| thepiratebay3.co/static/css/main.css | 188.114.97.1 | 200 OK | 22 kB |
URL GET HTTP/3thepiratebay3.co/static/css/main.css IP188.114.97.1:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerGoogle Trust Services LLC Subjectthepiratebay3.co Fingerprint72:7B:CF:7E:96:39:FE:79:9C:EC:22:F2:7B:32:07:7F:BE:8F:D3:B9 ValidityFri, 15 Mar 2024 01:17:29 GMT - Thu, 13 Jun 2024 01:17:28 GMT
File typegzip compressed data, from Unix Hashec13dd6c0106d42a9bb559adf27b0e76 67e97556a717d5d63b5ea1c58dc58e7222e7be8f aab2a204114e60652ecac5f4db2549419f6d47c57731859a296fbc309827fc65
GET /static/css/main.css HTTP/1.1
Host: thepiratebay3.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 04:06:41 GMT
content-type: text/css
last-modified: Tue, 14 Nov 2023 03:01:57 GMT
vary: Accept-Encoding
etag: W/"6552e325-1dcb"
expires: Fri, 10 May 2024 07:08:41 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 32280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1f8nyCBp2V2TU2nburzA1%2Frx8ulnR83cMvUAw7%2ByKnjmp8PoHHY8ggAQu98cjacCswUOblHLZkPRnONCIBwoJD2xElvxZ0jNkl62QZPm0Z0%2BxpAlsDz15wJ3zEzhPDYIRiTZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88170edfc80a56ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cawadversityinheritance.com/b2/6c/fe/b26cfe063efcaf3c5be509d9e41bc140.js | 172.240.253.132 | 200 OK | 28 kB |
URL GET HTTP/1.1cawadversityinheritance.com/b2/6c/fe/b26cfe063efcaf3c5be509d9e41bc140.js IP172.240.253.132:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjectcawadversityinheritance.com Fingerprint98:A5:90:6F:84:77:92:A9:84:C5:F4:B2:1A:32:B6:38:4A:43:F7:E9 ValidityTue, 30 Apr 2024 14:56:47 GMT - Mon, 29 Jul 2024 14:56:46 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash7190739d821daa0ef41c4721e47b2c59 4777580f65a8638f0f999d1bb2183e35026135b4 2d0e6ebf24bfa145e3d82b078aa2d0fb57b0f93b96bdeb813acc5c225743fce6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /b2/6c/fe/b26cfe063efcaf3c5be509d9e41bc140.js HTTP/1.1
Host: cawadversityinheritance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 04:06:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a610fb4462adefc1dceedec41d926e4a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| cawadversityinheritance.com/b2/8d/2b/b28d2bc79dd0ce03e356452e52e0b3aa.js | 172.240.253.132 | 200 OK | 16 kB |
URL GET HTTP/1.1cawadversityinheritance.com/b2/8d/2b/b28d2bc79dd0ce03e356452e52e0b3aa.js IP172.240.253.132:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjectcawadversityinheritance.com Fingerprint98:A5:90:6F:84:77:92:A9:84:C5:F4:B2:1A:32:B6:38:4A:43:F7:E9 ValidityTue, 30 Apr 2024 14:56:47 GMT - Mon, 29 Jul 2024 14:56:46 GMT
File typeJavaScript source, ASCII text, with very long lines (44040), with no line terminators Hash2a0b7052602f8584a08f5bc08cd2df6f b28aa54aaf5dce26c3f5cacbfb8b51e2e874d748 edcef57cb7a36c372ebb15312c78455030e483c97088ba2ee534fb383aa72c64
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /b2/8d/2b/b28d2bc79dd0ce03e356452e52e0b3aa.js HTTP/1.1
Host: cawadversityinheritance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 04:06:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 26821e4f105f15e97fbb801af3d5aca6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hashc1ae368dfcd18c3fe0a38f18783ecfe1 591b78d8c937af6063def58fa5d376d07e7d005e 58ceb2cb03a41de3ae12171e7359276ed8fcbc1881b071c2783b782667cf124b
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 10 May 2024 04:06:42 GMT
Last-Modified: Fri, 10 May 2024 03:47:14 GMT
Server: ECAcc (ska/F7A5)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9lBdGKWrRVw5LuAuCK3NBqfN5XE1rH5W9Ii2Te7npgb1ks4K2MY_5w==
Age: 1168
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hashc1ae368dfcd18c3fe0a38f18783ecfe1 591b78d8c937af6063def58fa5d376d07e7d005e 58ceb2cb03a41de3ae12171e7359276ed8fcbc1881b071c2783b782667cf124b
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 10 May 2024 04:06:42 GMT
Last-Modified: Fri, 10 May 2024 03:47:41 GMT
Server: ECAcc (ska/F7A7)
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VlAXue2HmnIfRH9j7rFBJPKxeuc9DW4AGPdT4LI_54jO6rYxnWEBQQ==
Age: 1141
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash692afe3ec46b3a8de0873c29418d06f3 5b56e8ea6673bb650b9ec161e7c4c95eeb96f752 2e74e6d0382741fa9b306f554bfebdc90c854e626ac8aa4c2c9bf2d056de4fc6
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thepiratebay3.co
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 04:06:42 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://thepiratebay3.co
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=bd9ebca8-537c-4a5b-a731-e7e17ad759e0:1:1; expires=Mon, 08 May 2034 04:06:42 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashf13f5954b031c1e91c7016ea5ec7daa7 e39be5761d4a4dd1962fcef29006200bc641f79a dfb84470261c1626dcb0a57427f7f5f8626fd7d059fe0e4d5301ecf2ac19a553
