42:24:45:00:00:E8:EE:C9:D7:BA
ValiditySat, 22 Mar 2025 09:39:52 GMT - Fri, 20 Jun 2025 10:37:28 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3
Size
14 kB (14191 bytes)
Hash
9cfe656b022f79af319216772546ffbb
d7ef6c5c7b504f84696e9fc24bebb731e08c21c4
4ab3ecbb9f16700880187e7f81e840134c81f018bb979b5d9f49ef71d16ca68d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /www/images/9cfe656b022f79af319216772546ffbb.jpg HTTP/1.1
Host: oomaugnaps.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 22:25:37 GMT
content-type: image/jpeg
content-length: 14191
last-modified: Mon, 25 Nov 2024 13:37:16 GMT
etag: "67447d8c-376f"
expires: Mon, 24 Mar 2025 07:14:23 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 54674
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bE9MtvTscNLLtZkU4iDq9hagTr%2BPix3zXlVNFGq6QI39cwfCiuRUtq%2F%2Fv7onPXdo4v4YznvyfWl2FvBY%2B%2F5iDwo3U2Z5cXt1zjYVMciNsIIvdfTIFZuv3%2B2KvZbbyLUP9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9251587f4ead1c0e-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4310&min_rtt=4288&rtt_var=1651&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4103&recv_bytes=1229&delivery_rate=132641&cwnd=12000&unsent_bytes=0&cid=5ca8e526b998b5d2&ts=8655&x=1", cfExtPri, cfHdrFlush;dur=0

GET aiharsoreersu.net/ntfc.php?p=9124076

139.45.197.122

200 OK

12 kB

URL GET
aiharsoreersu.net/ntfc.php?p=9124076
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectaiharsoreersu.net
Fingerprint38:E6:6D:5B:7E:FB:32:78:05:E6:89:D8:A5:63:BC:EA:BC:CB:6B:98
ValiditySun, 23 Feb 2025 05:26:03 GMT - Sat, 24 May 2025 05:26:02 GMT

File type
JavaScript source, ASCII text, with very long lines (12126), with no line terminators
Size
12 kB (12126 bytes)
Hash
e1f4a392393b496c9432e2331e292d6e
98f27ff7905510c029f039b3016eead598590c6d
44b5e61faf2a4f117415ce4087b8d5f60472ba4b1f14f696a4d51312a40ced8a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ntfc.php?p=9124076 HTTP/1.1
Host: aiharsoreersu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:26 GMT
content-type: application/javascript
last-modified: Wed, 19 Mar 2025 14:56:04 GMT
etag: W/"67dadb04-2f5e"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B
ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Mar 2025 10:03:46 GMT
expires: Fri, 20 Mar 2026 10:03:46 GMT
cache-control: public, max-age=31536000
age: 303700
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B
ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Mar 2025 10:03:46 GMT
expires: Fri, 20 Mar 2026 10:03:46 GMT
cache-control: public, max-age=31536000
age: 303700
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET aiharsoreersu.net/zone?pub=0&zone_id=9124076&is_mobile=false&domain=veloxcinetv.ct.ws&var=&ymid=&var_3=&tg=0&sw=3.1.602&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F

139.45.197.122

200 OK

551 B

URL GET
aiharsoreersu.net/zone?pub=0&zone_id=9124076&is_mobile=false&domain=veloxcinetv.ct.ws&var=&ymid=&var_3=&tg=0&sw=3.1.602&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectaiharsoreersu.net
Fingerprint38:E6:6D:5B:7E:FB:32:78:05:E6:89:D8:A5:63:BC:EA:BC:CB:6B:98
ValiditySun, 23 Feb 2025 05:26:03 GMT - Sat, 24 May 2025 05:26:02 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (616), with no line terminators
Size
551 B (551 bytes)
Hash
3a90a93891fe8741b2fad44a55285b1d
055e93feac33251cf2fa1a45dd10fd06d0dbac73
ff2a1fd04b110fccff84f692360456538dbed7cf693ddaeeab6c928555de3993

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /zone?pub=0&zone_id=9124076&is_mobile=false&domain=veloxcinetv.ct.ws&var=&ymid=&var_3=&tg=0&sw=3.1.602&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F HTTP/1.1
Host: aiharsoreersu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://veloxcinetv.ct.ws/
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:26 GMT
content-type: application/json; charset=utf-8
content-length: 551
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://veloxcinetv.ct.ws
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

POST fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=35fa6523-0fa3-4780-a3ba-b27acf3f44cd

139.45.195.252

200 OK

12 B

URL POST
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=35fa6523-0fa3-4780-a3ba-b27acf3f44cd
IP
139.45.195.252:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
Fingerprint23:5D:23:03:7B:8D:47:5A:E9:9C:E7:E0:5C:7E:E6:4F:A2:DC:B6:D0
ValidityWed, 11 Dec 2024 00:00:00 GMT - Sun, 11 Jan 2026 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
6949f52318584a4b51c719a9b84a7287
9fbd870c6afd4bdd6fbbd87f52df2c81dd23e905
72603096ec3515dbc615ab8837fd1b15e91ee827bc7af41d71c9882b08699375

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=35fa6523-0fa3-4780-a3ba-b27acf3f44cd HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1788
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Sun, 23 Mar 2025 22:25:28 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://veloxcinetv.ct.ws
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

GET groleegni.net/impression/q7onE56IqlsVOA6oRa2b-PjyxCo-NkEK45aul4Xwx7Eb1qy-8ZU8iKdBxTW499hQAHytb2uoVn_r8TimTOJQMylN68rX2W3xMEohoKuGNmNJo0W7AFhaZSoGTRIPGhkm371Qk2y9eRGVJ5prCLdPFZ7ItwDX_CDCktY6kXSLcnqBaUSgztbLne8U-YNlPeU5NOfLcKZqoHAsIHqkio5wfdqdwh8hCtcaljB2snQMPjKLE_WKxSqop7BxEZTAodjZXBahSLZuVCYY6cxjyOdwUiSxOi7Sm2S3vNT3xxVHcjvxaT6YgieqBgscG4Yd-ElE3jCpQjplfEOuBhgCXcL6E94CcqhcwWty8LAZsdlXQHP8rGuVRM2-ZGloMD4TLMJ-YbO5ZUc-VyxwPgXkClOk7cJ68VHe4IruofQ1Dcj3ucaIWN39XUoYAJAZ4gRtPTn_SOeFuAT_zjC8oMqPoyMrFX-BTSl0jVxIYIiGr7PKo3kdlXSNDav-Bc2SIqlFOWfC7D-vQRAmin_MT-FYSiHkx3PDGY3coNVwIpUS3Rx0Tzppu39tVtZYBtZoHqxbtN6uxyiwlI_9SauqZtaRWlykUUE9r1Emfbjg89EkkCOzsCThKfAzbLz39jrmW6U3pYJafS2-T9h7z6Ya-jwJjJ0iGkbmIx8A6IxJfiUmfCtQvCYLfhyA_lGXzUQ4gwJPdHeCTyF-sY3g-xUedLVDLNBUWtgqwsDw4mBzhOboXcirYkH4JTLUpLFLkzoLOxW1x58Z77HoMTWlmvl2PxikIuPEDnDpfRGi9_8aN7WwU8mQ4y3QbmlxNwWASChfEiqRwVk6u2aQlR4u6UbUwKla0JTYBPAn7ISkrMzvbrBw4-Ho6o5iwzfmxMnoTcI4LR6UJdDqd9pJmw==?_z=9124084&js_build=8&sw_version=v1.576.0&dmn=groleegni.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1

