xvm6.va1dsr.shop Open in urlscan Pro
2606:4700:3030::6815:575b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html
Submission: On February 17 via manual (February 17th 2024, 10:30:55 am UTC) from SE — Scanned from SE

Summary HTTP 42 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 15 domains to perform 42 HTTP transactions. The main IP is 2606:4700:3030::6815:575b, located in United States and belongs to CLOUDFLARENET, US. The main domain is xvm6.va1dsr.shop.
TLS certificate: Issued by E1 on January 2nd 2024. Valid for: 3 months.

This is the only time xvm6.va1dsr.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3030::6815:575b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	194.110.207.26 194.110.207.26	56655 (TERRAHOST) (TERRAHOST)
2	172.240.253.132 172.240.253.132	7979 (SERVERS-COM) (SERVERS-COM)
1	2606:4700:303... 2606:4700:3037::6815:5b3f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
1	2606:4700:303... 2606:4700:3030::ac43:9677	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	139.45.197.243 139.45.197.243	9002 (RETN-AS) (RETN-AS)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3038::6815:ea20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.240.108.76 172.240.108.76	7979 (SERVERS-COM) (SERVERS-COM)
1	3.79.157.91 3.79.157.91	() ()
1	172.255.103.103 172.255.103.103	7979 (SERVERS-COM) (SERVERS-COM)
2	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
42	15

12 2606:4700:3030::6815:575b (United States)

ASN13335 (CLOUDFLARENET, US)

xvm6.va1dsr.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
edc1.va1dsr.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 194.110.207.26 (Sandefjord, Norway)

ASN56655 (TERRAHOST, NO)

no9x-08.ukra1.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.240.253.132 (United States)

ASN7979 (SERVERS-COM, US)

alteredyacht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capaciousdrewreligion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:5b3f (United States)

ASN13335 (CLOUDFLARENET, US)

inklinkor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

glersakr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:9677 (United States)

ASN13335 (CLOUDFLARENET, US)

arvigorothan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)

oagnolti.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea20 (United States)

ASN13335 (CLOUDFLARENET, US)

friendshipmale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.240.108.76 (United States)

ASN7979 (SERVERS-COM, US)

cornersindecisioncertified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.79.157.91 (Frankfurt am Main, Germany)

ASN- ()
PTR: ec2-3-79-157-91.eu-central-1.compute.amazonaws.com

proftrafficcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.255.103.103 (Netherlands)

ASN7979 (SERVERS-COM, US)

wqak.wywkwqqvbbvbj.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

unseenreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	va1dsr.shop xvm6.va1dsr.shop edc1.va1dsr.shop	325 KB
7	ukra1.shop no9x-08.ukra1.shop	4 MB
4	oagnolti.net oagnolti.net — Cisco Umbrella Rank: 27887	10 KB
3	gstatic.com www.gstatic.com	29 KB
3	glersakr.com glersakr.com — Cisco Umbrella Rank: 82339	32 KB
2	unseenreport.com unseenreport.com — Cisco Umbrella Rank: 17126	850 B
2	cornersindecisioncertified.com cornersindecisioncertified.com	17 KB
1	capaciousdrewreligion.com capaciousdrewreligion.com — Cisco Umbrella Rank: 25933	329 B
1	wywkwqqvbbvbj.top wqak.wywkwqqvbbvbj.top	1 KB
1	proftrafficcounter.com proftrafficcounter.com — Cisco Umbrella Rank: 11470	302 B
1	friendshipmale.com friendshipmale.com — Cisco Umbrella Rank: 15530	27 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9876	545 B
1	arvigorothan.com arvigorothan.com — Cisco Umbrella Rank: 128571	28 KB
1	inklinkor.com inklinkor.com — Cisco Umbrella Rank: 116368	28 KB
1	alteredyacht.com alteredyacht.com	32 KB
42	15

	Domain	Requested by
10	xvm6.va1dsr.shop	xvm6.va1dsr.shop edc1.va1dsr.shop
7	no9x-08.ukra1.shop	xvm6.va1dsr.shop
4	oagnolti.net	inklinkor.com arvigorothan.com
3	www.gstatic.com	edc1.va1dsr.shop www.gstatic.com
3	glersakr.com	xvm6.va1dsr.shop glersakr.com
2	unseenreport.com
2	cornersindecisioncertified.com	alteredyacht.com xvm6.va1dsr.shop
2	edc1.va1dsr.shop	xvm6.va1dsr.shop
1	capaciousdrewreligion.com	alteredyacht.com
1	wqak.wywkwqqvbbvbj.top	xvm6.va1dsr.shop
1	proftrafficcounter.com	alteredyacht.com
1	friendshipmale.com	alteredyacht.com
1	my.rtmark.net	glersakr.com
1	arvigorothan.com	xvm6.va1dsr.shop
1	inklinkor.com	xvm6.va1dsr.shop
1	alteredyacht.com	xvm6.va1dsr.shop
42	16

This site contains links to these domains. Also see Links.

Domain
qwe3.viidshar.com
cornersindecisioncertified.com

Subject Issuer	Validity	Valid
va1dsr.shop E1	`2024-01-02` - `2024-04-01`	3 months	crt.sh
*.ukra1.shop R3	`2024-01-06` - `2024-04-05`	3 months	crt.sh
alteredyacht.com R3	`2023-12-20` - `2024-03-19`	3 months	crt.sh
inklinkor.com GTS CA 1P5	`2023-12-21` - `2024-03-20`	3 months	crt.sh
glersakr.com R3	`2023-12-26` - `2024-03-25`	3 months	crt.sh
arvigorothan.com GTS CA 1P5	`2024-02-14` - `2024-05-14`	3 months	crt.sh
oagnolti.net R3	`2024-02-08` - `2024-05-08`	3 months	crt.sh
rtmark.net R3	`2023-12-23` - `2024-03-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
friendshipmale.com Cloudflare Inc ECC CA-3	`2024-01-18` - `2024-12-31`	a year	crt.sh
cornersindecisioncertified.com R3	`2024-02-16` - `2024-05-16`	3 months	crt.sh
proftrafficcounter.com Amazon RSA 2048 M03	`2023-11-21` - `2024-12-19`	a year	crt.sh
wqak.wywkwqqvbbvbj.top R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh
capaciousdrewreligion.com R3	`2024-01-06` - `2024-04-05`	3 months	crt.sh
*.unseenreport.com R3	`2024-01-21` - `2024-04-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html
Frame ID: D4FE086D2C4D03ADC1F19DD911289190
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