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thepiratebay3.co
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 04:06:42 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://thepiratebay3.co
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=ee2cbcde-e319-4e99-b38f-7b4b1fab2ec5:2:1; expires=Mon, 08 May 2034 04:06:42 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| capaciousdrewreligion.com/advertisers.js | 192.243.59.20 | 200 OK | 0 B |
URL GET HTTP/1.1capaciousdrewreligion.com/advertisers.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjectcapaciousdrewreligion.com FingerprintBB:9C:12:88:24:43:D4:47:71:3F:F0:A4:BB:E1:85:65:CE:E7:92:E4 ValidityMon, 06 May 2024 02:35:23 GMT - Sun, 04 Aug 2024 02:35:22 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 04:06:43 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4c6edd51a5850e6f32c49dc4ba4c4872
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| criticizewiggle.com/sbar.json?key=b28d2bc79dd0ce03e356452e52e0b3aa&uuid=ee2cbcde-e319-4e99-b38f-7b4b1fab2ec5%3A2%3A1 | 172.240.127.234 | 200 OK | 6.5 kB |
URL GET HTTP/1.1criticizewiggle.com/sbar.json?key=b28d2bc79dd0ce03e356452e52e0b3aa&uuid=ee2cbcde-e319-4e99-b38f-7b4b1fab2ec5%3A2%3A1 IP172.240.127.234:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjectcriticizewiggle.com FingerprintC8:8E:FD:EE:69:F8:E7:66:FB:24:08:6A:D6:14:8D:CE:FD:6C:A0:A1 ValidityMon, 29 Apr 2024 13:11:26 GMT - Sun, 28 Jul 2024 13:11:25 GMT
Hashd0c5e0eb8867b2881891a3278e3cd880 cbd4307f024889ec0a88002c82c1fdfbabccd773 ed1a56e02e293d23b986e725229634f5c46c5129021192ee539e5ef492682ba7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=b28d2bc79dd0ce03e356452e52e0b3aa&uuid=ee2cbcde-e319-4e99-b38f-7b4b1fab2ec5%3A2%3A1 HTTP/1.1
Host: criticizewiggle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thepiratebay3.co
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 04:06:43 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://thepiratebay3.co
Access-Control-Allow-Origin: https://thepiratebay3.co
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=18224899; expires=Sat, 11 May 2024 04:06:43 GMT; secure; SameSite=None
uid_id2=ee2cbcde-e319-4e99-b38f-7b4b1fab2ec5:2:1; expires=Fri, 17 May 2024 04:06:43 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 11 May 2024 04:06:43 GMT; secure; SameSite=None
uncs=1; expires=Sat, 11 May 2024 04:06:43 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 11 May 2024 04:06:43 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 11 May 2024 04:06:43 GMT; secure; SameSite=None
slecb28d2bc79dd0ce03e356452e52e0b3aa=[5228479,5210995]; expires=Fri, 10 May 2024 04:06:48 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 26f8016a41c9e29ebb2653c4d04ad9be
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| criticizewiggle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2hc1Ru9b5r%2BFj8XYikKijCCC5Vm8v7MX0tprTVSmjalVSxu5P6byTV33n3c%2B968SdwEg9Ll4KYr4eVM0qCWUBcurTIpdBEQO12ULAy4c%2BeiUHAjMmNo8Nt833fPuXDuOffLjeyAhMjo%2FoXLZlVpTedqFb%2F8xo0gOF1eUHHWL%2Feb9U%2Fq1dNl23u7Va%2F4b5bfl3zZzIV%2B4PuBH5TnlZVt05%2BbgFDJnVZQafmValgJalX07X93l3lw1IPoHZATUGI8c987CcVHiLt3L0i3nJrk1HvdTNPUWPTE9ofxcmzyGN2jsW09tOPtQzaMezh%2FDybemsqF6T0jMjUm3oN7YPH2oUiw3uZUJ9OQMZh4DnlvBKlHUHQEbtahxEMCcIEri4i7t68Ym9OVf1E6Qcdk5ukTqHxMZn47ibi7c16rfvm60VmqTOzQbxdQ%2FRFUZ4Qk20W6WoLKd8HTz6HEL2Tu6QLi7uai0wZK7L8uZcgZF3JWRkFrtipbrVkWNduzDVZlQZuyUPLa1CClRlDtEbQcgLoSMuchUx6ytocs8dAV%2B2UeBEHDF5z6zRbnkWhIVhd%2BQBvtgAZ%2BvYmMT94wQJoMwPUA3K4hsWtYVgPY7Ge4pQJOeHApQU8UyCVB7ghySpArgjwlyHvFltAudMVtoV3GgsMeHvaoGJq0s0G3TNqRMQG1A1hRbCQH5IWJgd6LLx3Dstwvs7ApQsYbLSF8Lv1IRrV6tRbKWih9FlEKpwooVwJ1HlbVmLx2aQeJGpPjt%2F4Go7twehdcnQDNXgXNC9ClAqvx3XRJJsrSVDK6ElW4gTAFknQG6Yq3oQ%2FIK9MYFx%2F8BMn3zr18Y%2FYzfnkH3BZIbIFP1X2Cjr45vGZysnnN5I58v5ikqqtW6STi6ylN5fFvL8mV3Fhx8YIbfPMOnwCT8c4H0qULNBYq7jjy3XklhLTzxnJJfrzoPpLsauaWzmc2zpKFq%2B%2FOX%2BwmVjqnTDwCVWNChk%2FA1Zg8%2F%2Btf09976ouPoewINivQzfbIYUGZXfBkDS7ZO%2Fv7Hz%2B89eetR3CGwOojDks85FkxtCE7OtSKQMujnbICTu6d%2B9%2Fj%2F59Jho%2FB5DNDhpZOblNVbLib6NgSaLqOuFugZwv0dAGqB3DZsWGa2L2zj6JpgenSkGlb2mTa6q%2BmNo%2FJ4rqDU%2FvlRhT5tN6qBY0GlQ1WDZvteiAoDav1sF6nEVI3bp%2F5%2Bvo%2FAAAA%2F%2F8BAAD%2F%2F4IboHSXBAAA | 172.240.127.234 | 200 OK | 7 B |