139.45.197.106

200 OK

43 B

URL GET
groleegni.net/impression/q7onE56IqlsVOA6oRa2b-PjyxCo-NkEK45aul4Xwx7Eb1qy-8ZU8iKdBxTW499hQAHytb2uoVn_r8TimTOJQMylN68rX2W3xMEohoKuGNmNJo0W7AFhaZSoGTRIPGhkm371Qk2y9eRGVJ5prCLdPFZ7ItwDX_CDCktY6kXSLcnqBaUSgztbLne8U-YNlPeU5NOfLcKZqoHAsIHqkio5wfdqdwh8hCtcaljB2snQMPjKLE_WKxSqop7BxEZTAodjZXBahSLZuVCYY6cxjyOdwUiSxOi7Sm2S3vNT3xxVHcjvxaT6YgieqBgscG4Yd-ElE3jCpQjplfEOuBhgCXcL6E94CcqhcwWty8LAZsdlXQHP8rGuVRM2-ZGloMD4TLMJ-YbO5ZUc-VyxwPgXkClOk7cJ68VHe4IruofQ1Dcj3ucaIWN39XUoYAJAZ4gRtPTn_SOeFuAT_zjC8oMqPoyMrFX-BTSl0jVxIYIiGr7PKo3kdlXSNDav-Bc2SIqlFOWfC7D-vQRAmin_MT-FYSiHkx3PDGY3coNVwIpUS3Rx0Tzppu39tVtZYBtZoHqxbtN6uxyiwlI_9SauqZtaRWlykUUE9r1Emfbjg89EkkCOzsCThKfAzbLz39jrmW6U3pYJafS2-T9h7z6Ya-jwJjJ0iGkbmIx8A6IxJfiUmfCtQvCYLfhyA_lGXzUQ4gwJPdHeCTyF-sY3g-xUedLVDLNBUWtgqwsDw4mBzhOboXcirYkH4JTLUpLFLkzoLOxW1x58Z77HoMTWlmvl2PxikIuPEDnDpfRGi9_8aN7WwU8mQ4y3QbmlxNwWASChfEiqRwVk6u2aQlR4u6UbUwKla0JTYBPAn7ISkrMzvbrBw4-Ho6o5iwzfmxMnoTcI4LR6UJdDqd9pJmw==?_z=9124084&js_build=8&sw_version=v1.576.0&dmn=groleegni.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.106:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectgroleegni.net
Fingerprint40:E0:43:E9:D0:C5:B5:3A:F3:41:32:D6:CE:93:63:E1:E7:C1:2E:35
ValiditySun, 02 Feb 2025 05:30:10 GMT - Sat, 03 May 2025 05:30:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impression/q7onE56IqlsVOA6oRa2b-PjyxCo-NkEK45aul4Xwx7Eb1qy-8ZU8iKdBxTW499hQAHytb2uoVn_r8TimTOJQMylN68rX2W3xMEohoKuGNmNJo0W7AFhaZSoGTRIPGhkm371Qk2y9eRGVJ5prCLdPFZ7ItwDX_CDCktY6kXSLcnqBaUSgztbLne8U-YNlPeU5NOfLcKZqoHAsIHqkio5wfdqdwh8hCtcaljB2snQMPjKLE_WKxSqop7BxEZTAodjZXBahSLZuVCYY6cxjyOdwUiSxOi7Sm2S3vNT3xxVHcjvxaT6YgieqBgscG4Yd-ElE3jCpQjplfEOuBhgCXcL6E94CcqhcwWty8LAZsdlXQHP8rGuVRM2-ZGloMD4TLMJ-YbO5ZUc-VyxwPgXkClOk7cJ68VHe4IruofQ1Dcj3ucaIWN39XUoYAJAZ4gRtPTn_SOeFuAT_zjC8oMqPoyMrFX-BTSl0jVxIYIiGr7PKo3kdlXSNDav-Bc2SIqlFOWfC7D-vQRAmin_MT-FYSiHkx3PDGY3coNVwIpUS3Rx0Tzppu39tVtZYBtZoHqxbtN6uxyiwlI_9SauqZtaRWlykUUE9r1Emfbjg89EkkCOzsCThKfAzbLz39jrmW6U3pYJafS2-T9h7z6Ya-jwJjJ0iGkbmIx8A6IxJfiUmfCtQvCYLfhyA_lGXzUQ4gwJPdHeCTyF-sY3g-xUedLVDLNBUWtgqwsDw4mBzhOboXcirYkH4JTLUpLFLkzoLOxW1x58Z77HoMTWlmvl2PxikIuPEDnDpfRGi9_8aN7WwU8mQ4y3QbmlxNwWASChfEiqRwVk6u2aQlR4u6UbUwKla0JTYBPAn7ISkrMzvbrBw4-Ho6o5iwzfmxMnoTcI4LR6UJdDqd9pJmw==?_z=9124084&js_build=8&sw_version=v1.576.0&dmn=groleegni.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: groleegni.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/
Cookie: OAID=080195534d5f45b2e93c0f62b1c73334
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:33 GMT
content-type: image/gif
content-length: 43
x-trace-id: aef8845c4daa11b766b555a2fb00a807
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

GET ileeckut.com/500/9124080?excludes=23316440&oaid=080195534d5f45b2e93c0f62b1c73334&js_build=8&sw_version=v1.576.0&dmn=ileeckut.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1

139.45.197.115

200 OK

1.6 kB

URL GET
ileeckut.com/500/9124080?excludes=23316440&oaid=080195534d5f45b2e93c0f62b1c73334&js_build=8&sw_version=v1.576.0&dmn=ileeckut.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.115:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectileeckut.com
FingerprintCA:F9:0B:97:7B:27:CD:09:F2:17:A4:A8:52:00:D6:98:BD:28:16:22
ValiditySat, 18 Jan 2025 05:13:35 GMT - Fri, 18 Apr 2025 05:13:34 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1653), with no line terminators
Size
1.6 kB (1627 bytes)
Hash
a96fa5e68dae1c9e7d7471bab9e7c3a8
bfc0affe5016bd3911e406a0c4de064bf634a6cf
8c1dab1b8162fa1ce3336c460415c9169f8e92b23f6592afcac516673026dbf0