98 %
HTTPS

36 %
IPv6

15
Domains

16
Subdomains

15
IPs

5
Countries

4288 kB
Transfer

5572 kB
Size

20
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://qwe3.viidshar.com/premium.html
Title: Upgrade you account

Search URL Search Domain Scan URL

URL: http://cornersindecisioncertified.com/vnz7f662gv?dgmczou=68&refer=https%3A%2F%2Fxvm6.va1dsr.shop%2Fembed-7ahnb20hdne3.html&kw=%5B%5D&key=068de0f61fc75f93b5ec620b96ffc803&scrWidth=1600&scrHeight=1200&tz=1&v=24.2.6564&ship=&psid=CF-3127_layer_1&sub3=invoke_layer&res=14.31&dev=r&uuid=d3bc5d8b-9458-4e17-a5fb-6c38e1c91f3b%3A1%3A1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request embed-7ahnb20hdne3.html Show response
xvm6.va1dsr.shop/ 93 KB
33 KB 399ms
297ms Document
text/html 2606:4700:3030::6815:575b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:575b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7289d1b2e14e86ce64faac60b99c2d57b1e795adaaf082733cc21401f991d77a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 856d5b67da1956a5-OSL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 17 Feb 2024 10:30:48 GMT
expires: Fri, 16 Feb 2024 10:30:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfmN0nVHLXhZvlV%2Bxw5fGwxWbHxPdFGa706sybNtZOMzLU1VQjmZ6IM2bHY8MA4poyXkVnftkY3tGPlcrNWlzt%2ByDeNgBDSKZQP1AQaAKyNWhnHUX%2B830HDoE4pgXKwuYEBR0%2FaQbyoqx2lsNxa6"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: 1

GET
H2 200 main.css
xvm6.va1dsr.shop/css/ 48 KB
12 KB 51ms
50ms Stylesheet
text/css 2606:4700:3030::6815:575b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xvm6.va1dsr.shop/css/main.css?v=3

Requested by

Host: xvm6.va1dsr.shop
URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:575b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0e41e9e43420d3ffd5cebbf3184a558bd4b546aeb87b2544ba28f61a45a503

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:30:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 131884
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Jan 2020 05:08:35 GMT
server: cloudflare
etag: W/"5e1563d3-be25"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5TdaADU9cSTkChzHEh2rZuMDLLVNfrwjqqvf2rLVACNY0nNKbm%2BxnsAaen8Nihp1dvk1eFo%2Bcz5UxAapAPvgqJTWoLrHZhmsBYwn2qUEIE9SAr4viufObvvhBJM%2BAK7yrgMtdIMwQgH2DVEDPkc"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 856d5b69bc8256a5-OSL
expires: Fri, 14 Feb 2025 21:52:44 GMT

GET
H2 200 jquery.min.js Show response
xvm6.va1dsr.shop/js/ 94 KB
34 KB 52ms
51ms Script
application/javascript 2606:4700:3030::6815:575b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xvm6.va1dsr.shop/js/jquery.min.js

Requested by

Host: xvm6.va1dsr.shop
URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:575b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:30:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 132810
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 19 Nov 2014 17:40:20 GMT
server: cloudflare
etag: W/"546cd604-1762a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDpGcO%2FHAYpMA9QgDKco3P1SE1ehdjL4YhejpNvXgF%2F6xv%2BsSsFYKTrkqoE39Go3xqZdRhSPdRWs%2B%2FpEnJ7LVzsKvcM9ZXr4Di0wuBrYpFkt3qr5b5%2F%2F9DuB6g0%2BOP8L3o30HuqdshVaqwIydjgs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 856d5b69bc8356a5-OSL
expires: Fri, 14 Feb 2025 21:37:18 GMT

GET
H2 200 xupload.js Show response
xvm6.va1dsr.shop/js/ 10 KB
4 KB 48ms
48ms Script
application/javascript 2606:4700:3030::6815:575b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xvm6.va1dsr.shop/js/xupload.js

Requested by

Host: xvm6.va1dsr.shop
URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:575b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2f42bf6bd7d7ef2e610c717db7037be84a34c4085bbc299e498fe3251cd1222

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:30:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 132810
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 17 Jul 2018 13:27:34 GMT
server: cloudflare
etag: W/"5b4deec6-2659"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sazEyd7nAAykFrUEcYvHMHELhw6jI5lksMUOpVXLXqxvsj%2BTVZdJvmIimBOR2R%2B1Zmx%2BZAm%2FDx3aKLiWT3QiWXom8tKSqhY3uSYH%2B8VIJwrQLGXHRWuR4BZXIsz1wKcS2i5BN7KIXgQQ1rUTlFlw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 856d5b69bc8456a5-OSL
expires: Fri, 14 Feb 2025 21:37:18 GMT

GET
H2 200 jquery.cookie.js Show response
xvm6.va1dsr.shop/js/ 4 KB
2 KB 49ms
49ms Script
application/javascript 2606:4700:3030::6815:575b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xvm6.va1dsr.shop/js/jquery.cookie.js

Requested by

Host: xvm6.va1dsr.shop
URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:575b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:30:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 132810
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 May 2011 10:53:56 GMT
server: cloudflare
etag: W/"4de4c8c4-10eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcKlsQJdf8W7T0opdriQ1jvdqaQmx3B%2BhhRBPBI6wJQ%2BUfh0zS77u3Kru7Umu3ahYfUZrjbjQiFrdtTZ3VMKPj%2BDirIgluch%2FUrKcvzIgsKB9Int3wOP44OaffTdYv52%2FjwNWcIoGBeq9mNXCgMo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 856d5b69bc8556a5-OSL
expires: Fri, 14 Feb 2025 21:37:18 GMT

GET
H2 200 jwplayer.js Show response
edc1.va1dsr.shop/player8/ 110 KB
37 KB 62ms
52ms Script
application/javascript 2606:4700:3030::6815:575b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://edc1.va1dsr.shop/player8/jwplayer.js

Requested by

Host: xvm6.va1dsr.shop
URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:575b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83f11b7fd0835bb7f9f4a9f16d6e640e394a1bccbaca0b225fe9709e0a4bf862