URL GET HTTP/1.1criticizewiggle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2hc1Ru9b5r%2BFj8XYikKijCCC5Vm8v7MX0tprTVSmjalVSxu5P6byTV33n3c%2B968SdwEg9Ll4KYr4eVM0qCWUBcurTIpdBEQO12ULAy4c%2BeiUHAjMmNo8Nt833fPuXDuOffLjeyAhMjo%2FoXLZlVpTedqFb%2F8xo0gOF1eUHHWL%2Feb9U%2Fq1dNl23u7Va%2F4b5bfl3zZzIV%2B4PuBH5TnlZVt05%2BbgFDJnVZQafmValgJalX07X93l3lw1IPoHZATUGI8c987CcVHiLt3L0i3nJrk1HvdTNPUWPTE9ofxcmzyGN2jsW09tOPtQzaMezh%2FDybemsqF6T0jMjUm3oN7YPH2oUiw3uZUJ9OQMZh4DnlvBKlHUHQEbtahxEMCcIEri4i7t68Ym9OVf1E6Qcdk5ukTqHxMZn47ibi7c16rfvm60VmqTOzQbxdQ%2FRFUZ4Qk20W6WoLKd8HTz6HEL2Tu6QLi7uai0wZK7L8uZcgZF3JWRkFrtipbrVkWNduzDVZlQZuyUPLa1CClRlDtEbQcgLoSMuchUx6ytocs8dAV%2B2UeBEHDF5z6zRbnkWhIVhd%2BQBvtgAZ%2BvYmMT94wQJoMwPUA3K4hsWtYVgPY7Ge4pQJOeHApQU8UyCVB7ghySpArgjwlyHvFltAudMVtoV3GgsMeHvaoGJq0s0G3TNqRMQG1A1hRbCQH5IWJgd6LLx3Dstwvs7ApQsYbLSF8Lv1IRrV6tRbKWih9FlEKpwooVwJ1HlbVmLx2aQeJGpPjt%2F4Go7twehdcnQDNXgXNC9ClAqvx3XRJJsrSVDK6ElW4gTAFknQG6Yq3oQ%2FIK9MYFx%2F8BMn3zr18Y%2FYzfnkH3BZIbIFP1X2Cjr45vGZysnnN5I58v5ikqqtW6STi6ylN5fFvL8mV3Fhx8YIbfPMOnwCT8c4H0qULNBYq7jjy3XklhLTzxnJJfrzoPpLsauaWzmc2zpKFq%2B%2FOX%2BwmVjqnTDwCVWNChk%2FA1Zg8%2F%2Btf09976ouPoewINivQzfbIYUGZXfBkDS7ZO%2Fv7Hz%2B89eetR3CGwOojDks85FkxtCE7OtSKQMujnbICTu6d%2B9%2Fj%2F59Jho%2FB5DNDhpZOblNVbLib6NgSaLqOuFugZwv0dAGqB3DZsWGa2L2zj6JpgenSkGlb2mTa6q%2BmNo%2FJ4rqDU%2FvlRhT5tN6qBY0GlQ1WDZvteiAoDav1sF6nEVI3bp%2F5%2Bvo%2FAAAA%2F%2F8BAAD%2F%2F4IboHSXBAAA IP172.240.127.234:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjectcriticizewiggle.com FingerprintC8:8E:FD:EE:69:F8:E7:66:FB:24:08:6A:D6:14:8D:CE:FD:6C:A0:A1 ValidityMon, 29 Apr 2024 13:11:26 GMT - Sun, 28 Jul 2024 13:11:25 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST2hc1Ru9b5r%2BFj8XYikKijCCC5Vm8v7MX0tprTVSmjalVSxu5P6byTV33n3c%2B968SdwEg9Ll4KYr4eVM0qCWUBcurTIpdBEQO12ULAy4c%2BeiUHAjMmNo8Nt833fPuXDuOffLjeyAhMjo%2FoXLZlVpTedqFb%2F8xo0gOF1eUHHWL%2Feb9U%2Fq1dNl23u7Va%2F4b5bfl3zZzIV%2B4PuBH5TnlZVt05%2BbgFDJnVZQafmValgJalX07X93l3lw1IPoHZATUGI8c987CcVHiLt3L0i3nJrk1HvdTNPUWPTE9ofxcmzyGN2jsW09tOPtQzaMezh%2FDybemsqF6T0jMjUm3oN7YPH2oUiw3uZUJ9OQMZh4DnlvBKlHUHQEbtahxEMCcIEri4i7t68Ym9OVf1E6Qcdk5ukTqHxMZn47ibi7c16rfvm60VmqTOzQbxdQ%2FRFUZ4Qk20W6WoLKd8HTz6HEL2Tu6QLi7uai0wZK7L8uZcgZF3JWRkFrtipbrVkWNduzDVZlQZuyUPLa1CClRlDtEbQcgLoSMuchUx6ytocs8dAV%2B2UeBEHDF5z6zRbnkWhIVhd%2BQBvtgAZ%2BvYmMT94wQJoMwPUA3K4hsWtYVgPY7Ge4pQJOeHApQU8UyCVB7ghySpArgjwlyHvFltAudMVtoV3GgsMeHvaoGJq0s0G3TNqRMQG1A1hRbCQH5IWJgd6LLx3Dstwvs7ApQsYbLSF8Lv1IRrV6tRbKWih9FlEKpwooVwJ1HlbVmLx2aQeJGpPjt%2F4Go7twehdcnQDNXgXNC9ClAqvx3XRJJsrSVDK6ElW4gTAFknQG6Yq3oQ%2FIK9MYFx%2F8BMn3zr18Y%2FYzfnkH3BZIbIFP1X2Cjr45vGZysnnN5I58v5ikqqtW6STi6ylN5fFvL8mV3Fhx8YIbfPMOnwCT8c4H0qULNBYq7jjy3XklhLTzxnJJfrzoPpLsauaWzmc2zpKFq%2B%2FOX%2BwmVjqnTDwCVWNChk%2FA1Zg8%2F%2Btf09976ouPoewINivQzfbIYUGZXfBkDS7ZO%2Fv7Hz%2B89eetR3CGwOojDks85FkxtCE7OtSKQMujnbICTu6d%2B9%2Fj%2F59Jho%2FB5DNDhpZOblNVbLib6NgSaLqOuFugZwv0dAGqB3DZsWGa2L2zj6JpgenSkGlb2mTa6q%2BmNo%2FJ4rqDU%2FvlRhT5tN6qBY0GlQ1WDZvteiAoDav1sF6nEVI3bp%2F5%2Bvo%2FAAAA%2F%2F8BAAD%2F%2F4IboHSXBAAA HTTP/1.1
Host: criticizewiggle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Cookie: u_pl=18224899; uid_id2=ee2cbcde-e319-4e99-b38f-7b4b1fab2ec5:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb28d2bc79dd0ce03e356452e52e0b3aa=[5228479,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 04:06:43 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d65e7c50cfafd4ab2ee39f3980b307ec
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| criticizewiggle.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F48%2F48%2Feb%2F4848ebd6f7295875a5d388ec2488aba3%2F1648542421.html&l=1538&fd=108 | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1criticizewiggle.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F48%2F48%2Feb%2F4848ebd6f7295875a5d388ec2488aba3%2F1648542421.html&l=1538&fd=108 IP172.240.127.234:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjectcriticizewiggle.com FingerprintC8:8E:FD:EE:69:F8:E7:66:FB:24:08:6A:D6:14:8D:CE:FD:6C:A0:A1 ValidityMon, 29 Apr 2024 13:11:26 GMT - Sun, 28 Jul 2024 13:11:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F48%2F48%2Feb%2F4848ebd6f7295875a5d388ec2488aba3%2F1648542421.html&l=1538&fd=108 HTTP/1.1
Host: criticizewiggle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Cookie: u_pl=18224899; uid_id2=ee2cbcde-e319-4e99-b38f-7b4b1fab2ec5:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb28d2bc79dd0ce03e356452e52e0b3aa=[5228479,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 04:06:43 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/img/close.png | 188.114.97.1 | 200 OK | 591 B |
URL GET HTTP/3cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/img/close.png IP188.114.97.1:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typePNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced Hash9fd5bcb6103d86e317bd1eb019bcbe71 6b5a52ea669dcb74946f2bed4bdd7ec985026113 0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae
GET /sb/ssp/vpn/classic-push/big1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 04:06:44 GMT
content-type: image/png
content-length: 591
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: "65aa84fe-24f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 816005
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R1mWYWXxMbG9mImrESqBg8MysN0JW43F35GQRNaxbV%2FpyC6rObQqDNcVtacxEZfZ3n4OpcxmGwj33Rlc6XhCaMIfKd4G8IW0p6gnT1iFAQsBkDZXw7i9b0%2F71hvb5fBwEHdIjLdfsDeT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88170eed3a60569f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/animate.css | 188.114.97.1 | 200 OK | 4.9 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/animate.css IP188.114.97.1:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash5982c5377696d20476871062646b253f 8bf2c93fa9ccc908f7df0fb7abb911bbac3e4242 4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4
GET /sb/ssp/vpn/classic-push/big1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thepiratebay3.co
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 04:06:43 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-13365"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: HIT
age: 54371
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1xHaIeShsvPs4ZmsSY6XF7aYx%2B3aJKDoVg0DQ8JIul6B3dm5%2FrGDvv6HuVdMDKCO7vPWVfRty0gFFXyckVyYLvSSAo6eQYjnWG1KZt5GhNMhzjN%2FfXYr3FeGlOem%2FVWuER6aiCLzQims"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88170eecb88a56c1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/si/b2058622f9e1e701b762fd3f226165a9c3c61cda592f64b28178cbe9bbe6a052.png | 45.133.44.9 | 200 OK | 44 kB |
URL GET HTTP/2cdn.cloudimagesb.com/si/b2058622f9e1e701b762fd3f226165a9c3c61cda592f64b28178cbe9bbe6a052.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hashda25868e119ed5aaf739edf69c31b490 bab9ed1525079734d5f823045f7e380e1f659df4 b138f749c1ba1aa4f48c9f1b55d01a657bc5dbdf957a4c1185f2d4bb89229822
GET /si/b2058622f9e1e701b762fd3f226165a9c3c61cda592f64b28178cbe9bbe6a052.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 04:06:44 GMT
content-type: image/png
content-length: 43754
server: nginx/1.21.6
last-modified: Thu, 09 May 2024 12:38:27 GMT
etag: "663cc3c3-aaea"
expires: Sun, 12 May 2024 04:06:44 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/si/a5f7da8098c31678f1e82c23dbf39aeedade906ff1ae8ccc4395ca7a048b3849.png | 45.133.44.9 | 200 OK | 20 kB |
URL GET HTTP/2cdn.cloudimagesb.com/si/a5f7da8098c31678f1e82c23dbf39aeedade906ff1ae8ccc4395ca7a048b3849.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 340 x 180, 8-bit/color RGBA, non-interlaced Hashffd1172aeb074aa709c5e02fc5bc567c 284186f7978b958657c523d26c0779b230116d0e 377ca7d07cedba2448f26e03f9bb836fe3d3db319a37aaa5dd84a482719438b8
GET /si/a5f7da8098c31678f1e82c23dbf39aeedade906ff1ae8ccc4395ca7a048b3849.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 04:06:44 GMT
content-type: image/png
content-length: 19936
server: nginx/1.21.6
last-modified: Thu, 09 May 2024 12:36:28 GMT
etag: "663cc34c-4de0"
expires: Sun, 12 May 2024 04:06:44 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| criticizewiggle.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fcss%2Fstyle.css&l=4143&fd=54 | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1criticizewiggle.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fcss%2Fstyle.css&l=4143&fd=54 IP172.240.127.234:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjectcriticizewiggle.com FingerprintC8:8E:FD:EE:69:F8:E7:66:FB:24:08:6A:D6:14:8D:CE:FD:6C:A0:A1 ValidityMon, 29 Apr 2024 13:11:26 GMT - Sun, 28 Jul 2024 13:11:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fcss%2Fstyle.css&l=4143&fd=54 HTTP/1.1
Host: criticizewiggle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Cookie: u_pl=18224899; uid_id2=ee2cbcde-e319-4e99-b38f-7b4b1fab2ec5:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb28d2bc79dd0ce03e356452e52e0b3aa=[5228479,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 04:06:44 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| unseenreport.com/pxf.gif?uuid=ee2cbcde-e319-4e99-b38f-7b4b1fab2ec5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=b28d2bc79dd0ce03e356452e52e0b3aa&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 | 192.243.59.12 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=ee2cbcde-e319-4e99-b38f-7b4b1fab2ec5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=b28d2bc79dd0ce03e356452e52e0b3aa&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=ee2cbcde-e319-4e99-b38f-7b4b1fab2ec5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=b28d2bc79dd0ce03e356452e52e0b3aa&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 04:06:44 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ab3e6250b6274a98125dc036429f63ee
