| www.googletagmanager.com/gtag/js?id=G-BDYRREW2P3 |  142.250.74.168 | 200 OK | 103 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-BDYRREW2P3 IP142.250.74.168:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Size103 kB (102602 bytes) Hashf4a5c232526ae4997efdbdf4122794c4 ebed76d7d6e24ed106cf8d68960d2a2cdd23cfff 5f6de43aaac8e5dec70129cf639cc8122b0c878fd278179f66c49dce2ef269c9
GET /gtag/js?id=G-BDYRREW2P3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:50:49 GMT
expires: Fri, 26 Apr 2024 23:50:49 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102602
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| poclivetv.com/wp-content/themes/ai-blog/assets/js/mobile-menu.js?ver=1.0.10 | 172.67.183.197 | 200 OK | 17 kB |
URL GET HTTP/3poclivetv.com/wp-content/themes/ai-blog/assets/js/mobile-menu.js?ver=1.0.10 IP172.67.183.197:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectpoclivetv.com FingerprintFA:B0:24:F6:9B:21:7C:26:D6:A6:B5:03:80:22:B9:AF:72:13:FC:78 ValidityTue, 09 Apr 2024 05:04:30 GMT - Mon, 08 Jul 2024 05:04:29 GMT
File typeJavaScript source, ASCII text Hash95079801e103934b5400827b58f81a20 76ff8f501132357db688426f68f48057c9ec76be d980ce158727574d15b234ffbe8d27c8e2136eda5ae1854376a434ea27274290
GET /wp-content/themes/ai-blog/assets/js/mobile-menu.js?ver=1.0.10 HTTP/1.1
Host: poclivetv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/2449-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/javascript
last-modified: Tue, 12 Mar 2024 08:16:40 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: HIT
age: 637
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cepmnpw6Og2S6B1T%2FcCrmA6DLLl6EIgP5%2BA8pKGtjQm47%2FqlM1eZbC9VWXQbzTzVVL1qSm2hqFj0R0pzEwIlTlKAfOVv7X20wDEaXRncdKnRG3UhpQ2pDmnFKkTQ9MMl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a2e5cceb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| asacdn.com/script/suv5.js | 172.67.155.72 | 200 OK | 33 kB |
URL GET HTTP/3asacdn.com/script/suv5.js IP172.67.155.72:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerLet's Encrypt Subjectasacdn.com Fingerprint66:82:92:FF:59:8E:E7:C4:09:77:A5:73:EF:F3:73:48:E5:63:0E:64 ValiditySun, 03 Mar 2024 18:33:39 GMT - Sat, 01 Jun 2024 18:33:38 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65499), with no line terminators Hash53ba90f485782e771086791c3c8105f5 6ab83f29079c7f2fc080b035005cc291fa7d2aa9 f0e49f51669d33021e3c9329945a70ca80619cf113024601d8135ae7ec02853f
GET /script/suv5.js HTTP/1.1
Host: asacdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPq5jRYrh8vivN42gsz6Fg5X0TvvOrLQsal539IQGNc4ZJa0Ge75UcbOJxsjja9Qw4yXFz0FTeHHOQ
x-goog-generation: 1714053256821370
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 74190
x-goog-hash: crc32c=zXltzg==, md5=U7qQ9IV4LncQhnkcPIEF9Q==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 00:16:27 GMT
cache-control: public, max-age=14400
last-modified: Thu, 25 Apr 2024 13:54:16 GMT
etag: W/"53ba90f485782e771086791c3c8105f5"
age: 802
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sMK5dHJEgh4bfijBdQeN7xc2o4ThxUGftvfbX9TAUdn1ybSjVhxmSYgR05JjbXOd1i1Vm2mGNu844TVGR61UBXtnUQeGyOhmg1FmLI2dJ5NhxV4iJn4hmaNoaPzr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7a301ca80b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grunoaph.net/tag.min.js |  139.45.197.238 | 200 OK | 28 kB |
IP139.45.197.238:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerLet's Encrypt Subjectgrunoaph.net Fingerprint54:74:19:00:7A:EF:BC:7B:22:8C:ED:75:0E:E0:1A:59:11:13:4A:4E ValidityWed, 13 Mar 2024 05:08:21 GMT - Tue, 11 Jun 2024 05:08:20 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash1a94e327b8911ae195d4d87eb1f66814 b017be832a294a4ee5d6fb6bdb90a23e0545b3a6 5b22184b826fd4038c7b041bc302e3ccefebddf0b98e253200e4831779a70103
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /tag.min.js HTTP/1.1
Host: grunoaph.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 28090
content-encoding: br
x-trace-id: 5ba54966f3a2cf64376d0d3149ee3c24
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 26 Apr 2024 21:30:02 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| poclivetv.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 | 172.67.183.197 | 200 OK | 5.0 kB |
URL GET HTTP/3poclivetv.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP172.67.183.197:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectpoclivetv.com FingerprintFA:B0:24:F6:9B:21:7C:26:D6:A6:B5:03:80:22:B9:AF:72:13:FC:78 ValidityTue, 09 Apr 2024 05:04:30 GMT - Mon, 08 Jul 2024 05:04:29 GMT
File typeJavaScript source, ASCII text, with very long lines (13479) Hash9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: poclivetv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/2449-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/javascript
last-modified: Fri, 09 Jun 2023 15:19:24 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: HIT
age: 637
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qcple619hcXyw%2BiuLZLUnfu4pyLNS2g4uj9DBhMtoA6f8lqrwWHdvP21pEwdYM6%2BOydkUw2%2FYfZqhoUqbqtR8xR0vo2qFX%2BHjWY6Kf3omdMvEVbj%2BFEiTBgTVRbxv2jq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a2e4cb8b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| secure.gravatar.com/avatar/193baaee05a7d7837b345495c78e637f?s=96&d=mm&r=g | 192.0.73.2 | 200 OK | 1.4 kB |
URL GET HTTP/2secure.gravatar.com/avatar/193baaee05a7d7837b345495c78e637f?s=96&d=mm&r=g IP192.0.73.2:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerSectigo Limited Subject*.gravatar.com Fingerprint28:34:17:4E:69:95:4B:B9:70:DF:D4:0F:AA:2C:8D:60:F2:45:E7:D0 ValidityTue, 05 Dec 2023 00:00:00 GMT - Sat, 04 Jan 2025 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 96x96, components 3 Hash55b6a58dfb5f63249c3eba459bbed76b 286ad6fa76db0d586ebaa65391a382a49bc163a3 54ee9bbe2550cd9323f302ba77e47d14fcb84cec7c628521b9f19cd52ce37cef
GET /avatar/193baaee05a7d7837b345495c78e637f?s=96&d=mm&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 23:50:50 GMT
content-type: image/jpeg
content-length: 1447
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://gravatar.com/avatar/193baaee05a7d7837b345495c78e637f?s=96&d=mm&r=g>; rel="canonical"
access-control-allow-origin: *
content-disposition: inline; filename="193baaee05a7d7837b345495c78e637f.png"
expires: Fri, 26 Apr 2024 23:55:50 GMT
cache-control: max-age=300
x-nc: HIT arn 1
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| youradexchange.com/script/suurl5.php?r=5879942&cbur=0.13232030384944704&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=&cbpage=https%3A%2F%2Fpoclivetv.com%2F2449-2%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=asacdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&ts=1714175449772&srs=acd9ff0d1bcbad47a6583858516119f3&atv=48.0-sw-suv5 | 172.67.177.214 | 200 OK | 1.3 kB |
URL GET HTTP/2youradexchange.com/script/suurl5.php?r=5879942&cbur=0.13232030384944704&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=&cbpage=https%3A%2F%2Fpoclivetv.com%2F2449-2%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=asacdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&ts=1714175449772&srs=acd9ff0d1bcbad47a6583858516119f3&atv=48.0-sw-suv5 IP172.67.177.214:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectyouradexchange.com FingerprintD5:0B:42:43:E8:69:FA:76:AA:C8:B3:28:9A:EB:33:C4:6F:62:7A:2B ValiditySun, 14 Apr 2024 01:48:20 GMT - Sat, 13 Jul 2024 01:48:19 GMT
Hash8b3c5a1fd634ebeb245f713fe416a8eb 0ed37cc5e1c94acd77c317d4432cc257cf8f19cd b5a2ce820e69f37498f43c9307bf054b91594e80602a99ef4b50550619713a14
GET /script/suurl5.php?r=5879942&cbur=0.13232030384944704&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=&cbpage=https%3A%2F%2Fpoclivetv.com%2F2449-2%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=asacdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&ts=1714175449772&srs=acd9ff0d1bcbad47a6583858516119f3&atv=48.0-sw-suv5 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poclivetv.com/
Origin: https://poclivetv.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UquipSPMGFRK3xIU6rfmtIFN1mgu1FDrvQZVDELy98Up7%2BOTXz9%2BNYQBVkvZX7%2Bg9yr4mx0O%2BXuZ6lqhG522cgy4WBpxxT1EJJCWS8QdHYdDdm1Z0wlNC6e6Dx1nqxYYtgngxFI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a316afbb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| asacdn.com/script/ut.js?cb=1714175449838 | 172.67.155.72 | 200 OK | 22 kB |
URL GET HTTP/3asacdn.com/script/ut.js?cb=1714175449838 IP172.67.155.72:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerLet's Encrypt Subjectasacdn.com Fingerprint66:82:92:FF:59:8E:E7:C4:09:77:A5:73:EF:F3:73:48:E5:63:0E:64 ValiditySun, 03 Mar 2024 18:33:39 GMT - Sat, 01 Jun 2024 18:33:38 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (62938), with no line terminators Hashbc481e345c04b4534e0a4e54a0f2c1c6 2be428035dd37b2722891c200f35449c5893df33 04d8cc0aacc3f172f638e608d3f08e8457d849290ae553090cb951d4b3f1b97b