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:30:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 17 Jun 2021 10:05:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2579
etag: W/"1b948-5c4f357b303c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3wgsPPb7NtLdBK%2BZvk8ThumlAwlhDS1UuNLO8fJYfouXsUkZSRyszD9BzzCgQTaQUNCj2tg4l8KQOfEVvjo0SdoJQf3yqCJu9Q5ILSn7GUeG4DNIbWB0eiTCj7%2F6h3%2B6837bl8T79fIjXuC4TN4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 856d5b69cca156a5-OSL
alt-svc: h3=":443"; ma=86400

GET
H2 404 googima.js
edc1.va1dsr.shop/js/ 0
0 61ms
52ms Script
text/html 2606:4700:3030::6815:575b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://edc1.va1dsr.shop/js/googima.js
Requested by: Host: xvm6.va1dsr.shop
URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:575b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:30:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Aug 2008 16:50:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 39
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUjCcGP5%2Fymjd%2FX9oc0JTq35dlDoh9T7my1HCyiUNpdIATN9F73zAyPDLD91FXfgGM0Yi7136XYEE7U6%2Bcg5FtPo3kzUUs3CmcfB7AO3aByh6FZ1Cvpe%2FTgH8RlRoMyR1A2jrULd%2Bbo3xom8cebZ"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 856d5b69cca056a5-OSL
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK 7ahnb20hdne3_xt.jpg
no9x-08.ukra1.shop/i/02/00578/ 29 KB
29 KB 173ms
80ms Image
image/jpeg 194.110.207.26
TERRAHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://no9x-08.ukra1.shop/i/02/00578/7ahnb20hdne3_xt.jpg
Requested by: Host: xvm6.va1dsr.shop
URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.110.207.26 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 57766ec8479ec01ea5935f6e4c5d792bcf06711b3e8cc4ae46ea85b20cfdefab

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 10:30:48 GMT
Last-Modified: Fri, 16 Feb 2024 16:52:21 GMT
Server: nginx/1.21.3
ETag: "65cf92c5-72fe"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: close
Accept-Ranges: bytes
Content-Length: 29438
Expires: Sat, 02 Mar 2024 10:30:48 GMT

GET
H/1.1 200
OK 068de0f61fc75f93b5ec620b96ffc803.js Show response
alteredyacht.com/06/8d/e0/ 82 KB
32 KB 594ms
148ms Script
application/javascript 172.240.253.132
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://alteredyacht.com/06/8d/e0/068de0f61fc75f93b5ec620b96ffc803.js

Requested by

Host: xvm6.va1dsr.shop
URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

49e28b805d759470a3aa776b2258d481832ff4226c8ee72da9c83d8b77475d6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 10:30:49 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
X-Request-ID: ff6ccc2e697aad64e55b22febb12dbd7
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 jwplayer.core.controls.js Show response
xvm6.va1dsr.shop/player8/ 302 KB
78 KB 53ms
53ms Script
application/javascript 2606:4700:3030::6815:575b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xvm6.va1dsr.shop/player8/jwplayer.core.controls.js

Requested by

Host: edc1.va1dsr.shop
URL: https://edc1.va1dsr.shop/player8/jwplayer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:575b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

406bdafdd8c772d65316189707d76a2147808fa08a99814b57d6a7e463848077

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:30:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Jun 2021 16:17:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3315
etag: W/"4b84c-5c4d04df9a000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=StKkMHe3JaXj9FGtbtSvYrmygeoMlr1Xi%2Fhy7pTqjJdFo8a6Cw8%2BdI%2FwMV7Oia7%2BLKc3GZnxMY5P12oisBtEnr7h7L7Y9rSWRgECViVB1S8Ssl4juawlqoeO%2BnhSUnP1FFd%2Fx5c65UXeaXqGE7xl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 856d5b6a5f570afa-OSL
alt-svc: h3=":443"; ma=86400

GET
H3 200 provider.hlsjs.js Show response
xvm6.va1dsr.shop/player8/ 409 KB
113 KB 170ms
170ms Script
application/javascript 2606:4700:3030::6815:575b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xvm6.va1dsr.shop/player8/provider.hlsjs.js

Requested by

Host: edc1.va1dsr.shop
URL: https://edc1.va1dsr.shop/player8/jwplayer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:575b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a15dc9ca260164f418088351d931fd38b537a8430a1b9cc390e5366733209b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:30:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 15 Jun 2021 16:17:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3315
etag: W/"66552-5c4d04df9a000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYHMUjz4iXW0RxCn1p8DmWjZAorKoRHjaj4KNRIkEyFt5DjsU%2FIYIzOs0wDwVyZI7Uz7bDOOpVdyjmLf7EfoLKKIfkIh7HZ10V8KzOM%2F2LwFiSYudpT%2BLPFGuJv65Fj0f215WSH4ITTD%2BXp1rQmr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 856d5b6a5f580afa-OSL
alt-svc: h3=":443"; ma=86400

GET
H2 200 tag.min.js Show response
inklinkor.com/ 81 KB
28 KB 141ms
48ms Script
text/javascript 2606:4700:3037::6815:5b3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://inklinkor.com/tag.min.js
Requested by: Host: xvm6.va1dsr.shop
URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5b3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4422e8c4256ab653b06cb66029f442ede4086f099b111ed2a90631479ec5f6fa

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:30:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 735
alt-svc: h3=":443"; ma=86400
x-trace-id: 60ae375887a6b60535d82a00c9704372
pragma: no-cache
last-modified: Fri, 16 Feb 2024 14:58:13 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9luCVIdyYI1Zv8uZEhTJ1SXSMp8aAdNmF4wVq5A6j3%2B0cwbZHBxKF8z%2BvnXMgdPvVyDEBjlqM4wrB%2FlTuyqxfGL%2FonPRiZcoBBYe4eZJG6mYf778EgnfZD6TKVuuoPZwOEbc6CKmhmqfQOW"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 856d5b6afb980b02-OSL
expires: Sun, 18 Feb 2024 10:18:33 GMT

HEAD
H3 200 embed-7ahnb20hdne3.html Show response
xvm6.va1dsr.shop/ 0
439 B 181ms
181ms XHR
text/html 2606:4700:3030::6815:575b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html

Requested by

Host: xvm6.va1dsr.shop
URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:575b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	1

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:30:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GptsSXPhSiDXs7Jgdq%2FLzmN0q2MTt%2BIvz2PFy8IGCWmEruvU9ols3yhaDyj7hl%2FfYh1df2SMphE1OCLvxbAvjaQoV6eeGsHogJL1qHel7WVdktxCeRocd6CqjGaqZWMjqEMKSxUWyccqHNCz5wB8"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 856d5b6a8f720afa-OSL
alt-svc: h3=":443"; ma=86400
expires: Fri, 16 Feb 2024 10:30:48 GMT

