| thepiratebay3.co/static/img/tpb.jpg | 104.21.42.29 | 200 OK | 19 kB |
URL GET HTTP/3thepiratebay3.co/static/img/tpb.jpg IP104.21.42.29:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerGoogle Trust Services LLC Subjectthepiratebay3.co Fingerprint72:7B:CF:7E:96:39:FE:79:9C:EC:22:F2:7B:32:07:7F:BE:8F:D3:B9 ValidityFri, 15 Mar 2024 01:17:29 GMT - Thu, 13 Jun 2024 01:17:28 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 275x295, components 3 Hash6b945b5f5e2b8fc40ba470740ec483f6 6449d5cb355eeaa9c50e9a888995ed0f5bbd3f81 acecaff92aec4aaf0f1fecb2efaad6cdc3cc91e9d695792ac9d2ee9addefc322
GET /static/img/tpb.jpg HTTP/1.1
Host: thepiratebay3.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/static/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 09:46:11 GMT
content-type: image/jpeg
content-length: 19176
last-modified: Tue, 14 Nov 2023 03:03:49 GMT
etag: "6552e395-4ae8"
expires: Thu, 30 May 2024 17:54:39 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 836337
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xH2Wu841giGPtakcdtIlaOpOonn%2BzpIngP7uBqXxQsVrWQ%2FuNlXb87ZIDe7vZ7JcOXXaSriUgwosWk9dp%2BDrQEY6y4VeN9Pzx1Waype16dgjkcBH8ZFZoMstRs%2Fc63XcgtlG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881900306c077131-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cawadversityinheritance.com/b2/6c/fe/b26cfe063efcaf3c5be509d9e41bc140.js | 192.243.59.20 | 200 OK | 28 kB |
URL GET HTTP/1.1cawadversityinheritance.com/b2/6c/fe/b26cfe063efcaf3c5be509d9e41bc140.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjectcawadversityinheritance.com Fingerprint98:A5:90:6F:84:77:92:A9:84:C5:F4:B2:1A:32:B6:38:4A:43:F7:E9 ValidityTue, 30 Apr 2024 14:56:47 GMT - Mon, 29 Jul 2024 14:56:46 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hasha25a3703b711a5e4889dcfc4997e4c20 1336e220c69206d07173c262a9e72d8a19ae07ff 88717ed3e1fee4b8d3b3e6af7f0bfcf29057e05cab91253833840f22b287cd04
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /b2/6c/fe/b26cfe063efcaf3c5be509d9e41bc140.js HTTP/1.1
Host: cawadversityinheritance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 09:46:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 22717a08503e271c6a6b601f31ca6e2f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| cawadversityinheritance.com/b2/8d/2b/b28d2bc79dd0ce03e356452e52e0b3aa.js | 192.243.59.20 | 200 OK | 16 kB |
URL GET HTTP/1.1cawadversityinheritance.com/b2/8d/2b/b28d2bc79dd0ce03e356452e52e0b3aa.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjectcawadversityinheritance.com Fingerprint98:A5:90:6F:84:77:92:A9:84:C5:F4:B2:1A:32:B6:38:4A:43:F7:E9 ValidityTue, 30 Apr 2024 14:56:47 GMT - Mon, 29 Jul 2024 14:56:46 GMT
File typeJavaScript source, ASCII text, with very long lines (44020), with no line terminators Hash156bad394d309fb57c5ef42fb676fd8d a0623726253e36799e4238886e71eb0e87b48db5 ab63f22ea281f2323d3a3bed9174ebecb6ac124bcb867be69c04669630774dab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /b2/8d/2b/b28d2bc79dd0ce03e356452e52e0b3aa.js HTTP/1.1
Host: cawadversityinheritance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 09:46:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 96fb279c2825cdc940f5571ceab74b66
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.r2m03.amazontrust.com/ | 54.230.218.11 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP54.230.218.11:0
Hashc1ae368dfcd18c3fe0a38f18783ecfe1 591b78d8c937af6063def58fa5d376d07e7d005e 58ceb2cb03a41de3ae12171e7359276ed8fcbc1881b071c2783b782667cf124b
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 10 May 2024 09:46:12 GMT
Last-Modified: Fri, 10 May 2024 08:44:22 GMT
Server: ECAcc (ska/F749)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ujaW2MLpDNHwOM34zYeASVlnWFhlPLsAf7pECgMCtExdRb-9KQ51ng==
Age: 3710
|
|
| ocsp.r2m03.amazontrust.com/ | 54.230.218.11 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP54.230.218.11:0
Hashc1ae368dfcd18c3fe0a38f18783ecfe1 591b78d8c937af6063def58fa5d376d07e7d005e 58ceb2cb03a41de3ae12171e7359276ed8fcbc1881b071c2783b782667cf124b
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 10 May 2024 09:46:12 GMT
Last-Modified: Fri, 10 May 2024 09:20:58 GMT
Server: ECAcc (ska/F75B)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YHyTHwAbu4khNCHpg_TfSiFPi05HCeio3PGlNwnE4FY8eYVNUbNwwg==
Age: 1514
|
|
| proftrafficcounter.com/stats | 18.185.9.67 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.9.67:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash51714bae04d2175c748a1f11a37a0a4b 1502e4c89c2dd7ee22fa7eca1e46018c82364973 e48453d6e473d25079bab5b0d08871ed6517ecdd8aa37476638f8485b2918e6b