GET /script/ut.js?cb=1714175449838 HTTP/1.1
Host: asacdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPrEeL-ozC8xgpmn784CRHMjMJJOjX_oB35-9D6CmvTNNUdOb75shlaeeH3vPGqV6Ji8A9y5G_7Nig
x-goog-generation: 1714053300452258
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 62975
x-goog-hash: crc32c=f8d0YQ==, md5=vEgeNFwEtFNOCk5UoPLBxg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 00:13:06 GMT
cache-control: public, max-age=14400
last-modified: Thu, 25 Apr 2024 13:55:00 GMT
etag: W/"bc481e345c04b4534e0a4e54a0f2c1c6"
age: 980
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dmFc0sErE38n4QT9HSaxKUM%2F9zBxvBjglhfltJNBnLbfnY4EAAL8liXpZWeA9GWAokmgA1D%2FSpMgMIkQ26%2BUQal0xdEPgFcSQrM7NafyhISWMeMbljPbUaKnCnQg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7a31dd270b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| quartaherbist.com/rajJs8QOI9CknaS/69521 |  23.109.170.77 | 200 OK | 20 B |
URL GET HTTP/1.1quartaherbist.com/rajJs8QOI9CknaS/69521 IP23.109.170.77:443
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerLet's Encrypt Subjectquartaherbist.com Fingerprint09:ED:0D:10:E1:38:44:BB:04:D8:BA:98:84:E3:F0:2F:50:D6:75:FC ValidityWed, 17 Apr 2024 23:14:14 GMT - Tue, 16 Jul 2024 23:14:13 GMT
File typegzip compressed data, from Unix Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /rajJs8QOI9CknaS/69521 HTTP/1.1
Host: quartaherbist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poscitechs.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 23:50:50 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://poscitechs.shop
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sat, 27-Apr-2024 23:50:50 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sat, 27-Apr-2024 23:50:50 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| poclivetv.com/wp-content/themes/ai-blog/assets/css/default-style.css?ver=1.0.2 | 172.67.183.197 | 200 OK | 2.3 kB |
URL GET HTTP/3poclivetv.com/wp-content/themes/ai-blog/assets/css/default-style.css?ver=1.0.2 IP172.67.183.197:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectpoclivetv.com FingerprintFA:B0:24:F6:9B:21:7C:26:D6:A6:B5:03:80:22:B9:AF:72:13:FC:78 ValidityTue, 09 Apr 2024 05:04:30 GMT - Mon, 08 Jul 2024 05:04:29 GMT
Hash3056e840488df5ae2181a874315ae213 5f6438845d98a7fa63ad58206d8198509aed736f 6dfb215366d14f28d58fb8deeb109c2cd0fb834ec8214dffb2c47a950ec10c5a
GET /wp-content/themes/ai-blog/assets/css/default-style.css?ver=1.0.2 HTTP/1.1
Host: poclivetv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/2449-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sun, 28 Apr 2024 11:13:13 GMT
last-modified: Tue, 12 Mar 2024 08:16:40 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 477455
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gn1gxvgVC%2FXWEMLXG8B6dzsYedTfmYOHKtCZldxdOAGjPXbzSipRbZj0NFA4BGONfyNMxUSbdV2PpYGMWiriLaz730nUwFMhP%2F%2B%2BG2Fj8aQw1z%2FUK%2Fr0Namwg6LvDNdD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a2e3cacb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| poclivetv.com/wp-includes/js/masonry.min.js?ver=4.2.2 | 172.67.183.197 | 200 OK | 15 kB |
URL GET HTTP/3poclivetv.com/wp-includes/js/masonry.min.js?ver=4.2.2 IP172.67.183.197:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectpoclivetv.com FingerprintFA:B0:24:F6:9B:21:7C:26:D6:A6:B5:03:80:22:B9:AF:72:13:FC:78 ValidityTue, 09 Apr 2024 05:04:30 GMT - Mon, 08 Jul 2024 05:04:29 GMT
File typeJavaScript source, ASCII text, with very long lines (23966) Hash3b3fc826e58fc554108e4a651c9c7848 76778fd446e2ff2377588a7b4ac4d79f258427c9 e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: poclivetv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/2449-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/javascript
last-modified: Sun, 14 Jun 2020 04:23:28 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: HIT
age: 637
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S9OYD4L1%2BqLgVKrxrZxkwNbcJ5CE7qBHbXPPA6n3q1Wv%2FV3DiNPduHO6kyopUpWrKYy2DUwTxmYQi4zi4COuUR4ylKCWa4TZTx%2BeSdX4EnN7Txe9NsXgZ38oB3giIh6W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a2e5cc7b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| poclivetv.com/wp-content/themes/ai-blog/assets/js/navigation.js?ver=1.0.2 | 172.67.183.197 | 200 OK | 35 kB |
URL GET HTTP/3poclivetv.com/wp-content/themes/ai-blog/assets/js/navigation.js?ver=1.0.2 IP172.67.183.197:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectpoclivetv.com FingerprintFA:B0:24:F6:9B:21:7C:26:D6:A6:B5:03:80:22:B9:AF:72:13:FC:78 ValidityTue, 09 Apr 2024 05:04:30 GMT - Mon, 08 Jul 2024 05:04:29 GMT
Hash6c14accb015f2d62154ee408fe5d0c3e f03e6d46937ac908356d92750ae5ce0933df493b 60e1017c6585464aa240b13f4074ab5ea100dcbdb72615124ff575bcc891a542
GET /wp-content/themes/ai-blog/assets/js/navigation.js?ver=1.0.2 HTTP/1.1
Host: poclivetv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/2449-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/javascript
last-modified: Tue, 12 Mar 2024 08:16:40 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: HIT
age: 637
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JS09qB4H8r6ozcX7mKEL52tvPBfOvyI8%2BAOfJdcz5wRam9%2FxjP3wD%2FA3F1AOsAMTy0uYgtAkQxdKJ%2Fe%2FYkYHoZzGeW10Y8NWPGrwJfoE4QJ0FSIY8aIYVf9jKS3rJ18r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a2e5cc8b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| poclivetv.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 | 172.67.183.197 | 200 OK | 47 kB |
URL GET HTTP/3poclivetv.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP172.67.183.197:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectpoclivetv.com FingerprintFA:B0:24:F6:9B:21:7C:26:D6:A6:B5:03:80:22:B9:AF:72:13:FC:78 ValidityTue, 09 Apr 2024 05:04:30 GMT - Mon, 08 Jul 2024 05:04:29 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: poclivetv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/2449-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/javascript
last-modified: Tue, 29 Aug 2023 02:44:24 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: HIT
age: 637
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T2fACcyYOaoTrQCRrAXQAFGiWG0B6M9%2FKzljkQMOZjOEOLRmnm%2FXitCzjWjs5L4nNMm9mzigGF9ik3HqRMF9mMXuaHAyR8a9apy7qW4qlhEcJHSsG8XLbI%2BKCn4gRJrW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a2e4cb5b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kzt2afc1rp52.com/dd/d4/30/ddd430767cdbddd8ac0726a842abd6c0.js | 172.240.127.234 | 200 OK | 30 kB |
URL GET HTTP/1.1kzt2afc1rp52.com/dd/d4/30/ddd430767cdbddd8ac0726a842abd6c0.js IP172.240.127.234:443
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerLet's Encrypt Subjectkzt2afc1rp52.com Fingerprint9A:52:7D:FA:48:7E:A0:17:19:03:F5:A9:DF:9C:A1:0B:F6:F5:5A:51 ValidityWed, 10 Apr 2024 07:14:41 GMT - Tue, 09 Jul 2024 07:14:40 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash3fc6998e432f7a22963c8c7eb95858d5 10b6b9de42febb65adde4c57bcfe919faaaf28fc d27bd8ea95041424dd44239b79a03b697ed47c45685aa6071e7080b38165c9cf
GET /dd/d4/30/ddd430767cdbddd8ac0726a842abd6c0.js HTTP/1.1
Host: kzt2afc1rp52.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poscitechs.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 23:50:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-2931_layer=0; expires=Sun, 28 Apr 2024 23:50:50 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4d3fcedad82a12fccf9bff031da76d10
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| poclivetv.com/wp-content/themes/ai-blog/assets/css/all.css?ver=5.15.3 | 172.67.183.197 | 200 OK | 13 kB |
URL GET HTTP/3poclivetv.com/wp-content/themes/ai-blog/assets/css/all.css?ver=5.15.3 IP172.67.183.197:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectpoclivetv.com FingerprintFA:B0:24:F6:9B:21:7C:26:D6:A6:B5:03:80:22:B9:AF:72:13:FC:78 ValidityTue, 09 Apr 2024 05:04:30 GMT - Mon, 08 Jul 2024 05:04:29 GMT
Hash8452290d7deb4af0f874314c2912f5af 2dfefd404dfb1324e9a2771879e492ddab1af56c e5ad31a47913cdfc2470acd4e304982fae2bccf62098855fecf3b84c1e7fea34
GET /wp-content/themes/ai-blog/assets/css/all.css?ver=5.15.3 HTTP/1.1
Host: poclivetv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/2449-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sun, 28 Apr 2024 11:13:13 GMT
last-modified: Tue, 12 Mar 2024 08:16:40 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 477455
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=My4tSa1QlwXGyM50YOYl7tj55qw7kGbZU8kCSTZGmoeouDGx4VY2O0jInOuOOlb7G9K%2F%2FEjXHpazO1wFQA44dE8ekbD3%2BU6ScPzbsm%2BTolDKtppN%2BwKHZ%2BVQOvMmp8oN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a2e4cb2b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| proftrafficcounter.com/stats |  18.194.72.95 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.194.72.95:443