GET
H2 200 / Show response
glersakr.com/5/4857820/ 3 KB
2 KB 266ms
125ms XHR
application/json 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://glersakr.com/5/4857820/?oo=1&aab=1
Requested by: Host: xvm6.va1dsr.shop
URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 45568e3eeb45851251fbe0a2e3b50e46ede0d58fba97e685214e8e8e4ca6b2a9

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:30:48 GMT
content-encoding: gzip
x-trace-id: 6546d3970c50a53894654d0bc9dcddf1
pragma: no-cache, no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://xvm6.va1dsr.shop
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag.min.js Show response
glersakr.com/ 81 KB
26 KB 264ms
124ms Script
text/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://glersakr.com/tag.min.js

Requested by

Host: xvm6.va1dsr.shop
URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4422e8c4256ab653b06cb66029f442ede4086f099b111ed2a90631479ec5f6fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:30:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=1
content-length: 26232
x-trace-id: e88bb92cb426b386efc356de9bdaa96e
pragma: no-cache
last-modified: Fri, 16 Feb 2024 15:02:07 GMT
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 tag.min.js Show response
arvigorothan.com/ 81 KB
28 KB 141ms
48ms Script
text/javascript 2606:4700:3030::ac43:9677
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://arvigorothan.com/tag.min.js
Requested by: Host: xvm6.va1dsr.shop
URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:9677 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dcce4ebdb8f78f96ff7554ff30e4521c49f2d7cd50e98291bb5e3dfbf94e62a

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:30:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74889
alt-svc: h3=":443"; ma=86400
x-trace-id: f12d6429e20962bf61c70c0552cb0c60
pragma: no-cache
last-modified: Thu, 15 Feb 2024 16:14:29 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PE7kq4TXHpTEWAUBo7vRK12bxYI1HCA%2B2YPhitxjiBIsp7BBSaD5PzFFyPvHanvaGanQz0F111dEPU6LTGwEfgEC1Lz4suYxIeeleyrZ3JfrYBAeipxxfRY4xFaJWuiknE1ERmsqfoevwSyQefFp"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 856d5b6b1fc40afa-OSL
expires: Sat, 17 Feb 2024 13:42:39 GMT

GET
H2 200 / Show response
oagnolti.net/5/4797137/ 3 KB
2 KB 184ms
61ms XHR
application/json 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oagnolti.net/5/4797137/?oo=1&js_build=iclick-v1.692.0
Requested by: Host: inklinkor.com
URL: https://inklinkor.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: faa332c7d162b05acad96cb9328812de19a9e557dc86b906014955dbb4915e78

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:30:48 GMT
content-encoding: gzip
x-trace-id: 2b4dd73624dec16256f92bf36a48be52
pragma: no-cache, no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://xvm6.va1dsr.shop
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
oagnolti.net/5/4796941/ 3 KB
2 KB 149ms
62ms XHR
application/json 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oagnolti.net/5/4796941/?oo=1&js_build=iclick-v1.691.0
Requested by: Host: arvigorothan.com
URL: https://arvigorothan.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5bfe6299d7a4235dec63f555e4320e2ed19ca654183c17570e0671860b7008ec

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:30:48 GMT
content-encoding: gzip
x-trace-id: d0de77bcfd215c29de9e80dd73c15355
pragma: no-cache, no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://xvm6.va1dsr.shop
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 dl Show response
xvm6.va1dsr.shop/ 3 KB
3 KB 120ms
120ms XHR
text/vtt 2606:4700:3030::6815:575b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xvm6.va1dsr.shop/dl?op=get_slides&length=6248&url=https://no9x-08.ukra1.shop/i/02/00578/7ahnb20hdne30000.jpg

Requested by

Host: edc1.va1dsr.shop
URL: https://edc1.va1dsr.shop/player8/jwplayer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:575b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

416f39c82616ac8db552a9dbe41996529bf53871976db2f96655a2c7b4eb5399

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:30:49 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRx6A8W%2B7bqg6yVHtn%2BWP6NjrbFGsaDY52ZwgKAZBcYBsn%2BVq98n31pgskwLKkvwAgkvWz7AeQ2w6Um5S7jcssI2SfPwmAVCIo1sZrMBCVA9apR9L2yUghJrDPRV7kOQzYWimeZSxMAdwaNoo2xd"}],"group":"cf-nel","max_age":604800}
content-type: text/vtt
cf-ray: 856d5b6bd83e0afa-OSL
alt-svc: h3=":443"; ma=86400

GET
H3 200 provider.cast.js Show response
xvm6.va1dsr.shop/player8/ 25 KB
10 KB 122ms
122ms Script
application/javascript 2606:4700:3030::6815:575b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xvm6.va1dsr.shop/player8/provider.cast.js

Requested by

Host: edc1.va1dsr.shop
URL: https://edc1.va1dsr.shop/player8/jwplayer.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:575b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

602900c9760efbe7fbff95f60f180117bde7ff87b45b2452ca71b2dfbc36efd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:30:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 15 Jun 2021 16:17:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6401-5c4d04df9a000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhXsxIxbp9edXKR0wcDgaQ4TdCFubUEbmL0x8YxmxI0zTsq8nlwVI5iKZ0j%2Fum9VrH3xtHfVTGOZd5Qu6Uf7IG5C8%2FkKsFXrKzJpXcMatlq55nJ28ANGL4daILWKnqeIWacAxwMbI2E8HG1KF2e2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 856d5b6be8470afa-OSL
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK master.m3u8 Show response
no9x-08.ukra1.shop/hls/,pdomnkafokm4f4kmlfscdotse6c7sg2hdjcx5izcvkujtyfrqjnmdh73afba,.urlset/ 236 B
603 B 155ms
71ms XHR
application/vnd.apple.mpegurl 194.110.207.26
TERRAHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://no9x-08.ukra1.shop/hls/,pdomnkafokm4f4kmlfscdotse6c7sg2hdjcx5izcvkujtyfrqjnmdh73afba,.urlset/master.m3u8
Requested by: Host: xvm6.va1dsr.shop
URL: https://xvm6.va1dsr.shop/player8/provider.hlsjs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.110.207.26 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 2471fabc45d8ee00aea4166c95ab626570790338bd9b6386a8e7838bfaac4d6a