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=ee2cbcde-e319-4e99-b38f-7b4b1fab2ec5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=b26cfe063efcaf3c5be509d9e41bc140&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 | 192.243.59.12 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=ee2cbcde-e319-4e99-b38f-7b4b1fab2ec5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=b26cfe063efcaf3c5be509d9e41bc140&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=ee2cbcde-e319-4e99-b38f-7b4b1fab2ec5&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=b26cfe063efcaf3c5be509d9e41bc140&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 04:06:44 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d8084f66b7f4381b20e3b81c7b9191c0
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| criticizewiggle.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fjs%2Fscript.js&l=958&fd=15 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1criticizewiggle.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fjs%2Fscript.js&l=958&fd=15 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjectcriticizewiggle.com FingerprintC8:8E:FD:EE:69:F8:E7:66:FB:24:08:6A:D6:14:8D:CE:FD:6C:A0:A1 ValidityMon, 29 Apr 2024 13:11:26 GMT - Sun, 28 Jul 2024 13:11:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fjs%2Fscript.js&l=958&fd=15 HTTP/1.1
Host: criticizewiggle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Cookie: u_pl=18224899; uid_id2=ee2cbcde-e319-4e99-b38f-7b4b1fab2ec5:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb28d2bc79dd0ce03e356452e52e0b3aa=[5228479,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 04:06:44 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.170 | 200 OK | 1.2 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.170:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash54373ed2db488f3dfc6813d9846624ef 2c09fc2171240ff15f266261205a6e002c62b7b1 a45363503133bec45a1ba89ff40788553feb6560f9bcfdce4afb1817dbd86f7e
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 04:06:44 GMT
date: Fri, 10 May 2024 04:06:44 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.99 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.99:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thepiratebay3.co
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 10:46:32 GMT
expires: Wed, 07 May 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 235212
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.99 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.99:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thepiratebay3.co
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 06:08:19 GMT
expires: Sat, 03 May 2025 06:08:19 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 597505
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| criticizewiggle.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2hc1Ru9b5r%2BFj8XYikKijCCC5Vm8t6b%2F5bSWmukNG1Kq1jcyP33Jtfcefdx73vzJnETDEqXg5uuhJczSYNaQl24tMqk0EVA7HRRsjDgzp2LQsGNyIyhwW%2Fzfd8958K559wvN7IDEiKj%2Bxcum1WlNZ2rV%2FzyGzeC4HR5QcVZv9xvNT5p1E6Xbe%2FtdqPiv1l%2BX%2FJlMxf6ge8HflCeV1ZGpj83AaGSO%2B2g0vYrtbAS1Gvo2%2F%2FuLvPgqAfROyAnoMR45r53EoqPEHfvXpBuOTXJqfe6maapseiJ7Q%2Fj5djkMbpHY2Q9RPH2IRvGPZy%2FBxNvTeXC9J4RmRoT78E9sHj7UCRYb3Oqk2nIGEw8h7w3gtQjKDoCN%2BtQ4iEBuMCVRcTd21eMzenKvyidoGMy8%2FQJVD4mM7%2BdRNzdOa9Vv3zd6CxVJnboRwVUfwTVGSHJdpGulqDyXfD0cyjxC5l7uoC4u7notIES%2B69LGXLGhZyV1aA9W5Pt9iyrtqLZJquxIKIslLw%2BNUipEVQ0gpYDUFdC5jxkykMWecgSD12xX%2BZBEDR9wanfanNeFU3JGsIPaDMKaOA3Wsj45A0DpMkAXA%2FA7RoSu4ZlNYDNfoZbKuCEB5cS9ESBXBLkjiCnBLkiyFOCvFdsCe1CV9wW2mUsOOzhYa8WQ5N2NuiWSTsyJqB2ACuKjeSAvDAx0HvxpWNYlvtlFrZEyHizLYTPpV%2BV1XqjVg9lPZQ%2Bq1IKpwooVwJ1HlbVmLx2aQeJGpPjt%2F4Go7twehdcnQDNXgXNC9ClAqvx3XRJJsrSVDK6Uq1wA2EKJOkM0hVvQx%2BQV6YxLj74CZLvnXv5xuxn%2FPIOuC2Q2AKfqvsEHX1zeM3kZPOayR35fjFJVVet0knE11OayuPfXpIrubHi4gU3%2BOYdPgEm450PpEsXaCxU3HHku%2FNKCGnnjeWS%2FHjRfSTZ1cwtnc9snCULV9%2Bdv9hNrHROmXgEqsaEDJ%2BAqzF5%2Fte%2Fpr%2F31BcfQ9kRbFagm%2B2Rw4Iyu%2BDJGlyyd%2Fb3P354689bj%2BAMgdVHHJZ4yLNiaEN2dKgVgZZHO2UFnNw797%2FH%2Fz%2BTDB%2BDyWeGDC2d3Kaq2HA30bEl0HQdcbdAzxbo6QJUD%2BCyY8M0sXtnH1WnBaZLQ6ZtaZNpq7%2Ba2jwmi%2BsOTu2Xq75oMhnJJpO1ei2SXLB6nfk84qwqWi2O1I2jM19f%2FwcAAP%2F%2FAQAA%2F%2F8Cz3WclwQAAA%3D%3D | 172.240.127.234 | 200 OK | 7 B |