HTTP Headers

GET /500/9124080?excludes=23316440&oaid=080195534d5f45b2e93c0f62b1c73334&js_build=8&sw_version=v1.576.0&dmn=ileeckut.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: ileeckut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/
Cookie: OAID=080195534d5f45b2e93c0f62b1c73334
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:37 GMT
content-type: application/javascript
x-trace-id: 3cc1d95957b5f5d8a7ef72d7e08d002a
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://veloxcinetv.ct.ws
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=080195534d5f45b2e93c0f62b1c73334; expires=Mon, 23 Mar 2026 22:25:37 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

GET veloxcinetv.ct.ws/wp-content/uploads/2024/11/u0tUxQQxrbKX3GIfsCYeHrrYPzV-185x278.jpg

185.27.134.202

200 OK

14 kB

URL GET
veloxcinetv.ct.ws/wp-content/uploads/2024/11/u0tUxQQxrbKX3GIfsCYeHrrYPzV-185x278.jpg
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 185x278, components 3
Size
14 kB (13471 bytes)
Hash
30f61fef6843f211527d184e5be05846
1526cbc143452647e5e206bfd318be886d8c85f8
d4187a8c015ed851c303fdccb8e8b84bcdeffc6b66608d8f68fee367333b67c6

HTTP Headers

GET /wp-content/uploads/2024/11/u0tUxQQxrbKX3GIfsCYeHrrYPzV-185x278.jpg HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/?i=1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:26 GMT
Content-Type: image/jpeg
Content-Length: 13471
Connection: keep-alive
Last-Modified: Wed, 27 Nov 2024 16:28:17 GMT
ETag: "349f-627e773fd9e4d"
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 22 Apr 2025 22:25:26 GMT
Accept-Ranges: bytes

GET image.tmdb.org/t/p/w780/3V4kLQg0kSqPLctI5ziYWabAZYF.jpg

185.59.220.199

200 OK

57 kB

URL GET
image.tmdb.org/t/p/w780/3V4kLQg0kSqPLctI5ziYWabAZYF.jpg
IP
185.59.220.199:443
ASN
#60068 Datacamp Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint7B:19:E4:EE:DD:28:30:29:DF:C2:03:43:0E:3C:03:D3:6E:33:07:64
ValiditySat, 15 Feb 2025 15:13:55 GMT - Fri, 16 May 2025 15:13:54 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 780x439, components 3
Size
57 kB (56731 bytes)
Hash
3fe66ad7dcbb1bdbf98ce536aae5e348
bc266749cd82e6d1b1a6c5b13d8ef88c04ab0219
2f81ce876c0c3d728e3f3d28a2c81cf3a5a3cd19abbeb5d7b586ccf669f9c9d2

HTTP Headers

GET /t/p/w780/3V4kLQg0kSqPLctI5ziYWabAZYF.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 23 Mar 2025 22:25:08 GMT
content-type: image/jpeg
content-length: 56731
server: BunnyCDN-DE1-722
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "67504058-dd9b"
last-modified: Wed, 04 Dec 2024 11:43:20 GMT
cdn-storageserver: NY-353
cdn-requestpullsuccess: True
cdn-fileserver: 792
perma-cache: HIT
cdn-proxyver: 1.22
cdn-requestpullcode: 200
cdn-cachedat: 03/20/2025 23:01:55
cdn-edgestorageid: 752
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 26f3f99135595e6aeb2c9b5ab635a9c2
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/lib/idtabs.js?ver=2.5.5

185.27.134.202

200 OK

1.5 kB

URL GET
veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/lib/idtabs.js?ver=2.5.5
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
JavaScript source, ASCII text, with very long lines (1591), with no line terminators
Size
1.5 kB (1543 bytes)
Hash
08755c304c37fe33cda2bfb7344ff230
d47f71c3d91b50c62457b2e6cde5fdaba4f5ce70
13181383cf1475b1b73b37c42e5c131c31e4865ffcf5c5fa9360caa483a74f24

HTTP Headers

GET /wp-content/themes/dooplay/assets/js/lib/idtabs.js?ver=2.5.5 HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/?i=1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:26 GMT
Content-Type: application/javascript
Content-Length: 1543
Connection: keep-alive
Last-Modified: Tue, 26 Nov 2024 23:29:05 GMT
ETag: "607-627d9371507b1"
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Expires: Tue, 22 Apr 2025 22:25:26 GMT
Accept-Ranges: bytes

GET groleegni.net/500/9124084?excludes=&oaid=080195534d5f45b2e93c0f62b1c73334&js_build=8&sw_version=v1.576.0&dmn=groleegni.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1

139.45.197.106

200 OK

5.7 kB

URL GET
groleegni.net/500/9124084?excludes=&oaid=080195534d5f45b2e93c0f62b1c73334&js_build=8&sw_version=v1.576.0&dmn=groleegni.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.106:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectgroleegni.net
Fingerprint40:E0:43:E9:D0:C5:B5:3A:F3:41:32:D6:CE:93:63:E1:E7:C1:2E:35
ValiditySun, 02 Feb 2025 05:30:10 GMT - Sat, 03 May 2025 05:30:09 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (6777), with no line terminators
Size
5.7 kB (5705 bytes)
Hash
d5e79b8c51cc486adab7ae4e21e4d10f
2d2120c257393661048983dd857ff88e503f9321
6df63fad8a23f93e7ff0fec7414687861facca61448a9dcfe5e1561f3378f61a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /500/9124084?excludes=&oaid=080195534d5f45b2e93c0f62b1c73334&js_build=8&sw_version=v1.576.0&dmn=groleegni.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: groleegni.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/
Cookie: OAID=030195cbd46b4a12ff33432e4468c569
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:27 GMT
content-type: application/javascript
x-trace-id: bc8a983cef7e1493eb5dc583e874721e
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: https://veloxcinetv.ct.ws
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=080195534d5f45b2e93c0f62b1c73334; expires=Mon, 23 Mar 2026 22:25:27 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