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashefe16c7714a8ed457cc24d214fbb6503 4003aa31de81bd83efdaecc4dd333358fbb9dda7 0573d98299c414334c93269c28a0c70b37d822b6c83bf0fc3ead0dd65a0b5c9b
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poscitechs.shop
DNT: 1
Connection: keep-alive
Referer: https://poscitechs.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:50:50 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://poscitechs.shop
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=3dc82831-7933-4aa8-b62c-73b4faad5886:2:1; expires=Mon, 24 Apr 2034 23:50:50 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| poscitechs.shop/player/stream-51.php | 172.67.203.122 | 200 OK | 0 B |
URL HEAD HTTP/3poscitechs.shop/player/stream-51.php IP172.67.203.122:443
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerGoogle Trust Services LLC Subjectposcitechs.shop Fingerprint16:62:9E:3C:9D:AE:CF:BF:BF:23:65:45:04:2D:0C:BC:E3:5C:4A:06 ValiditySun, 17 Mar 2024 14:31:32 GMT - Sat, 15 Jun 2024 14:31:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /player/stream-51.php HTTP/1.1
Host: poscitechs.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poscitechs.shop/player/stream-51.php
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:50 GMT
content-type: text/html; charset=UTF-8
x-frame-options: ALLOW-FROM https://htmledit.squarefree.com/, ALLOW-FROM https://example.com/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1zhIMDv4pO1zKapNtl5me7o8UiKN0%2BMGt0Td3tmy5AvgO0ajX3KlCuHxAhJpiI4McQDiDhRcgV4WBl7zGjJkULK3GHLWb96Ga4fdQNvEZnxn7AfYyRpcZRbWiFHFueanneI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a372a99568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| zeekaihu.net/tag.min.js | 139.45.197.245 | 200 OK | 28 kB |
IP139.45.197.245:443
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerLet's Encrypt Subjectzeekaihu.net FingerprintDC:33:58:08:9D:AE:91:96:52:5E:8F:EF:D8:4F:DD:E8:87:D4:36:4F ValidityThu, 29 Feb 2024 05:53:35 GMT - Wed, 29 May 2024 05:53:34 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash1a94e327b8911ae195d4d87eb1f66814 b017be832a294a4ee5d6fb6bdb90a23e0545b3a6 5b22184b826fd4038c7b041bc302e3ccefebddf0b98e253200e4831779a70103
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /tag.min.js HTTP/1.1
Host: zeekaihu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poscitechs.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 23:50:50 GMT
content-type: text/javascript; charset=utf-8
content-length: 28090
content-encoding: br
x-trace-id: 442b0d15bf0ce9cd4a60976dc981abc6
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 26 Apr 2024 21:30:02 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| poclivetv.com/favicon.ico | 172.67.183.197 | 404 Not Found | 8.8 kB |
URL GET HTTP/3poclivetv.com/favicon.ico IP172.67.183.197:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectpoclivetv.com FingerprintFA:B0:24:F6:9B:21:7C:26:D6:A6:B5:03:80:22:B9:AF:72:13:FC:78 ValidityTue, 09 Apr 2024 05:04:30 GMT - Mon, 08 Jul 2024 05:04:29 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash8150f458ed6fb9b1db4e5cfa57a1a281 6e5726854d28687b560d7fdcb5c782c425c7dfb9 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
GET /favicon.ico HTTP/1.1
Host: poclivetv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/2449-2/
Cookie: _ga_BDYRREW2P3=GS1.1.1714175449.1.0.1714175449.0.0.0; _ga=GA1.1.196214108.1714175450
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Fri, 26 Apr 2024 23:50:50 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GGmP0mckWYC%2FrC1JLH29Q31wUuLs9RJ6l4Gi%2BUZj0zNPy43PI1a4J6mbZU%2FMzqBQIcLJfHiAOemnmn3mBT4wLVEWVFDgDNC%2FSvGVFKjvgrCKFaNfb9kEK%2F7YQ2cP2ON8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7a32a838b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downstairsnegotiatebarren.com/sfp.js |  104.21.35.227 | 200 OK | 62 kB |
URL GET HTTP/3downstairsnegotiatebarren.com/sfp.js IP104.21.35.227:443
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poscitechs.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:50:50 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: b9df21f37f9c01a4cf78edaad5fcc3b6
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: STALE
age: 1
last-modified: Fri, 26 Apr 2024 23:50:49 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zxQE5SkC8WTT3LT9%2F4KuZLoDZK91BUFNZ%2FHJcnoEwQmAIiCyQKzcRsRjsbv9oeT041By7Z1wTCUMLejjVngAozACdU28PQBLy4c%2Bc5iuc0SOIMibrSyPYBCWIGUbHVWo%2BAxQcbl5GOagLDU149%2B5fA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7a369d4db518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.6.0.min.js | 151.101.66.137 | 200 OK | 31 kB |
URL GET HTTP/2code.jquery.com/jquery-3.6.0.min.js IP151.101.66.137:443
Requested byhttps://claplivehdplay.ru/premiumtv/poscitech.php?id=51 CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claplivehdplay.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 26 Apr 2024 23:50:51 GMT
age: 31631
x-served-by: cache-lga21931-LGA, cache-hel1410034-HEL
x-cache: HIT, HIT
x-cache-hits: 3, 18327
x-timer: S1714175451.030226,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2
|
|
| energypopulationpractical.com/pixel/purst?dl=0&th=0&sc=0&rs=929&rd=929&fd=735&bv=24.4.6923&tmpl=70 | 192.243.59.20 | 200 OK | 0 B |
URL GET HTTP/1.1energypopulationpractical.com/pixel/purst?dl=0&th=0&sc=0&rs=929&rd=929&fd=735&bv=24.4.6923&tmpl=70 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerLet's Encrypt Subjectenergypopulationpractical.com Fingerprint94:C5:27:9D:BC:2E:20:2F:4E:B0:20:AD:FE:C9:15:3F:F1:78:5B:B2 ValidityWed, 24 Apr 2024 15:03:55 GMT - Tue, 23 Jul 2024 15:03:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=929&rd=929&fd=735&bv=24.4.6923&tmpl=70 HTTP/1.1
Host: energypopulationpractical.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poscitechs.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 26 Apr 2024 23:50:51 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| poclivetv.com/wp-content/themes/ai-blog-lite/style.css?ver=1.0.2 | 172.67.183.197 | 200 OK | 16 kB |
URL GET HTTP/3poclivetv.com/wp-content/themes/ai-blog-lite/style.css?ver=1.0.2 IP172.67.183.197:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectpoclivetv.com FingerprintFA:B0:24:F6:9B:21:7C:26:D6:A6:B5:03:80:22:B9:AF:72:13:FC:78 ValidityTue, 09 Apr 2024 05:04:30 GMT - Mon, 08 Jul 2024 05:04:29 GMT
File typeASCII text, with very long lines (655) Hasha8f0bd072f7e70f2a93e02422a280603 f9161ddd3ea01120da396dd8cd6c013d2ea348a5 85cfaecdcc80ea88980823c91466363220c97c33f9f137537f3101caf265a8b2
GET /wp-content/themes/ai-blog-lite/style.css?ver=1.0.2 HTTP/1.1
Host: poclivetv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/2449-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sun, 28 Apr 2024 11:13:13 GMT
last-modified: Tue, 12 Mar 2024 08:16:38 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 477455
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ECUcBkZtuzSRrr2eCaC0x%2FjOx6FlK7QoR0HfvWBPPZgFYz8Zg59SVClpR1%2FqdZ9d1gY40tK6iuwmge%2FmW4j%2BYU7RQnMhdvf%2F7fU%2Bir5jfWHVw%2F6xZNEyJu9IMWcc2Ppr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a2e3caab4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 6.adsco.re/ | 104.17.166.186 | 200 OK | 0 B |
IP104.17.166.186:443
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poscitechs.shop
DNT: 1
Connection: keep-alive
Referer: https://poscitechs.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:50:51 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://poscitechs.shop
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7a3baba756bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 6.adsco.re:2087/ | 104.17.166.186 | 200 OK | 0 B |
IP104.17.166.186:2087
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re:2087
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poscitechs.shop
DNT: 1
Connection: keep-alive
Referer: https://poscitechs.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:50:51 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://poscitechs.shop
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7a3babcf56be-OSL
alt-svc: h3=":2087"; ma=86400
X-Firefox-Spdy: h2
|
|
| 4.adsco.re/ | 162.252.214.5 | 200 OK | 62 B |
IP162.252.214.5:443
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash5b41cb22f84f645a103acc7bfbf084ff bac3967b26d5ec4a0d09a580714e8219796816bd 709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poscitechs.shop
DNT: 1
Connection: keep-alive
Referer: https://poscitechs.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:50:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://poscitechs.shop
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
|
|
| 4.adsco.re:2087/ | 162.252.214.5 | 200 OK | 62 B |
IP162.252.214.5:2087
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash5b41cb22f84f645a103acc7bfbf084ff bac3967b26d5ec4a0d09a580714e8219796816bd 709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc
GET / HTTP/1.1
Host: 4.adsco.re:2087