URL GET HTTP/1.1criticizewiggle.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2hc1Ru9b5r%2BFj8XYikKijCCC5Vm8t6b%2F5bSWmukNG1Kq1jcyP33Jtfcefdx73vzJnETDEqXg5uuhJczSYNaQl24tMqk0EVA7HRRsjDgzp2LQsGNyIyhwW%2Fzfd8958K559wvN7IDEiKj%2Bxcum1WlNZ2rV%2FzyGzeC4HR5QcVZv9xvNT5p1E6Xbe%2FtdqPiv1l%2BX%2FJlMxf6ge8HflCeV1ZGpj83AaGSO%2B2g0vYrtbAS1Gvo2%2F%2FuLvPgqAfROyAnoMR45r53EoqPEHfvXpBuOTXJqfe6maapseiJ7Q%2Fj5djkMbpHY2Q9RPH2IRvGPZy%2FBxNvTeXC9J4RmRoT78E9sHj7UCRYb3Oqk2nIGEw8h7w3gtQjKDoCN%2BtQ4iEBuMCVRcTd21eMzenKvyidoGMy8%2FQJVD4mM7%2BdRNzdOa9Vv3zd6CxVJnboRwVUfwTVGSHJdpGulqDyXfD0cyjxC5l7uoC4u7notIES%2B69LGXLGhZyV1aA9W5Pt9iyrtqLZJquxIKIslLw%2BNUipEVQ0gpYDUFdC5jxkykMWecgSD12xX%2BZBEDR9wanfanNeFU3JGsIPaDMKaOA3Wsj45A0DpMkAXA%2FA7RoSu4ZlNYDNfoZbKuCEB5cS9ESBXBLkjiCnBLkiyFOCvFdsCe1CV9wW2mUsOOzhYa8WQ5N2NuiWSTsyJqB2ACuKjeSAvDAx0HvxpWNYlvtlFrZEyHizLYTPpV%2BV1XqjVg9lPZQ%2Bq1IKpwooVwJ1HlbVmLx2aQeJGpPjt%2F4Go7twehdcnQDNXgXNC9ClAqvx3XRJJsrSVDK6Uq1wA2EKJOkM0hVvQx%2BQV6YxLj74CZLvnXv5xuxn%2FPIOuC2Q2AKfqvsEHX1zeM3kZPOayR35fjFJVVet0knE11OayuPfXpIrubHi4gU3%2BOYdPgEm450PpEsXaCxU3HHku%2FNKCGnnjeWS%2FHjRfSTZ1cwtnc9snCULV9%2Bdv9hNrHROmXgEqsaEDJ%2BAqzF5%2Fte%2Fpr%2F31BcfQ9kRbFagm%2B2Rw4Iyu%2BDJGlyyd%2Fb3P354689bj%2BAMgdVHHJZ4yLNiaEN2dKgVgZZHO2UFnNw797%2FH%2Fz%2BTDB%2BDyWeGDC2d3Kaq2HA30bEl0HQdcbdAzxbo6QJUD%2BCyY8M0sXtnH1WnBaZLQ6ZtaZNpq7%2Ba2jwmi%2BsOTu2Xq75oMhnJJpO1ei2SXLB6nfk84qwqWi2O1I2jM19f%2FwcAAP%2F%2FAQAA%2F%2F8Cz3WclwQAAA%3D%3D IP172.240.127.234:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjectcriticizewiggle.com FingerprintC8:8E:FD:EE:69:F8:E7:66:FB:24:08:6A:D6:14:8D:CE:FD:6C:A0:A1 ValidityMon, 29 Apr 2024 13:11:26 GMT - Sun, 28 Jul 2024 13:11:25 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST2hc1Ru9b5r%2BFj8XYikKijCCC5Vm8t6b%2F5bSWmukNG1Kq1jcyP33Jtfcefdx73vzJnETDEqXg5uuhJczSYNaQl24tMqk0EVA7HRRsjDgzp2LQsGNyIyhwW%2Fzfd8958K559wvN7IDEiKj%2Bxcum1WlNZ2rV%2FzyGzeC4HR5QcVZv9xvNT5p1E6Xbe%2FtdqPiv1l%2BX%2FJlMxf6ge8HflCeV1ZGpj83AaGSO%2B2g0vYrtbAS1Gvo2%2F%2FuLvPgqAfROyAnoMR45r53EoqPEHfvXpBuOTXJqfe6maapseiJ7Q%2Fj5djkMbpHY2Q9RPH2IRvGPZy%2FBxNvTeXC9J4RmRoT78E9sHj7UCRYb3Oqk2nIGEw8h7w3gtQjKDoCN%2BtQ4iEBuMCVRcTd21eMzenKvyidoGMy8%2FQJVD4mM7%2BdRNzdOa9Vv3zd6CxVJnboRwVUfwTVGSHJdpGulqDyXfD0cyjxC5l7uoC4u7notIES%2B69LGXLGhZyV1aA9W5Pt9iyrtqLZJquxIKIslLw%2BNUipEVQ0gpYDUFdC5jxkykMWecgSD12xX%2BZBEDR9wanfanNeFU3JGsIPaDMKaOA3Wsj45A0DpMkAXA%2FA7RoSu4ZlNYDNfoZbKuCEB5cS9ESBXBLkjiCnBLkiyFOCvFdsCe1CV9wW2mUsOOzhYa8WQ5N2NuiWSTsyJqB2ACuKjeSAvDAx0HvxpWNYlvtlFrZEyHizLYTPpV%2BV1XqjVg9lPZQ%2Bq1IKpwooVwJ1HlbVmLx2aQeJGpPjt%2F4Go7twehdcnQDNXgXNC9ClAqvx3XRJJsrSVDK6Uq1wA2EKJOkM0hVvQx%2BQV6YxLj74CZLvnXv5xuxn%2FPIOuC2Q2AKfqvsEHX1zeM3kZPOayR35fjFJVVet0knE11OayuPfXpIrubHi4gU3%2BOYdPgEm450PpEsXaCxU3HHku%2FNKCGnnjeWS%2FHjRfSTZ1cwtnc9snCULV9%2Bdv9hNrHROmXgEqsaEDJ%2BAqzF5%2Fte%2Fpr%2F31BcfQ9kRbFagm%2B2Rw4Iyu%2BDJGlyyd%2Fb3P354689bj%2BAMgdVHHJZ4yLNiaEN2dKgVgZZHO2UFnNw797%2FH%2Fz%2BTDB%2BDyWeGDC2d3Kaq2HA30bEl0HQdcbdAzxbo6QJUD%2BCyY8M0sXtnH1WnBaZLQ6ZtaZNpq7%2Ba2jwmi%2BsOTu2Xq75oMhnJJpO1ei2SXLB6nfk84qwqWi2O1I2jM19f%2FwcAAP%2F%2FAQAA%2F%2F8Cz3WclwQAAA%3D%3D HTTP/1.1
Host: criticizewiggle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Cookie: u_pl=18224899; uid_id2=ee2cbcde-e319-4e99-b38f-7b4b1fab2ec5:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb28d2bc79dd0ce03e356452e52e0b3aa=[5228479,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 04:06:44 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 579b0b8dee9ab69ee03e1525774bbd44
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| criticizewiggle.com/pixel/sbs?c=1 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1criticizewiggle.com/pixel/sbs?c=1 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjectcriticizewiggle.com FingerprintC8:8E:FD:EE:69:F8:E7:66:FB:24:08:6A:D6:14:8D:CE:FD:6C:A0:A1 ValidityMon, 29 Apr 2024 13:11:26 GMT - Sun, 28 Jul 2024 13:11:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: criticizewiggle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Cookie: u_pl=18224899; uid_id2=ee2cbcde-e319-4e99-b38f-7b4b1fab2ec5:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb28d2bc79dd0ce03e356452e52e0b3aa=[5228479,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 04:06:44 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.97.1 | 200 OK | 36 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP188.114.97.1:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 04:06:42 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: c32c0cf465f6499eba7a8c82e905c520
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 10 May 2024 04:06:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xMBOY9q9vg8xiHe9jZGVEfY3ylbtipqnJmiIdr5GW%2F37aTsQS6Hc4AQzSJHh4JympWlwzaHHqmuuv6twjiWAuFQZ6AnehCDeup9GlPuOcnsDjRKlowbft%2Bf27X7HKcC%2FMzqRnYPRQJ5vBX0tBA6uiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88170ee56ded5690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/script.js | 188.114.97.1 | 200 OK | 958 B |