GET ileeckut.com/impression/zbzYCiybe_Z5xJRYD2RU-5ieIMA4OGIq1I6mqDTLnxeVKiG46va67OTaCgDJlzqIGDiQn6Mv4pgB_WxvUYTp0Cwwupcgy5jihkGsfRTKvlLa8d1WOXoucRfoL9T1-VZiCiTpgSxHj0aEH6B6Mk8Xbf8XeLqU-wHLGtnc6n50wFqyeNO5fFxIekkN--P3H88XsUmp1MTYGWJ1aqheszIj0fhrPBPdvIrK-b3rkInVeCGUQaaxUwqpOiYBrfZbCsIddbh9mZlcM81Owvpd0jVXj5UC2uk8y0bJwAPLvLAM6xg-YKwRfMIaEK5tL3nr8Z-qYERKPLzjoJHoCGO-Re-3xyo1mmY6HjPWNFUjBEFhAdFZWoPwcraJptZ-Unbe0in2LASrKgHqZ0RYHnTqJnbB-7JEKc8vcIywI4zdF2F9xI8U8d11rTbV1Q4moHwMjx6OpXXJSR6QAh2wbSsWGPmbIppXvU5Gzckj8T8WOj3TI915Q-lgJfirv0MD16o87Xu0IWYGqrjrZmVW3ZQJKK5_9ilvAEq-YehMecg2GuU0gYWFQij9ej3IDhkaY-jWSQaa2OSkuijVwak9v4oxEdotw_-wcDoojw_aHJ0mttl6DvrUyt6OuYZXhhS9mikTA3u1M3E5oz6oeslN7AmvM9kYOCmeVQ3ga5iDziKu_QHShbQMoKLzMajzCPr8Gg0v0VZqRuQP04YGhLi4iSijzy3IvPInutERp4IEp26SF1YnuqyZvzTFsmwycPe8yCNoEIxvEQNNOcQEdVZxTNMYXaSNo9s7kRIaDxEPPC7l-vjgilzrUkpIlMWEkPc23JLIIGHDonEj4w==?_z=9124080&js_build=8&sw_version=v1.576.0&dmn=ileeckut.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1

139.45.197.115

200 OK

43 B

URL GET
ileeckut.com/impression/zbzYCiybe_Z5xJRYD2RU-5ieIMA4OGIq1I6mqDTLnxeVKiG46va67OTaCgDJlzqIGDiQn6Mv4pgB_WxvUYTp0Cwwupcgy5jihkGsfRTKvlLa8d1WOXoucRfoL9T1-VZiCiTpgSxHj0aEH6B6Mk8Xbf8XeLqU-wHLGtnc6n50wFqyeNO5fFxIekkN--P3H88XsUmp1MTYGWJ1aqheszIj0fhrPBPdvIrK-b3rkInVeCGUQaaxUwqpOiYBrfZbCsIddbh9mZlcM81Owvpd0jVXj5UC2uk8y0bJwAPLvLAM6xg-YKwRfMIaEK5tL3nr8Z-qYERKPLzjoJHoCGO-Re-3xyo1mmY6HjPWNFUjBEFhAdFZWoPwcraJptZ-Unbe0in2LASrKgHqZ0RYHnTqJnbB-7JEKc8vcIywI4zdF2F9xI8U8d11rTbV1Q4moHwMjx6OpXXJSR6QAh2wbSsWGPmbIppXvU5Gzckj8T8WOj3TI915Q-lgJfirv0MD16o87Xu0IWYGqrjrZmVW3ZQJKK5_9ilvAEq-YehMecg2GuU0gYWFQij9ej3IDhkaY-jWSQaa2OSkuijVwak9v4oxEdotw_-wcDoojw_aHJ0mttl6DvrUyt6OuYZXhhS9mikTA3u1M3E5oz6oeslN7AmvM9kYOCmeVQ3ga5iDziKu_QHShbQMoKLzMajzCPr8Gg0v0VZqRuQP04YGhLi4iSijzy3IvPInutERp4IEp26SF1YnuqyZvzTFsmwycPe8yCNoEIxvEQNNOcQEdVZxTNMYXaSNo9s7kRIaDxEPPC7l-vjgilzrUkpIlMWEkPc23JLIIGHDonEj4w==?_z=9124080&js_build=8&sw_version=v1.576.0&dmn=ileeckut.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.115:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectileeckut.com
FingerprintCA:F9:0B:97:7B:27:CD:09:F2:17:A4:A8:52:00:D6:98:BD:28:16:22
ValiditySat, 18 Jan 2025 05:13:35 GMT - Fri, 18 Apr 2025 05:13:34 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /impression/zbzYCiybe_Z5xJRYD2RU-5ieIMA4OGIq1I6mqDTLnxeVKiG46va67OTaCgDJlzqIGDiQn6Mv4pgB_WxvUYTp0Cwwupcgy5jihkGsfRTKvlLa8d1WOXoucRfoL9T1-VZiCiTpgSxHj0aEH6B6Mk8Xbf8XeLqU-wHLGtnc6n50wFqyeNO5fFxIekkN--P3H88XsUmp1MTYGWJ1aqheszIj0fhrPBPdvIrK-b3rkInVeCGUQaaxUwqpOiYBrfZbCsIddbh9mZlcM81Owvpd0jVXj5UC2uk8y0bJwAPLvLAM6xg-YKwRfMIaEK5tL3nr8Z-qYERKPLzjoJHoCGO-Re-3xyo1mmY6HjPWNFUjBEFhAdFZWoPwcraJptZ-Unbe0in2LASrKgHqZ0RYHnTqJnbB-7JEKc8vcIywI4zdF2F9xI8U8d11rTbV1Q4moHwMjx6OpXXJSR6QAh2wbSsWGPmbIppXvU5Gzckj8T8WOj3TI915Q-lgJfirv0MD16o87Xu0IWYGqrjrZmVW3ZQJKK5_9ilvAEq-YehMecg2GuU0gYWFQij9ej3IDhkaY-jWSQaa2OSkuijVwak9v4oxEdotw_-wcDoojw_aHJ0mttl6DvrUyt6OuYZXhhS9mikTA3u1M3E5oz6oeslN7AmvM9kYOCmeVQ3ga5iDziKu_QHShbQMoKLzMajzCPr8Gg0v0VZqRuQP04YGhLi4iSijzy3IvPInutERp4IEp26SF1YnuqyZvzTFsmwycPe8yCNoEIxvEQNNOcQEdVZxTNMYXaSNo9s7kRIaDxEPPC7l-vjgilzrUkpIlMWEkPc23JLIIGHDonEj4w==?_z=9124080&js_build=8&sw_version=v1.576.0&dmn=ileeckut.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: ileeckut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/
Cookie: OAID=080195534d5f45b2e93c0f62b1c73334
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:36 GMT
content-type: image/gif
content-length: 43
x-trace-id: b7e764fbc3b0ea725f03d1a8b32313c9
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

GET veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/css/front.mobile.min.css?ver=2.5.5