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poscitechs.shop
DNT: 1
Connection: keep-alive
Referer: https://poscitechs.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:50:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://poscitechs.shop
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
|
|
| proftrafficcounter.com/stats | 18.194.72.95 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.194.72.95:443
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashefe16c7714a8ed457cc24d214fbb6503 4003aa31de81bd83efdaecc4dd333358fbb9dda7 0573d98299c414334c93269c28a0c70b37d822b6c83bf0fc3ead0dd65a0b5c9b
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poscitechs.shop
DNT: 1
Connection: keep-alive
Referer: https://poscitechs.shop/
Cookie: uid_id2=3dc82831-7933-4aa8-b62c-73b4faad5886:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:50:51 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://poscitechs.shop
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| zttov7d70j1f.l4.adsco.re/ | 185.200.118.51 | 200 OK | 0 B |
URL POST HTTP/2zttov7d70j1f.l4.adsco.re/ IP185.200.118.51:443
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerLet's Encrypt Subject*.l4.adsco.re FingerprintB2:51:02:63:F4:E6:E7:3A:98:79:B7:C5:F8:81:EC:E8:79:B9:BC:22 ValidityFri, 19 Apr 2024 09:12:52 GMT - Thu, 18 Jul 2024 09:12:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: zttov7d70j1f.l4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://poscitechs.shop
DNT: 1
Connection: keep-alive
Referer: https://poscitechs.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:50:51 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 02 Jun 2023 14:03:32 GMT
etag: "6479f6b4-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 6.adsco.re/ | 104.17.167.186 | 200 OK | 0 B |
IP104.17.167.186:443
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:51 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: *
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7a3ccf51568d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| c.adsco.re/ | 104.17.167.186 | | 28 kB |
IP104.17.167.186:0
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (689) Hasha0b475c65fed312aba8d7c43a0cbc928 3fdd052b41c37318e44084be4f92d42fba4ded61 2dfb2101b24f80be00b1baecce7eec815e61a13381f6983051b6261b8035468a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:51 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Mon, 27 May 2024 23:50:51 GMT
etag: W/"oLR1xl/tMSq6jXxDoMvJKA=="
cf-cache-status: HIT
age: 708894
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7a3ccf4e568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adsco.re/p | 162.252.214.5 | 200 OK | 813 B |
IP162.252.214.5:443
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (1020), with no line terminators Hash2b7dee8a2f21f7bc3f5fd8de75cf4f75 4d4cb6a34581f2d5d6eeed9f63e80cc78743a83b d402d1ac46ecb7e25e1491f56769279c198715bf666f1c1c21773a6565128e9a
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1687
Origin: https://poscitechs.shop
DNT: 1
Connection: keep-alive
Referer: https://poscitechs.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:50:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Access-Control-Allow-Origin: https://poscitechs.shop
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| zttov7d70j1f.n4.adsco.re/ | 38.132.109.115 | 200 OK | 0 B |
URL POST HTTP/2zttov7d70j1f.n4.adsco.re/ IP38.132.109.115:443
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerLet's Encrypt Subject*.n4.adsco.re Fingerprint45:6E:69:F7:75:1D:65:9E:20:3D:CF:CE:8B:F5:36:72:85:BD:76:EC ValidityFri, 19 Apr 2024 09:12:46 GMT - Thu, 18 Jul 2024 09:12:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: zttov7d70j1f.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://poscitechs.shop
DNT: 1
Connection: keep-alive
Referer: https://poscitechs.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:50:51 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 16 Jun 2023 08:37:42 GMT
etag: "648c1f56-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| capaciousdrewreligion.com/advertisers.js | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1capaciousdrewreligion.com/advertisers.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerLet's Encrypt Subjectcapaciousdrewreligion.com Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poscitechs.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 23:50:51 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7de95378ff4d00f45b17bb10ec0ce2c7
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| zttov7d70j1f.s4.adsco.re/ |  185.200.116.51 | 200 OK | 0 B |
URL POST HTTP/2zttov7d70j1f.s4.adsco.re/ IP185.200.116.51:443
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerLet's Encrypt Subject*.s4.adsco.re Fingerprint6C:EA:F6:8F:57:34:25:F9:39:76:98:E0:61:B8:C8:86:AD:CC:68:0A ValidityFri, 19 Apr 2024 09:12:40 GMT - Thu, 18 Jul 2024 09:12:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: zttov7d70j1f.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://poscitechs.shop
DNT: 1
Connection: keep-alive
Referer: https://poscitechs.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:50:52 GMT
content-type: text/html
content-length: 0
last-modified: Tue, 03 Oct 2023 13:29:59 GMT
etag: "651c1757-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 162.252.214.4/p | 162.252.214.4 | 200 OK | 812 B |
IP162.252.214.4:443
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerGoGetSSL Subject162.252.214.4 Fingerprint99:4E:5E:EE:6D:B3:71:D1:59:DE:66:7A:87:0B:95:4A:AD:A6:DF:04 ValiditySun, 31 Mar 2024 00:00:00 GMT - Thu, 01 May 2025 23:59:59 GMT
File typeASCII text, with very long lines (1020), with no line terminators Hash024919159078aad2a5553c02d31ce3a5 91a10f3b2f5f1847d29084a541365fe6ebdf593a 8e55379f8d118d237d50cf6093bf6c2d81c465b915c5064e6efb6e0123cef061
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /p HTTP/1.1
Host: 162.252.214.4
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1687
Origin: https://poscitechs.shop
DNT: 1
Connection: keep-alive
Referer: https://poscitechs.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:50:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Access-Control-Allow-Origin: https://poscitechs.shop
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| poclivetv.com/wp-content/themes/ai-blog/assets/css/bootstrap.css?ver=5.0.1 | 172.67.183.197 | 200 OK | 196 kB |
URL GET HTTP/3poclivetv.com/wp-content/themes/ai-blog/assets/css/bootstrap.css?ver=5.0.1 IP172.67.183.197:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectpoclivetv.com FingerprintFA:B0:24:F6:9B:21:7C:26:D6:A6:B5:03:80:22:B9:AF:72:13:FC:78 ValidityTue, 09 Apr 2024 05:04:30 GMT - Mon, 08 Jul 2024 05:04:29 GMT
Size196 kB (195793 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/themes/ai-blog/assets/css/bootstrap.css?ver=5.0.1 HTTP/1.1
Host: poclivetv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/2449-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sun, 28 Apr 2024 11:13:13 GMT
last-modified: Tue, 12 Mar 2024 08:16:40 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 477455
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8sv9M55NloOIMD5mcLIJ8eNHYD2E9bADTYZpqB%2FCFP%2FTHTp9%2BumPagX0I2Mqzn7ZksUccP02Lhya0RPfHuW%2BTFd%2FF59VB91R5nu0OPf9ESCRYp4l3uz0t4gwptWHY%2FNd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a2e3ca9b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| poclivetv.com/wp-includes/js/comment-reply.min.js?ver=6.5.2 | 172.67.183.197 | 200 OK | 3.0 kB |
URL GET HTTP/3poclivetv.com/wp-includes/js/comment-reply.min.js?ver=6.5.2 IP172.67.183.197:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectpoclivetv.com FingerprintFA:B0:24:F6:9B:21:7C:26:D6:A6:B5:03:80:22:B9:AF:72:13:FC:78 ValidityTue, 09 Apr 2024 05:04:30 GMT - Mon, 08 Jul 2024 05:04:29 GMT
File typeASCII text, with very long lines (3056), with no line terminators Hashdc7f90d513295c29acc441fe114a2cab ca9e5069d9afc4aa13ab2e152313dfb476e842ef f87915c58d8c25473c726646b58d2fe0ba9a136987571e6c810aba3c67b4f74c
GET /wp-includes/js/comment-reply.min.js?ver=6.5.2 HTTP/1.1
Host: poclivetv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/2449-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/javascript
last-modified: Sat, 09 Apr 2022 05:37:18 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: HIT
age: 637
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QJyepO6c%2F4Yo9A%2BPc2v3Qc11doq6nHnpS2QV9RgxO7M2BxG1xVfrQpQjAf0TgIUFOA%2FXyD6POq8j5t1UKLtf4frPLFFD2L8jPJVRiNGQljZVRURGiD%2FOP%2BY8O7qvPURV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a2e5cd0b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grunoaph.net/5/2964865/?oo=1&aab=1 | 139.45.197.238 | 200 OK | 2.9 kB |