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thepiratebay3.co
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 09:46:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://thepiratebay3.co
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=5084d76e-c47b-4575-8f9b-709c39a518f0:1:1; expires=Mon, 08 May 2034 09:46:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 18.185.9.67 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.9.67:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashe3fcaefe026764a8d8e6c428e29e2280 019977361e4e5f05856e86e6d27b568e136e9e35 c477e724591a13736e72d5796e88b8ceafa683310868cb44c723f82e9127c438
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thepiratebay3.co
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 09:46:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://thepiratebay3.co
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=bf62e85b-f142-432e-b7ed-134aa05635a2:3:1; expires=Mon, 08 May 2034 09:46:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| capaciousdrewreligion.com/advertisers.js | 172.240.253.132 | 200 OK | 0 B |
URL GET HTTP/1.1capaciousdrewreligion.com/advertisers.js IP172.240.253.132:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjectcapaciousdrewreligion.com FingerprintBB:9C:12:88:24:43:D4:47:71:3F:F0:A4:BB:E1:85:65:CE:E7:92:E4 ValidityMon, 06 May 2024 02:35:23 GMT - Sun, 04 Aug 2024 02:35:22 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 09:46:13 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fbb6c97399bb62663a1454bb380c8f2c
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 200 OK | 28 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 09:46:13 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 0bc82f7ecb1dc87104308d7772849018
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 10 May 2024 09:46:10 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PKYloXAqVxV7pPQ7g2YhYoLM0SEhIhCEn%2BonRON8okzAF6sXy0N1JbStfHWspK4LMN7R%2FqjI458qtPI%2BY6gB9g7fXSsHGxvkblUAAvYdGyltdm9AGRirpX9CuN4lV%2B3UgHN3SBbDtunMAvflRi9FJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881900348bc50b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| thepiratebay3.co/favicon.ico | 104.21.42.29 | 200 OK | 7.9 kB |
URL GET HTTP/3thepiratebay3.co/favicon.ico IP104.21.42.29:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerGoogle Trust Services LLC Subjectthepiratebay3.co Fingerprint72:7B:CF:7E:96:39:FE:79:9C:EC:22:F2:7B:32:07:7F:BE:8F:D3:B9 ValidityFri, 15 Mar 2024 01:17:29 GMT - Thu, 13 Jun 2024 01:17:28 GMT
File typePC bitmap, Windows 3.x format, 16 x 16 x 24, resolution 19680 x 19680 px/m, cbSize 824, bits offset 54 Hashb407e86e0a33574c3079d83fe36e1da6 fc0e3d17c0d17865a24f3bbb3afd8a1ed0bbea83 fab9c76a90a2be44b10dfc214c044b7105fd02ac545b322ae3f1ac3a4c697ac3
GET /favicon.ico HTTP/1.1
Host: thepiratebay3.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=bf62e85b-f142-432e-b7ed-134aa05635a2%3A3%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 09:46:12 GMT
content-type: image/x-icon
last-modified: Tue, 22 Feb 2022 02:49:42 GMT
etag: W/"62144f46-338"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4819
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MtoDon%2F%2BrS8KF61hAiVGxnq0g4wmoJbZ3tvQl1ywSSxKK7j7OIATExtW5RpPiMXBKwwwfzUUXktwXHoy2keNHmKz4%2B7b6vVGuhk0p4JT2fd7wLI1%2FKGl5qq3UVqD6BzqvXqb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88190036bd987131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| trolleytool.com/sbar.json?key=b28d2bc79dd0ce03e356452e52e0b3aa&uuid=5084d76e-c47b-4575-8f9b-709c39a518f0%3A1%3A1 | 192.243.59.20 | 200 OK | 8.1 kB |
URL GET HTTP/1.1trolleytool.com/sbar.json?key=b28d2bc79dd0ce03e356452e52e0b3aa&uuid=5084d76e-c47b-4575-8f9b-709c39a518f0%3A1%3A1 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjecttrolleytool.com Fingerprint8F:19:84:C5:77:76:09:BF:A1:76:E7:0A:BC:F3:AD:14:54:44:6C:6A ValidityMon, 06 May 2024 12:47:59 GMT - Sun, 04 Aug 2024 12:47:58 GMT
Hash84f2f40618066bbca2926bae98b0f7be 892f3b8c87805dd84b4fec4f66373f4ed309f2a6 afbb45120e81c9ec2d742e83367ad3dbe3e549f37d556d0b8780b41a763ea275
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=b28d2bc79dd0ce03e356452e52e0b3aa&uuid=5084d76e-c47b-4575-8f9b-709c39a518f0%3A1%3A1 HTTP/1.1
Host: trolleytool.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thepiratebay3.co
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 09:46:13 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://thepiratebay3.co
Access-Control-Allow-Origin: https://thepiratebay3.co
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=18224899; expires=Sat, 11 May 2024 09:46:13 GMT; secure; SameSite=None
