| www.tv1337.buzz/go/3/121 | 104.21.95.101 | 200 OK | 52 kB |
IP104.21.95.101:443
Requested byhttps://tv1337.buzz/hola.php?id=3/121 CertificateIssuerGoogle Trust Services LLC Subjecttv1337.buzz Fingerprint9D:4A:18:EB:19:04:19:E0:A9:01:28:87:BD:73:A6:1D:63:4C:E5:78 ValidityMon, 29 Apr 2024 00:24:21 GMT - Sun, 28 Jul 2024 00:24:20 GMT
File typeHTML document, ASCII text, with very long lines (65047), with CRLF line terminators Hash54d143eb4601cc83658067046992adfc 2064aa28340073e3cd08bf11b175fda9416051d9 05fc49cb5d65e959204f18e7c00f071ca372cf6eb72069d8b44c8a013e2a1476
GET /go/3/121 HTTP/1.1
Host: www.tv1337.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tv1337.buzz/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 20:38:02 GMT
content-type: text/html; charset=UTF-8
x-proxy-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Psp%2BsmnqUCCSojSPx%2FWyeConoDTIE83HELDivvVF3%2B200g7JYvpoHG%2B1RSpSLuldlnHjyn9pYWr2eHJkZHYCmzIFDkK8ESZUA4avF7BgHBICgg8hd61Sn4947gGbDDDmvkU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eb4aca7e33712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.r2m03.amazontrust.com/ | 3.164.222.26 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP3.164.222.26:0
Hash691c3f87e4fe41a736328d3c71e2dbdc fd76f455b38ba18f00a6fb81e3585201eb3c43f6 8ac709de568d48e4c9e64b75afa6cd3fed58e2cf0c21e823af01ab342e6794b9
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 04 May 2024 20:38:03 GMT
Last-Modified: Sat, 04 May 2024 20:12:35 GMT
Server: ECAcc (ska/F6A0)
X-Cache: Miss from cloudfront
Via: 1.1 5d44e22fe93ef8713c49e65bc8443112.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: xMDhGszL5EVK8pOVx8LWu5E4zOLPOeFbfM5MWGbPw4CaTNIAq_3KQg==
Age: 1528
|
|
| www.tv1337.buzz/go/3/121 | 104.21.95.101 | 200 OK | 0 B |
IP104.21.95.101:443
Requested byhttps://tv1337.buzz/hola.php?id=3/121 CertificateIssuerGoogle Trust Services LLC Subjecttv1337.buzz Fingerprint9D:4A:18:EB:19:04:19:E0:A9:01:28:87:BD:73:A6:1D:63:4C:E5:78 ValidityMon, 29 Apr 2024 00:24:21 GMT - Sun, 28 Jul 2024 00:24:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /go/3/121 HTTP/1.1
Host: www.tv1337.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tv1337.buzz/go/3/121
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 20:38:03 GMT
content-type: text/html; charset=UTF-8
x-proxy-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ltLEBk%2BVUWS18Hq2Pesg21gR%2F9vSegGUwVQPvIcu8lrjPaGoFYclfsOggg0Uk4XoD0Ytx62Ao%2B2h9mtcyu22EMvUcyLDH2uBrZVwLXGf8fo85DG4DUpzRe6VQzHs8te8C7k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eb4ad0f8d95684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://www.tv1337.buzz/go/3/121 CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash52f5093c8b2cb183717fd6f191014204 94c1f4f14aa5b830789ec0475b7d049358b0d79e 7e759a4cb62b7c7ee99c26cd043af70a2ca5e83d33c122dda423b5a020fdb923
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tv1337.buzz
DNT: 1
Connection: keep-alive
Referer: https://www.tv1337.buzz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 20:38:03 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.tv1337.buzz
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=80732e07-458d-4043-a700-f90f6a1a8830:2:1; expires=Tue, 02 May 2034 20:38:03 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.97.1 | 200 OK | 28 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP188.114.97.1:443
Requested byhttps://www.tv1337.buzz/go/3/121 CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tv1337.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 20:38:03 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 2fd6791df12c48874848cd7acbbd634c