URL GET HTTP/2grunoaph.net/5/2964865/?oo=1&aab=1 IP139.45.197.238:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerLet's Encrypt Subjectgrunoaph.net Fingerprint54:74:19:00:7A:EF:BC:7B:22:8C:ED:75:0E:E0:1A:59:11:13:4A:4E ValidityWed, 13 Mar 2024 05:08:21 GMT - Tue, 11 Jun 2024 05:08:20 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3169), with no line terminators Hashb6562e46bda16d2800e591bd2002fb28 2200ad45793423245b744377be97ae9e0a69980f 01b93d276b09397c1c30108ac266a3aef3bc267f6eab23b9ebd8ad6d903c0d3d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /5/2964865/?oo=1&aab=1 HTTP/1.1
Host: grunoaph.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poclivetv.com
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: application/json
x-trace-id: ac85e5c64b2657032a20e49107b5773a
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://poclivetv.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=00804a8b4d734b59f8a0058f654514d8; expires=Sat, 26 Apr 2025 23:50:49 GMT; path=/; secure; SameSite=None
oaidts=1714175449; expires=Sat, 26 Apr 2025 23:50:49 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| poclivetv.com/wp-content/themes/ai-blog/assets/css/admin-block.css?ver=1.0 | 172.67.183.197 | 200 OK | 2.6 kB |
URL GET HTTP/3poclivetv.com/wp-content/themes/ai-blog/assets/css/admin-block.css?ver=1.0 IP172.67.183.197:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectpoclivetv.com FingerprintFA:B0:24:F6:9B:21:7C:26:D6:A6:B5:03:80:22:B9:AF:72:13:FC:78 ValidityTue, 09 Apr 2024 05:04:30 GMT - Mon, 08 Jul 2024 05:04:29 GMT
File typeASCII text, with very long lines (2840), with no line terminators Hashbe09b650bcdcd3ed861db603e6ac8a8c 5cde45195313df24e1d8e90886ff6314f5dd3cde 2fc12de6ef5749e33d7013ffa16c4d41e8d7cb430b2db4ca761b4726fb1c7c66
GET /wp-content/themes/ai-blog/assets/css/admin-block.css?ver=1.0 HTTP/1.1
Host: poclivetv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/2449-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sun, 28 Apr 2024 11:13:13 GMT
last-modified: Tue, 12 Mar 2024 08:16:40 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 477455
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iVYkVcobG9qvPW%2Fe2E1vGjWTFwin3Veg8bHC8d1lp5rmlb7DZ6fqfLwF8d5HGd%2BKHOj2O2W4D9tuY89juHaSnVtC8oXVIMJS09X56lRLgMrgtSJy7hjOoOVMFN4zVTDc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a2e3ca7b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| poclivetv.com/wp-content/themes/ai-blog/assets/css/responsive.css?ver=1.0.2 | 172.67.183.197 | 200 OK | 2.9 kB |
URL GET HTTP/3poclivetv.com/wp-content/themes/ai-blog/assets/css/responsive.css?ver=1.0.2 IP172.67.183.197:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectpoclivetv.com FingerprintFA:B0:24:F6:9B:21:7C:26:D6:A6:B5:03:80:22:B9:AF:72:13:FC:78 ValidityTue, 09 Apr 2024 05:04:30 GMT - Mon, 08 Jul 2024 05:04:29 GMT
File typeASCII text, with very long lines (3022), with no line terminators Hash8b57e6b1819d136829055b455b0b8157 84b487e31c996e4f614bb30bd62fbd3d76bd7bb6 e90f1a03099f8b32856ddf22e89b395abb9d4bd959637bc6a02ed934d568637f
GET /wp-content/themes/ai-blog/assets/css/responsive.css?ver=1.0.2 HTTP/1.1
Host: poclivetv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/2449-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sun, 28 Apr 2024 11:13:13 GMT
last-modified: Tue, 12 Mar 2024 08:16:40 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 477455
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rmxXPDJ%2BCEnqutplOvB%2B2aon68rs1e6cf0SztZZCr7MHL6HvbD%2B%2BfmbqhT3f4Vq2Zf72rehfUPRMhm8p72c8Hr%2BYetvVaQmta%2Fw1RuGqx8Ue6COMRtHFzmKKfIre3dFx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a2e4cb4b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| claplivehdplay.ru/blast.js | 104.21.17.209 | 200 OK | 78 kB |
URL GET HTTP/3claplivehdplay.ru/blast.js IP104.21.17.209:443
Requested byhttps://claplivehdplay.ru/premiumtv/poscitech.php?id=51 CertificateIssuerLet's Encrypt Subjectclaplivehdplay.ru Fingerprint37:8C:3F:7E:2F:FA:77:B9:0B:C9:55:E0:E5:4E:A3:31:FE:F9:F8:47 ValidityMon, 18 Mar 2024 08:20:21 GMT - Sun, 16 Jun 2024 08:20:20 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash091faec928970e76d37a3601c19fcf8a 6441e8eebe90eb8d4a40e7c25440ff99caba3520 eb06375118b1eb73f43b8f1851472008f84999a1b27359c075bf5da6feef9a12
GET /blast.js HTTP/1.1
Host: claplivehdplay.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claplivehdplay.ru/premiumtv/poscitech.php?id=51
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:50 GMT
content-type: application/javascript
last-modified: Sun, 03 Mar 2024 13:23:46 GMT
etag: W/"65e479e2-13040"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1471
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RNDOBGiigAsGChw2a4Vy%2FeqWuPVuBkUIHgM%2FItbVqpcMa369XRaIyC24QYoWi6xk%2BIWEFM7d7GiC8pTIkskmayxsLw%2FcNPaoyjEVBsRE6NlRz8NdScuDsyWiwoC6gq0Yf2K3Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7a385ffab4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| claplivehdplay.ru/p2p-media-loader-core.min.js | 104.21.17.209 | 200 OK | 350 kB |
URL GET HTTP/3claplivehdplay.ru/p2p-media-loader-core.min.js IP104.21.17.209:443
Requested byhttps://claplivehdplay.ru/premiumtv/poscitech.php?id=51 CertificateIssuerLet's Encrypt Subjectclaplivehdplay.ru Fingerprint37:8C:3F:7E:2F:FA:77:B9:0B:C9:55:E0:E5:4E:A3:31:FE:F9:F8:47 ValidityMon, 18 Mar 2024 08:20:21 GMT - Sun, 16 Jun 2024 08:20:20 GMT
File typeJavaScript source, ASCII text, with very long lines (505), with CRLF line terminators Size350 kB (350181 bytes) Hash456780886716e31a2c5031869a56024d 9ddf91b9e4e6321fbb0d0160f386203d326092fb 97ba329694ba923bc5d7d93e051cf0ecdc8121d4488adb52b682a646b3721511
GET /p2p-media-loader-core.min.js HTTP/1.1
Host: claplivehdplay.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claplivehdplay.ru/premiumtv/poscitech.php?id=51
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:50 GMT
content-type: application/javascript
last-modified: Mon, 18 Mar 2024 17:15:39 GMT
etag: W/"65f876bb-557e5"
cache-control: max-age=14400
cf-cache-status: HIT
age: 474
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YRjsi%2BNXmOrOSY%2BJC3s%2FT4v7%2FWgtCqEofEGpOlAdq9uhHpv%2BO7NPSe0CgOuw46KY%2BZ%2FZFN4NjjccLBek%2Bbc41W04qyOnjhBvBlzSZf7HYXcgB9GitmMj6ALhNVbrTFO30bu6Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7a385ffbb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.displayvertising.com/xbootbox.min.css |  185.76.9.26 | 200 OK | 37 kB |
URL GET HTTP/2www.displayvertising.com/xbootbox.min.css IP185.76.9.26:443 ASN#60068 Datacamp Limited
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerLet's Encrypt Subject1503693843.rsc.cdn77.org FingerprintCA:57:18:18:A8:AF:C8:D7:D8:78:92:07:DC:03:A7:94:D5:87:A1:A7 ValidityTue, 20 Feb 2024 02:39:32 GMT - Mon, 20 May 2024 02:39:31 GMT
File typeJavaScript source, ASCII text, with very long lines (1568) Hashd98bae6907192723336f6a0ff00e8799 1e949387e67dd66d3141ad3eba9438560014c81d 5d110c8a09bb419725b311f86aa3112f6a1197d15e1456780b64375b9ba968bf
GET /xbootbox.min.css HTTP/1.1
Host: www.displayvertising.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poclivetv.com
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: application/x-javascript
vary: Accept-Encoding, Origin
popads-node: wb10
expires: Sat, 27 Apr 2024 00:16:40 GMT
access-control-allow-origin: https://poclivetv.com
link: <https://displayvertising.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-77-nzt: EwwBuUwJFAHXaxIJAAwBuUwKDAH3BSIAAAwBJRPCMQGzxToJAA
x-77-nzt-ray: af585630b5406307d93d2c661a9b7b2a
x-accel-expires: @1714177001
x-accel-date: 1713580910
x-77-cache: HIT
x-77-age: 594539
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 594539
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| poclivetv.com/wp-content/themes/ai-blog/assets/css/block.css?ver=1.0.2 | 172.67.183.197 | 200 OK | 4.2 kB |
URL GET HTTP/3poclivetv.com/wp-content/themes/ai-blog/assets/css/block.css?ver=1.0.2 IP172.67.183.197:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectpoclivetv.com FingerprintFA:B0:24:F6:9B:21:7C:26:D6:A6:B5:03:80:22:B9:AF:72:13:FC:78 ValidityTue, 09 Apr 2024 05:04:30 GMT - Mon, 08 Jul 2024 05:04:29 GMT
File typeASCII text, with very long lines (4610), with no line terminators Hash16fbdeaf41f71768ae8dccb14ccfe124 853a980b81b408eb58a7d9e3e1e38800cb9c81e2 0ee57d90bd2b9ff11d2e8fb795bf4516fab557107a5810315e9562a1b250d3c6
GET /wp-content/themes/ai-blog/assets/css/block.css?ver=1.0.2 HTTP/1.1
Host: poclivetv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/2449-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sun, 28 Apr 2024 11:13:13 GMT
last-modified: Tue, 12 Mar 2024 08:16:40 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 477455
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T5twE5JHuAASu7SizbCibOUBQ4pJwFekkZYp8rcbbHzfiKxN15Vdlxz9OY1fdbYk0HUKovdTUe%2F9eZZbKqLUyDQXFBjy%2BtvBMoUCGbm7DUr9aw0%2F1kmi414WwYv9ywHr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a2e4cb3b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| poclivetv.com/wp-content/themes/ai-blog/assets/js/particles-config.js?ver=1.0.2 | 172.67.183.197 | 200 OK | 2.0 kB |