185.27.134.202

200 OK

8.7 kB

URL GET
veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/css/front.mobile.min.css?ver=2.5.5
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
ASCII text, with very long lines (8721), with no line terminators
Size
8.7 kB (8720 bytes)
Hash
6ec68713ee85a434254ca58916abd03c
ba61b6c676906dda879ab597650fa91c19ac1c60
9090f6ec0d247351b4125001dbbc48a17cb176473d3323f2431ef0300d27487f

HTTP Headers

GET /wp-content/themes/dooplay/assets/css/front.mobile.min.css?ver=2.5.5 HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/?i=1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:25 GMT
Content-Type: text/css
Content-Length: 8720
Connection: keep-alive
Last-Modified: Tue, 26 Nov 2024 23:29:03 GMT
ETag: "2210-627d936f26f41"
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Expires: Tue, 22 Apr 2025 22:25:25 GMT
Accept-Ranges: bytes

GET veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/front.scripts.min.js?ver=2.5.5

185.27.134.202

200 OK

4.8 kB

URL GET
veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/front.scripts.min.js?ver=2.5.5
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
JavaScript source, ASCII text, with very long lines (5112), with no line terminators
Size
4.8 kB (4786 bytes)
Hash
04661727de74b9f0f2ffda63c2dcd09e
9efeb0b4165d42f051283dbdeaae26807aa86192
e00a97f5cb0704bc0c28cc5f3e1175c8cc25a5a2ce45ba4b64ea7039acf8d7c4

HTTP Headers

GET /wp-content/themes/dooplay/assets/js/front.scripts.min.js?ver=2.5.5 HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/?i=1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:26 GMT
Content-Type: application/javascript
Content-Length: 4786
Connection: keep-alive
Last-Modified: Tue, 26 Nov 2024 23:29:05 GMT
ETag: "12b2-627d93714e870"
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Expires: Tue, 22 Apr 2025 22:25:26 GMT
Accept-Ranges: bytes

OPTIONS groleegni.net/500/9124084?excludes=&oaid=080195534d5f45b2e93c0f62b1c73334&js_build=8&sw_version=v1.576.0&dmn=groleegni.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1

139.45.197.106

200 OK

0 B

URL OPTIONS
groleegni.net/500/9124084?excludes=&oaid=080195534d5f45b2e93c0f62b1c73334&js_build=8&sw_version=v1.576.0&dmn=groleegni.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.106:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectgroleegni.net
Fingerprint40:E0:43:E9:D0:C5:B5:3A:F3:41:32:D6:CE:93:63:E1:E7:C1:2E:35
ValiditySun, 02 Feb 2025 05:30:10 GMT - Sat, 03 May 2025 05:30:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/9124084?excludes=&oaid=080195534d5f45b2e93c0f62b1c73334&js_build=8&sw_version=v1.576.0&dmn=groleegni.net&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: groleegni.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://veloxcinetv.ct.ws/
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:27 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://veloxcinetv.ct.ws
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

GET trk.trk4u.com/r/2cb27e5e-4392-4570-85c7-0d7460a731bd/?conversion=927801894088749146&cost=0.003215&campaignid=9216582&country=NO&zone=9124084&subzone=&device=&os=windows&isp=blix+group+as&browser=firefox&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0

142.250.178.115

302 Found

157 B

URL GET
trk.trk4u.com/r/2cb27e5e-4392-4570-85c7-0d7460a731bd/?conversion=927801894088749146&cost=0.003215&campaignid=9216582&country=NO&zone=9124084&subzone=&device=&os=windows&isp=blix+group+as&browser=firefox&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0
IP
142.250.178.115:443
ASN
#15169 GOOGLE

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjecttrk.trk4u.com
FingerprintF8:D2:3C:E1:70:99:DB:1D:12:B5:3C:C9:95:11:58:02:14:9F:89:8E
ValidityWed, 19 Mar 2025 14:12:42 GMT - Tue, 17 Jun 2025 15:02:54 GMT

File type

Size
157 B (157 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /r/2cb27e5e-4392-4570-85c7-0d7460a731bd/?conversion=927801894088749146&cost=0.003215&campaignid=9216582&country=NO&zone=9124084&subzone=&device=&os=windows&isp=blix+group+as&browser=firefox&useragent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0 HTTP/1.1
Host: trk.trk4u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
location: https://analyticsstar.com/offers/?cid=abdx3t3frrqowt7dqfotaw5t&mtlnd
vary: Accept
content-type: text/html; charset=utf-8
x-cloud-trace-context: be771cc312544beeb38f9b45189e1975
date: Sun, 23 Mar 2025 22:25:32 GMT
server: Google Frontend
content-length: 101
X-Firefox-Spdy: h2

GET analyticsstar.com/offers/?cid=abdx3t3frrqowt7dqfotaw5t&mtlnd

172.67.132.121

200 OK

157 B

URL GET
analyticsstar.com/offers/?cid=abdx3t3frrqowt7dqfotaw5t&mtlnd
IP
172.67.132.121:443
ASN
#13335 CLOUDFLARENET

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectanalyticsstar.com
Fingerprint7A:11:87:D9:13:CC:B6:1D:35:4F:76:67:DE:B0:42:CA:F6:3B:51:CB
ValidityThu, 13 Feb 2025 18:11:03 GMT - Wed, 14 May 2025 19:08:43 GMT

File type
HTML document, ASCII text, with no line terminators
Size
157 B (157 bytes)
Hash
64ca79b1f73bf99a7defac8d105126db
89e6236f5c831993582528d77211670102b1983a
f04be8a8c53316fde54c7a55b65a08a0b83cbcffc5211dec64a9e382ee3425c8

HTTP Headers

GET /offers/?cid=abdx3t3frrqowt7dqfotaw5t&mtlnd HTTP/1.1
Host: analyticsstar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 23 Mar 2025 22:25:32 GMT
content-type: text/html
referrer-policy: origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LLu6CUK434jB1%2FQJiO3DgS7DF1UyZyke9bczPdSWRgZ8PUFxjxOOsqAhhdIr0YtDPGn22FfBa9Eg0JBjAATpLrKXKEiImZw552J6Q1OdbW%2FXr1RhQklU6obx9rV3%2BDeTxp%2BCnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 925158643b5f5693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1667&min_rtt=683&rtt_var=1189&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3292&recv_bytes=1286&delivery_rate=6232424&cwnd=254&unsent_bytes=0&cid=384418265b0e4c31&ts=32&x=0"
X-Firefox-Spdy: h2