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 20:38:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XskltNgB5n42ZtYuEZuDQGunwYSrtY%2FBZhLQbIPOyZnzCisiwUbcuNH3CspVP27Z%2FoR6f4aYOMdiKnmae2kNTab42bhzzLaj%2Bowdr48ZCjaUpoCLx%2BAMG0x8kkO7l1q2Fz2xJqU5wR5qM43UIyPVzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb4ad09b640b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mordoops.com/tag.min.js | 139.45.197.244 | 200 OK | 28 kB |
IP139.45.197.244:443
Requested byhttps://www.tv1337.buzz/go/3/121 CertificateIssuerLet's Encrypt Subjectmordoops.com Fingerprint0B:32:D8:40:AB:56:05:9B:BD:33:D8:55:19:05:B0:A5:45:79:BA:1D ValiditySun, 28 Apr 2024 05:23:29 GMT - Sat, 27 Jul 2024 05:23:28 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashae155af4fc0005bd4faab65e5c1cca00 4da21aabdd22446a02c50bded5c52d74ffa102d8 0c8f928eeb6c914b37b422cc7205f36aff66c2db7522e4ee20ec887606f4dc1c
GET /tag.min.js HTTP/1.1
Host: mordoops.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tv1337.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 20:38:03 GMT
content-type: text/javascript; charset=utf-8
content-length: 28334
content-encoding: br
x-trace-id: 10a8b0194d6e1e270fed0a538d0ccb8f
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Sat, 04 May 2024 16:53:32 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| unanimousconsider.net/js/jquery.min.js | 172.67.215.3 | 200 OK | 32 kB |
URL GET HTTP/3unanimousconsider.net/js/jquery.min.js IP172.67.215.3:443
Requested byhttps://unanimousconsider.net/embed/a7hfuuu11vri CertificateIssuerGoogle Trust Services LLC Subjectunanimousconsider.net FingerprintE6:BD:E7:18:29:F8:D9:53:13:32:FC:C2:6D:03:CC:2A:3F:49:52:BB ValidityWed, 03 Apr 2024 15:23:09 GMT - Tue, 02 Jul 2024 15:23:08 GMT
File typeJavaScript source, ASCII text, with very long lines (32058) Hashc9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
GET /js/jquery.min.js HTTP/1.1
Host: unanimousconsider.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://unanimousconsider.net/embed/a7hfuuu11vri
Cookie: hf1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 20:38:04 GMT
content-type: application/javascript
last-modified: Mon, 09 Nov 2020 18:05:02 GMT
etag: W/"5fa984ce-15283"
expires: Tue, 07 May 2024 19:38:28 GMT
cache-control: max-age=608400
cf-cache-status: HIT
age: 352775
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FFcIj4zj1AcfnaBQJRgY7lIUR2a1OwT3hTYYPU7BAwRXqmE8KPvh5p3VEWpJI4iRMi1BcXbaQ%2BjcDMg3PqCJUsJh0L7KJt%2FJnJ1lOpQ%2BOTBRjZAWhCkhapo75TEtga8kApByLfnfb3A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb4ad2f95756b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/gid.js?userId=008052d449d84357f4e923d31898886e | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=008052d449d84357f4e923d31898886e IP139.45.195.8:443
Requested byhttps://www.tv1337.buzz/go/3/121 CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hashb713cf286b362ee5eac5e57f460f42ce 3b2381032290bc5fd3b6629593a54ccdd7c58262 87adc97194949bf276eabb59c7b0818aaa600dfc05ebe4b3c67d99c01ae58190
GET /gid.js?userId=008052d449d84357f4e923d31898886e HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tv1337.buzz
DNT: 1
Connection: keep-alive
Referer: https://www.tv1337.buzz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 20:38:04 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.tv1337.buzz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=008052d449d84357f4e923d31898886e; expires=Sun, 04 May 2025 20:38:04 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| unanimousconsider.net/css/embed.min.css?v=0.5 | 172.67.215.3 | 200 OK | 146 kB |
URL GET HTTP/3unanimousconsider.net/css/embed.min.css?v=0.5 IP172.67.215.3:443
Requested byhttps://unanimousconsider.net/embed/a7hfuuu11vri CertificateIssuerGoogle Trust Services LLC Subjectunanimousconsider.net FingerprintE6:BD:E7:18:29:F8:D9:53:13:32:FC:C2:6D:03:CC:2A:3F:49:52:BB ValidityWed, 03 Apr 2024 15:23:09 GMT - Tue, 02 Jul 2024 15:23:08 GMT
File typeASCII text, with very long lines (1263) Size146 kB (145643 bytes) Hash47bdb127c8b9c6915ba4aea9205641ba 56554a3c0bd6785df1f1d18de5a07a495fb49270 2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257
GET /css/embed.min.css?v=0.5 HTTP/1.1
Host: unanimousconsider.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://unanimousconsider.net/embed/a7hfuuu11vri
Cookie: hf1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 20:38:03 GMT
content-type: text/css
last-modified: Thu, 09 Jun 2022 09:49:16 GMT
etag: W/"62a1c21c-4f0"
expires: Tue, 07 May 2024 18:27:42 GMT
cache-control: max-age=608400
cf-cache-status: HIT
age: 357021
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2BJIJO2nqYygkmVmWo1QeRsbMmLO3oH3Tz3EF2KKgk4oIR08HmpdNuJboYsp%2BXX8fXJ7MAnANFSKnsulf8zONvKAqeUty9BYYgTZ4HkAW43qMwExuVssBQ8hLshrQngnM5xBAJ2rxAU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb4ad2e95656b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| obediencechainednoun.com/pixel/purst?dl=0&th=0&sc=0&rs=1184&rd=1184&fd=778&bv=24.5.6485&tmpl=70 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1obediencechainednoun.com/pixel/purst?dl=0&th=0&sc=0&rs=1184&rd=1184&fd=778&bv=24.5.6485&tmpl=70 IP172.240.108.68:443
Requested byhttps://www.tv1337.buzz/go/3/121 CertificateIssuerLet's Encrypt Subjectobediencechainednoun.com FingerprintD8:88:AB:F9:4D:93:61:FE:1F:18:63:97:F6:CC:1E:80:10:F1:3D:AB ValidityMon, 29 Apr 2024 13:12:59 GMT - Sun, 28 Jul 2024 13:12:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=1184&rd=1184&fd=778&bv=24.5.6485&tmpl=70 HTTP/1.1
Host: obediencechainednoun.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tv1337.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 20:38:04 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| unanimousconsider.net/deb.js | 172.67.215.3 | 200 OK | 5.9 kB |
URL GET HTTP/3unanimousconsider.net/deb.js IP172.67.215.3:443
Requested byhttps://unanimousconsider.net/embed/a7hfuuu11vri CertificateIssuerGoogle Trust Services LLC Subjectunanimousconsider.net FingerprintE6:BD:E7:18:29:F8:D9:53:13:32:FC:C2:6D:03:CC:2A:3F:49:52:BB ValidityWed, 03 Apr 2024 15:23:09 GMT - Tue, 02 Jul 2024 15:23:08 GMT
File typeJavaScript source, ASCII text, with very long lines (21359) Hash4854629b2f59efbee5662790a405fa68 961af168c9029a8a3765356bd37631fa3941ccb2 00f55721ec6181d9c16cc365dfe2ca9aab2fb8008ffe22ded892085019fd33b5
GET /deb.js HTTP/1.1
Host: unanimousconsider.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://unanimousconsider.net/embed/a7hfuuu11vri
Cookie: hf1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 20:38:04 GMT
content-type: application/javascript
last-modified: Wed, 22 Feb 2023 13:57:38 GMT
etag: W/"63f61f52-6450"
expires: Tue, 07 May 2024 18:27:43 GMT
cache-control: max-age=608400
cf-cache-status: HIT
age: 357021
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZcUJ2EgBBc%2BjipbXhTFbImdCBgYUtjfDvcsmFUVDtUlGEZWA84UZ8TbybLwZ4xiPmHdHQviF1aSgt%2F64DVE%2B%2FwSZ6PyJvd5HTm%2FPt8Wd2pR7ege5nmKgHkrhlzgtsgbWufUyYAw3Wpo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb4ad3198756b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| swarm.video/j79z9kzty.js?v=1.1 | 172.67.153.113 | 200 OK | 160 kB |
URL GET HTTP/2swarm.video/j79z9kzty.js?v=1.1 IP172.67.153.113:443
Requested byhttps://unanimousconsider.net/embed/a7hfuuu11vri CertificateIssuerGoogle Trust Services LLC Subjectswarm.video FingerprintAA:AF:58:D1:39:88:16:4B:A9:39:91:E7:C3:53:FA:D2:1E:CA:7C:7D ValidityMon, 25 Mar 2024 06:38:08 GMT - Sun, 23 Jun 2024 06:38:07 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65207) Size160 kB (159761 bytes) Hash5bb4a2cc385c78f8f136804a7f9c099d 446deffaa8960d13ef52d28f9e27ade237b6e7b1 7c260f5e1dcb04331e9fb5ea2c0a5b82552133dd170d219384ec76afb1ec9b3d
Analyzer | Verdict | Alert | Public Nextron YARA rules | malware | Unique code from Jetriz, Swid & Jeniva of the Tetris framework |
GET /j79z9kzty.js?v=1.1 HTTP/1.1
Host: swarm.video
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://unanimousconsider.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 20:38:04 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=545594
etag: W/"8533a-1893d1d213a"
last-modified: Mon, 10 Jul 2023 00:04:26 GMT
x-powered-by: Express
cf-cache-status: HIT
age: 357067
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BDhBfyBLlZ3dRINBGA7hWNrGlgI3g0kY4TGQEbWTO6%2BTV4H9Z4kL0NGoIRPGTYmT6rmHcqukQ2mLXG%2F4gapC9TULdc%2F9JAUYWLpPkzf%2BPN%2F7za7KqTfpt%2BccjaT9Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb4ad35caf0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| unanimousconsider.net/embed/a7hfuuu11vri | 172.67.215.3 | 200 OK | 49 kB |
URL GET HTTP/2unanimousconsider.net/embed/a7hfuuu11vri IP172.67.215.3:443
Requested byhttps://www.tv1337.buzz/go/3/121 CertificateIssuerGoogle Trust Services LLC Subjectunanimousconsider.net FingerprintE6:BD:E7:18:29:F8:D9:53:13:32:FC:C2:6D:03:CC:2A:3F:49:52:BB ValidityWed, 03 Apr 2024 15:23:09 GMT - Tue, 02 Jul 2024 15:23:08 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (40966), with LF, NEL line terminators Hasha4109776989dc5075394590c699d5149 c8192d86a5e6d6dfc273d628665681046f944f3a cebc65d01c4683d32a0d57e68fba5fee3ad9cf887dfdd95e835de6014eeab955
GET /embed/a7hfuuu11vri HTTP/1.1
Host: unanimousconsider.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tv1337.buzz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 20:38:03 GMT
content-type: text/html; charset=UTF-8
set-cookie: hf1=1; expires=Sat, 04-May-2024 21:08:03 GMT; Max-Age=1800; path=/; secure; HttpOnly; SameSite=None
hf2=1; expires=Sat, 04-May-2024 20:38:03 GMT; Max-Age=0; path=/; secure; HttpOnly; SameSite=None
hf3=1; expires=Sat, 04-May-2024 20:38:03 GMT; Max-Age=0; path=/; secure; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UX62Vo0Vx%2BULfUPZ3IhTgnsyHlqNMz%2BSzrsKm3P2pHKDb%2FXwtSNGSvkFatqWC0bAHvil82TtYRyLCwh8%2FVJ7bvn%2F5xPvSrODVdMHaCNmk6dr8b0YwheLzsWCJssdCfGCCku9rG3nBgI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eb4ad13e43b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tv1337.buzz/hola.php?id=3/121 | 188.114.97.1 | 200 OK | 5.5 kB |
URL User Request GET HTTP/2tv1337.buzz/hola.php?id=3/121 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjecttv1337.buzz Fingerprint9D:4A:18:EB:19:04:19:E0:A9:01:28:87:BD:73:A6:1D:63:4C:E5:78 ValidityMon, 29 Apr 2024 00:24:21 GMT - Sun, 28 Jul 2024 00:24:20 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash554cc20fbee302d4fac66abdb2ab9f0a 320bc2539f613baa64a71a7ebb454b111287f354 2a17749ee2440aad60f962032165d3e8f29b5fbf20b2d6a8259cfea1a6a32ab6
GET /hola.php?id=3/121 HTTP/1.1
Host: tv1337.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 20:38:02 GMT
content-type: text/html; charset=UTF-8
x-proxy-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6TZhKEn8TYBM0w9aWOi4YTiPOfkgK1vfU5dus4t8zWa2qS7dJW5ogzuyE4j2bz5q1ybQo7FKSbWFXUpR5CoYmL11891NVuPVfNomFRMXJe0piCb7rUaLEwwsNE7zrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eb4ac66c310b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 | 216.58.207.227 | 200 OK | 24 kB |
URL GET HTTP/2fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 IP216.58.207.227:443
Requested byhttps://unanimousconsider.net/embed/a7hfuuu11vri CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23580, version 1.0 Hashe1b3b5908c9cf23dfb2b9c52b9a023ab fcd4136085f2a03481d9958cc6793a5ed98e714c 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://unanimousconsider.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 13:49:40 GMT
expires: Fri, 02 May 2025 13:49:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
age: 197304
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jnhjpdayvpzj.com/script/ut.js?cb=1714855084363 | 188.114.96.1 | 200 OK | 63 kB |
URL GET HTTP/2jnhjpdayvpzj.com/script/ut.js?cb=1714855084363 IP188.114.96.1:443
Requested byhttps://unanimousconsider.net/embed/a7hfuuu11vri CertificateIssuerGoogle Trust Services LLC Subjectjnhjpdayvpzj.com Fingerprint5F:5C:CE:55:06:48:DF:2A:B4:EF:47:FA:03:62:7F:31:12:EE:49:2F ValidityTue, 30 Apr 2024 15:32:39 GMT - Mon, 29 Jul 2024 15:32:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/ut.js?cb=1714855084363 HTTP/1.1
Host: jnhjpdayvpzj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://unanimousconsider.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 20:38:04 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPrW83xwB4W8mzzRZJ09Xlc2CpXXkbQ03UfLiQzyROfKug36lcvO2cSft2dJ4tgb3ugAlD6A0Esqeg
x-goog-generation: 1714053300452258
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 62975
x-goog-hash: crc32c=f8d0YQ==, md5=vEgeNFwEtFNOCk5UoPLBxg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 04 May 2024 20:27:39 GMT
cache-control: public, max-age=14400
age: 1372
last-modified: Thu, 25 Apr 2024 13:55:00 GMT
etag: W/"bc481e345c04b4534e0a4e54a0f2c1c6"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iCjkP%2FAocon4hkRjyVnH3eb0rkvv5D%2FjtG5SDFW58gO450Wmli61329wBQaSKEyf0j6raYCgpyi2vuP5PFXZP2N9OkSIfm0sCthuzj5LZraon6W%2FDZujJyW4dGdYYuAL2YCC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb4ad65e8b712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| youradexchange.com/script/suurl5.php?r=7108866&cbur=0.2946881518512713&cbiframe=1&cbWidth=1280&cbHeight=1024&cbtitle=&cbpage=https%3A%2F%2Fwww.tv1337.buzz%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=jnhjpdayvpzj.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&ts=1714855084370&srs=a1e8d6764be783474278945dde4d410a&atv=48.1&abtg=1&adbv=3-swat3-swf2 | 104.21.91.188 | 200 OK | 955 B |
URL GET HTTP/2youradexchange.com/script/suurl5.php?r=7108866&cbur=0.2946881518512713&cbiframe=1&cbWidth=1280&cbHeight=1024&cbtitle=&cbpage=https%3A%2F%2Fwww.tv1337.buzz%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=jnhjpdayvpzj.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&ts=1714855084370&srs=a1e8d6764be783474278945dde4d410a&atv=48.1&abtg=1&adbv=3-swat3-swf2 IP104.21.91.188:443
Requested byhttps://unanimousconsider.net/embed/a7hfuuu11vri CertificateIssuerGoogle Trust Services LLC Subjectyouradexchange.com FingerprintD5:0B:42:43:E8:69:FA:76:AA:C8:B3:28:9A:EB:33:C4:6F:62:7A:2B ValiditySun, 14 Apr 2024 01:48:20 GMT - Sat, 13 Jul 2024 01:48:19 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (982), with no line terminators Hash48428fa3eb27ef9c7658abbc5053071e d1be5db789a8d65d250a889c85c4c8b2e9151c54 1a538749865d7bc8535a2032476b15f83276fd9f51b96ee2f9163fa90eb324d1
GET /script/suurl5.php?r=7108866&cbur=0.2946881518512713&cbiframe=1&cbWidth=1280&cbHeight=1024&cbtitle=&cbpage=https%3A%2F%2Fwww.tv1337.buzz%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=jnhjpdayvpzj.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&ts=1714855084370&srs=a1e8d6764be783474278945dde4d410a&atv=48.1&abtg=1&adbv=3-swat3-swf2 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://unanimousconsider.net/
Origin: https://unanimousconsider.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 20:38:04 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2FUYElAzYqo48t4CbXLX2gZAihoiva%2B%2BXfskXKIiL%2BVoP9INH29vaMVNEe39DE4JWgjHxh4HJVePthsWsv%2BpON%2Fhc22IEaKcuTF82MNZx0EBhmmqGwV3DAr3OmlQmbvYCygJQWE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eb4ad659de5695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| pl16725813.highcpmgate.com/b7/75/68/b775685b834710599fa3b4d2786defa4.js | 192.243.61.225 | 200 OK | 84 kB |
URL GET HTTP/1.1pl16725813.highcpmgate.com/b7/75/68/b775685b834710599fa3b4d2786defa4.js IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.tv1337.buzz/go/3/121 CertificateIssuerLet's Encrypt Subjecthighcpmgate.com FingerprintE7:53:32:23:DA:D6:BE:EB:98:90:05:4B:AC:AC:8C:89:F2:4D:FB:2E ValidityFri, 19 Apr 2024 10:31:16 GMT - Thu, 18 Jul 2024 10:31:15 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash1c562b72b74354cb4a4f26a54fed2fc4 9f9ff3b6d019722e9a53c4dca2106b1b57919081 62c18b5c36ac36f695aa5ade300b1e647c2a6943d22f31aaeaaae736a4605b5f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /b7/75/68/b775685b834710599fa3b4d2786defa4.js HTTP/1.1
Host: pl16725813.highcpmgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tv1337.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 20:38:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b6713b1d05e5a32fb0726d7b8cac7a86
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| capaciousdrewreligion.com/advertisers.js | 192.243.59.20 | 200 OK | 0 B |
URL GET HTTP/1.1capaciousdrewreligion.com/advertisers.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.tv1337.buzz/go/3/121 CertificateIssuerLet's Encrypt Subjectcapaciousdrewreligion.com Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tv1337.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 20:38:04 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8d096fdb029039f4d6a05c507241e2f4
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| fonts.googleapis.com/css?family=Lato:400,700 | 142.250.74.106 | 200 OK | 1.4 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Lato:400,700 IP142.250.74.106:443
Requested byhttps://unanimousconsider.net/embed/a7hfuuu11vri CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1474), with no line terminators Hash73d13bdd1ab78f594cb774a9319a64f2 b998b7afc14655aed45dbdd4120eda96a2aa4427 5645753d1916f250c3f7c8658a2616db7c616ae6ec7d1dc0e3f9f1a2bb7ab47a
GET /css?family=Lato:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://unanimousconsider.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 20:38:04 GMT
date: Sat, 04 May 2024 20:38:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js | 151.101.1.229 | 200 OK | 525 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js IP151.101.1.229:443
Requested byhttps://unanimousconsider.net/embed/a7hfuuu11vri CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Size525 kB (525081 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npm/clappr@latest/dist/clappr.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://unanimousconsider.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.3.13
x-jsd-version-type: version
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
content-encoding: br
accept-ranges: bytes
date: Sat, 04 May 2024 20:38:04 GMT
age: 26725
x-served-by: cache-fra-etou8220029-FRA, cache-hel1410033-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 145133
X-Firefox-Spdy: h2
|
|
| tv1337.buzz/favicon.ico | 188.114.97.1 | 200 OK | 2.0 kB |
IP188.114.97.1:443
Requested byhttps://tv1337.buzz/hola.php?id=3/121 CertificateIssuerGoogle Trust Services LLC Subjecttv1337.buzz Fingerprint9D:4A:18:EB:19:04:19:E0:A9:01:28:87:BD:73:A6:1D:63:4C:E5:78 ValidityMon, 29 Apr 2024 00:24:21 GMT - Sun, 28 Jul 2024 00:24:20 GMT
File typePNG image data, 36 x 34, 8-bit/color RGBA, non-interlaced Hash73ba79f24b56a0b965644213c761635d 442be67ca159de22822c8dc1d15874a2ee3a075f cb136eca6edfeb5843fead65aebac6990f0bad0ab94e6eb95c83723a39472119
GET /favicon.ico HTTP/1.1
Host: tv1337.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tv1337.buzz/hola.php?id=3/121
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 20:38:02 GMT
content-type: image/x-icon
last-modified: Tue, 24 Sep 2019 00:24:21 GMT
etag: W/"5d896235-7c8"
x-proxy-cache: HIT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2353
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ct6nY%2BGPwhH%2B0bdqckRIYdPmtiljPaJcEb3%2BvZBP3djOfAilOzeEBfoupxAeZd2rybxpeZUSBEP8aQcoqxCns9%2BTMvT4Lfk6okWeBSFyc3K9bUiADXNOdPfkFAsXMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb4ac91db8b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.tv1337.buzz/wcs.js?v=2 | 104.21.95.101 | 404 Not Found | 162 B |
URL GET HTTP/3www.tv1337.buzz/wcs.js?v=2 IP104.21.95.101:443
Requested byhttps://www.tv1337.buzz/go/3/121 CertificateIssuerGoogle Trust Services LLC Subjecttv1337.buzz Fingerprint9D:4A:18:EB:19:04:19:E0:A9:01:28:87:BD:73:A6:1D:63:4C:E5:78 ValidityMon, 29 Apr 2024 00:24:21 GMT - Sun, 28 Jul 2024 00:24:20 GMT
File typeHTML document, ASCII text, with no line terminators Hash42b7c03ebcddafdb2aa3078e3a9ceb69 57570cf4712b36bce96f68228e6c72137c2156dd a225bf8186e767cfb73fec2ac55678c083a3c2abd042bc1cf85f820bced5ec9f
GET /wcs.js?v=2 HTTP/1.1
Host: www.tv1337.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tv1337.buzz/go/3/121
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 04 May 2024 20:38:02 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2BDidrcgeHgltCAPvZ3EkLj0L2cKFWiMaRVkkGurP%2BPsruqNnJma5AOg4K8CSlL97F7B75x7Y6WT7pL9cpL1PNs%2FHFmbGRNi8eA4Y6WuPidkTbOlpx%2F7YOLZ1iYdg5Ei6SA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb4acb492a5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| awistats.com/js/script.js | 188.114.96.1 | 200 OK | 1.3 kB |
URL GET HTTP/2awistats.com/js/script.js IP188.114.96.1:443
Requested byhttps://unanimousconsider.net/embed/a7hfuuu11vri CertificateIssuerGoogle Trust Services LLC Subjectawistats.com Fingerprint56:8B:C5:36:79:56:6E:4F:58:C1:9C:D7:9D:00:EE:0D:77:55:D7:15 ValidityWed, 27 Mar 2024 19:21:32 GMT - Tue, 25 Jun 2024 19:21:31 GMT
File typeASCII text, with very long lines (1384), with no line terminators Hash16cfd1982a40489c41a52add24d36b85 344f1896d895c5d0a7c4caecafcf1942603cd026 72073aacecd145e525b16c4c845c07bff5798e813eeed702dff748a18b6186ce
GET /js/script.js HTTP/1.1
Host: awistats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://unanimousconsider.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 20:38:04 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15266
last-modified: Sat, 04 May 2024 16:23:38 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UzT1B7OU7XWk99lnvQxPmqyLRTy7rrAmDivWBkSwj7PWer1IQ6dPHU3KqOnBeS1L0UvuUlLhPZHjF9qvJRybKPdX47%2FrhW8yowLfxC8IgDQrpEXZpgmkHWohnf3KW0s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb4ad36e2f568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lol-foot.ru/go/3/121 | 104.21.51.134 | 301 Moved Permanently | 68 kB |
IP104.21.51.134:443
Requested byhttps://tv1337.buzz/hola.php?id=3/121 CertificateIssuerGoogle Trust Services LLC Subjectlol-foot.ru Fingerprint46:11:81:40:B2:08:13:A6:B9:86:6F:4B:5C:DB:83:09:8F:9E:79:08 ValidityTue, 09 Apr 2024 00:32:15 GMT - Mon, 08 Jul 2024 00:32:14 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/3/121 HTTP/1.1
Host: lol-foot.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tv1337.buzz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Sat, 04 May 2024 20:38:02 GMT
content-type: text/html
location: https://www.tv1337.buzz/go/3/121
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Aqe8%2FWjUj74epTlbbIidKTCG2VJEwGuIVDTfB9cVIxCojqjsAjL9Eex5mCrjXldUdZuQy82KZJXiT%2BbR8431OMJp1UwQZixihr%2F4OKfGeuuCUpZdSSxnnqKwkkziCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eb4ac97fb1b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.tv1337.buzz/wcs.js?v=2 | 104.21.95.101 | 404 Not Found | 162 B |
URL GET HTTP/3www.tv1337.buzz/wcs.js?v=2 IP104.21.95.101:443
Requested byhttps://www.tv1337.buzz/go/3/121 CertificateIssuerGoogle Trust Services LLC Subjecttv1337.buzz Fingerprint9D:4A:18:EB:19:04:19:E0:A9:01:28:87:BD:73:A6:1D:63:4C:E5:78 ValidityMon, 29 Apr 2024 00:24:21 GMT - Sun, 28 Jul 2024 00:24:20 GMT
File typeHTML document, ASCII text, with no line terminators Hash42b7c03ebcddafdb2aa3078e3a9ceb69 57570cf4712b36bce96f68228e6c72137c2156dd a225bf8186e767cfb73fec2ac55678c083a3c2abd042bc1cf85f820bced5ec9f
GET /wcs.js?v=2 HTTP/1.1
Host: www.tv1337.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.tv1337.buzz/go/3/121
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 04 May 2024 20:38:03 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0IWdRUe1j%2FrbTeJXy3s1Qgmj6QEhy9%2Fl0vv225b7Q60ZI4FzaK8d4czB66RxM3TXLG6LEvyjru%2BgcGpf5DNI4OP78EibgQW8dAIdXvaF1I9fjLueNmDuWzK312pjTwzX184%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eb4ad1290b5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| mordoops.com/5/6555840/?oo=1&aab=1 | 139.45.197.244 | 200 OK | 2.9 kB |
URL GET HTTP/2mordoops.com/5/6555840/?oo=1&aab=1 IP139.45.197.244:443
Requested byhttps://www.tv1337.buzz/go/3/121 CertificateIssuerLet's Encrypt Subjectmordoops.com Fingerprint0B:32:D8:40:AB:56:05:9B:BD:33:D8:55:19:05:B0:A5:45:79:BA:1D ValiditySun, 28 Apr 2024 05:23:29 GMT - Sat, 27 Jul 2024 05:23:28 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3097), with no line terminators Hash00c9da6c6dd7153d008208a9b9defc09 5d14928aaa33984f603acac3461a1f02841363c4 d145aac183871cbb7973e6aadacbeff2251c042682eed8f73267679704d92525
GET /5/6555840/?oo=1&aab=1 HTTP/1.1
Host: mordoops.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tv1337.buzz
DNT: 1
Connection: keep-alive
Referer: https://www.tv1337.buzz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 20:38:03 GMT
content-type: application/json
x-trace-id: c333fed1c00b89d3d9244939549e948e
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://www.tv1337.buzz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=008052d449d84357f4e923d31898886e; expires=Sun, 04 May 2025 20:38:03 GMT; path=/; secure; SameSite=None
oaidts=1714855083; expires=Sun, 04 May 2025 20:38:03 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|