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 10:30:49 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Sep 2000 09:00:00 GMT
Server: nginx/1.21.3
ETag: W/"-1-ec"
Transfer-Encoding: chunked
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Cache-Control: max-age=8640000
Connection: close
Expires: Mon, 27 May 2024 10:30:49 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
545 B 180ms
59ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=008005287e404bdbfbafa45f6397a1ec

Requested by

Host: glersakr.com
URL: https://glersakr.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

62405301e4c43190c59e7281197b1aace435503f41756440f48b28676ab0d53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:30:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://xvm6.va1dsr.shop
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ 4 KB
2 KB 234ms
114ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: edc1.va1dsr.shop
URL: https://edc1.va1dsr.shop/player8/jwplayer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 10:30:49 GMT

GET
H/1.1 200
OK index-v1-a1.m3u8 Show response
no9x-08.ukra1.shop/hls/pdomnkafokm4f4kmlfscdotse6c7sg2hdjcx5izcvkujtyfrqjnmdh73afba/ 76 KB
2 KB 138ms
58ms XHR
application/vnd.apple.mpegurl 194.110.207.26
TERRAHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://no9x-08.ukra1.shop/hls/pdomnkafokm4f4kmlfscdotse6c7sg2hdjcx5izcvkujtyfrqjnmdh73afba/index-v1-a1.m3u8
Requested by: Host: xvm6.va1dsr.shop
URL: https://xvm6.va1dsr.shop/player8/provider.hlsjs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.110.207.26 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 03ae68c3294a19218df43324d190624109f1a80d06c0519be7f6a49ff0541d31

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 10:30:49 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Sep 2000 09:00:00 GMT
Server: nginx/1.21.3
ETag: W/"-1-131d4"
Transfer-Encoding: chunked
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Cache-Control: max-age=8640000
Connection: close
Expires: Mon, 27 May 2024 10:30:49 GMT

GET
H2 200 / Show response
glersakr.com/ 3 KB
3 KB 64ms
64ms Fetch
application/json 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://glersakr.com/?rb=qU96HblB6h0fJjp_8fb3rK7VRRWhDvPupn4ZBt2ZL1O_5StIu5cU9fHNJJM-EaGtZ94qRYa_zrL-PtVTDURgpnpX5N6a5-srnrHg6R7sIB6dhdJrVBn816pNVS25aFO6cL_MUJAJidK4kO9VJaZbMXRuq5K1KVWWcc81sFN15bDezjg72lSrGjKG2ce4d3oA4xKBC4CWtLLbouSyisBx_9SR5vnwMz18bWq0MMKt-FRQP5Q1xAIePxjUPe0h7VXqqqgycNbbHmgFA53ABBlwTlNDsawKakLT1Qzkz4jUPTIN-AuRaQb7245OXcti_o2EIayKeg%3D%3D&request_ab2=0&zoneid=4857820&js_build=iclick-v1.692.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=1&pl=https%3A%2F%2Fxvm6.va1dsr.shop%2Fembed-7ahnb20hdne3.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Europe%2FStockholm&bto=-60&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.692.0&navlng=en-US&pnt=0&pnrc=0&bs=68b4a394-d077-4c9d-bcbd-787d36eb64ae&userId=008005287e404bdbfbafa45f6397a1ec&m=link

Requested by

Host: glersakr.com
URL: https://glersakr.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

c830ec9802020935dad200eeb2c362334ff06580dab52ce9065235b693644c7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:30:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 4cc899ad78d9c153007f4f95e4262d48
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://xvm6.va1dsr.shop
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 / Show response
oagnolti.net/ 3 KB
3 KB 61ms
61ms Fetch
application/json 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oagnolti.net/?rb=7CLBjMh3U4YsZb741jbR4dgye12vx2eN9BCUkE0Cbc_U92ZCBEJzSyNCqjSx946GW1MRWVy8XQKNwC-Rp7kDiZF4LelRUAsUXLySMIets8fI4IyzTgcBT8CGw_cjJp7mhmR47jHuWmr2ircbyNLOqombKHNtIq5isSvFoKPKUlWICDbAm6b8vIuB1ugbICZOYEwbZg56zb1edAznVf6gKr1WSGfcQV8EVSklQiRgYotY-wrvvxI6BCk_81xOQCehLpVd2oYXNrIKtfRW9SpfFbXxPvu0s3tXG2jVS1lpCPsXVQLOav0zCc57pkbvfRs-fHeH0g%3D%3D&request_ab2=0&zoneid=4797137&js_build=iclick-v1.692.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=1&pl=https%3A%2F%2Fxvm6.va1dsr.shop%2Fembed-7ahnb20hdne3.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Europe%2FStockholm&bto=-60&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.692.0&navlng=en-US&pnt=0&pnrc=0&bs=13b7bd3c-451a-4953-9a4c-141088c96757&userId=008005287e404bdbfbafa45f6397a1ec&m=link

Requested by

Host: inklinkor.com
URL: https://inklinkor.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

f920f85fbe70a858b7479b5a58ec5e23a6e3aceda44b96a169f00848f56c35ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:30:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 7de698a12f3f66d9f294f6082d903246
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://xvm6.va1dsr.shop
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 / Show response
oagnolti.net/ 3 KB
3 KB 62ms
62ms Fetch
application/json 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oagnolti.net/?rb=E_sE1PoDiPqUMX7BgTLHz0TdBXRZn9ZOoGW6s0yqpnF8vUb8rD4VYD_85ruGHH8LjjZyufyfT21XfDTM7xvpb8tgjLHyIN5A2kGwn9gvC5TGZwgFphMZtTY0gORFnbxyK49pb5Rdb8QRqS4QmP4Kkg6Bv2IMgjFuC30IvMeB92f18YaQm81tx3uv7GdbV9oK6G5kViaQ4v6AQ9wVzXBt8tn4WYtvBvCzJzQlKa-eYtHCPCK2pxwheccnjGYkvm--EHNzoKEsFANx96YkzXTQ6ZlV8QYVDwWC2ifpe3dAqEeqyIeq8LYDWNQzZuhPkKqaLroLEQ%3D%3D&request_ab2=0&zoneid=4796941&js_build=iclick-v1.691.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=1&pl=https%3A%2F%2Fxvm6.va1dsr.shop%2Fembed-7ahnb20hdne3.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Europe%2FStockholm&bto=-60&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.691.0&navlng=en-US&pnt=0&pnrc=0&bs=4937af25-7845-4e44-aa8b-ec4a92df2686&userId=008005287e404bdbfbafa45f6397a1ec&m=link