URL GET HTTP/3cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/script.js IP188.114.97.1:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (1009), with no line terminators Hash04835fd7dd7f8cfbad901bee8cff2170 38e9ed1e93f8f0beba9447a99afe3995e63b6f3e be63bbd38c66ca9a9ee1c8abfed042fd5fc090c40b91ad561e922744ece47c41
GET /sb/ssp/vpn/classic-push/big1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thepiratebay3.co
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 04:06:44 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-3be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 54372
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tKw7lYV7Pt34ie39%2Bl%2BkOnNKfQrRWVVeEbkdwPrmnbDEGFGLCJvHuTitfvso9BpMzX5EyxUIPfjadDPhZDUFGJ9oJTssdjWVa8T7UAXCoQDaXcywDrKEJcQ4or9P3dn5jOfxzXMywG9z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88170eed9a93569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 188.114.97.1 | 200 OK | 4.1 kB |
URL User Request GET HTTP/2IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectthepiratebay3.co Fingerprint72:7B:CF:7E:96:39:FE:79:9C:EC:22:F2:7B:32:07:7F:BE:8F:D3:B9 ValidityFri, 15 Mar 2024 01:17:29 GMT - Thu, 13 Jun 2024 01:17:28 GMT
File typeHTML document, ASCII text, with very long lines (4501), with no line terminators Hash5834bb2785f425b41cb34ddd1686220c 0c3cb94b85a0051c67638425d7828880b3cf923b 20c523d400697730742e76118d87074218446a34b6664b7d7b2e14841a2e5ba6
GET / HTTP/1.1
Host: thepiratebay3.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 04:06:41 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KeW9990rgZiuy4i9PRxKUs57oQxsA%2FlEAvdogdumxH4HPB1hVYapiKRQMxKSkVnCiBeWSn9P3Xj5X69M60l9ZE0Z0E0RDlhiEofSJ53ldChV6wVYRtCx0ZvY18qRWvrc%2FfqV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88170edc3f7fb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| thepiratebay3.co/static/img/icon-https.gif | 188.114.97.1 | 404 Not Found | 146 B |
URL GET HTTP/3thepiratebay3.co/static/img/icon-https.gif IP188.114.97.1:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerGoogle Trust Services LLC Subjectthepiratebay3.co Fingerprint72:7B:CF:7E:96:39:FE:79:9C:EC:22:F2:7B:32:07:7F:BE:8F:D3:B9 ValidityFri, 15 Mar 2024 01:17:29 GMT - Thu, 13 Jun 2024 01:17:28 GMT
File typeHTML document, ASCII text, with no line terminators Hash40b3fc14254227ec5012d996bf90c4e1 b0dd06eb5a779151151101337889ff09953f8ac0 740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca
GET /static/img/icon-https.gif HTTP/1.1
Host: thepiratebay3.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/static/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 10 May 2024 04:06:42 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9BOIZGX9KqqF2%2BrvV6%2FzEk%2BDp8kjPUCLNVsUXyXVFQcFkAXH49g4OB988eHH9YOF8tGwJHUy0XY7MyLKa%2BsfzJ2Ty%2BXrHM19Lw1QwaTyBS4ssflyi%2BxhL8rh7GthBH3q%2Bqzq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88170ee0084756ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| thepiratebay3.co/favicon.ico | 188.114.97.1 | 200 OK | 824 B |
URL GET HTTP/3thepiratebay3.co/favicon.ico IP188.114.97.1:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerGoogle Trust Services LLC Subjectthepiratebay3.co Fingerprint72:7B:CF:7E:96:39:FE:79:9C:EC:22:F2:7B:32:07:7F:BE:8F:D3:B9 ValidityFri, 15 Mar 2024 01:17:29 GMT - Thu, 13 Jun 2024 01:17:28 GMT
File typePC bitmap, Windows 3.x format, 16 x 16 x 24, resolution 19680 x 19680 px/m, cbSize 824, bits offset 54 Hashb407e86e0a33574c3079d83fe36e1da6 fc0e3d17c0d17865a24f3bbb3afd8a1ed0bbea83 fab9c76a90a2be44b10dfc214c044b7105fd02ac545b322ae3f1ac3a4c697ac3
GET /favicon.ico HTTP/1.1
Host: thepiratebay3.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=ee2cbcde-e319-4e99-b38f-7b4b1fab2ec5%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 04:06:43 GMT
content-type: image/x-icon
last-modified: Tue, 22 Feb 2022 02:49:42 GMT
etag: W/"62144f46-338"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6750
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YffDpP%2BGyEvDaCxDJ0cS51Qdtx4YALgC3Wgqxme%2FJ%2FgByQxx7c2AhTkSdI1uBqIJh6JqzBwfEZY3G9sPsiQGidC6oTmClDr91bOPVTxyXlzLP6EBUpzzhQjBjgZfdUDAYJ%2Fv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88170ee80d2d56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| thepiratebay3.co/static/img/tpb.jpg | 188.114.97.1 | 200 OK | 19 kB |
URL GET HTTP/3thepiratebay3.co/static/img/tpb.jpg IP188.114.97.1:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerGoogle Trust Services LLC Subjectthepiratebay3.co Fingerprint72:7B:CF:7E:96:39:FE:79:9C:EC:22:F2:7B:32:07:7F:BE:8F:D3:B9 ValidityFri, 15 Mar 2024 01:17:29 GMT - Thu, 13 Jun 2024 01:17:28 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 275x295, components 3 Hash6b945b5f5e2b8fc40ba470740ec483f6 6449d5cb355eeaa9c50e9a888995ed0f5bbd3f81 acecaff92aec4aaf0f1fecb2efaad6cdc3cc91e9d695792ac9d2ee9addefc322