URL GET HTTP/3poclivetv.com/wp-content/themes/ai-blog/assets/js/particles-config.js?ver=1.0.2 IP172.67.183.197:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectpoclivetv.com FingerprintFA:B0:24:F6:9B:21:7C:26:D6:A6:B5:03:80:22:B9:AF:72:13:FC:78 ValidityTue, 09 Apr 2024 05:04:30 GMT - Mon, 08 Jul 2024 05:04:29 GMT
File typeASCII text, with very long lines (2428), with no line terminators Hash1dda0049f28d48dcd45d8aa2232321bb ed0c752e2a7a13f7904ae2a675d9047719ad95ea da4f4d392769e23b201a9920493cb27610977a30eeabc8cafc8ddaa79b73eda6
GET /wp-content/themes/ai-blog/assets/js/particles-config.js?ver=1.0.2 HTTP/1.1
Host: poclivetv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/2449-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/javascript
last-modified: Tue, 12 Mar 2024 08:16:40 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: HIT
age: 637
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v3tnKHmaR23ANAo%2BYEFxl1vF5ZEvkdphwa%2BsQU0prAoTurXTEgBdjQhD68kOQO65%2B%2B%2BhaqVhcf5g5JooLYGWYG3psWe19HRcMwbaLlO3mzU%2BuegQ%2FrFeqBfeepPRA5hL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a2e5ccab4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| poclivetv.com/wp-content/themes/ai-blog/assets/js/scripts.js?ver=1.0.2 | 172.67.183.197 | 200 OK | 2.0 kB |
URL GET HTTP/3poclivetv.com/wp-content/themes/ai-blog/assets/js/scripts.js?ver=1.0.2 IP172.67.183.197:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectpoclivetv.com FingerprintFA:B0:24:F6:9B:21:7C:26:D6:A6:B5:03:80:22:B9:AF:72:13:FC:78 ValidityTue, 09 Apr 2024 05:04:30 GMT - Mon, 08 Jul 2024 05:04:29 GMT
File typeJavaScript source, ASCII text, with very long lines (2144), with no line terminators Hash747bd98ac8f2a6c8f4028e08fb2722f4 4a9362e7e2bc610cb8b6fe0ae39c2b271d446815 df80105240d1970dfc05883a3ce46b828cb1ecad886466386b472e12973cc3bb
GET /wp-content/themes/ai-blog/assets/js/scripts.js?ver=1.0.2 HTTP/1.1
Host: poclivetv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/2449-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/javascript
last-modified: Tue, 12 Mar 2024 08:16:40 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: HIT
age: 637
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lR01m1464H2Hw%2FOI5MjXbXDmqpdr44FagKiimQmSkvTU9DUh2TBhnAsSZrN9TlJeJKdB%2FWBUPTHFXIPsv6gLWia1YVsOPcfUCGpVqIg5L1jBlBwrroleRVjJZPJoF7u%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a2e5ccfb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Rubik%3A400%2C400i%2C700%2C700i%2C900%2C900i%7CInter%3A400%2C400i%2C500%2C600%2C700%2C700i%2C900&subset=latin%2Clatin-ext | 142.250.74.106 | 200 OK | 26 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Rubik%3A400%2C400i%2C700%2C700i%2C900%2C900i%7CInter%3A400%2C400i%2C500%2C600%2C700%2C700i%2C900&subset=latin%2Clatin-ext IP142.250.74.106:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (634) Hash00b805cbe0573e696a583a4ea1daa9e9 dd5bba719cdf8a923d1a8ee553dab05a39462dd5 f434c9baa7d11abb4b2d904a64bdf6fc3012a2769bae24ed71499187bfe0d562
GET /css?family=Rubik%3A400%2C400i%2C700%2C700i%2C900%2C900i%7CInter%3A400%2C400i%2C500%2C600%2C700%2C700i%2C900&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 23:50:49 GMT
date: Fri, 26 Apr 2024 23:50:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| poclivetv.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 | 172.67.183.197 | 200 OK | 19 kB |
URL GET HTTP/3poclivetv.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 IP172.67.183.197:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectpoclivetv.com FingerprintFA:B0:24:F6:9B:21:7C:26:D6:A6:B5:03:80:22:B9:AF:72:13:FC:78 ValidityTue, 09 Apr 2024 05:04:30 GMT - Mon, 08 Jul 2024 05:04:29 GMT
File typeJavaScript source, ASCII text, with very long lines (15752) Hashb976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 HTTP/1.1
Host: poclivetv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/2449-2/
Cookie: _ga_BDYRREW2P3=GS1.1.1714175449.1.0.1714175449.0.0.0; _ga=GA1.1.196214108.1714175450
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/javascript
last-modified: Tue, 02 Apr 2024 20:10:08 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: HIT
age: 6828
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HSlXmsjVm8Rp7BU%2F6FRIcBvV%2FafSbNgHegGtTQMLtEsD9UfF5Gyu1MgC05NJjYZENEvrOLSyuzv24CLoVWx7Z2zVrCUfPisO%2BAxG9Qfe0pVpWeyW4zT2%2F8KkduZH4ylc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a31cef8b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/npm/p2p-media-loader-hlsjs@latest/build/p2p-media-loader-hlsjs.min.js | 151.101.65.229 | 200 OK | 27 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/p2p-media-loader-hlsjs@latest/build/p2p-media-loader-hlsjs.min.js IP151.101.65.229:443
Requested byhttps://claplivehdplay.ru/premiumtv/poscitech.php?id=51 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (26814) Hash835f1f7feab838f171c6334abc3d14da 68b97b433d37600647338e57f4344e5e1faf6246 189334d0a898e2aa16794cdd1ea47a0e7c1750578173b25033049fafdf55f2a4
GET /npm/p2p-media-loader-hlsjs@latest/build/p2p-media-loader-hlsjs.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claplivehdplay.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.6.2
x-jsd-version-type: version
etag: W/"68bf-aLl7Qz03YAZHM45X9DROXh+vYkY"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 23:50:50 GMT
age: 36543
x-served-by: cache-fra-eddf8230045-FRA, cache-hel1410020-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8149
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/disable-devtool@latest | 151.101.65.229 | 200 OK | 17 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/disable-devtool@latest IP151.101.65.229:443
Requested byhttps://claplivehdplay.ru/premiumtv/poscitech.php?id=51 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npm/disable-devtool@latest HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claplivehdplay.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.3.7
x-jsd-version-type: version
etag: W/"4372-w4TGldenTh5CcrE/nVlC0PJNCZ0"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 23:50:51 GMT
age: 23064
x-served-by: cache-fra-eddf8230055-FRA, cache-hel1410020-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6741
X-Firefox-Spdy: h2
|
|
| c.adsco.re/ | 104.17.167.186 | 200 OK | 82 kB |
IP104.17.167.186:443
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (689) Hasha0b475c65fed312aba8d7c43a0cbc928 3fdd052b41c37318e44084be4f92d42fba4ded61 2dfb2101b24f80be00b1baecce7eec815e61a13381f6983051b6261b8035468a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poscitechs.shop/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:51 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Mon, 27 May 2024 23:50:51 GMT
etag: W/"oLR1xl/tMSq6jXxDoMvJKA=="
cf-cache-status: HIT
age: 708894
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7a3b7e80568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| poclivetv.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0 | 172.67.183.197 | 200 OK | 5.5 kB |
URL GET HTTP/3poclivetv.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0 IP172.67.183.197:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectpoclivetv.com FingerprintFA:B0:24:F6:9B:21:7C:26:D6:A6:B5:03:80:22:B9:AF:72:13:FC:78 ValidityTue, 09 Apr 2024 05:04:30 GMT - Mon, 08 Jul 2024 05:04:29 GMT
File typeJavaScript source, ASCII text, with very long lines (5620), with no line terminators Hashbc3890f850c25498759ca3e66da8b393 cefa096be6b211430446e0b5fb931f6d3bf19b4f 447daf0f56e15ee2a1f123f9172dcde114eb14683f92fa1d13b1ff2af2d1743e
GET /wp-includes/js/imagesloaded.min.js?ver=5.0.0 HTTP/1.1
Host: poclivetv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/2449-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/javascript
last-modified: Sat, 12 Aug 2023 03:48:26 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: HIT
age: 637
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jNk6Ir9WWzLnDAdiNCbSnIh36CuI%2B6cpAKoOGGGKySqyI%2BUfwifxjvpul%2BoUMZIB1zlmuSj4y46LwjEwUGrelQUCQHKJFsNtOYPehwFzsEuuqJrUvxLJUloDmligeVAy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a2e4cb9b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| olalivehdplay.ru/premiumtv/poscitech.php?id=51 | 188.114.96.1 | 301 Moved Permanently | 413 kB |
URL GET HTTP/2olalivehdplay.ru/premiumtv/poscitech.php?id=51 IP188.114.96.1:443
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerGoogle Trust Services LLC Subjectolalivehdplay.ru Fingerprint09:63:7D:6A:D1:21:60:4D:9E:73:4A:57:8E:25:56:31:2B:5A:3C:A4 ValidityWed, 27 Mar 2024 20:52:16 GMT - Tue, 25 Jun 2024 20:52:15 GMT
Size413 kB (412609 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /premiumtv/poscitech.php?id=51 HTTP/1.1