Requested by

Host: arvigorothan.com
URL: https://arvigorothan.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

28ee659c7aa69601dbe3ad719e668b1c6f412c1402882cdd15934f64f0103f2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:30:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 9b1fbe9ef8e9ed8d95db5fec6b006d17
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://xvm6.va1dsr.shop
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK encryption.key Show response
no9x-08.ukra1.shop/hls/pdomnkafokm4f4kmlfscdotse6c7sg2hdjcx5izcvkujtyfrqjnmdh73afba/ 16 B
360 B 119ms
40ms XHR
application/octet-stream 194.110.207.26
TERRAHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://no9x-08.ukra1.shop/hls/pdomnkafokm4f4kmlfscdotse6c7sg2hdjcx5izcvkujtyfrqjnmdh73afba/encryption.key
Requested by: Host: xvm6.va1dsr.shop
URL: https://xvm6.va1dsr.shop/player8/provider.hlsjs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.110.207.26 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 3fbff614c6e08e3b465855a6cc1849169f25d093d7ba993b918163b313a6abc7

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 10:30:49 GMT
Last-Modified: Sun, 11 Sep 2000 09:00:00 GMT
Server: nginx/1.21.3
ETag: "-1-10"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=8640000
Connection: close
Accept-Ranges: bytes
Content-Length: 16
Expires: Mon, 27 May 2024 10:30:49 GMT

GET
H2 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ 35 KB
12 KB 104ms
103ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Sat, 17 Feb 2024 10:30:49 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/121/ 50 KB
15 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/121/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 17:33:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 16:05:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 17 Feb 2024 17:33:00 GMT

GET
H2 200 sfp.js Show response
friendshipmale.com/ 83 KB
27 KB 262ms
160ms Script
application/javascript 2606:4700:3038::6815:ea20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://friendshipmale.com/sfp.js

Requested by

Host: alteredyacht.com
URL: https://alteredyacht.com/06/8d/e0/068de0f61fc75f93b5ec620b96ffc803.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 10:30:49 GMT
strict-transport-security: max-age=0; includeSubdomains
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
x-request-id: fed9e819619ecd4048213d9f3b3e9ed1
last-modified: Sat, 17 Feb 2024 10:30:48 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=py5gpIxsGfzk8R9iXLO4zGDPaBrZkeZXrcm28b7oHhOhy36pHWF%2BYBgEmpTP6Yk%2FPiAbAd5M0oENmN4pcVXebqerhBAwSoDXCN%2FoqlaG8n79nIU2exzC%2FlazUvLHwEwY3Zu9Ir%2BNgLQGNYk0XaMin74%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 856d5b6f1de1b511-OSL
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK 88eb0903395b835e80c1dbf7a07299e3.js Show response
cornersindecisioncertified.com/88/eb/09/ 43 KB
16 KB 432ms
143ms Script
application/javascript 172.240.108.76
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://cornersindecisioncertified.com/88/eb/09/88eb0903395b835e80c1dbf7a07299e3.js

Requested by

Host: alteredyacht.com
URL: https://alteredyacht.com/06/8d/e0/068de0f61fc75f93b5ec620b96ffc803.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

8daed924027093d799c780ec57027c88aaa745a2608cb7428f59c672c2e1ad83

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 10:30:49 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
X-Request-ID: 913b34bc28013bbcb406dd7d5857fdc8
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 stats Show response
proftrafficcounter.com/ 40 B
302 B 183ms
55ms XHR
text/html 3.79.157.91

General

Check archive.org

Show headers Download Go to

Full URL: https://proftrafficcounter.com/stats
Requested by: Host: alteredyacht.com
URL: https://alteredyacht.com/06/8d/e0/068de0f61fc75f93b5ec620b96ffc803.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.79.157.91 Frankfurt am Main, Germany, ASN (),
Reverse DNS: ec2-3-79-157-91.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: 7417427f97fe06cd1e3424ccc633381448ea1544f25cd4225122ae5ddc65d790

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin: https://xvm6.va1dsr.shop
date: Sat, 17 Feb 2024 10:30:49 GMT
access-control-allow-credentials: true
server: fasthttp
content-length: 40
vary: Origin
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK purst
cornersindecisioncertified.com/pixel/ 0
469 B 433ms
144ms Image
text/plain 172.240.108.76
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cornersindecisioncertified.com/pixel/purst?dl=0&th=0&sc=0&rs=1155.8999996185303&rd=1155.8999996185303&fd=735.5999994277954&bv=24.2.6564&tmpl=70
Requested by: Host: xvm6.va1dsr.shop
URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 10:30:49 GMT
Server: nginx/1.21.6
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK rmvolv Show response
wqak.wywkwqqvbbvbj.top/kjrwabblbjelb/ 0
1 KB 288ms
62ms Script
application/javascript 172.255.103.103
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://wqak.wywkwqqvbbvbj.top/kjrwabblbjelb/rmvolv?d=0

Requested by

Host: xvm6.va1dsr.shop
URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

172.255.103.103 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 10:30:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://xvm6.va1dsr.shop
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=20
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires

GET
H/1.1 200
OK seg-1-v1-a1.ts Show response
no9x-08.ukra1.shop/hls/pdomnkafokm4f4kmlfscdotse6c7sg2hdjcx5izcvkujtyfrqjnmdh73afba/ 406 KB
406 KB 159ms
80ms XHR
video/mp2t 194.110.207.26
TERRAHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://no9x-08.ukra1.shop/hls/pdomnkafokm4f4kmlfscdotse6c7sg2hdjcx5izcvkujtyfrqjnmdh73afba/seg-1-v1-a1.ts
Requested by: Host: xvm6.va1dsr.shop
URL: https://xvm6.va1dsr.shop/player8/provider.hlsjs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.110.207.26 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 43ac8ca7a079c362245b5394f4192432e9cc8ab7cb29bbc83c2dfb5fd4301d0b

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 10:30:49 GMT
Last-Modified: Sun, 11 Sep 2000 09:00:00 GMT
Server: nginx/1.21.3
ETag: "-1-65700"
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Cache-Control: max-age=8640000
Connection: close
Accept-Ranges: bytes
Content-Length: 415488
Expires: Mon, 27 May 2024 10:30:49 GMT