GET /static/img/tpb.jpg HTTP/1.1
Host: thepiratebay3.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/static/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 04:06:41 GMT
content-type: image/jpeg
content-length: 19176
last-modified: Tue, 14 Nov 2023 03:03:49 GMT
etag: "6552e395-4ae8"
expires: Thu, 30 May 2024 17:54:39 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 815967
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CYTpevHwteFVMQ2cjgpUglQKqyYnQ5vUowtzAaNKRdzlffn1YpwKi5Oc7VGx7jgcFIwPMsM4mjiXALdXycKnDDog1mqSebZQFc20MlXQcxQOGtOeSE3fpyEhUE5yLCQWGTr6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88170ee0084256ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| criticizewiggle.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fcss%2Fanimate.css&l=78693&fd=50 | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1criticizewiggle.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fcss%2Fanimate.css&l=78693&fd=50 IP172.240.127.234:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjectcriticizewiggle.com FingerprintC8:8E:FD:EE:69:F8:E7:66:FB:24:08:6A:D6:14:8D:CE:FD:6C:A0:A1 ValidityMon, 29 Apr 2024 13:11:26 GMT - Sun, 28 Jul 2024 13:11:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fcss%2Fanimate.css&l=78693&fd=50 HTTP/1.1
Host: criticizewiggle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Cookie: u_pl=18224899; uid_id2=ee2cbcde-e319-4e99-b38f-7b4b1fab2ec5:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb28d2bc79dd0ce03e356452e52e0b3aa=[5228479,5210995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 04:06:44 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/jquery.min.js | 188.114.97.1 | 200 OK | 84 kB |
URL GET HTTP/3cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/jquery.min.js IP188.114.97.1:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJavaScript source, ASCII text, with very long lines (32025) Hash4a356126b9573eb7bd1e9a7494737410 8258d046f17dd3c15a5d3984e1868b7b5d1db329 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
GET /sb/ssp/vpn/classic-push/big1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 04:06:44 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-1499c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 806085
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dJGIb%2FAY0YCoJHrVJ3oDTRhpC7vMZUwttUrvKXHUUuJGlYzj7Xgror2jezwXQW7HvDxV4CFC3EGJI2DgVswHVAe0ZLin4lQqsH%2FV%2BqGgBa9r4lZmaDg9UeOe5DCJXFopcl3c%2FTcnYG8y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88170eed4a65569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/style.css | 188.114.97.1 | 200 OK | 4.1 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/style.css IP188.114.97.1:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (4354), with no line terminators Hash7550f9f90420fc2e46e999809b7ee308 d2e5cae2e1b29641b8d6eee15f89e4a15ae47658 88c249f9b5d5aa0c085023f9cf50083ebc5e6c8ab4e1640c76748e0b80eab322
GET /sb/ssp/vpn/classic-push/big1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thepiratebay3.co
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 04:06:43 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-102f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: HIT
age: 11593
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V9fPgZ8jIDFCM4f3cMiMKy3NPDcnmVDyHctCrYmDSxXSHNTiQSE63Zxww3UhWapOWxpQHjdfF1mTSeeqpUEOPBzO1QEARtbZjQlJk%2BWD0s4XZibq1qNDKzdfH1n7WFtshd%2BQDKXiVkeB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88170eecc89456c1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.barscreative1.com/sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html | 45.133.44.3 | 200 OK | 1.5 kB |
URL GET HTTP/2cdn.barscreative1.com/sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html IP45.133.44.3:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjectcdn.barscreative1.com Fingerprint08:55:F0:C8:EA:24:54:0D:3C:B9:2C:95:3E:DC:BF:FB:A8:76:BA:BC ValidityThu, 09 May 2024 03:01:15 GMT - Wed, 07 Aug 2024 03:01:14 GMT
File typeHTML document, ASCII text, with very long lines (1639), with no line terminators Hash97b357c624104a8e915d01424dfe16ce 6bd7fcedfb7986b149601b1bc840f525b67a8f06 8d010e7163298acf3671bb429a2e0b1d69033a5adc314fa4bddebf74b9775e6e
GET /sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thepiratebay3.co
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 04:06:43 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Tue, 29 Mar 2022 08:27:10 GMT
etag: W/"6242c2de-602"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 10 May 2024 05:06:43 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|