Host: olalivehdplay.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poscitechs.shop/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 26 Apr 2024 23:50:50 GMT
content-type: text/html
content-length: 167
location: https://claplivehdplay.ru/premiumtv/poscitech.php?id=51
cache-control: max-age=3600
expires: Sat, 27 Apr 2024 00:50:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GuMgsQx1j77R%2F7FdlpDVSz44H0%2B692A%2Fc0DR098916Y8d%2FAD9yOvkBgcm86bGhEl8K%2BEuhG8vvkb77HwduHsUCh18t6fcEGhvmnl9IrEH28zZi7Ty3yuIJgpP09vipiB1FF3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7a36ea7856a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| poclivetv.com/wp-content/themes/ai-blog/assets/js/particles.js?ver=1.0.2 | 172.67.183.197 | 200 OK | 44 kB |
URL GET HTTP/3poclivetv.com/wp-content/themes/ai-blog/assets/js/particles.js?ver=1.0.2 IP172.67.183.197:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectpoclivetv.com FingerprintFA:B0:24:F6:9B:21:7C:26:D6:A6:B5:03:80:22:B9:AF:72:13:FC:78 ValidityTue, 09 Apr 2024 05:04:30 GMT - Mon, 08 Jul 2024 05:04:29 GMT
File typeASCII text, with CRLF line terminators Hash2cca53ea05a63951a807c0a54b55f194 db50c31434054b956a3467edba299d87b56d3dce f93368b1c355be81e86f9c91b868a8fdc79f9966f4abe9e1e3a6d0d28e423120
GET /wp-content/themes/ai-blog/assets/js/particles.js?ver=1.0.2 HTTP/1.1
Host: poclivetv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/2449-2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/javascript
last-modified: Tue, 12 Mar 2024 08:16:40 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: HIT
age: 637
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FSqVjh9sPNBUSanSUKzCmvevId8D6fbwJ7T76u1kCDfGBvp6CGH%2FTjTbIMzpeNY6Hvp7pZQFxrRVfFmezS35NQgjZj7RYYljLMdaaNxBazpU5P2Tq2kpWmEQWpw8Iyvy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a2e5cc9b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 | 216.58.207.227 | 200 OK | 7.9 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 IP216.58.207.227:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0 Hash9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://poclivetv.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:53:15 GMT
expires: Sat, 26 Apr 2025 05:53:15 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
age: 64654
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pubtrky.com/ut/hb.php?cb=0.9887135276722543&v=1 | 172.67.188.110 | 204 No Content | 0 B |
URL POST HTTP/2pubtrky.com/ut/hb.php?cb=0.9887135276722543&v=1 IP172.67.188.110:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectpubtrky.com Fingerprint1F:C3:3C:5C:C7:6F:56:DF:E4:18:22:98:6F:C2:B3:96:B2:B4:A6:30 ValidityMon, 18 Mar 2024 09:15:33 GMT - Sun, 16 Jun 2024 09:15:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ut/hb.php?cb=0.9887135276722543&v=1 HTTP/1.1
Host: pubtrky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 792
Origin: https://poclivetv.com
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 26 Apr 2024 23:50:50 GMT
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AbbbGCnip8%2FJv7QZQvXMiWMnCeF3e1%2B1nLqMJu0oNnj%2BuR5ax%2BjbgjK%2Bu%2BKq3w9xpKJZHT4uMgbYPf15DkcMxhGMcjB0gbJE1eNAgvDc7Gu%2Bj3QOHBouPY%2Fm0YHsCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a326c67b50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| claplivehdplay.ru/premiumtv/poscitech.php?id=51 | 104.21.17.209 | 200 OK | 413 kB |
URL GET HTTP/2claplivehdplay.ru/premiumtv/poscitech.php?id=51 IP104.21.17.209:443
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerLet's Encrypt Subjectclaplivehdplay.ru Fingerprint37:8C:3F:7E:2F:FA:77:B9:0B:C9:55:E0:E5:4E:A3:31:FE:F9:F8:47 ValidityMon, 18 Mar 2024 08:20:21 GMT - Sun, 16 Jun 2024 08:20:20 GMT
Size413 kB (412609 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /premiumtv/poscitech.php?id=51 HTTP/1.1
Host: claplivehdplay.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poscitechs.shop/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:50:50 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400, immutable, no-transform
expires: Sat, 27 Apr 2024 13:09:26 GMT
videocdn: HIT
node: PHP
x-cache: HIT
cf-cache-status: HIT
age: 2084
last-modified: Fri, 26 Apr 2024 23:16:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AEE6T%2BQ1ACAMk%2Fyek87MJkoFeZp%2BgXEA7jLJBKNR%2BAqEC0iSR0Tdn29u6RwGjLQ9GoPloKCWOCvk8nKIDFg14%2BvGD9ogTmWxiRnw6cNwNDVfxml8Oi302ttV3V%2BlV7eaQu50nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7a37ae3c5695-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| | 172.67.183.197 | 200 OK | 89 kB |
URL User Request GET HTTP/2IP172.67.183.197:443
CertificateIssuerGoogle Trust Services LLC Subjectpoclivetv.com FingerprintFA:B0:24:F6:9B:21:7C:26:D6:A6:B5:03:80:22:B9:AF:72:13:FC:78 ValidityTue, 09 Apr 2024 05:04:30 GMT - Mon, 08 Jul 2024 05:04:29 GMT
File typeHTML document, ASCII text, with very long lines (59453) Hash0c8a4d89bc6faad7f148cfbd3dce7b0a 7ff072beadc157b3112efd5208c2e72aa18e8f97 51083c53a02e589df5231323d59752618b4444a3a2a899ae2d33f94384be1ebe
GET /2449-2/ HTTP/1.1
Host: poclivetv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/html; charset=UTF-8
x-pingback: https://poclivetv.com/xmlrpc.php
link: <https://poclivetv.com/wp-json/>; rel="https://api.w.org/", <https://poclivetv.com/wp-json/wp/v2/posts/2449>; rel="alternate"; type="application/json", <https://poclivetv.com/?p=2449>; rel=shortlink
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=52nLSAGv4pd%2FOkUUTs%2Bj0iyrGScwicvxaI3yLtZMhPBtV%2BDwDm2oP3zkJuv9M%2FM3Y%2F%2B8%2BVAQkxwopDWWbA4Ki68L7dhj3TnMUOybFk9Joz8Gb53Jona8PO6Cei0yygUm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a2a4f0ab521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| poclivetv.com/wp-content/themes/ai-blog/assets/css/main.css?ver=1.0.2 | 172.67.183.197 | 200 OK | 27 kB |
URL GET HTTP/3poclivetv.com/wp-content/themes/ai-blog/assets/css/main.css?ver=1.0.2 IP172.67.183.197:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectpoclivetv.com FingerprintFA:B0:24:F6:9B:21:7C:26:D6:A6:B5:03:80:22:B9:AF:72:13:FC:78 ValidityTue, 09 Apr 2024 05:04:30 GMT - Mon, 08 Jul 2024 05:04:29 GMT
File typeassembler source, ASCII text, with CRLF line terminators Hashe77a53ca6c547be307999ff3edd0c2a9 9408e3f79e09ca37194d042f21becfae8aef5ec1 eb6785b4601a64b6229360f2e50f52b659e3e7e4c4f888251ac6a185bfa1e35d
GET /wp-content/themes/ai-blog/assets/css/main.css?ver=1.0.2 HTTP/1.1
Host: poclivetv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/2449-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sun, 28 Apr 2024 11:13:13 GMT
last-modified: Tue, 12 Mar 2024 08:16:40 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 477455
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NpUnw%2BGNOMpMD2WQS%2BCRymotNRoKDWcRYZAYXQ6qxxibug5RD6XOuQu0cfERvVYIx9R1ZwcRABjguih509TgbY9A7y18cG8YpghCIMlGP%2FlCkuVAW97JlUsRfpJI%2BrWk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a2e3cabb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| poclivetv.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 | 172.67.183.197 | 200 OK | 113 kB |
URL GET HTTP/3poclivetv.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 IP172.67.183.197:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectpoclivetv.com FingerprintFA:B0:24:F6:9B:21:7C:26:D6:A6:B5:03:80:22:B9:AF:72:13:FC:78 ValidityTue, 09 Apr 2024 05:04:30 GMT - Mon, 08 Jul 2024 05:04:29 GMT
Size113 kB (113381 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 HTTP/1.1
Host: poclivetv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/2449-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 03 May 2024 12:44:11 GMT
last-modified: Tue, 02 Apr 2024 20:10:08 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 39998
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VH9puQrxZtHj4Hi4S6HkJtZqBsUurfCis%2BO7xJsUonxnh48szWhmdnrcRHwKyavM0YnLpO9rLDcObLLPqhm6nLkOf2ammy665iSumarMJaIifLMBRspDMc56xhMNYa1M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a2e3ca5b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| poclivetv.com/wp-content/themes/ai-blog-lite/assets/css/main.css?ver=1.0.2 | 172.67.183.197 | 200 OK | 2.0 kB |
URL GET HTTP/3poclivetv.com/wp-content/themes/ai-blog-lite/assets/css/main.css?ver=1.0.2 IP172.67.183.197:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectpoclivetv.com FingerprintFA:B0:24:F6:9B:21:7C:26:D6:A6:B5:03:80:22:B9:AF:72:13:FC:78 ValidityTue, 09 Apr 2024 05:04:30 GMT - Mon, 08 Jul 2024 05:04:29 GMT
File typeASCII text, with very long lines (2135), with no line terminators Hash4f2e1f355915718c2b396dff8695e072 54e0f4221e6c12ccdaf4da9793f034dae457f11e 545031ae1688fb439abfd5d43b0d00ae23b951739de6296aff325126521c7b9a
GET /wp-content/themes/ai-blog-lite/assets/css/main.css?ver=1.0.2 HTTP/1.1
Host: poclivetv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/2449-2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sun, 28 Apr 2024 11:13:13 GMT
last-modified: Tue, 12 Mar 2024 08:16:38 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 477455
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c10bJxI8H3D%2BdWW55ZuAhkBhHA9LooxwdC1%2FNLiij5VAZRyaVVRCFT8gycf6VXf1JrPkSUR7KX6i0ppM2q%2B7VzHg1n5Gkqo%2FJhEZ%2FsK34qL5LgYma7n6Rq53d1a6b4iV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a2e3cb0b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| poclivetv.com/2449-2/ | 172.67.183.197 | 200 OK | 0 B |
IP172.67.183.197:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectpoclivetv.com FingerprintFA:B0:24:F6:9B:21:7C:26:D6:A6:B5:03:80:22:B9:AF:72:13:FC:78 ValidityTue, 09 Apr 2024 05:04:30 GMT - Mon, 08 Jul 2024 05:04:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /2449-2/ HTTP/1.1
Host: poclivetv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/2449-2/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/html; charset=UTF-8
x-pingback: https://poclivetv.com/xmlrpc.php
link: <https://poclivetv.com/wp-json/>; rel="https://api.w.org/", <https://poclivetv.com/wp-json/wp/v2/posts/2449>; rel="alternate"; type="application/json", <https://poclivetv.com/?p=2449>; rel=shortlink
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PQRKenV7u9P4CetrVNMk8s%2FoCEEVtDAhZBFrQS9JF71ZVfLlkLRvDPkTvnEskJCRStNkEkudiGTt%2BoE%2BDFGRhfOVTaZcAK%2BtK23t7YJ7D1cZ1QPhX9Cqj0GuJax%2FvVFI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7a301de2b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://poclivetv.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:55:49 GMT
expires: Sat, 26 Apr 2025 05:55:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 64500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.intellipopup.com/w/cjsnes.min.js | 185.76.9.25 | 200 OK | 37 kB |
URL GET HTTP/2www.intellipopup.com/w/cjsnes.min.js IP185.76.9.25:443 ASN#60068 Datacamp Limited
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerLet's Encrypt Subject1012967761.rsc.cdn77.org Fingerprint91:F2:78:A5:71:DA:F7:4E:24:63:5E:FB:90:1C:15:AB:56:CC:F5:EB ValidityTue, 20 Feb 2024 04:38:06 GMT - Mon, 20 May 2024 04:38:05 GMT
File typeJavaScript source, ASCII text, with very long lines (1568) Hashb65072d714c1fd3c7717a27684cbdbb3 4ccd0cab1f49b1c91edec9953deb820559d04f43 e7927d829620c7dabe7c34f2eccae0130bdd6784c7b8ab2c870645a1824c3d55
GET /w/cjsnes.min.js HTTP/1.1
Host: www.intellipopup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poscitechs.shop
DNT: 1
Connection: keep-alive
Referer: https://poscitechs.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:50:50 GMT
content-type: application/x-javascript
vary: Accept-Encoding, Origin
popads-node: wb4
expires: Fri, 03 May 2024 23:07:56 GMT
access-control-allow-origin: https://poscitechs.shop
link: <https://intellipopup.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-77-nzt: EwwBuUwJFAH3IwgAAAwBuUwKDAH35wEAAAwBnJIhJwH3BAAAAA
x-77-nzt-ray: af5856300a341b0fda3d2c661873642a
x-accel-expires: @1714777676
x-accel-date: 1714173367
x-77-cache: HIT
x-77-age: 2083
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 2083
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| zeekaihu.net/5/6712285/?oo=1&aab=1 | 139.45.197.245 | 200 OK | 2.9 kB |
URL GET HTTP/2zeekaihu.net/5/6712285/?oo=1&aab=1 IP139.45.197.245:443
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerLet's Encrypt Subjectzeekaihu.net FingerprintDC:33:58:08:9D:AE:91:96:52:5E:8F:EF:D8:4F:DD:E8:87:D4:36:4F ValidityThu, 29 Feb 2024 05:53:35 GMT - Wed, 29 May 2024 05:53:34 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3112), with no line terminators Hash65b6ac649af7070ce315ee769fa761f2 df64e280d3a31e93b7a8ca72616e3fe88623b80f 9bae7a81c4bcc5b9828f01e145d3f96f120a2d4a0b4611f4d3aff60fae10a228
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /5/6712285/?oo=1&aab=1 HTTP/1.1
Host: zeekaihu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://poscitechs.shop
DNT: 1
Connection: keep-alive
Referer: https://poscitechs.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 23:50:50 GMT
content-type: application/json
x-trace-id: 324a7857ff236fa9a49d2c7ce3b6f527
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://poscitechs.shop
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=00804af2fd19409ff9e44c7a4cc7ed14; expires=Sat, 26 Apr 2025 23:50:50 GMT; path=/; secure; SameSite=None
oaidts=1714175450; expires=Sat, 26 Apr 2025 23:50:50 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| asacdn.com/script/suv4.js | 172.67.155.72 | 200 OK | 130 kB |
URL GET HTTP/2asacdn.com/script/suv4.js IP172.67.155.72:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerLet's Encrypt Subjectasacdn.com Fingerprint66:82:92:FF:59:8E:E7:C4:09:77:A5:73:EF:F3:73:48:E5:63:0E:64 ValiditySun, 03 Mar 2024 18:33:39 GMT - Sat, 01 Jun 2024 18:33:38 GMT
Size130 kB (129748 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/suv4.js HTTP/1.1
Host: asacdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:50:49 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPrIYA2XWnOloTlzYfh-qeyVRULdRWUDf3_XUgOlmFdKxtEvUtgCcZkbVN6vtTuYt5608_sbLuOe9w
x-goog-generation: 1714053248868371
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 129748
x-goog-hash: crc32c=0le3LA==, md5=4kTM0gHbevdBnltgQEQeGQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Fri, 26 Apr 2024 23:55:11 GMT
cache-control: public, max-age=14400
last-modified: Thu, 25 Apr 2024 13:54:08 GMT
etag: W/"e244ccd201db7af7419e5b6040441e19"
age: 2541
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5hNgHFKjrt1%2FNmECZ0XJPzhKKexViSpMb61kJBL54Xx8P%2FaGIs%2FA8Qoo7BhQR1OQyTU3olk4vUv%2B3gzh%2Fe8Iy8widYmgplRBcdb%2FKhERL7o8ypR9RRfVtzOGfmVR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7a2e6b5056c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Poppins%3A400%2C600%7CRoboto%3A400%2C600%2C700&subset=latin%2Clatin-ext | 142.250.74.106 | 200 OK | 5.8 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Poppins%3A400%2C600%7CRoboto%3A400%2C600%2C700&subset=latin%2Clatin-ext IP142.250.74.106:443
Requested byhttps://poclivetv.com/2449-2/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (5978), with no line terminators Hash9a775a51551bdbb5e34ad072a4a0d9fc 82f678f545d9b9c42cb0735246834e844d9cc011 2d4d58bbbe7e2d06ad0f8d3a31cf495b2d02a85edbeb28d3bc52e48ddfafe265
GET /css?family=Poppins%3A400%2C600%7CRoboto%3A400%2C600%2C700&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poclivetv.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 23:50:49 GMT
date: Fri, 26 Apr 2024 23:50:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| energypopulationpractical.com/18/43/01/1843019bf263f39accf339e8c46780a9.js | 192.243.59.20 | 200 OK | 44 kB |
URL GET HTTP/1.1energypopulationpractical.com/18/43/01/1843019bf263f39accf339e8c46780a9.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://poscitechs.shop/player/stream-51.php CertificateIssuerLet's Encrypt Subjectenergypopulationpractical.com Fingerprint94:C5:27:9D:BC:2E:20:2F:4E:B0:20:AD:FE:C9:15:3F:F1:78:5B:B2 ValidityWed, 24 Apr 2024 15:03:55 GMT - Tue, 23 Jul 2024 15:03:54 GMT
File typeJavaScript source, ASCII text, with very long lines (44125), with no line terminators Hash1a70740c60331e6306832097baf7d068 5a8433db804b5ccddf1bcb5c966ad0f47a961640 84512a4db811a31ffdab6559c5493cceaf4f47f66559345e47808c8672f1c11e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /18/43/01/1843019bf263f39accf339e8c46780a9.js HTTP/1.1
Host: energypopulationpractical.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poscitechs.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 26 Apr 2024 23:50:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ffcdb9aabb03cf8e04a634873dbe2540
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| claplivehdplay.ru/clappr.min.js | 104.21.17.209 | 200 OK | 525 kB |
URL GET HTTP/3claplivehdplay.ru/clappr.min.js IP104.21.17.209:443
Requested byhttps://claplivehdplay.ru/premiumtv/poscitech.php?id=51 CertificateIssuerLet's Encrypt Subjectclaplivehdplay.ru Fingerprint37:8C:3F:7E:2F:FA:77:B9:0B:C9:55:E0:E5:4E:A3:31:FE:F9:F8:47 ValidityMon, 18 Mar 2024 08:20:21 GMT - Sun, 16 Jun 2024 08:20:20 GMT
Size525 kB (525081 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /clappr.min.js HTTP/1.1
Host: claplivehdplay.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claplivehdplay.ru/premiumtv/poscitech.php?id=51
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:50:50 GMT
content-type: application/javascript
last-modified: Sun, 03 Mar 2024 13:23:49 GMT
etag: W/"65e479e5-80319"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1471
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AEZHLq0W%2FgAGK1XFwygMQk4N0EQUyrK2%2BHBTlkYF6uhXnYb82qZ5zLMbl6kYJ4GPAwQs7T63OvTfrDKo26ejevQ24erImqhdrJcH6dZAY7iyUM2yF1K62ieE7U4tuc%2FQDmmljg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7a385ff8b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|