GET
H/1.1 200
OK advertisers.js Show response
capaciousdrewreligion.com/ 0
329 B 588ms
141ms Script
application/javascript 172.240.253.132
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://capaciousdrewreligion.com/advertisers.js

Requested by

Host: alteredyacht.com
URL: https://alteredyacht.com/06/8d/e0/068de0f61fc75f93b5ec620b96ffc803.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 10:30:50 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.21.6
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
X-Request-ID: 263ab5ebfc58f0bfa25da0079532dfc5
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
BLOB 200
OK af8d45ed-0642-4e53-a2e3-99ff04e7f835
https://xvm6.va1dsr.shop/ 88 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xvm6.va1dsr.shop/af8d45ed-0642-4e53-a2e3-99ff04e7f835
Requested by: Host: xvm6.va1dsr.shop
URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db58fbac8304f2548011eeb67657a22780cbc8e81150dc6d9a63b74e303e8f38

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 90231
Content-Type: text/javascript

GET
H/1.1 200
OK seg-2-v1-a1.ts Show response
no9x-08.ukra1.shop/hls/pdomnkafokm4f4kmlfscdotse6c7sg2hdjcx5izcvkujtyfrqjnmdh73afba/ 2 MB
2 MB 159ms
80ms XHR
video/mp2t 194.110.207.26
TERRAHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://no9x-08.ukra1.shop/hls/pdomnkafokm4f4kmlfscdotse6c7sg2hdjcx5izcvkujtyfrqjnmdh73afba/seg-2-v1-a1.ts
Requested by: Host: xvm6.va1dsr.shop
URL: https://xvm6.va1dsr.shop/player8/provider.hlsjs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.110.207.26 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 586d1b0afb95d87c6e00eeb887472745cd63492994cb4a5c2cb342616c5988da

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 10:30:49 GMT
Last-Modified: Sun, 11 Sep 2000 09:00:00 GMT
Server: nginx/1.21.3
ETag: "-1-195780"
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Cache-Control: max-age=8640000
Connection: close
Accept-Ranges: bytes
Content-Length: 1660800
Expires: Mon, 27 May 2024 10:30:49 GMT

GET
H/1.1 200
OK seg-3-v1-a1.ts Show response
no9x-08.ukra1.shop/hls/pdomnkafokm4f4kmlfscdotse6c7sg2hdjcx5izcvkujtyfrqjnmdh73afba/ 2 MB
2 MB 159ms
80ms XHR
video/mp2t 194.110.207.26
TERRAHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://no9x-08.ukra1.shop/hls/pdomnkafokm4f4kmlfscdotse6c7sg2hdjcx5izcvkujtyfrqjnmdh73afba/seg-3-v1-a1.ts
Requested by: Host: xvm6.va1dsr.shop
URL: https://xvm6.va1dsr.shop/player8/provider.hlsjs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.110.207.26 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 50646dd5104707f257c9429ee529d7aa39597e6b57bfb98fd80ae874746248b1

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 10:30:50 GMT
Last-Modified: Sun, 11 Sep 2000 09:00:00 GMT
Server: nginx/1.21.3
ETag: "-1-1a7d40"
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Cache-Control: max-age=8640000
Connection: close
Accept-Ranges: bytes
Content-Length: 1736000
Expires: Mon, 27 May 2024 10:30:50 GMT

GET
H/1.1 200
OK pxf.gif
unseenreport.com/ 1 B
425 B 836ms
391ms Image
image/gif 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unseenreport.com/pxf.gif?uuid=d3bc5d8b-9458-4e17-a5fb-6c38e1c91f3b&eb=a4d156f2c4bbc71ec80e4a423a24dbbc&te=c82b6b71d23079ae7cb0a2deccc2f6d4&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.184%20Safari%2F537.36&dev=r&res=14.31&b_frame=0&pk=068de0f61fc75f93b5ec620b96ffc803&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=11

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 10:30:50 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.19.5
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1
X-Request-ID: 0c783a36f1384acc18185c00849b938c
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK pxf.gif
unseenreport.com/ 1 B
425 B 870ms
427ms Image
image/gif 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unseenreport.com/pxf.gif?uuid=d3bc5d8b-9458-4e17-a5fb-6c38e1c91f3b&eb=a4d156f2c4bbc71ec80e4a423a24dbbc&te=c82b6b71d23079ae7cb0a2deccc2f6d4&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.184%20Safari%2F537.36&dev=r&res=14.31&b_frame=0&pk=88eb0903395b835e80c1dbf7a07299e3&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=11

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xvm6.va1dsr.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 10:30:50 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.19.5
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1
X-Request-ID: 61c41963b0d4b7ed6bcaed3addca2b14
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
alteredyacht.com/06/8d/e0	1970-01-20 18:35:11	Name: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3127_layer Value: 1
xvm6.va1dsr.shop/	1970-01-20 18:30:01	Name: file_id Value: 2891736
xvm6.va1dsr.shop/	1970-01-20 18:30:01	Name: aff Value: 4469
glersakr.com/	1970-01-21 03:15:01	Name: OAID Value: 008005287e404bdbfbafa45f6397a1ec
my.rtmark.net/	1970-01-21 03:15:01	Name: ID Value: 008005287e404bdbfbafa45f6397a1ec
xvm6.va1dsr.shop/	1970-01-20 18:29:25	Name: prefetchAd_4857820 Value: true
xvm6.va1dsr.shop/	1970-01-20 18:29:25	Name: prefetchAd_4797137 Value: true
xvm6.va1dsr.shop/	1970-01-20 18:29:25	Name: prefetchAd_4796941 Value: true
oagnolti.net/	1970-01-21 03:15:01	Name: OAID Value: 008005287e404bdbfbafa45f6397a1ec
oagnolti.net/	1970-01-21 03:15:01	Name: oaidts Value: 1708165849
oagnolti.net/	1970-01-20 18:39:30	Name: syncedCookie Value: true
glersakr.com/	1970-01-21 03:15:01	Name: oaidts Value: 1708165849
glersakr.com/	1970-01-20 18:39:30	Name: syncedCookie Value: true
xvm6.va1dsr.shop/	1970-01-20 18:29:27	Name: pp_show_on_068de0f61fc75f93b5ec620b96ffc803 Value: 1
proftrafficcounter.com/	1970-01-21 04:05:25	Name: uid_id2 Value: d3bc5d8b-9458-4e17-a5fb-6c38e1c91f3b:1:1
xvm6.va1dsr.shop/	1969-12-31 23:59:59	Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c Value: d3bc5d8b-9458-4e17-a5fb-6c38e1c91f3b%3A1%3A1
wqak.wywkwqqvbbvbj.top/	1970-01-20 18:30:52	Name: GL_UI4 Value: eJw9jU1ugzAYRPknaQPtSBygR8CkULKscogukcFfiBuwI%2BOCevtaldrVPI3eaDzPC4on%2BGuyR%2FjFa7ywpqypObXH09C3jJdvTX2sL6x9raq2bqoKe7l0lvcT2Qi7ZebGdnaNcBhJkZFDN2hBGZ6d9dfclN5UhLg3XIkM8eyMKUPaG70tZIoQkeIzITlfjXYZz%2FxTG4SsYo6lcuyXCPRShPkD0g%2BphBvmBwSszPPEw%2BN94vaizdxJkfiIR8MFwX%2FHbuCWRm2%2BkQpablbfAT2J7t%2F%2F%2FQ03ViIRtMrBnWt7JfMDBERNFA%3D%3D
wqak.wywkwqqvbbvbj.top/	1970-01-20 18:30:52	Name: GL_GI10 Value: eJw9yEEKwjAQBdDMCIFCF37sATxBZATRrVZ37nICTYMW66S00eLtxY2bt3jGGK5KcNujlN3GrWXrxImAbmB%2FAgeF9VNsooIG8P4AHhRzn1N43FP3XNbppfkDCij%2BCWoxm0TBOqKoL9curo7%2BDOotgXP6OTaVAb3t4gtY3B2O
xvm6.va1dsr.shop/	1970-01-20 18:29:27	Name: pp_main_068de0f61fc75f93b5ec620b96ffc803 Value: 1
xvm6.va1dsr.shop/	1970-01-20 18:29:27	Name: pp_exp_068de0f61fc75f93b5ec620b96ffc803 Value: 1708167649839