POST aiharsoreersu.net/event

139.45.197.122

200 OK

81 B

URL POST
aiharsoreersu.net/event
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectaiharsoreersu.net
Fingerprint38:E6:6D:5B:7E:FB:32:78:05:E6:89:D8:A5:63:BC:EA:BC:CB:6B:98
ValiditySun, 23 Feb 2025 05:26:03 GMT - Sat, 24 May 2025 05:26:02 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
81 B (81 bytes)
Hash
ea1d24c4c233cd576a625ebb27f5899a
e8a6f1b14898bca815da6e1a915660aae8373c05
b78fa5dbf5e85cf530db92d5cfbc5f88f1117366c56dab7c4fdacc602dc7f407

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: aiharsoreersu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://veloxcinetv.ct.ws/
Content-Type: application/json
Content-Length: 361
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:27 GMT
content-type: application/json; charset=utf-8
content-length: 81
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://veloxcinetv.ct.ws
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

GET veloxcinetv.ct.ws/aes.js

185.27.134.202

200 OK

14 kB

URL GET
veloxcinetv.ct.ws/aes.js
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
ASCII text, with very long lines (13733), with no line terminators
Size
14 kB (13733 bytes)
Hash
fc66e046447092c606f2587837f96874
fcf354a8044f494ee1f9fe868dde3f570f50e593
5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96

HTTP Headers

GET /aes.js HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:24 GMT
Content-Type: application/javascript
Content-Length: 13733
Last-Modified: Sun, 15 Oct 2023 16:53:27 GMT
Connection: keep-alive
ETag: "652c1907-35a5"
Accept-Ranges: bytes

GET veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/css/colors.dark.min.css?ver=2.5.5

185.27.134.202

200 OK

48 kB

URL GET
veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/css/colors.dark.min.css?ver=2.5.5
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
ASCII text
Size
48 kB (47956 bytes)
Hash
20cf7678dd4289678db73545b8c814ef
caf50583c609ed8578c12c15ce1cb3705125e09b
c7fd8cd62a5e295215f51a0d988ae5e5621d4b932ed48faf84e80c8662c17f32

HTTP Headers

GET /wp-content/themes/dooplay/assets/css/colors.dark.min.css?ver=2.5.5 HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/?i=1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:25 GMT
Content-Type: text/css
Content-Length: 47956
Connection: keep-alive
Last-Modified: Fri, 29 Nov 2024 18:41:52 GMT
ETag: "bb54-628118d6b6e4b"
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Expires: Tue, 22 Apr 2025 22:25:25 GMT
Accept-Ranges: bytes

GET veloxcinetv.ct.ws/favicon.ico

185.27.134.202

302 Found

4.1 kB

URL GET
veloxcinetv.ct.ws/favicon.ico
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type

Size
4.1 kB (4119 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/?i=1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: openresty
Date: Sun, 23 Mar 2025 22:25:28 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Link: <https://veloxcinetv.ct.ws/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Location: https://veloxcinetv.ct.ws/wp-includes/images/w-logo-blue-white-bg.png
Cache-Control: max-age=0
Expires: Sun, 23 Mar 2025 22:25:27 GMT

OPTIONS ileeckut.com/500/9124080?excludes=&oaid=080195534d5f45b2e93c0f62b1c73334&js_build=8&sw_version=v1.576.0&dmn=ileeckut.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1

139.45.197.115

200 OK

0 B

URL OPTIONS
ileeckut.com/500/9124080?excludes=&oaid=080195534d5f45b2e93c0f62b1c73334&js_build=8&sw_version=v1.576.0&dmn=ileeckut.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.115:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectileeckut.com
FingerprintCA:F9:0B:97:7B:27:CD:09:F2:17:A4:A8:52:00:D6:98:BD:28:16:22
ValiditySat, 18 Jan 2025 05:13:35 GMT - Fri, 18 Apr 2025 05:13:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /500/9124080?excludes=&oaid=080195534d5f45b2e93c0f62b1c73334&js_build=8&sw_version=v1.576.0&dmn=ileeckut.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: ileeckut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://veloxcinetv.ct.ws/
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:28 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://veloxcinetv.ct.ws
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

GET veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/lib/lazyload.js?ver=2.5.5

185.27.134.202

200 OK

7.2 kB

URL GET
veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/lib/lazyload.js?ver=2.5.5
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
JavaScript source, ASCII text, with very long lines (7422), with no line terminators
Size
7.2 kB (7238 bytes)
Hash
b2e88ae477b7d838568a2a1ce4dde5cf
8720928d822422d94a6e0f75a90b2fe71443a9f6
1dee16476fa35b4ef60ad902413600dd2f8df2ee1d43512407db4c14b4e4fe4f

HTTP Headers

GET /wp-content/themes/dooplay/assets/js/lib/lazyload.js?ver=2.5.5 HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/?i=1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:25 GMT
Content-Type: application/javascript
Content-Length: 7238
Connection: keep-alive
Last-Modified: Tue, 26 Nov 2024 23:29:05 GMT
ETag: "1c46-627d937151369"
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Expires: Tue, 22 Apr 2025 22:25:25 GMT
Accept-Ranges: bytes

GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B
ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Mar 2025 10:03:46 GMT
expires: Fri, 20 Mar 2026 10:03:46 GMT
cache-control: public, max-age=31536000
age: 303700
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET veloxcinetv.ct.ws/wp-content/uploads/2024/11/veloxcinetv_logo.png

185.27.134.202

200 OK

8.3 kB

URL GET
veloxcinetv.ct.ws/wp-content/uploads/2024/11/veloxcinetv_logo.png
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
PNG image data, 482 x 86, 8-bit/color RGBA, non-interlaced
Size
8.3 kB (8292 bytes)
Hash
22c4737b218a213f1e85db670ab9e0dc
38c1364a9d3fce757ffd725cd729dd3302dc980a
b97e4fdb8997d1c13cb3b02c80def8fb2eeec22908fd91cd1ebfae775d176a17

HTTP Headers

GET /wp-content/uploads/2024/11/veloxcinetv_logo.png HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/?i=1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:26 GMT
Content-Type: image/png
Content-Length: 8292
Connection: keep-alive
Last-Modified: Thu, 28 Nov 2024 16:45:47 GMT
ETag: "2064-627fbd0696677"
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 22 Apr 2025 22:25:26 GMT
Accept-Ranges: bytes

GET veloxcinetv.ct.ws/wp-content/uploads/2024/11/f4voSsbPTvaQwicwd1dyxICow6c-185x278.jpg

185.27.134.202

200 OK

14 kB

URL GET
veloxcinetv.ct.ws/wp-content/uploads/2024/11/f4voSsbPTvaQwicwd1dyxICow6c-185x278.jpg
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 185x278, components 3
Size
14 kB (14242 bytes)
Hash
ac547e2cae7d9c50053806142b7e1b44
8502030b4962cf54ba21ce39c4853034a0f38e64
bc7dc347f6b02c94d649a6160efafb669aa344e10b8d827f277ce81556d0e580