uid_id2=5084d76e-c47b-4575-8f9b-709c39a518f0:1:1; expires=Fri, 17 May 2024 09:46:13 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 11 May 2024 09:46:13 GMT; secure; SameSite=None
uncs=1; expires=Sat, 11 May 2024 09:46:13 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 11 May 2024 09:46:13 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 11 May 2024 09:46:13 GMT; secure; SameSite=None
slecb28d2bc79dd0ce03e356452e52e0b3aa=[5228476,5228478]; expires=Fri, 10 May 2024 09:46:18 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0f92c0833f77cf0eea8e38af4c12f981
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| trolleytool.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gcVRh%2Fk8aLHsRS9CDCCh4Ums3M7O7MrqUUa4yExqa0Sr3J%2B7ebZ97OG9%2Bb2dnkFCxKj4sXr5PfJg1qKfWuUTaFHgJi14PkYG69eRAKBS8iuw0ufvDe9%2Bf3Pfh9v%2B99uZOfkBA5PV76wGwprelio%2BpX3vw4CC5UVlWS9yv9ZvRJVL9Qsb23W1HVf6vyvuQbZjH0A98P%2FKCyrKxsm%2F7iBIRK77aCasuv1sNq0Kijb%2F%2Bfu9yDox5E74SchRLj%2BQfeOSg%2BQtK9vyTdRmbS8%2B91c00zY9ET%2Bx8lG4kpEnRnYdt6aCf7p90w7tHyAUyyN6UL0%2Fuvkakx8R4egCX7pyTBertTnkxDJmDiBRS9EaQeQdERuLkFJR4RgAtcXUPSvXPV2IJuPkPpBB2T%2BadPoIoxmf%2FjHJLuvcta9Ss3jM4zZRKHfruE6o%2BgOiOk%2BSGyrTmo4hA8%2BxxK%2FEIWn64i6e6uOW2gxPEbDb9ZF3EkF3g9Zgv1RtxYaLZbbCH2W7zWoo2g2fanAik1gmqPoOUA1HnIJ0d5yNse8tRDVxxXeBAEsS849ZstzmsiliwSfkDjdkADP2oi55MZBsjSAbgegNttpHYbG2oAm%2F8Mt17CCQ8uI%2BiJEoUkKBxBQQkKRVBkBEWv3BPaha68I7TLWXDqw1NfK4cm6%2BzQPZN1ZEJA7QBWlDvpCXlpIqD38itnsCGPKyxsipDxuCWEz6Vfk7VGVG%2BEshFKn9UohVMllJubjrulxuT1K%2FeQqjF57ut%2FwOghnD4EV2dB89dAixJ0vcRWcj9bl6myNJOMbtaq3ECYEmk2j2zT29En5NXpGtce%2FgDJj8ipgdsSqS3xqXpA0NG3h9dNQXavm8KR79fSTHXVFp2s%2BEZGM%2Bl9e0VuFsaKlSU3%2BOYdPgEm4d0PpctWaSJU0nHku8tKCGmXjeWS%2FLjibkp2LXfrl3Ob5OnqtXeXV7qplc4pk4xA1ZiQ4RNwNSYv%2Fvr39Pee%2F%2BImlB3B5iW6%2BYyrMofg6TZcOqs5Q2D1LGephyIvhzZks6JWBFrOcspKOHl06XE6%2FP35i5%2BByaOf%2FnqGDS2dvKaq3HG30bFzoNktJN0SPVuip0tQPYDLzwyz1B5d%2Bq02NTA9N2Tazu0ybfVXU5kn1wGcOq7EtZpPo1YjiGMqY1YPm%2B0oEJSG9SiMIlpD5sbti38%2B%2FhcAAP%2F%2FAQAA%2F%2F9XFpqTlwQAAA%3D%3D | 192.243.59.20 | 200 OK | 7 B |
URL GET HTTP/1.1trolleytool.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gcVRh%2Fk8aLHsRS9CDCCh4Ums3M7O7MrqUUa4yExqa0Sr3J%2B7ebZ97OG9%2Bb2dnkFCxKj4sXr5PfJg1qKfWuUTaFHgJi14PkYG69eRAKBS8iuw0ufvDe9%2Bf3Pfh9v%2B99uZOfkBA5PV76wGwprelio%2BpX3vw4CC5UVlWS9yv9ZvRJVL9Qsb23W1HVf6vyvuQbZjH0A98P%2FKCyrKxsm%2F7iBIRK77aCasuv1sNq0Kijb%2F%2Bfu9yDox5E74SchRLj%2BQfeOSg%2BQtK9vyTdRmbS8%2B91c00zY9ET%2Bx8lG4kpEnRnYdt6aCf7p90w7tHyAUyyN6UL0%2Fuvkakx8R4egCX7pyTBertTnkxDJmDiBRS9EaQeQdERuLkFJR4RgAtcXUPSvXPV2IJuPkPpBB2T%2BadPoIoxmf%2FjHJLuvcta9Ss3jM4zZRKHfruE6o%2BgOiOk%2BSGyrTmo4hA8%2BxxK%2FEIWn64i6e6uOW2gxPEbDb9ZF3EkF3g9Zgv1RtxYaLZbbCH2W7zWoo2g2fanAik1gmqPoOUA1HnIJ0d5yNse8tRDVxxXeBAEsS849ZstzmsiliwSfkDjdkADP2oi55MZBsjSAbgegNttpHYbG2oAm%2F8Mt17CCQ8uI%2BiJEoUkKBxBQQkKRVBkBEWv3BPaha68I7TLWXDqw1NfK4cm6%2BzQPZN1ZEJA7QBWlDvpCXlpIqD38itnsCGPKyxsipDxuCWEz6Vfk7VGVG%2BEshFKn9UohVMllJubjrulxuT1K%2FeQqjF57ut%2FwOghnD4EV2dB89dAixJ0vcRWcj9bl6myNJOMbtaq3ECYEmk2j2zT29En5NXpGtce%2FgDJj8ipgdsSqS3xqXpA0NG3h9dNQXavm8KR79fSTHXVFp2s%2BEZGM%2Bl9e0VuFsaKlSU3%2BOYdPgEm4d0PpctWaSJU0nHku8tKCGmXjeWS%2FLjibkp2LXfrl3Ob5OnqtXeXV7qplc4pk4xA1ZiQ4RNwNSYv%2Fvr39Pee%2F%2BImlB3B5iW6%2BYyrMofg6TZcOqs5Q2D1LGephyIvhzZks6JWBFrOcspKOHl06XE6%2FP35i5%2BByaOf%2FnqGDS2dvKaq3HG30bFzoNktJN0SPVuip0tQPYDLzwyz1B5d%2Bq02NTA9N2Tazu0ybfVXU5kn1wGcOq7EtZpPo1YjiGMqY1YPm%2B0oEJSG9SiMIlpD5sbti38%2B%2FhcAAP%2F%2FAQAA%2F%2F9XFpqTlwQAAA%3D%3D IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjecttrolleytool.com Fingerprint8F:19:84:C5:77:76:09:BF:A1:76:E7:0A:BC:F3:AD:14:54:44:6C:6A ValidityMon, 06 May 2024 12:47:59 GMT - Sun, 04 Aug 2024 12:47:58 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST2gcVRh%2Fk8aLHsRS9CDCCh4Ums3M7O7MrqUUa4yExqa0Sr3J%2B7ebZ97OG9%2Bb2dnkFCxKj4sXr5PfJg1qKfWuUTaFHgJi14PkYG69eRAKBS8iuw0ufvDe9%2Bf3Pfh9v%2B99uZOfkBA5PV76wGwprelio%2BpX3vw4CC5UVlWS9yv9ZvRJVL9Qsb23W1HVf6vyvuQbZjH0A98P%2FKCyrKxsm%2F7iBIRK77aCasuv1sNq0Kijb%2F%2Bfu9yDox5E74SchRLj%2BQfeOSg%2BQtK9vyTdRmbS8%2B91c00zY9ET%2Bx8lG4kpEnRnYdt6aCf7p90w7tHyAUyyN6UL0%2Fuvkakx8R4egCX7pyTBertTnkxDJmDiBRS9EaQeQdERuLkFJR4RgAtcXUPSvXPV2IJuPkPpBB2T%2BadPoIoxmf%2FjHJLuvcta9Ss3jM4zZRKHfruE6o%2BgOiOk%2BSGyrTmo4hA8%2BxxK%2FEIWn64i6e6uOW2gxPEbDb9ZF3EkF3g9Zgv1RtxYaLZbbCH2W7zWoo2g2fanAik1gmqPoOUA1HnIJ0d5yNse8tRDVxxXeBAEsS849ZstzmsiliwSfkDjdkADP2oi55MZBsjSAbgegNttpHYbG2oAm%2F8Mt17CCQ8uI%2BiJEoUkKBxBQQkKRVBkBEWv3BPaha68I7TLWXDqw1NfK4cm6%2BzQPZN1ZEJA7QBWlDvpCXlpIqD38itnsCGPKyxsipDxuCWEz6Vfk7VGVG%2BEshFKn9UohVMllJubjrulxuT1K%2FeQqjF57ut%2FwOghnD4EV2dB89dAixJ0vcRWcj9bl6myNJOMbtaq3ECYEmk2j2zT29En5NXpGtce%2FgDJj8ipgdsSqS3xqXpA0NG3h9dNQXavm8KR79fSTHXVFp2s%2BEZGM%2Bl9e0VuFsaKlSU3%2BOYdPgEm4d0PpctWaSJU0nHku8tKCGmXjeWS%2FLjibkp2LXfrl3Ob5OnqtXeXV7qplc4pk4xA1ZiQ4RNwNSYv%2Fvr39Pee%2F%2BImlB3B5iW6%2BYyrMofg6TZcOqs5Q2D1LGephyIvhzZks6JWBFrOcspKOHl06XE6%2FP35i5%2BByaOf%2FnqGDS2dvKaq3HG30bFzoNktJN0SPVuip0tQPYDLzwyz1B5d%2Bq02NTA9N2Tazu0ybfVXU5kn1wGcOq7EtZpPo1YjiGMqY1YPm%2B0oEJSG9SiMIlpD5sbti38%2B%2FhcAAP%2F%2FAQAA%2F%2F9XFpqTlwQAAA%3D%3D HTTP/1.1