27 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://edc1.va1dsr.shop/js/googima.js Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xvm6.va1dsr.shop/embed-7ahnb20hdne3.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alteredyacht.com
arvigorothan.com
capaciousdrewreligion.com
cornersindecisioncertified.com
edc1.va1dsr.shop
friendshipmale.com
glersakr.com
inklinkor.com
my.rtmark.net
no9x-08.ukra1.shop
oagnolti.net
proftrafficcounter.com
unseenreport.com
wqak.wywkwqqvbbvbj.top
www.gstatic.com
xvm6.va1dsr.shop
139.45.195.8
139.45.197.239
139.45.197.243
172.240.108.76
172.240.253.132
172.255.103.103
192.243.59.12
194.110.207.26
2606:4700:3030::6815:575b
2606:4700:3030::ac43:9677
2606:4700:3037::6815:5b3f
2606:4700:3038::6815:ea20
2a00:1450:4001:810::2003
3.79.157.91
03ae68c3294a19218df43324d190624109f1a80d06c0519be7f6a49ff0541d31
2471fabc45d8ee00aea4166c95ab626570790338bd9b6386a8e7838bfaac4d6a
28ee659c7aa69601dbe3ad719e668b1c6f412c1402882cdd15934f64f0103f2f
3dcce4ebdb8f78f96ff7554ff30e4521c49f2d7cd50e98291bb5e3dfbf94e62a
3fbff614c6e08e3b465855a6cc1849169f25d093d7ba993b918163b313a6abc7
406bdafdd8c772d65316189707d76a2147808fa08a99814b57d6a7e463848077
416f39c82616ac8db552a9dbe41996529bf53871976db2f96655a2c7b4eb5399
43ac8ca7a079c362245b5394f4192432e9cc8ab7cb29bbc83c2dfb5fd4301d0b
4422e8c4256ab653b06cb66029f442ede4086f099b111ed2a90631479ec5f6fa
45568e3eeb45851251fbe0a2e3b50e46ede0d58fba97e685214e8e8e4ca6b2a9
49e28b805d759470a3aa776b2258d481832ff4226c8ee72da9c83d8b77475d6c
50646dd5104707f257c9429ee529d7aa39597e6b57bfb98fd80ae874746248b1
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
57766ec8479ec01ea5935f6e4c5d792bcf06711b3e8cc4ae46ea85b20cfdefab
586d1b0afb95d87c6e00eeb887472745cd63492994cb4a5c2cb342616c5988da
5bfe6299d7a4235dec63f555e4320e2ed19ca654183c17570e0671860b7008ec
602900c9760efbe7fbff95f60f180117bde7ff87b45b2452ca71b2dfbc36efd8
62405301e4c43190c59e7281197b1aace435503f41756440f48b28676ab0d53a
7289d1b2e14e86ce64faac60b99c2d57b1e795adaaf082733cc21401f991d77a
7417427f97fe06cd1e3424ccc633381448ea1544f25cd4225122ae5ddc65d790
75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc
7e0e41e9e43420d3ffd5cebbf3184a558bd4b546aeb87b2544ba28f61a45a503
83f11b7fd0835bb7f9f4a9f16d6e640e394a1bccbaca0b225fe9709e0a4bf862
8a15dc9ca260164f418088351d931fd38b537a8430a1b9cc390e5366733209b5
8daed924027093d799c780ec57027c88aaa745a2608cb7428f59c672c2e1ad83
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95
c830ec9802020935dad200eeb2c362334ff06580dab52ce9065235b693644c7a
db58fbac8304f2548011eeb67657a22780cbc8e81150dc6d9a63b74e303e8f38
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
f2f42bf6bd7d7ef2e610c717db7037be84a34c4085bbc299e498fe3251cd1222
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f920f85fbe70a858b7479b5a58ec5e23a6e3aceda44b96a169f00848f56c35ee
faa332c7d162b05acad96cb9328812de19a9e557dc86b906014955dbb4915e78

xvm6.va1dsr.shop Open in urlscan Pro 2606:4700:3030::6815:575b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

42 Requests

98 %HTTPS

36 %IPv6

15 Domains

16 Subdomains

15 IPs

5 Countries

4288 kBTransfer

5572 kBSize

20 Cookies

2 Outgoing links

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

xvm6.va1dsr.shop Open in urlscan Pro
2606:4700:3030::6815:575b Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

98 %
HTTPS

36 %
IPv6

15
Domains

16
Subdomains

15
IPs

5
Countries

4288 kB
Transfer

5572 kB
Size

20
Cookies

42 HTTP transactions
0 data transactions