HTTP Headers

GET /wp-content/uploads/2024/11/f4voSsbPTvaQwicwd1dyxICow6c-185x278.jpg HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/?i=1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:26 GMT
Content-Type: image/jpeg
Content-Length: 14242
Connection: keep-alive
Last-Modified: Fri, 29 Nov 2024 17:06:12 GMT
ETag: "37a2-62810374a2545"
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 22 Apr 2025 22:25:26 GMT
Accept-Ranges: bytes

GET veloxcinetv.ct.ws/wp-includes/images/w-logo-blue-white-bg.png

185.27.134.202

200 OK

4.1 kB

URL GET
veloxcinetv.ct.ws/wp-includes/images/w-logo-blue-white-bg.png
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced
Size
4.1 kB (4119 bytes)
Hash
000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

HTTP Headers

GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://veloxcinetv.ct.ws/?i=1
DNT: 1
Connection: keep-alive
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:28 GMT
Content-Type: image/png
Content-Length: 4119
Connection: keep-alive
Last-Modified: Tue, 16 Nov 2021 10:34:02 GMT
ETag: "1017-5d0e576c0fa80"
Cache-Control: max-age=2592000, public, proxy-revalidate
Expires: Tue, 22 Apr 2025 22:25:28 GMT
Accept-Ranges: bytes

GET fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700&ver=2.5.5

142.250.74.10

200 OK

22 kB

URL GET
fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700&ver=2.5.5
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint69:99:38:F9:7C:82:8E:AC:7D:DA:EA:3E:1C:E4:7F:52:1B:36:41:AA
ValidityMon, 10 Mar 2025 08:37:02 GMT - Mon, 02 Jun 2025 08:37:01 GMT

File type
ASCII text, with very long lines (1572)
Size
22 kB (21548 bytes)
Hash
08fec1e31313c267a71991283e374e3f
cca2282ba0ed4d377826f939e90c56ea4da22e4c
c3f6fbbaf241f43869963e04386efe736b3f15a0e74cf2ce39d6ca186a193e1b

HTTP Headers

GET /css?family=Roboto%3A300%2C400%2C500%2C700&ver=2.5.5 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 23 Mar 2025 22:25:26 GMT
date: Sun, 23 Mar 2025 22:25:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET veloxcinetv.ct.ws/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

185.27.134.202

200 OK

88 kB

URL GET
veloxcinetv.ct.ws/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
88 kB (87553 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/?i=1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:25 GMT
Content-Type: application/javascript
Content-Length: 87553
Connection: keep-alive
Last-Modified: Tue, 29 Aug 2023 02:44:24 GMT
ETag: "15601-60406c9e7f200"
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Expires: Tue, 22 Apr 2025 22:25:25 GMT
Accept-Ranges: bytes

OPTIONS aiharsoreersu.net/event

139.45.197.122

200 OK

0 B

URL OPTIONS
aiharsoreersu.net/event
IP
139.45.197.122:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectaiharsoreersu.net
Fingerprint38:E6:6D:5B:7E:FB:32:78:05:E6:89:D8:A5:63:BC:EA:BC:CB:6B:98
ValiditySun, 23 Feb 2025 05:26:03 GMT - Sat, 24 May 2025 05:26:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: aiharsoreersu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://veloxcinetv.ct.ws/
Origin: https://veloxcinetv.ct.ws
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:27 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://veloxcinetv.ct.ws
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

GET ileeckut.com/impression/lwYn80vXRBYsI9y6wDZ3Bn1YS_mCBkW3PmQ1ZT0abSy8Sa5nKq-OuOgFTHVRsneYEDDr-WKtsM3EDuR9ks6Pos85IyfWI7ouD0z81SkUO2AzyvRz9qw4OUQs0ifBb-VTfPMNfrG1hafbMv86sojeNp4Twwr_jlAtHqKJ6vixfC3Tkq04HQOHEYjd0AwiDeLTpOTGnSoxt-faeJ4ak6cOKINdOyLaIEsV9NRJRIbMcUQcXcZYRdJpTQxi1uWo6wxaBHoxz69YYjrFWsjKeA1c3cFXptDiy9CFCpijaOq1QjUfrAm5hPLHoXg3aiBYK9fGLJ2INI74lBObIsZyypiBQP3yzt9WHVk43Br10ffFLtXAcRSHbIqWNB3dwhmfKuJgyQmChZk06GgkwNJfd-c88QYeXtyu2KV7pg5n3eQCqJ62gvsa8Q86ubVv-bwJ7pk6hMLJz-Gf99u870ae14_WpiH4LEwn_UjKsge8ZKDEWgyMMDJaw232mMjc_RKv-s2H-xdnMSem_ECZs_8xqG8tRI2_tz5WpBaIb9nPLHiyKiM1dxsEHo0DNA0vIy0WawXPSldypflzCzYVo0s7byJHlf19bTdG8DgCH2Jnku_JIM_58g5XflIO-15t04RPxwS4n2bFvtnhSoF_LfUYD8MCAGn-G4Wl2OHkWaGPDp-OLfwc9_1Y05mpjufrJCqswWq-IXIcf77Jsy4K0esNfFC4IK02_Z9RuyPfYFA8_WHN72IVuVIGIK9N9GIILZNx4RL0-Dcj6gTPxygxD_KKhcUDjbMswbibyDn9wyBl-s2tqWZ9B5rD1j1QABxjo727BDKZ-dh7Ng==?_z=9124080&js_build=8&sw_version=v1.576.0&dmn=ileeckut.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1