Host: trolleytool.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Cookie: u_pl=18224899; uid_id2=5084d76e-c47b-4575-8f9b-709c39a518f0:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb28d2bc79dd0ce03e356452e52e0b3aa=[5228476,5228478]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 09:46:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: af4f73c4b3f45f51749ce08915e8c474
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| trolleytool.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F48%2F48%2Feb%2F4848ebd6f7295875a5d388ec2488aba3%2F1648542421.html&l=1538&fd=121 | 192.243.59.20 | 200 OK | 0 B |
URL GET HTTP/1.1trolleytool.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F48%2F48%2Feb%2F4848ebd6f7295875a5d388ec2488aba3%2F1648542421.html&l=1538&fd=121 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjecttrolleytool.com Fingerprint8F:19:84:C5:77:76:09:BF:A1:76:E7:0A:BC:F3:AD:14:54:44:6C:6A ValidityMon, 06 May 2024 12:47:59 GMT - Sun, 04 Aug 2024 12:47:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F48%2F48%2Feb%2F4848ebd6f7295875a5d388ec2488aba3%2F1648542421.html&l=1538&fd=121 HTTP/1.1
Host: trolleytool.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Cookie: u_pl=18224899; uid_id2=5084d76e-c47b-4575-8f9b-709c39a518f0:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb28d2bc79dd0ce03e356452e52e0b3aa=[5228476,5228478]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 09:46:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/img/close.png | 188.114.96.1 | 200 OK | 591 B |
URL GET HTTP/3cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/img/close.png IP188.114.96.1:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typePNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced Hash9fd5bcb6103d86e317bd1eb019bcbe71 6b5a52ea669dcb74946f2bed4bdd7ec985026113 0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae
GET /sb/ssp/vpn/classic-push/big1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 09:46:13 GMT
content-type: image/png
content-length: 591
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: "65aa84fe-24f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 836374
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UYMonVm0yVNXWIoES6aMQULuvsYdvoTB0NORyZs3SI2YatRj1gCzo9S7gdrGEwEq5HBktDEB2CE2IE2Fd1iAgyknISGepVsY56SD8yC6rLCL78xojdVVITeDB54sV3jwQcFTohVA%2F0I8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8819003c2f5d0b65-OSL
alt-svc: h3=":443"; ma=86400
|
|
| trolleytool.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fcss%2Fstyle.css&l=4143&fd=72 | 192.243.59.20 | 200 OK | 0 B |
URL GET HTTP/1.1trolleytool.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fcss%2Fstyle.css&l=4143&fd=72 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjecttrolleytool.com Fingerprint8F:19:84:C5:77:76:09:BF:A1:76:E7:0A:BC:F3:AD:14:54:44:6C:6A ValidityMon, 06 May 2024 12:47:59 GMT - Sun, 04 Aug 2024 12:47:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fcss%2Fstyle.css&l=4143&fd=72 HTTP/1.1
Host: trolleytool.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Cookie: u_pl=18224899; uid_id2=5084d76e-c47b-4575-8f9b-709c39a518f0:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb28d2bc79dd0ce03e356452e52e0b3aa=[5228476,5228478]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 09:46:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.cloudimagesb.com/si/f0/a1/7d/f0a17d1c0cc1af0ee345daf6b412baac/1697196241.png | 45.133.44.10 | 200 OK | 36 kB |
URL GET HTTP/2cdn.cloudimagesb.com/si/f0/a1/7d/f0a17d1c0cc1af0ee345daf6b412baac/1697196241.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hashc72a9da7210936937de3e0ad1ae1d94c 0b076e234fc41a558cc24c38c71ae7c49277d88a 618141dbaa05a9250d9fa59f1c7f72c33e160bc8663b560b7e84842e163a1685
GET /si/f0/a1/7d/f0a17d1c0cc1af0ee345daf6b412baac/1697196241.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 09:46:13 GMT
content-type: image/png
content-length: 35513
server: nginx/1.21.6
last-modified: Fri, 13 Oct 2023 11:24:10 GMT
etag: "652928da-8ab9"
expires: Sun, 12 May 2024 09:46:13 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/si/c5/c3/b7/c5c3b7ee9cefe37e01aeb634e82dba77/1697200250.png | 45.133.44.10 | 200 OK | 35 kB |
URL GET HTTP/2cdn.cloudimagesb.com/si/c5/c3/b7/c5c3b7ee9cefe37e01aeb634e82dba77/1697200250.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 320 x 180, 8-bit/color RGBA, non-interlaced Hash8bdb213edaa8c740081b8ec81a8217ba 524ccf0b3957e46b04951db9409fbe9db3f93ce2 bd866634affed39238c09bc297bb7c7c43cbdb128e77a38c1aa68dc428c6aca5
GET /si/c5/c3/b7/c5c3b7ee9cefe37e01aeb634e82dba77/1697200250.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 09:46:13 GMT
content-type: image/png
content-length: 35240
server: nginx/1.21.6
last-modified: Fri, 13 Oct 2023 12:30:58 GMT
etag: "65293882-89a8"
expires: Sun, 12 May 2024 09:46:13 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/script.js | 188.114.96.1 | 200 OK | 338 B |
URL GET HTTP/3cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/script.js IP188.114.96.1:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash89918681df9f363bb293cb027c2f1113 cf7dca97b09ed3d03e821b407286539519a9f037 6648e7501f858c8ffaf2b35736dbd37f2d22afb2c781ee552d7c113d77413b9e
GET /sb/ssp/vpn/classic-push/big1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thepiratebay3.co
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 09:46:13 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-3be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 74741
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TCvctL0SSA8bK3K0xa65nMhb%2Ba0DvTOirURoVw56A3nFKIuDDb94At5tlzHdJnpZPd%2BUVJbi5hSD9RBq1Nmni3ftJfp0GqrNWSHe7%2BF4PF8lgJayY3ONWCcvTZgRyXVUYZOSXRCqHEMs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8819003c7fc00b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| unseenreport.com/pxf.gif?uuid=bf62e85b-f142-432e-b7ed-134aa05635a2&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=b28d2bc79dd0ce03e356452e52e0b3aa&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9 | 192.243.59.20 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=bf62e85b-f142-432e-b7ed-134aa05635a2&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=b28d2bc79dd0ce03e356452e52e0b3aa&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=bf62e85b-f142-432e-b7ed-134aa05635a2&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=b28d2bc79dd0ce03e356452e52e0b3aa&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 09:46:13 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1eccf244968f598fa478e91ca220521c
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=bf62e85b-f142-432e-b7ed-134aa05635a2&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=b26cfe063efcaf3c5be509d9e41bc140&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9 | 192.243.59.20 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=bf62e85b-f142-432e-b7ed-134aa05635a2&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=b26cfe063efcaf3c5be509d9e41bc140&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=bf62e85b-f142-432e-b7ed-134aa05635a2&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=b26cfe063efcaf3c5be509d9e41bc140&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 09:46:13 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 46423da1928273fcc8396ed911faf281
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| trolleytool.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fcss%2Fanimate.css&l=78693&fd=75 | 192.243.59.20 | 200 OK | 0 B |
URL GET HTTP/1.1trolleytool.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fcss%2Fanimate.css&l=78693&fd=75 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjecttrolleytool.com Fingerprint8F:19:84:C5:77:76:09:BF:A1:76:E7:0A:BC:F3:AD:14:54:44:6C:6A ValidityMon, 06 May 2024 12:47:59 GMT - Sun, 04 Aug 2024 12:47:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fcss%2Fanimate.css&l=78693&fd=75 HTTP/1.1
Host: trolleytool.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Cookie: u_pl=18224899; uid_id2=5084d76e-c47b-4575-8f9b-709c39a518f0:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb28d2bc79dd0ce03e356452e52e0b3aa=[5228476,5228478]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 09:46:14 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thepiratebay3.co
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:55:00 GMT
expires: Fri, 09 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
age: 114674
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| trolleytool.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2gcVRh%2Fk8aLHsRS9CDCCh4Ums3M7s7%2BsZRijZHQ2JRWqTd5%2F2bzzJt543szO5ucgkXpcfHidfLbpEEtpd41yqbQQ0DsepAczK03D0Kh4EVkt8HFD977%2Fvy%2BB7%2Fv970vd%2FITUkNOj5c%2BMFtKa7oYVv3Kmx8HwYXKqkryfqXfbn7SbFyo2N7bnWbVf6vyvuQbZrHmB74f%2BEFlWVkZmf7iBIRK73aCasevNmrVIGygb%2F%2Bfu9yDox5E74SchRLj%2BQfeOSg%2BQhLfX5JuIzPp%2BffiXNPMWPTE%2FkfJRmKKBPEsjKyHKNk%2F7YZxj5YPYJK9KV2Y3n%2BNTI2J9%2FAALNk%2FJQnW253yZBoyARMvoOiNIPUIio7AzS0o8YgAXODqGpL4zlVjC7r5DKUTdEzmnz6BKsZk%2Fo9zSOJ7l7XqV24YnWfKJA79qITqj6C6I6T5IbKtOajiEDz7HEr8QhafriKJd9ecNlDi%2BI3QbzdEqykXeKPFFhphK1xoRx220PI7vN6hYdCO%2FKlASo2gohG0HIA6D%2FnkKA955CFPPcTiuMKDIGj5glO%2F3eG8LlqSNYUf0FYU0MBvtpHzyQwDZOkAXA%2FA7TZSu40NNYDNf4ZbL%2BGEB5cR9ESJQhIUjqCgBIUiKDKColfuCe1qrrwjtMtZcOprp75eDk3W3aF7JuvKhIDaAawod9IT8tJEQO%2FlV85gQx5XWK0taoy3OkL4XPp1WQ%2BbjbAmw5r0WZ1SOFVCubnpuFtqTF6%2Fcg%2BpGpPnvv4HjB7C6UNwdRY0fw20KEHXS2wl97N1mSpLM8noZr3KDYQpkWbzyDa9HX1CXp2uce3hD5D8iJwauC2R2hKfqgcEXX17eN0UZPe6KRz5fi3NVKy26GTFNzKaSe%2FbK3KzMFasLLnBN%2B%2FwCTAJ734oXbZKE6GSriPfXVZCSLtsLJfkxxV3U7JruVu%2FnNskT1evvbu8EqdWOqdMMgJVY0KGT8DVmLz469%2FT33v%2Bi5tQdgSbl4jzGVdlDsHTbbh0VnOGwOpZzlIPRV4ObY3NiloRaDnLKSvh5NGlx%2Bnw9%2BcvfgYmj3766xk2tHTymqpyx91G186BZreQxCV6tkRPl6B6AJefGWapPbr0W31qYHpuyLSd22Xa6q%2BmMk%2BuAzh1XKn7osVkJFtMNsJGJLlgYch8HnFWF%2B02R%2BbG0cU%2FH%2F8LAAD%2F%2FwEAAP%2F%2F18JPe5cEAAA%3D | 192.243.59.20 | 200 OK | 7 B |
URL GET HTTP/1.1trolleytool.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2gcVRh%2Fk8aLHsRS9CDCCh4Ums3M7s7%2BsZRijZHQ2JRWqTd5%2F2bzzJt543szO5ucgkXpcfHidfLbpEEtpd41yqbQQ0DsepAczK03D0Kh4EVkt8HFD977%2Fvy%2BB7%2Fv970vd%2FITUkNOj5c%2BMFtKa7oYVv3Kmx8HwYXKqkryfqXfbn7SbFyo2N7bnWbVf6vyvuQbZrHmB74f%2BEFlWVkZmf7iBIRK73aCasevNmrVIGygb%2F%2Bfu9yDox5E74SchRLj%2BQfeOSg%2BQhLfX5JuIzPp%2BffiXNPMWPTE%2FkfJRmKKBPEsjKyHKNk%2F7YZxj5YPYJK9KV2Y3n%2BNTI2J9%2FAALNk%2FJQnW253yZBoyARMvoOiNIPUIio7AzS0o8YgAXODqGpL4zlVjC7r5DKUTdEzmnz6BKsZk%2Fo9zSOJ7l7XqV24YnWfKJA79qITqj6C6I6T5IbKtOajiEDz7HEr8QhafriKJd9ecNlDi%2BI3QbzdEqykXeKPFFhphK1xoRx220PI7vN6hYdCO%2FKlASo2gohG0HIA6D%2FnkKA955CFPPcTiuMKDIGj5glO%2F3eG8LlqSNYUf0FYU0MBvtpHzyQwDZOkAXA%2FA7TZSu40NNYDNf4ZbL%2BGEB5cR9ESJQhIUjqCgBIUiKDKColfuCe1qrrwjtMtZcOprp75eDk3W3aF7JuvKhIDaAawod9IT8tJEQO%2FlV85gQx5XWK0taoy3OkL4XPp1WQ%2BbjbAmw5r0WZ1SOFVCubnpuFtqTF6%2Fcg%2BpGpPnvv4HjB7C6UNwdRY0fw20KEHXS2wl97N1mSpLM8noZr3KDYQpkWbzyDa9HX1CXp2uce3hD5D8iJwauC2R2hKfqgcEXX17eN0UZPe6KRz5fi3NVKy26GTFNzKaSe%2FbK3KzMFasLLnBN%2B%2FwCTAJ734oXbZKE6GSriPfXVZCSLtsLJfkxxV3U7JruVu%2FnNskT1evvbu8EqdWOqdMMgJVY0KGT8DVmLz469%2FT33v%2Bi5tQdgSbl4jzGVdlDsHTbbh0VnOGwOpZzlIPRV4ObY3NiloRaDnLKSvh5NGlx%2Bnw9%2BcvfgYmj3766xk2tHTymqpyx91G186BZreQxCV6tkRPl6B6AJefGWapPbr0W31qYHpuyLSd22Xa6q%2BmMk%2BuAzh1XKn7osVkJFtMNsJGJLlgYch8HnFWF%2B02R%2BbG0cU%2FH%2F8LAAD%2F%2FwEAAP%2F%2F18JPe5cEAAA%3D IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjecttrolleytool.com Fingerprint8F:19:84:C5:77:76:09:BF:A1:76:E7:0A:BC:F3:AD:14:54:44:6C:6A ValidityMon, 06 May 2024 12:47:59 GMT - Sun, 04 Aug 2024 12:47:58 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST2gcVRh%2Fk8aLHsRS9CDCCh4Ums3M7s7%2BsZRijZHQ2JRWqTd5%2F2bzzJt543szO5ucgkXpcfHidfLbpEEtpd41yqbQQ0DsepAczK03D0Kh4EVkt8HFD977%2Fvy%2BB7%2Fv970vd%2FITUkNOj5c%2BMFtKa7oYVv3Kmx8HwYXKqkryfqXfbn7SbFyo2N7bnWbVf6vyvuQbZrHmB74f%2BEFlWVkZmf7iBIRK73aCasevNmrVIGygb%2F%2Bfu9yDox5E74SchRLj%2BQfeOSg%2BQhLfX5JuIzPp%2BffiXNPMWPTE%2FkfJRmKKBPEsjKyHKNk%2F7YZxj5YPYJK9KV2Y3n%2BNTI2J9%2FAALNk%2FJQnW253yZBoyARMvoOiNIPUIio7AzS0o8YgAXODqGpL4zlVjC7r5DKUTdEzmnz6BKsZk%2Fo9zSOJ7l7XqV24YnWfKJA79qITqj6C6I6T5IbKtOajiEDz7HEr8QhafriKJd9ecNlDi%2BI3QbzdEqykXeKPFFhphK1xoRx220PI7vN6hYdCO%2FKlASo2gohG0HIA6D%2FnkKA955CFPPcTiuMKDIGj5glO%2F3eG8LlqSNYUf0FYU0MBvtpHzyQwDZOkAXA%2FA7TZSu40NNYDNf4ZbL%2BGEB5cR9ESJQhIUjqCgBIUiKDKColfuCe1qrrwjtMtZcOprp75eDk3W3aF7JuvKhIDaAawod9IT8tJEQO%2FlV85gQx5XWK0taoy3OkL4XPp1WQ%2BbjbAmw5r0WZ1SOFVCubnpuFtqTF6%2Fcg%2BpGpPnvv4HjB7C6UNwdRY0fw20KEHXS2wl97N1mSpLM8noZr3KDYQpkWbzyDa9HX1CXp2uce3hD5D8iJwauC2R2hKfqgcEXX17eN0UZPe6KRz5fi3NVKy26GTFNzKaSe%2FbK3KzMFasLLnBN%2B%2FwCTAJ734oXbZKE6GSriPfXVZCSLtsLJfkxxV3U7JruVu%2FnNskT1evvbu8EqdWOqdMMgJVY0KGT8DVmLz469%2FT33v%2Bi5tQdgSbl4jzGVdlDsHTbbh0VnOGwOpZzlIPRV4ObY3NiloRaDnLKSvh5NGlx%2Bnw9%2BcvfgYmj3766xk2tHTymqpyx91G186BZreQxCV6tkRPl6B6AJefGWapPbr0W31qYHpuyLSd22Xa6q%2BmMk%2BuAzh1XKn7osVkJFtMNsJGJLlgYch8HnFWF%2B02R%2BbG0cU%2FH%2F8LAAD%2F%2FwEAAP%2F%2F18JPe5cEAAA%3D HTTP/1.1
Host: trolleytool.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Cookie: u_pl=18224899; uid_id2=5084d76e-c47b-4575-8f9b-709c39a518f0:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb28d2bc79dd0ce03e356452e52e0b3aa=[5228476,5228478]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 09:46:14 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 90b234e5a0f08032754f89127aebbda6
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thepiratebay3.co
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 519457
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| trolleytool.com/pixel/sbs?c=1 | 192.243.59.20 | 200 OK | 0 B |
URL GET HTTP/1.1trolleytool.com/pixel/sbs?c=1 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjecttrolleytool.com Fingerprint8F:19:84:C5:77:76:09:BF:A1:76:E7:0A:BC:F3:AD:14:54:44:6C:6A ValidityMon, 06 May 2024 12:47:59 GMT - Sun, 04 Aug 2024 12:47:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: trolleytool.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Cookie: u_pl=18224899; uid_id2=5084d76e-c47b-4575-8f9b-709c39a518f0:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb28d2bc79dd0ce03e356452e52e0b3aa=[5228476,5228478]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 09:46:14 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| thepiratebay3.co/static/css/main.css | 104.21.42.29 | 200 OK | 7.6 kB |
URL GET HTTP/3thepiratebay3.co/static/css/main.css IP104.21.42.29:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerGoogle Trust Services LLC Subjectthepiratebay3.co Fingerprint72:7B:CF:7E:96:39:FE:79:9C:EC:22:F2:7B:32:07:7F:BE:8F:D3:B9 ValidityFri, 15 Mar 2024 01:17:29 GMT - Thu, 13 Jun 2024 01:17:28 GMT
File typeASCII text, with very long lines (7772), with no line terminators Hash60e900613bfb5810a90842a37ba94aff fe097f37861c16394793ca8665d868c47769f7ef 34346d7c0efa5f9e4523ae8ee7a71ebb2d11b58d9ce3eeb50b3a8c1b7e97fb4d
GET /static/css/main.css HTTP/1.1
Host: thepiratebay3.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 09:46:11 GMT
content-type: text/css
last-modified: Tue, 14 Nov 2023 03:01:57 GMT
vary: Accept-Encoding
etag: W/"6552e325-1dcb"
expires: Fri, 10 May 2024 19:09:01 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 9430
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=afWu4VZ%2F7YFoNsVbRxK92ZjAGpanrvi%2FI0YUfc%2B6LNeu62mNFEapCHyHZVUaQrjI6pc6QDaWoqCmTM97dgWzhe5qKWxhGiD9w6rIAUmPL%2BWkTk1kf7JH8ZHCGZb39o5cjk0E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8819002fbb127131-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.barscreative1.com/sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html | 45.133.44.4 | 200 OK | 1.5 kB |
URL GET HTTP/2cdn.barscreative1.com/sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html IP45.133.44.4:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjectcdn.barscreative1.com Fingerprint08:55:F0:C8:EA:24:54:0D:3C:B9:2C:95:3E:DC:BF:FB:A8:76:BA:BC ValidityThu, 09 May 2024 03:01:15 GMT - Wed, 07 Aug 2024 03:01:14 GMT
File typeHTML document, ASCII text, with very long lines (1639), with no line terminators Hash97b357c624104a8e915d01424dfe16ce 6bd7fcedfb7986b149601b1bc840f525b67a8f06 8d010e7163298acf3671bb429a2e0b1d69033a5adc314fa4bddebf74b9775e6e
GET /sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thepiratebay3.co
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 09:46:13 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Tue, 29 Mar 2022 08:27:10 GMT
etag: W/"6242c2de-602"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 10 May 2024 10:46:13 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/animate.css | 188.114.96.1 | 200 OK | 79 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/animate.css IP188.114.96.1:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash5982c5377696d20476871062646b253f 8bf2c93fa9ccc908f7df0fb7abb911bbac3e4242 4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4
GET /sb/ssp/vpn/classic-push/big1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thepiratebay3.co
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 09:46:13 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-13365"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: HIT
age: 74741
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=11I2kL6yth8hbvw1ZIAaCS44bNGetIPo4ggx0zJLKjEHLVOGWHz%2FJrh3Cw%2FyIHQJxu3Z24kztYD9gRBjJM4GbnMAxcppKzO24CZmQwN6KZ5Iq3BPzU6MClk8g4yGySK6Lva2EPK44OPn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8819003bb9ae712a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/jquery.min.js | 188.114.96.1 | 200 OK | 84 kB |
URL GET HTTP/3cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/jquery.min.js IP188.114.96.1:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJavaScript source, ASCII text, with very long lines (32025) Hash4a356126b9573eb7bd1e9a7494737410 8258d046f17dd3c15a5d3984e1868b7b5d1db329 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
GET /sb/ssp/vpn/classic-push/big1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 09:46:13 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-1499c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 826454
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0G9zVTU9qgo7Aow81WbGXhXievlTTTVPgX2wpivg5wFHpW20YFiJFKe4wMJQibY7h7V9%2FhSYvRLCyVkchwUk5bY0XCOKMWct8iln0DsAM7doe7glEbjv9Xl6GfBbgsDT8uZ79GR3e%2B4X"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8819003c2f650b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/style.css | 188.114.96.1 | 200 OK | 4.1 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/style.css IP188.114.96.1:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (4354), with no line terminators Hash7550f9f90420fc2e46e999809b7ee308 d2e5cae2e1b29641b8d6eee15f89e4a15ae47658 88c249f9b5d5aa0c085023f9cf50083ebc5e6c8ab4e1640c76748e0b80eab322
GET /sb/ssp/vpn/classic-push/big1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thepiratebay3.co
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 09:46:13 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-102f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: HIT
age: 74741
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=78Jglnl39nMvKBfUx17zEmbqZp%2Fh%2BMHRuh9C4g5%2FGyDbZKuJcaqsjpnxwHjZGZ2JA1XwWI%2Bqp0h52jFuFrfwujZfOxGRXE6u6Y2SMdyaX5UzqyVLQ3qp3uWw1gRSUsuN5v7Qm%2FF8w44q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8819003bb9a8712a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 7.0 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (7193), with no line terminators Hash16b49a99486594c0b42d9bd7821deb2c 2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a 3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 09:46:13 GMT
date: Fri, 10 May 2024 09:46:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| trolleytool.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fjs%2Fscript.js&l=958&fd=13 | 192.243.59.20 | 200 OK | 0 B |
URL GET HTTP/1.1trolleytool.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fjs%2Fscript.js&l=958&fd=13 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://thepiratebay3.co/ CertificateIssuerLet's Encrypt Subjecttrolleytool.com Fingerprint8F:19:84:C5:77:76:09:BF:A1:76:E7:0A:BC:F3:AD:14:54:44:6C:6A ValidityMon, 06 May 2024 12:47:59 GMT - Sun, 04 Aug 2024 12:47:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fbig1%2Fjs%2Fscript.js&l=958&fd=13 HTTP/1.1
Host: trolleytool.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/
Cookie: u_pl=18224899; uid_id2=5084d76e-c47b-4575-8f9b-709c39a518f0:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb28d2bc79dd0ce03e356452e52e0b3aa=[5228476,5228478]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 09:46:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| thepiratebay3.co/static/img/icon-https.gif | 104.21.42.29 | 404 Not Found | 146 B |
URL GET HTTP/3thepiratebay3.co/static/img/icon-https.gif IP104.21.42.29:443
Requested byhttps://thepiratebay3.co/ CertificateIssuerGoogle Trust Services LLC Subjectthepiratebay3.co Fingerprint72:7B:CF:7E:96:39:FE:79:9C:EC:22:F2:7B:32:07:7F:BE:8F:D3:B9 ValidityFri, 15 Mar 2024 01:17:29 GMT - Thu, 13 Jun 2024 01:17:28 GMT
File typeHTML document, ASCII text, with no line terminators Hash40b3fc14254227ec5012d996bf90c4e1 b0dd06eb5a779151151101337889ff09953f8ac0 740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca
GET /static/img/icon-https.gif HTTP/1.1
Host: thepiratebay3.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thepiratebay3.co/static/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 10 May 2024 09:46:11 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: HIT
age: 59
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iYJyIWpxOOAc4HKltL9wDfhNhkgnblUJHTkKohmjJiMMjuchdZn%2Ba9DxNmh99k0eBHvozLWzA3%2FU7oSEyjOzEDZnIsD2g1cbeSqzXpl6Yyivk%2F73QTLKdMg%2B2etF45zzgS8D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881900306c0a7131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 104.21.42.29 | 200 OK | 4.1 kB |
URL User Request GET HTTP/2IP104.21.42.29:443
CertificateIssuerGoogle Trust Services LLC Subjectthepiratebay3.co Fingerprint72:7B:CF:7E:96:39:FE:79:9C:EC:22:F2:7B:32:07:7F:BE:8F:D3:B9 ValidityFri, 15 Mar 2024 01:17:29 GMT - Thu, 13 Jun 2024 01:17:28 GMT
File typeHTML document, ASCII text, with very long lines (4501), with no line terminators Hash5834bb2785f425b41cb34ddd1686220c 0c3cb94b85a0051c67638425d7828880b3cf923b 20c523d400697730742e76118d87074218446a34b6664b7d7b2e14841a2e5ba6
GET / HTTP/1.1
Host: thepiratebay3.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 09:46:11 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JjbiCy8otB5rRqIrDbiCnipeXW8UnQvVqLtV330oWpMGlD5Nfs1iV054RpeYZ%2Ft%2BK40lSpNCdK1i5YZIiC1PXdsrKiTe3WQ4i1qsnerfAYyYUrYd7Bm7VIFo1RY5Oq8OuHf8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8819002cc8f9b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|