| s3-download.xyz/Hogwarts-Legacy-Deluxe-Edition-EMPRESS | 188.114.96.1 | 200 OK | 973 B |
URL User Request GET HTTP/2s3-download.xyz/Hogwarts-Legacy-Deluxe-Edition-EMPRESS IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjects3-download.xyz Fingerprint6F:B6:36:5E:73:38:74:39:29:37:8E:DC:EE:D9:4A:BE:74:49:2C:FB ValidityThu, 14 Mar 2024 23:57:39 GMT - Wed, 12 Jun 2024 23:57:38 GMT
File typeHTML document, ASCII text, with very long lines (763) Hash542c7d26ab8421ed1f1a7dddacd22f23 fdc1a5496af158ef57bf93b71b940ae918cdfeac 93a860b91b6256cd877abca1c9c449fc371384b5a972f1c06f844ad2df838a2d
GET /Hogwarts-Legacy-Deluxe-Edition-EMPRESS HTTP/1.1
Host: s3-download.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 22:45:15 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
serverhostname: 94cccebb24fe
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7huUXmSqYD37X2EuC7%2FOYq5d3C9uy2H39yizde%2BT8RgJ9FCasMnxO6gCM4SWH3S0Z4pV0rkKcJP0t2q50CdQkQDVSE1xHL4IdH7F1X1WAjx8yMmF72zTxsrHLlrtsIwCyfc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87999f604d59712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bf.burniecrepes.com/r2KTICCFPZQvKd56m/MoQaq | 23.109.170.94 | 200 OK | 20 B |
URL GET HTTP/1.1bf.burniecrepes.com/r2KTICCFPZQvKd56m/MoQaq IP23.109.170.94:443
Requested byhttps://s3-download.xyz/Hogwarts-Legacy-Deluxe-Edition-EMPRESS CertificateIssuerLet's Encrypt Subjectbf.burniecrepes.com Fingerprint42:E5:52:FA:1C:BF:4B:CC:5C:A7:ED:27:06:92:D4:46:B1:5D:EE:BE ValiditySat, 09 Mar 2024 10:25:25 GMT - Fri, 07 Jun 2024 10:25:24 GMT
File typegzip compressed data, from Unix Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /r2KTICCFPZQvKd56m/MoQaq HTTP/1.1
Host: bf.burniecrepes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s3-download.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 22:45:15 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://s3-download.xyz
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Thu, 25-Apr-2024 22:45:15 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 25-Apr-2024 22:45:15 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| | 3.33.143.57 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/2IP3.33.143.57:443
CertificateIssuerAmazon Subjectrebrand.ly Fingerprint50:B7:7F:80:8E:BC:45:23:C5:73:EC:6A:0B:F8:D1:A5:EA:D3:3B:FC ValiditySat, 02 Mar 2024 00:00:00 GMT - Tue, 01 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a12xbel HTTP/1.1
Host: rebrand.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s3-download.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Wed, 24 Apr 2024 22:45:15 GMT
content-length: 0
location: https://privatetoolscb.com/links/instructions.zip
cache-control: no-cache, no-store
expires: -1
engine: Rebrandly.redirect, version 2.1
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
|
|
| privatetoolscb.com/links/instructions.zip | 172.67.198.124 | 200 OK | 50 MB |
URL User Request GET HTTP/2privatetoolscb.com/links/instructions.zip IP172.67.198.124:443
CertificateIssuerGoogle Trust Services LLC Subjectprivatetoolscb.com Fingerprint50:BF:C7:2F:93:BE:E0:91:8B:16:F4:1D:79:E4:07:38:D9:E9:26:16 ValidityMon, 18 Mar 2024 11:04:57 GMT - Sun, 16 Jun 2024 11:04:56 GMT
File typeZip archive data, at least v1.0 to extract, compression method=store Size50 MB (50358757 bytes) Hashb6bcc2e2e04553e0a52550238db1aef0 60f3bf6c03b2acc5454a013656ce1d5f3ea0956a 49f4a0796025ab6fc0f27e666e999b1d10ea5988ed2895d24c957c404bf548a0
GET /links/instructions.zip HTTP/1.1
Host: privatetoolscb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s3-download.xyz/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 22:45:16 GMT
content-type: application/zip
content-length: 50358757
last-modified: Wed, 24 Apr 2024 15:58:43 GMT
etag: "66292c33-30069e5"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ItPUb5Nw%2FR3xU6Cf%2FG9T5FNgQkaBL%2BFVpSTq%2Bg6GwQkB2rsLxUMI8OIAb6sZb5VDNErzu0PIkZw3Sct8QrW9IZrcLFPmwWLTn5y9MG%2BAptMHTE%2BJLCjZ0IvECcwqpePxfmmgRAs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87999f672ac97131-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| torrentbrasil.net/?download_link=c3E2MElqb3FvKzYyK0ZzZ3NnQ1VNN0tYL25iRlFRTUVSdEE0RmpMbHlFZ2x6RUhKNWRoSUxqaXFqT2JIRi95Y3R4b1hXSm9ObitlVDZLV2lzbUtrYVlZTHB3RXlEV3lmbEZvNHVrWXdaQllpVkYvT0s3R3hsS25yZndDell5V0I | 190.115.31.6 | 302 Found | 3.1 kB |
URL User Request GET HTTP/2torrentbrasil.net/?download_link=c3E2MElqb3FvKzYyK0ZzZ3NnQ1VNN0tYL25iRlFRTUVSdEE0RmpMbHlFZ2x6RUhKNWRoSUxqaXFqT2JIRi95Y3R4b1hXSm9ObitlVDZLV2lzbUtrYVlZTHB3RXlEV3lmbEZvNHVrWXdaQllpVkYvT0s3R3hsS25yZndDell5V0I IP190.115.31.6:443
CertificateIssuerLet's Encrypt Subjecttorrentbrasil.net Fingerprint9A:62:72:6B:37:06:91:2E:92:EB:64:9B:69:A8:43:07:8B:5A:44:E4 ValidityThu, 11 Apr 2024 12:16:40 GMT - Wed, 10 Jul 2024 12:16:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?download_link=c3E2MElqb3FvKzYyK0ZzZ3NnQ1VNN0tYL25iRlFRTUVSdEE0RmpMbHlFZ2x6RUhKNWRoSUxqaXFqT2JIRi95Y3R4b1hXSm9ObitlVDZLV2lzbUtrYVlZTHB3RXlEV3lmbEZvNHVrWXdaQllpVkYvT0s3R3hsS25yZndDell5V0I HTTP/1.1
Host: torrentbrasil.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=REQyyxokQjcGmUmyLVId; Domain=.torrentbrasil.net; HttpOnly; Path=/; Expires=Thu, 24-Apr-2025 22:45:14 GMT
date: Wed, 24 Apr 2024 22:45:14 GMT
content-type: text/html; charset=UTF-8
vary: X-Forwarded-Proto,Accept-Encoding
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress
location: https://s3-download.xyz/Hogwarts-Legacy-Deluxe-Edition-EMPRESS
cache-control: max-age=0
expires: Wed, 24 Apr 2024 22:45:14 GMT
serverhostname: da5c708cbe3f
content-encoding: br
X-Firefox-Spdy: h2
|
|
| s3-download.xyz/favicon.ico | 188.114.96.1 | 404 Not Found | 40 B |
URL GET HTTP/3s3-download.xyz/favicon.ico IP188.114.96.1:443
Requested byhttps://s3-download.xyz/Hogwarts-Legacy-Deluxe-Edition-EMPRESS CertificateIssuerGoogle Trust Services LLC Subjects3-download.xyz Fingerprint6F:B6:36:5E:73:38:74:39:29:37:8E:DC:EE:D9:4A:BE:74:49:2C:FB ValidityThu, 14 Mar 2024 23:57:39 GMT - Wed, 12 Jun 2024 23:57:38 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash04c4bb08f02e144ff530614dd62b7fab 64c4def2889b9aebcf8ed536a41147474e6ce08e 91fb50d0b1ad52107c073fbc4473585cd058e1cf5aaacf601727ed8215e5b26c
GET /favicon.ico HTTP/1.1
Host: s3-download.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s3-download.xyz/Hogwarts-Legacy-Deluxe-Edition-EMPRESS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 22:45:15 GMT
content-type: application/json; charset=utf-8
content-length: 40
x-powered-by: Express
etag: W/"28-5C7N4rcpDEmIiuT+YkUQ7dshErk"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rBdWvDlFNomZ%2FTc6O%2BUU3LZnrbRtFjr66NKQr23yiwd1IHerGCT8Bd52iklEaDLFKpIYT%2BmrotAKPMNjXJFqLfrYMwPwsR1Z7si%2FV2pXXeEFG%2FHAcbWYgEUH5e%2FB9NNVM9o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87999f62de057130-OSL
alt-svc: h3=":443"; ma=86400
|
|