139.45.197.115

200 OK

43 B

URL GET
ileeckut.com/impression/lwYn80vXRBYsI9y6wDZ3Bn1YS_mCBkW3PmQ1ZT0abSy8Sa5nKq-OuOgFTHVRsneYEDDr-WKtsM3EDuR9ks6Pos85IyfWI7ouD0z81SkUO2AzyvRz9qw4OUQs0ifBb-VTfPMNfrG1hafbMv86sojeNp4Twwr_jlAtHqKJ6vixfC3Tkq04HQOHEYjd0AwiDeLTpOTGnSoxt-faeJ4ak6cOKINdOyLaIEsV9NRJRIbMcUQcXcZYRdJpTQxi1uWo6wxaBHoxz69YYjrFWsjKeA1c3cFXptDiy9CFCpijaOq1QjUfrAm5hPLHoXg3aiBYK9fGLJ2INI74lBObIsZyypiBQP3yzt9WHVk43Br10ffFLtXAcRSHbIqWNB3dwhmfKuJgyQmChZk06GgkwNJfd-c88QYeXtyu2KV7pg5n3eQCqJ62gvsa8Q86ubVv-bwJ7pk6hMLJz-Gf99u870ae14_WpiH4LEwn_UjKsge8ZKDEWgyMMDJaw232mMjc_RKv-s2H-xdnMSem_ECZs_8xqG8tRI2_tz5WpBaIb9nPLHiyKiM1dxsEHo0DNA0vIy0WawXPSldypflzCzYVo0s7byJHlf19bTdG8DgCH2Jnku_JIM_58g5XflIO-15t04RPxwS4n2bFvtnhSoF_LfUYD8MCAGn-G4Wl2OHkWaGPDp-OLfwc9_1Y05mpjufrJCqswWq-IXIcf77Jsy4K0esNfFC4IK02_Z9RuyPfYFA8_WHN72IVuVIGIK9N9GIILZNx4RL0-Dcj6gTPxygxD_KKhcUDjbMswbibyDn9wyBl-s2tqWZ9B5rD1j1QABxjo727BDKZ-dh7Ng==?_z=9124080&js_build=8&sw_version=v1.576.0&dmn=ileeckut.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1
IP
139.45.197.115:443
ASN
#9002 RETN Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerLet's Encrypt
Subjectileeckut.com
FingerprintCA:F9:0B:97:7B:27:CD:09:F2:17:A4:A8:52:00:D6:98:BD:28:16:22
ValiditySat, 18 Jan 2025 05:13:35 GMT - Fri, 18 Apr 2025 05:13:34 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /impression/lwYn80vXRBYsI9y6wDZ3Bn1YS_mCBkW3PmQ1ZT0abSy8Sa5nKq-OuOgFTHVRsneYEDDr-WKtsM3EDuR9ks6Pos85IyfWI7ouD0z81SkUO2AzyvRz9qw4OUQs0ifBb-VTfPMNfrG1hafbMv86sojeNp4Twwr_jlAtHqKJ6vixfC3Tkq04HQOHEYjd0AwiDeLTpOTGnSoxt-faeJ4ak6cOKINdOyLaIEsV9NRJRIbMcUQcXcZYRdJpTQxi1uWo6wxaBHoxz69YYjrFWsjKeA1c3cFXptDiy9CFCpijaOq1QjUfrAm5hPLHoXg3aiBYK9fGLJ2INI74lBObIsZyypiBQP3yzt9WHVk43Br10ffFLtXAcRSHbIqWNB3dwhmfKuJgyQmChZk06GgkwNJfd-c88QYeXtyu2KV7pg5n3eQCqJ62gvsa8Q86ubVv-bwJ7pk6hMLJz-Gf99u870ae14_WpiH4LEwn_UjKsge8ZKDEWgyMMDJaw232mMjc_RKv-s2H-xdnMSem_ECZs_8xqG8tRI2_tz5WpBaIb9nPLHiyKiM1dxsEHo0DNA0vIy0WawXPSldypflzCzYVo0s7byJHlf19bTdG8DgCH2Jnku_JIM_58g5XflIO-15t04RPxwS4n2bFvtnhSoF_LfUYD8MCAGn-G4Wl2OHkWaGPDp-OLfwc9_1Y05mpjufrJCqswWq-IXIcf77Jsy4K0esNfFC4IK02_Z9RuyPfYFA8_WHN72IVuVIGIK9N9GIILZNx4RL0-Dcj6gTPxygxD_KKhcUDjbMswbibyDn9wyBl-s2tqWZ9B5rD1j1QABxjo727BDKZ-dh7Ng==?_z=9124080&js_build=8&sw_version=v1.576.0&dmn=ileeckut.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fveloxcinetv.ct.ws%2F%3Fi%3D1&drf=https%3A%2F%2Fveloxcinetv.ct.ws%2F&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: ileeckut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/
Cookie: OAID=080195534d5f45b2e93c0f62b1c73334
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:25:39 GMT
content-type: image/gif
content-length: 43
x-trace-id: 9ce027879425211b2cac247e868cb6b1
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

GET veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/lib/isrepeater.js?ver=2.5.5

185.27.134.202

200 OK

10 kB

URL GET
veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/lib/isrepeater.js?ver=2.5.5
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
JavaScript source, ASCII text, with very long lines (10378), with CRLF line terminators
Size
10 kB (10380 bytes)
Hash
6ceeb6d8b500945a6aaea27f52f6f5e6
4647a4865cb5ba5dce1057b3765044ec9559eec6
477f24a8aa73997ef9d469763c99d51a9a0e94826db0525b45542d9d7219e214

HTTP Headers

GET /wp-content/themes/dooplay/assets/js/lib/isrepeater.js?ver=2.5.5 HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/?i=1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:26 GMT
Content-Type: application/javascript
Content-Length: 10380
Connection: keep-alive
Last-Modified: Tue, 26 Nov 2024 23:29:05 GMT
ETag: "288c-627d9371507b1"
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Expires: Tue, 22 Apr 2025 22:25:26 GMT
Accept-Ranges: bytes

GET veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/front.ajax.min.js?ver=2.5.5

185.27.134.202

200 OK

15 kB

URL GET
veloxcinetv.ct.ws/wp-content/themes/dooplay/assets/js/front.ajax.min.js?ver=2.5.5
IP
185.27.134.202:443
ASN
#34119 Wildcard UK Limited

Requested by
https://veloxcinetv.ct.ws/?i=1
Certificate
IssuerGoogle Trust Services
Subjectveloxcinetv.ct.ws
FingerprintFE:D7:C6:C2:20:C8:DF:DE:86:09:1D:13:B7:99:25:FA:AE:F9:ED:8B
ValidityFri, 07 Mar 2025 17:49:52 GMT - Thu, 05 Jun 2025 17:49:51 GMT

File type
JavaScript source, ASCII text, with very long lines (15023), with CRLF line terminators
Size
15 kB (15025 bytes)
Hash
01688e7db55bb122da5ecf1ecd76dc19
127abb99dda567124ed64e89357caafdb672b528
ebc7ea4f07c0230971ae1fbf81c235b1b20b8cff373f76d86dce9d10350b335b

HTTP Headers

GET /wp-content/themes/dooplay/assets/js/front.ajax.min.js?ver=2.5.5 HTTP/1.1
Host: veloxcinetv.ct.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://veloxcinetv.ct.ws/?i=1
Cookie: __test=830b47a6513cb962461838ea20413220; starstruck_91dec6f0b838ddfa25300f77ce8104cc=86b6652366323f2ce200edf93540e915
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Sun, 23 Mar 2025 22:25:26 GMT
Content-Type: application/javascript
Content-Length: 15025
Connection: keep-alive
Last-Modified: Tue, 26 Nov 2024 23:29:05 GMT
ETag: "3ab1-627d93714d4e8"
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Expires: Tue, 22 Apr 2025 22:25:26 GMT
Accept-Ranges: bytes

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML