Report - www.1337xx.to/torrent/4890940/DRIFT21-v-rev

Report Overview

Submitted URL
www.1337xx.to/torrent/4890940/DRIFT21-v-rev_19216-MULTi12-FitGirl-Repack/
IP
104.21.11.234
ASN
#13335 CLOUDFLARENET
Submitted
2022-10-16 20:26:50
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	5.9 kB	16 kB	23.36.76.226
fitgirl-repacks.site	158660	2016-09-04T17:06:20Z	2023-02-25T07:47:19Z	399 B	70 kB	190.115.31.179
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-09T05:14:34Z	1.3 kB	2.9 kB	23.36.76.226
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	35.160.97.225
invaderannihilationperky.com	unknown	2022-09-20T16:08:34Z	2023-02-19T11:04:00Z	4.6 kB	6.9 kB	192.243.59.20
s4.histats.com	12782	2012-05-21T19:14:14Z	2023-03-09T09:21:21Z	696 B	179 B	192.99.8.28
cdn.sb4you1.com	22321	2021-09-16T13:26:58Z	2023-01-15T20:13:01Z	2.0 kB	6.2 kB	172.64.111.27
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.8 kB	143.204.55.115
cdn.barscreative1.com	25648	2021-09-16T13:14:42Z	2023-03-09T09:20:46Z	433 B	827 B	45.133.44.3
banquetunarmedgrater.com	unknown	2022-08-04T17:12:50Z	2023-03-09T05:53:57Z	360 B	327 B	173.233.137.60
addresseepaper.com	18169	2021-11-01T22:11:31Z	2023-03-10T08:01:44Z	346 B	958 B	104.21.235.2
schoolboyslogan.com	unknown	2022-10-13T14:44:28Z	2023-01-28T13:12:55Z	770 B	35 kB	192.243.59.13
i114.fastpic.org	271232	2021-07-28T15:57:57Z	2023-02-23T09:59:54Z	412 B	366 B	95.217.39.24
obsessivepetsbean.com	unknown	2022-10-06T22:55:41Z	2023-03-04T07:58:35Z	433 B	467 B	192.243.59.20
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.8 kB	34.160.144.191
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	987 B	2.0 kB	93.184.220.29
s10.histats.com	15211	2012-05-21T19:14:14Z	2023-03-09T09:21:21Z	716 B	11 kB	46.105.201.240
i114.fastpic.ru	282219	2020-10-05T19:14:16Z	2023-02-23T09:59:53Z	411 B	464 B	95.217.39.24
s01.riotpixels.net	408077	2014-07-16T14:16:30Z	2023-02-20T08:50:52Z	1.8 kB	103 kB	172.67.143.35
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	59 kB	34.120.237.76
cdn.cloudimagesb.com	23099	2021-02-12T17:15:41Z	2023-03-09T11:23:27Z	403 B	9.0 kB	45.133.44.9
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-09T12:17:45Z	365 B	746 B	142.250.74.10
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	1.3 kB	2.8 kB	142.250.74.3
creepingbrings.com	unknown	2022-05-27T16:56:26Z	2023-03-01T13:25:12Z	346 B	28 kB	104.21.234.232
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-09T10:01:47Z	934 B	34 kB	216.58.207.195
www.1337xx.to	375725	2020-02-24T09:05:17Z	2023-02-28T19:20:15Z	882 B	1.3 kB	172.67.131.213
simplewebanalysis.com	unknown	2022-02-25T05:06:25Z	2023-03-09T11:23:24Z	750 B	812 B	52.29.95.124
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	676 B	2.0 kB	54.230.245.118

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-16	medium	schoolboyslogan.com	Sinkholed
2022-10-16	medium	schoolboyslogan.com	Sinkholed
2022-10-16	medium	banquetunarmedgrater.com	Sinkholed
2022-10-16	medium	obsessivepetsbean.com	Sinkholed

JavaScript (21)

	URL	Size	First Seen	Last Seen
	www.1337xx.to/static/js/scrollbar.js	40 kB	2023-03-07	2024-05-05
Pretty URL www.1337xx.to/static/js/scrollbar.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:00 Last Seen2024-05-05 21:06:47 Times Seen478 Hash a9dbd5c265a5fbb9c24df23438b5492d f05001780b0223d840b7ec19221ac21bd659fa58 027643f8d1ed4fad0eb9f35c0a4909e60385a799f45091cf9ba6a3aa8877197b Loading...

	www.1337xx.to/static/js/modal.js	10 kB	2023-03-07	2024-05-05
Pretty URL www.1337xx.to/static/js/modal.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27:28 Last Seen2024-05-05 21:06:47 Times Seen148 Hash 8289720aa01982ad7b48c62b7f96dd93 7c5370aa27127c0cafb643b671dd2c9a906a8b8e a2589ffb2fd098b789870f1b48c8d83614c29df22739921ee3347d741b57dd4a Loading...

	www.1337xx.to/static/js/jquery-ui.js	307 kB	2023-03-07	2024-05-05
Pretty URL www.1337xx.to/static/js/jquery-ui.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:00 Last Seen2024-05-05 21:06:47 Times Seen538 Hash 7ddac2a3d1e7091bd51f23f0250a7fea 5537fb7969f7a8349e0292ce9710df8daae5ad3c ebdadbb78c8a4e8433168bcdb49b87d0cb4809bbca7aaf29fbe36a9c77be5e35 Loading...

	www.1337xx.to/static/js/equalheight.js	307 B	2023-03-07	2024-05-05
Pretty URL www.1337xx.to/static/js/equalheight.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:00 Last Seen2024-05-05 21:06:47 Times Seen475 Hash c5400113e82af2006936f4da906de973 4fcb2efc6c62d22351539de5120b971195727cb9 dfcfd312395fac51053cb661b4bece35f269d95ebbdfcd9f63a878eccef60396 Loading...

	www.1337xx.to/static/js/pagination.js	3.0 kB	2023-03-07	2024-05-05
Pretty URL www.1337xx.to/static/js/pagination.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27:28 Last Seen2024-05-05 21:06:47 Times Seen107 Hash 9f98cf860838ec75816a8300bb88d4ba 9a3cec7d3773f0971dffd9cfc2f578010bdc9432 be1a851a36499a153ca9578b4f76bab92d737253b444c62276d7e57b82998d39 Loading...

	www.1337xx.to/static/js/auto-searchv2.js	716 B	2023-03-07	2024-05-05
Pretty URL www.1337xx.to/static/js/auto-searchv2.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:00 Last Seen2024-05-05 21:06:47 Times Seen375 Hash a4b57f03005db04060dfef0775e3d90b c4744701caefc235077f3843e1223117749cd0d9 453701e481d63aa42e7a0a6b2300d65a3c592073ae8f1f0158f6ef46400d4770 Loading...

	www.1337xx.to/static/js/tab.js	1.8 kB	2023-03-07	2024-05-05
Pretty URL www.1337xx.to/static/js/tab.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:00 Last Seen2024-05-05 21:06:47 Times Seen370 Hash bdccba90d093432de58bc0d3fc151a95 d6db9210b8d67d8486babaf2fa88fb1a3ef2c781 b44a83c3140140106709bd4a0a8e6500086f01b87b4480fcc0f3cdf196a268bb Loading...

	www.1337xx.to/torrent/4890940/DRIFT21-v-rev_19216-MULTi12-FitGirl-Repack/	1.9 kB	2023-03-10	2023-03-10
Pretty URL www.1337xx.to/torrent/4890940/DRIFT21-v-rev_19216-MULTi12-FitGirl-Repack/ IP 172.67.131.213 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:32:46 Last Seen2023-03-10 10:32:46 Times Seen1 Hash cc403089160b29281327a0bc2e752801 bf6bb02756ff3cdf6cc638516d08936c519527c6 0756ad5373df4603f6374b021f0017f1f812bba8c5de491f8c1e9b619f233bc2 Loading...

	www.1337xx.to/torrent/4890940/DRIFT21-v-rev_19216-MULTi12-FitGirl-Repack/	428 B	2023-03-07	2024-05-05
Pretty URL www.1337xx.to/torrent/4890940/DRIFT21-v-rev_19216-MULTi12-FitGirl-Repack/ IP 172.67.131.213 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27:28 Last Seen2024-05-05 21:06:47 Times Seen65 Hash 656b67527c95d13ef36ec5abe70d1279 2711b65273da5acc4f014640c9db74e5b65ad42e 3c1144a637dfe2abd3dc1c5c8627ea444a7b05d6355a22145402e5297bef7ede Loading...

	banquetunarmedgrater.com/advertisers.js	0 B	2023-03-07	2024-05-07
Pretty URL banquetunarmedgrater.com/advertisers.js IP 173.233.137.60 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-07 08:31:13 Times Seen37397698 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.1337xx.to/static/js/jquery-1.11.0.min.js	96 kB	2023-03-07	2024-05-07
Pretty URL www.1337xx.to/static/js/jquery-1.11.0.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:00 Last Seen2024-05-07 06:57:10 Times Seen1185 Hash eaec1712551cd2792f4607f39fab12e7 2439711705752fac5dd1a6a8d6b1be63ffcbc76d 746e54e89161118a67bd59103c4ab55e3060735cc85c1d047c2cf04d4b12043d Loading...

	www.1337xx.to/torrent/4890940/DRIFT21-v-rev_19216-MULTi12-FitGirl-Repack/	162 B	2023-03-07	2024-05-05
Pretty URL www.1337xx.to/torrent/4890940/DRIFT21-v-rev_19216-MULTi12-FitGirl-Repack/ IP 172.67.131.213 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:00 Last Seen2024-05-05 21:06:47 Times Seen263 Hash 6b26e0d7c60ad2d5e9b365cc38781505 61683cc8cc94abc3c575f67ed24f73aa04149554 d3f53af7a31fc88722569c2f5c00621dc0f5dcee2e46ac98d28ab0f5f55904dc Loading...

	www.1337xx.to/static/js/lazyload.min.js	3.4 kB	2023-03-07	2024-05-06
Pretty URL www.1337xx.to/static/js/lazyload.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04:01 Last Seen2024-05-06 23:19:23 Times Seen1659 Hash 5c01d7aff077b4ed0804b71c2e3ab4a1 56b4c94cff0d5fdfca579eac85da28a767607644 80351098c2478918bb80008d7836499305bf6f4d4b2abf742b8823255bbb0d8e Loading...

	schoolboyslogan.com/75/eb/7b/75eb7bf55a6322e200a2e7f9c09f7eab.js	37 kB	2023-03-10	2023-03-10
Pretty URL schoolboyslogan.com/75/eb/7b/75eb7bf55a6322e200a2e7f9c09f7eab.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:32:46 Last Seen2023-03-10 10:32:46 Times Seen1 Hash 924ca375bae859818b0332c4079e7caa c7823bfb87d391415377a359b071f95d17de2168 40b0801c888d1ad31af84d1b3011aa697660e337e7e5c96fa6b776c5343c2b88 Loading...

	s10.histats.com/js15_as.js	11 kB	2023-03-07	2024-05-03
Pretty URL s10.histats.com/js15_as.js IP 46.105.201.240 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-03 06:50:30 Times Seen1983 Hash e959fbdd13def4b9a9d0a5fc9a7de4d4 1e39712307e3673b40c0bdb8c7d3e86a3e8b60a0 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Loading...

	s10.histats.com/counters/cc_511.js	15 kB	2023-03-07	2023-05-04
Pretty URL s10.histats.com/counters/cc_511.js IP 46.105.201.240 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:00 Last Seen2023-05-04 23:44:42 Times Seen208 Hash 1be5d18c059cccf323e27d6ac0db0332 0b4dfe78876822b6cd36fc8f0df165276a5595de 056c49d5e33c04e80cc64e849f28b2d64398c56a86650788fe73207fa4c6823c Loading...

	www.1337xx.to/static/js/main.js?v=1	1.6 kB	2023-03-07	2024-05-05
Pretty URL www.1337xx.to/static/js/main.js?v=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27:28 Last Seen2024-05-05 21:06:47 Times Seen91 Hash 5c87297596179b890841cf19f434c4ba a956aeeb2e1cd686c21f4adac5688730e06638af 19c273d0582b3b6392302ece922088dfad5be1e094fb8510f1ed62320a3d2b26 Loading...

	schoolboyslogan.com/bd/6c/33/bd6c3375a35d155e03aef20bbbe563ea.js	59 kB	2023-03-10	2023-03-10
Pretty URL schoolboyslogan.com/bd/6c/33/bd6c3375a35d155e03aef20bbbe563ea.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:32:46 Last Seen2023-03-10 10:32:46 Times Seen1 Hash a74578c34c96427a99c69152cbbf40b0 beb8c0a4a0bbcf6e76a634885a424bb6027beb49 e50f8315d50b0d2a41dcf21a6dce8585bb5a7d8bcdf17597381e087b41ba884b Loading...

	s4.histats.com/stats/0.php?3352429&@f16&@g1&@h1&@i1&@j1665952005025&@k0&@l1&@mDownload%20DRIFT21%20(v.rev_19216%2C%20MULTi12)%20%5BFitGirl%20Repack%5D%20Torrent%20%7C%201337x&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:-50722135&@b3:1665952005&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.1337xx.to%2Ftorrent%2F4890940%2FDRIFT21-v-rev_19216-MULTi12-FitGirl-Repack%2F&@w	47 B	2023-03-07	2023-05-04
Pretty URL s4.histats.com/stats/0.php?3352429&@f16&@g1&@h1&@i1&@j1665952005025&@k0&@l1&@mDownload%20DRIFT21%20(v.rev_19216%2C%20MULTi12)%20%5BFitGirl%20Repack%5D%20Torrent%20%7C%201337x&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:-50722135&@b3:1665952005&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.1337xx.to%2Ftorrent%2F4890940%2FDRIFT21-v-rev_19216-MULTi12-FitGirl-Repack%2F&@w IP 192.99.8.28 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:00 Last Seen2023-05-04 23:44:42 Times Seen187 Hash 06b05ae9614bafae9b0b09cfbeed559e 9b087683529b7b89a117b2d5cbb35a93e7dcbaca a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2 Loading...

	cdn.sb4you1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js	84 kB	2023-03-07	2024-05-07
Pretty URL cdn.sb4you1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js IP 172.64.111.27 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-07 04:57:57 Times Seen16007 Hash 4a356126b9573eb7bd1e9a7494737410 8258d046f17dd3c15a5d3984e1868b7b5d1db329 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5 Loading...

	http:blank	1.3 kB	2023-03-10	2023-03-13
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:32:46 Last Seen2023-03-13 08:14:58 Times Seen1 Hash be61c758f42e16e8dc5f145a7d56c2e6 397ac0b6636b32d3bb9a83b4f089043030670239 54813bbfb6e3dc47f62a66233423215ef7113e544d817781c21e35db0001b9f0 Loading...

HTTP Transactions (78)

URL IP Response Size

www.1337xx.to/torrent/4890940/DRIFT21-v-rev_19216-MULTi12-FitGirl-Repack/

172.67.131.213

301 Moved Permanently

0 B

URL HTTP/1.1
www.1337xx.to/torrent/4890940/DRIFT21-v-rev_19216-MULTi12-FitGirl-Repack/
IP
172.67.131.213:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /torrent/4890940/DRIFT21-v-rev_19216-MULTi12-FitGirl-Repack/ HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sun, 16 Oct 2022 20:26:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 16 Oct 2022 21:26:38 GMT
Location: https://www.1337xx.to/torrent/4890940/DRIFT21-v-rev_19216-MULTi12-FitGirl-Repack/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjF6tU6SUHRPtragqxYhrR2G7WvSMT3Tbg3VD%2F4kBN5UdGJ6kNVxSn4iAV3%2FC%2Bk2PIlvWlob5s%2BxIjzN%2BcJ%2Flca3aImARhFyDS48t1%2BWJ1iFkhNLJYtAmcLpyavsCjsc"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b387d95f43b4e8-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 16 Oct 2022 19:50:32 GMT
Expires: Sun, 16 Oct 2022 20:38:15 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Sh2p6sIvVi7fmAuTdNTnIUOPt2-ev0eVz83lM1JpOH8RvrDCuBFRFw==
Age: 2166

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
07b3389fc24c0f8eb82a9d05b546d17e
02716741b8952e548b9a223adbb3f16204eef2b2
25e13458988115ae1f8176cb2328dbfebd612eabebf256b4af64594d5e23d6ca

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25E13458988115AE1F8176CB2328DBFEBD612EABEBF256B4AF64594D5E23D6CA"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14978
Expires: Mon, 17 Oct 2022 00:36:17 GMT
Date: Sun, 16 Oct 2022 20:26:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a57d0f62d9bd29668b94a513fa45d18e
d7cb263502e21f9235b4523a596e2138d22042ec
df7acd4fe34cc9c4945a5d83ef538105a73dfc1a8b485bc7a62488c5406b1294

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF7ACD4FE34CC9C4945A5D83EF538105A73DFC1A8B485BC7A62488C5406B1294"
Last-Modified: Sat, 15 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9065
Expires: Sun, 16 Oct 2022 22:57:44 GMT
Date: Sun, 16 Oct 2022 20:26:39 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: GPYh/X5jcIIqp1W8aw8jDAOnfsclBgFA1oHcP0Ro8JvNX7jj5IFVyqely7ddtCRjOY03EjxHUUE=
x-amz-request-id: ENYBVJ2Z1N8AC5QM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 16 Oct 2022 20:03:08 GMT
age: 1411
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 20:26:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

i114.fastpic.ru/big/2021/0612/08/7082f41a0929c7c021374c262a7af308.jpg

95.217.39.24

301 Moved Permanently

162 B

URL HTTP/2
i114.fastpic.ru/big/2021/0612/08/7082f41a0929c7c021374c262a7af308.jpg
IP
95.217.39.24:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /big/2021/0612/08/7082f41a0929c7c021374c262a7af308.jpg HTTP/1.1
Host: i114.fastpic.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 16 Oct 2022 20:26:39 GMT
content-type: text/html
content-length: 162
location: https://i114.fastpic.org/big/2021/0612/08/7082f41a0929c7c021374c262a7af308.jpg
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

s01.riotpixels.net/data/97/9a/979aed5e-0e6c-44ce-8cad-06adc12098bc.jpg.240p.jpg

172.67.143.35

200 OK

20 kB

URL HTTP/1.1
s01.riotpixels.net/data/97/9a/979aed5e-0e6c-44ce-8cad-06adc12098bc.jpg.240p.jpg
IP
172.67.143.35:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, progressive, precision 8, 427x240, components 3\012- data
Size
20 kB (19764 bytes)
Hash
7de914c5dc711f36ae53b050b8dd99cf
2124d4377712a0955d3dde81d94dc3f0340bfaaa
8ef955844cd394b271b8e5e6d687ea4b6dbf76c6c38d37074440dedfb14c3d52

HTTP Headers

GET /data/97/9a/979aed5e-0e6c-44ce-8cad-06adc12098bc.jpg.240p.jpg HTTP/1.1
Host: s01.riotpixels.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 20:26:39 GMT
Content-Type: image/jpeg
Content-Length: 19764
Connection: keep-alive
Last-Modified: Tue, 29 Sep 2020 15:22:13 GMT
ETag: "5f735125-4d34"
Expires: Mon, 16 Oct 2023 20:26:39 GMT
Cache-Control: max-age=31536000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7wjdizOeHTq4v8rZ7cYTNZe7mi%2FNnSxIpqpFqkoCcC0S5VQFcTTiplh7cEmY0ZtkyVr5LxLEOHvuqeH0fy%2BcTDK1x0OjxlAvvzB6rxZlnwj7u4CCOsD9PmuAfKtnEfsUbTW27Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b387dcbd73b4eb-OSL
alt-svc: h2=":443"; ma=60

s01.riotpixels.net/data/76/6d/766d582f-599f-4d5a-9b1f-33869859f735.jpg.240p.jpg

172.67.143.35

200 OK

13 kB

URL HTTP/1.1
s01.riotpixels.net/data/76/6d/766d582f-599f-4d5a-9b1f-33869859f735.jpg.240p.jpg
IP
172.67.143.35:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, progressive, precision 8, 427x240, components 3\012- data
Size
13 kB (13429 bytes)
Hash
53f14274bf742475974248de72560cd1
9f06ee75e4983dbd9e11610e6ca27bb41da05c76
ac350c7e0e44bd4610b1a18aefb3fc738ec18e8b97bbe85dbdd998a001290683

HTTP Headers

GET /data/76/6d/766d582f-599f-4d5a-9b1f-33869859f735.jpg.240p.jpg HTTP/1.1
Host: s01.riotpixels.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 20:26:39 GMT
Content-Type: image/jpeg
Content-Length: 13429
Connection: keep-alive
Last-Modified: Tue, 29 Sep 2020 15:22:03 GMT
ETag: "5f73511b-3475"
Expires: Mon, 16 Oct 2023 20:26:39 GMT
Cache-Control: max-age=31536000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2r4becIVLUp9lNNulqycaFtHVks9w0W1HE4QxBt%2FZOKSPJk%2BUNr2gb6ySP90sQD142NMvtWpG3p%2BUiY2SOYyIVyZwUFT%2BLNMvVH2swfgl8ZNOTHxCscDILPkMd7%2FFRbCwGP1xiA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b387dcb8fc0b49-OSL
alt-svc: h2=":443"; ma=60

s01.riotpixels.net/data/7e/f3/7ef3957b-0c78-44c2-b12a-4944f1614739.jpg.240p.jpg

172.67.143.35

200 OK

17 kB

URL HTTP/1.1
s01.riotpixels.net/data/7e/f3/7ef3957b-0c78-44c2-b12a-4944f1614739.jpg.240p.jpg
IP
172.67.143.35:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, progressive, precision 8, 427x240, components 3\012- data
Size
17 kB (16644 bytes)
Hash
5a443f860ecc7063b2c4cf29f248ca9f
b61e87f7f20c3a51f7412453850d95525b8b23da
f06d9a779abe72a1449740a87f6f35d628ce5525982a3e794270dfa273e2a8c5

HTTP Headers

GET /data/7e/f3/7ef3957b-0c78-44c2-b12a-4944f1614739.jpg.240p.jpg HTTP/1.1
Host: s01.riotpixels.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 20:26:39 GMT
Content-Type: image/jpeg
Content-Length: 16644
Connection: keep-alive
Last-Modified: Tue, 29 Sep 2020 15:21:20 GMT
ETag: "5f7350f0-4104"
Expires: Mon, 16 Oct 2023 20:26:39 GMT
Cache-Control: max-age=31536000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHZzI5OP%2F2wd%2FKSfOrqVL8DNjAo%2FCenztQHQw6hmtkVCIAsO%2FxInEiEb9N3QBpftfK3EZ0gnv%2BT07%2Ba%2FoDeIot5IenqhVCWEKmOlNDf7Hc1kdIsQXirmiSSKsJJeSrI028RWZqs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b387dcbf8eb517-OSL
alt-svc: h2=":443"; ma=60

s01.riotpixels.net/data/4e/00/4e002355-45a6-4881-b2a8-abb672cf71bc.jpg.240p.jpg

172.67.143.35

200 OK

16 kB

URL HTTP/1.1
s01.riotpixels.net/data/4e/00/4e002355-45a6-4881-b2a8-abb672cf71bc.jpg.240p.jpg
IP
172.67.143.35:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, progressive, precision 8, 427x240, components 3\012- data
Size
16 kB (15953 bytes)
Hash
5d0d912243cde2d7d42c941b5c33e4c1
95116b3db5507327599cb627f9158cde7128ef1b
862344a97349871f3a27f32b72d5ca3e2fc20d83f58237c96781ed94e54fc3b2

HTTP Headers

GET /data/4e/00/4e002355-45a6-4881-b2a8-abb672cf71bc.jpg.240p.jpg HTTP/1.1
Host: s01.riotpixels.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 20:26:39 GMT
Content-Type: image/jpeg
Content-Length: 15953
Connection: keep-alive
Last-Modified: Tue, 29 Sep 2020 15:21:24 GMT
ETag: "5f7350f4-3e51"
Expires: Mon, 16 Oct 2023 20:26:39 GMT
Cache-Control: max-age=31536000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xunMncxTHvtSgoXWzhzrMFMLKl4hrstFkhviPjxtSemmq4OTIyIe4OeVhZnfBx5LGoTlX12l8AF3XBdJj9sUVItCoTNwtDb%2B2pQwWGpkyVzaAYSZogZf%2F5I%2FToSfyvyFFMTq104%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b387dcbc7f1bfa-OSL
alt-svc: h2=":443"; ma=60

s01.riotpixels.net/data/f2/23/f22369bd-3170-4661-ad95-a248dcfdaccf.jpg.240p.jpg

172.67.143.35

200 OK

17 kB

URL HTTP/1.1
s01.riotpixels.net/data/f2/23/f22369bd-3170-4661-ad95-a248dcfdaccf.jpg.240p.jpg
IP
172.67.143.35:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, progressive, precision 8, 427x240, components 3\012- data
Size
17 kB (17430 bytes)
Hash
4b762f11c7ca5ccb08778d6ac26005fc
351bdbe9bb31b4f7ccc802d2261ef2aca8699e7d
e091f42ca46eec64f5c09b5c454340a8f216f5324927141d48eeb8b4226b9f9c

HTTP Headers

GET /data/f2/23/f22369bd-3170-4661-ad95-a248dcfdaccf.jpg.240p.jpg HTTP/1.1
Host: s01.riotpixels.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 20:26:39 GMT
Content-Type: image/jpeg
Content-Length: 17430
Connection: keep-alive
Last-Modified: Tue, 29 Sep 2020 15:21:13 GMT
ETag: "5f7350e9-4416"
Expires: Mon, 16 Oct 2023 20:26:39 GMT
Cache-Control: max-age=31536000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2B7IVMo4gQQcLBmBWReAGgY%2BzLsZvRn0TZTpsc%2F4VQeZOwVJC4OPI%2BQ2uNK4zzCKKG2xxW%2FnpMOErIOtC7h3%2FSjsDa9WXCEFNgKBihFmtskyq7qi9cdEkjrVagxSjAGN%2B6OMhKo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b387dcbbfb0af6-OSL
alt-svc: h2=":443"; ma=60

s01.riotpixels.net/data/f3/69/f369fa32-2540-4c5d-98ca-63d312a7525b.jpg.240p.jpg

172.67.143.35

200 OK

15 kB

URL HTTP/1.1
s01.riotpixels.net/data/f3/69/f369fa32-2540-4c5d-98ca-63d312a7525b.jpg.240p.jpg
IP
172.67.143.35:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, progressive, precision 8, 427x240, components 3\012- data
Size
15 kB (15127 bytes)
Hash
f45c23987dc0d87847c19a6bd0d9db89
5ac63150c210a5a4304e6fd599f9a6b6de0ca35e
0b9aefd3b68ae7a01b33a4e631cf367614c75e5deee001e887d957c5acbb72c7

HTTP Headers

GET /data/f3/69/f369fa32-2540-4c5d-98ca-63d312a7525b.jpg.240p.jpg HTTP/1.1
Host: s01.riotpixels.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 20:26:39 GMT
Content-Type: image/jpeg
Content-Length: 15127
Connection: keep-alive
Last-Modified: Tue, 29 Sep 2020 15:21:47 GMT
ETag: "5f73510b-3b17"
Expires: Mon, 16 Oct 2023 20:26:39 GMT
Cache-Control: max-age=31536000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXDO6yWpEpEk6DdpL2yNPTBRozm0KxlHv8jKThGCvTGxgJn74GqbKvhyvVg3IGeklkCl0ZHu34UPhauEBOPD9L4lea6OeQLN%2FvvC79Pj7H%2FW%2FP00%2BoYF93aa%2BhscRcCkZjFdGdk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b387dcbcf61c12-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2c9f47317dbd1c6cb7f91cdf6088a3e3
a51dc246d8e7a497ba3f1e34019647fd4e8792d1
9cdb67c948e8f00f5282c46f145e9a3447a874e794b9408cd4a551381dc23c72

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9CDB67C948E8F00F5282C46F145E9A3447A874E794B9408CD4A551381DC23C72"
Last-Modified: Fri, 14 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10857
Expires: Sun, 16 Oct 2022 23:27:36 GMT
Date: Sun, 16 Oct 2022 20:26:39 GMT
Connection: keep-alive

fitgirl-repacks.site/wp-content/uploads/2020/08/fakes.jpg

190.115.31.179

200 OK

70 kB

URL HTTP/2
fitgirl-repacks.site/wp-content/uploads/2020/08/fakes.jpg
IP
190.115.31.179:0
ASN
#262254 DDOS-GUARD CORP.

File type
JPEG image data, progressive, precision 8, 709x322, components 3\012- data
Size
70 kB (69514 bytes)
Hash
437ab47426ce4ec3551cb7c9c8a83be5
1b948ce77776e88b2ef5a8ded58a0853b8a066cd
3d52c3a8042588be38fd55cdf5a0c9fd5846b2e85416a692ca7786b07965bb0c

HTTP Headers

GET /wp-content/uploads/2020/08/fakes.jpg HTTP/1.1
Host: fitgirl-repacks.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=1BZDeMn6KieU2jO0xJ8g; Domain=.fitgirl-repacks.site; HttpOnly; Path=/; Expires=Mon, 16-Oct-2023 20:26:39 GMT
date: Fri, 07 Oct 2022 05:46:17 GMT
content-type: image/jpeg
content-length: 69514
last-modified: Sun, 09 Aug 2020 21:27:30 GMT
etag: "5f306a42-10f8a"
expires: Sun, 06 Nov 2022 05:46:17 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
age: 830422
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

i114.fastpic.org/big/2021/0612/08/7082f41a0929c7c021374c262a7af308.jpg

95.217.39.24

404 Not Found

162 B

URL HTTP/2
i114.fastpic.org/big/2021/0612/08/7082f41a0929c7c021374c262a7af308.jpg
IP
95.217.39.24:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87

HTTP Headers

GET /big/2021/0612/08/7082f41a0929c7c021374c262a7af308.jpg HTTP/1.1
Host: i114.fastpic.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.1337xx.to/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
server: nginx
date: Sun, 16 Oct 2022 20:26:39 GMT
content-type: text/html
content-length: 162
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 16 Oct 2022 20:07:43 GMT
Expires: Sun, 16 Oct 2022 20:43:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Js1sz_Nkc4EpLQfVxW6Lm8jBwb0Bjxpr3oLBDCHjtRZ6ffrYixIoGA==
Age: 1136

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
14bbc7921494bd122ec4ea4f52dd9c93
0398a6f8396a2faf02accd74f30b36ab63170b8c
425703fabf334837a185f1b50a1be842246e0df6816642b92498d21d05f6c1cf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "425703FABF334837A185F1B50A1BE842246E0DF6816642B92498D21D05F6C1CF"
Last-Modified: Sun, 16 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8765
Expires: Sun, 16 Oct 2022 22:52:44 GMT
Date: Sun, 16 Oct 2022 20:26:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
14bbc7921494bd122ec4ea4f52dd9c93
0398a6f8396a2faf02accd74f30b36ab63170b8c
425703fabf334837a185f1b50a1be842246e0df6816642b92498d21d05f6c1cf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "425703FABF334837A185F1B50A1BE842246E0DF6816642B92498D21D05F6C1CF"
Last-Modified: Sun, 16 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8765
Expires: Sun, 16 Oct 2022 22:52:44 GMT
Date: Sun, 16 Oct 2022 20:26:39 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cfc92c8f6ee7599505d969732542ac42
7f4804d49c8ccd76ccffa6b72d41b1df611eb090
406c057a8392b9fa0ab09efa8b3222a58ec5fc17fa73f55a1f093e3d1092b0e4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 956
Cache-Control: max-age=129363
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:26:40 GMT
Etag: "634bbb97-1d7"
Expires: Tue, 18 Oct 2022 08:22:43 GMT
Last-Modified: Sun, 16 Oct 2022 08:06:47 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

schoolboyslogan.com/bd/6c/33/bd6c3375a35d155e03aef20bbbe563ea.js

192.243.59.13

200 OK

20 kB

URL HTTP/1.1
schoolboyslogan.com/bd/6c/33/bd6c3375a35d155e03aef20bbbe563ea.js
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (59395), with no line terminators
Size
20 kB (20332 bytes)
Hash
999b5668975d01e7043109ce1e4359d1
3485dcfa471b9bd50279d88d44f0844ae9c6f815
2c5c3fb6cc7a66210b51a8efa3d3ed89a2f4be356dd6f219ec0a78dfa790a2bb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /bd/6c/33/bd6c3375a35d155e03aef20bbbe563ea.js HTTP/1.1
Host: schoolboyslogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 16 Oct 2022 20:26:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8b105ae85608d2382fc55084b9c7ab75
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

schoolboyslogan.com/75/eb/7b/75eb7bf55a6322e200a2e7f9c09f7eab.js

192.243.59.13

200 OK

13 kB

URL HTTP/1.1
schoolboyslogan.com/75/eb/7b/75eb7bf55a6322e200a2e7f9c09f7eab.js
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (37179), with no line terminators
Size
13 kB (13429 bytes)
Hash
974453dfac1778dce02f2c86a83d6841
8e563b22cdbf469d4b2a842692cd3229edec5608
257193756ac93b8d78dc63182ac03269fae229d10ae074cfc236e64fcb5413ef

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /75/eb/7b/75eb7bf55a6322e200a2e7f9c09f7eab.js HTTP/1.1
Host: schoolboyslogan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 16 Oct 2022 20:26:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b4ed02333c75ad7fedcf751f46acd41a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
a5b04d6d3c126a01d5aa922574230332
fd3383c24dac377a75ca3160503bb31b8019df4a
621df3b5055828325b8cc517cf359ea5ca002fd5fad771cca767e15bde7fa330

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "621DF3B5055828325B8CC517CF359EA5CA002FD5FAD771CCA767E15BDE7FA330"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10608
Expires: Sun, 16 Oct 2022 23:23:28 GMT
Date: Sun, 16 Oct 2022 20:26:40 GMT
Connection: keep-alive

push.services.mozilla.com/

35.160.97.225

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.160.97.225:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ebA4ydsOoNJdy7uq8I8KUw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MxKjeHL8XAFeFtP+CvUmmQbue9o=

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
4315c641ce7703e0fbe0b067fd8073bc
0975528468dcf0f1919d63140e0c1369ba834abc
4cf6d790c0f08adb4f036c3cd243c596c555ac4426304d9d6605c695d69b4188

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4383
Cache-Control: max-age=172022
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:26:40 GMT
Etag: "634c54d7-116"
Expires: Tue, 18 Oct 2022 20:13:42 GMT
Last-Modified: Sun, 16 Oct 2022 19:00:39 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 278

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f0413efff3fc4435819eea0892565002
68f2cbf9d99cbc2f3500c911fe2906ea03a6d72f
f5ebdb13ab4ad27844b4ad00d4bb79c9238bd02937bdab5dc83d0802d956895f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=145721
Date: Sun, 16 Oct 2022 20:26:40 GMT
Etag: "634bf982-1d7"
Expires: Tue, 18 Oct 2022 12:55:21 GMT
Last-Modified: Sun, 16 Oct 2022 12:30:58 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: P34oxf4x7hNUgFJ7GSRehk0rZC11b2tbVOiJuujY9lfKRGOq5Y3ZGQ==
Age: 1463

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f0413efff3fc4435819eea0892565002
68f2cbf9d99cbc2f3500c911fe2906ea03a6d72f
f5ebdb13ab4ad27844b4ad00d4bb79c9238bd02937bdab5dc83d0802d956895f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=150459
Date: Sun, 16 Oct 2022 20:26:40 GMT
Etag: "634bf982-1d7"
Expires: Tue, 18 Oct 2022 14:14:19 GMT
Last-Modified: Sun, 16 Oct 2022 12:30:58 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: j-hokKbPfkNho6nVTvYb8beInj9gjZXMQxi5cowkrKuJ4g4Yw2xR7Q==
Age: 6201

simplewebanalysis.com/stats

52.29.95.124

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.29.95.124:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
ed63bec82da7c9cddde42a650de40a87
635377d33b8c26dc178aa069b95b8d63b62d1b8d
db2ac59ab93f54f0a5b90ae52811fc3affdf96bd90431431136ce176f65aad80

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:26:40 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.1337xx.to
access-control-allow-credentials: true
set-cookie: uid_id2=be801c51-3f52-440d-81ae-5dd5ea2e13a1:1:1; expires=Wed, 13 Oct 2032 20:26:40 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

52.29.95.124

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.29.95.124:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
871984a2ac88ec74c233bd4f1c8ba82f
493d520e84b43da45212f6fcb475ffecf2e69ff1
d5f0af8e445a380547bb007623b11e979d5faf218dbfec0bf55829ccdbc080ce

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:26:40 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.1337xx.to
access-control-allow-credentials: true
set-cookie: uid_id2=404cf26e-110b-4036-892a-d05ac18fad2c:1:1; expires=Wed, 13 Oct 2032 20:26:40 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
4315c641ce7703e0fbe0b067fd8073bc
0975528468dcf0f1919d63140e0c1369ba834abc
4cf6d790c0f08adb4f036c3cd243c596c555ac4426304d9d6605c695d69b4188

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4383
Cache-Control: max-age=172022
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:26:40 GMT
Etag: "634c54d7-116"
Expires: Tue, 18 Oct 2022 20:13:42 GMT
Last-Modified: Sun, 16 Oct 2022 19:00:39 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 278

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
a5b04d6d3c126a01d5aa922574230332
fd3383c24dac377a75ca3160503bb31b8019df4a
621df3b5055828325b8cc517cf359ea5ca002fd5fad771cca767e15bde7fa330

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "621DF3B5055828325B8CC517CF359EA5CA002FD5FAD771CCA767E15BDE7FA330"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10608
Expires: Sun, 16 Oct 2022 23:23:28 GMT
Date: Sun, 16 Oct 2022 20:26:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aed118e6a59324e2d52302879dbf1e2e
d171fcebf3ddbe36321cf3c09118d61c25336769
1faa3148720a9bf4a16b908984c46e9524d90aa29bf9cda421ba4ea3076e9854

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1FAA3148720A9BF4A16B908984C46E9524D90AA29BF9CDA421BA4EA3076E9854"
Last-Modified: Fri, 14 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13728
Expires: Mon, 17 Oct 2022 00:15:28 GMT
Date: Sun, 16 Oct 2022 20:26:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b90192985a95a9e4c54fcf57e57dd90a
ea522ffee7781b6a91427c82912a7915f7c4fba9
d579b6e786505d365327b3dad5bd3856cd46f2f598a92e53ab8db9030731cf1b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D579B6E786505D365327B3DAD5BD3856CD46F2F598A92E53AB8DB9030731CF1B"
Last-Modified: Sat, 15 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14591
Expires: Mon, 17 Oct 2022 00:29:51 GMT
Date: Sun, 16 Oct 2022 20:26:40 GMT
Connection: keep-alive

banquetunarmedgrater.com/advertisers.js

173.233.137.60

200 OK

0 B

URL HTTP/1.1
banquetunarmedgrater.com/advertisers.js
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 16 Oct 2022 20:26:40 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0d66cc1e2f3bae3bb48a69bd6efe1c75
Strict-Transport-Security: max-age=0; includeSubdomains

obsessivepetsbean.com/pixel/purst?dl=0&th=0&sc=0&rs=1439&rd=1439&fd=927&bv=22.8.v.1&tmpl=70

192.243.59.20

200 OK

0 B

URL HTTP/1.1
obsessivepetsbean.com/pixel/purst?dl=0&th=0&sc=0&rs=1439&rd=1439&fd=927&bv=22.8.v.1&tmpl=70
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1439&rd=1439&fd=927&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: obsessivepetsbean.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 16 Oct 2022 20:26:40 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
da479084eabd8940524bddc2f855f6dc
c62c12235efe01a05a6b31b58a18babef7dec0bb
9e7a76e5977d543ed9229eb83f0583625a950459698d189a9492d08159a17285

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E7A76E5977D543ED9229EB83F0583625A950459698D189A9492D08159A17285"
Last-Modified: Sat, 15 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18732
Expires: Mon, 17 Oct 2022 01:38:53 GMT
Date: Sun, 16 Oct 2022 20:26:41 GMT
Connection: keep-alive

s10.histats.com/js15_as.js

46.105.201.240

200 OK

4.4 kB

URL HTTP/2
s10.histats.com/js15_as.js
IP
46.105.201.240:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (11440), with no line terminators
Size
4.4 kB (4364 bytes)
Hash
ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1

HTTP Headers

GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:25:37 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 902435284
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4cd95deefcc3332f4e82d1e74dcd831d
800dc8d469baa3e759d5907442a1809e3b21e9fb
43526ab8d7903082fb38ef266c9509c1827be476e6fb8786abc8650be5dcac28

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43526AB8D7903082FB38EF266C9509C1827BE476E6FB8786ABC8650BE5DCAC28"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13997
Expires: Mon, 17 Oct 2022 00:19:58 GMT
Date: Sun, 16 Oct 2022 20:26:41 GMT
Connection: keep-alive

s10.histats.com/counters/cc_511.js

46.105.201.240

200 OK

6.0 kB

URL HTTP/2
s10.histats.com/counters/cc_511.js
IP
46.105.201.240:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (14926), with no line terminators
Size
6.0 kB (5984 bytes)
Hash
e0963faf9f8d4dd4683c649033bfe3e6
8b8365dac8c2d50836e19456f025370ee782598f
80ac8877a54d16e397e9518ce7221d0abad87a39ffd0221a99227540eeb8b2a8

HTTP Headers

GET /counters/cc_511.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:25:50 GMT
etag: "1364484781"
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-request-id: 36439020
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 5984
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8013
Expires: Sun, 16 Oct 2022 22:40:14 GMT
Date: Sun, 16 Oct 2022 20:26:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8013
Expires: Sun, 16 Oct 2022 22:40:14 GMT
Date: Sun, 16 Oct 2022 20:26:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8013
Expires: Sun, 16 Oct 2022 22:40:14 GMT
Date: Sun, 16 Oct 2022 20:26:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8013
Expires: Sun, 16 Oct 2022 22:40:14 GMT
Date: Sun, 16 Oct 2022 20:26:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8013
Expires: Sun, 16 Oct 2022 22:40:14 GMT
Date: Sun, 16 Oct 2022 20:26:41 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdbc5b51-a9c2-4f99-ad40-8ab061924326.jpeg

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdbc5b51-a9c2-4f99-ad40-8ab061924326.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7082 bytes)
Hash
cd94762992136ed2f4d24dd34a745154
2050cee63f8005c5d9ac1a817730ada51b323f34
4548836d8846da958f477e1df952f6da9b9640e204804a7c76194d3e061b90a4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdbc5b51-a9c2-4f99-ad40-8ab061924326.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7082
x-amzn-requestid: 5e98988f-faad-4e52-a49f-28d5a77b15d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL46HFloAMFSag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b269f-6759e36c79241479181c1d05;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p2Ytir5IhFSnRKz3OJ3J6_SieMyoFAAysH8-jBf_Bh_xfKEDRGy18g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:36:56 GMT
age: 82185
etag: "2050cee63f8005c5d9ac1a817730ada51b323f34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6367 bytes)
Hash
df5f38c3dc43ccc382d0274bffb6b350
9a305072cce8bb61ca3753bb98b999695fb4706e
20ff21892e65787fecbadca0f59c05e54dee3a1359271839dab0ee5c9e796ab0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6367
x-amzn-requestid: 485c3cf9-d305-4540-8eef-8304d1103ccc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL5EHbOoAMFWsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b26a0-2ac206d826bf23193740e74c;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: j4GFPRLOwyEGJVrC4uk01vi858DLWzDtUNZkfmbJ1ybrMV4xEdOIVg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:50:24 GMT
age: 81377
etag: "9a305072cce8bb61ca3753bb98b999695fb4706e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a5488a3-4a1c-4773-99f6-81e18bcdccd2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15855 bytes)
Hash
319cbf11bba3f159e5c9f606deded924
13f29acb7a694030fc2de0b42c0d95c4be49deb7
09aa7d94e4829f4daf33d5e2aed077afcc59628839c5d6e877172e8455879062

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a5488a3-4a1c-4773-99f6-81e18bcdccd2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15855
x-amzn-requestid: 99d6e8b2-1cf3-4eb7-8eb5-0da551a01e3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEqBlEsmIAMFz6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b56d6-4e175354287557c04d7092b8;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 00:56:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 03nNWfyAYK1NO23yiuC8Hz3JXgRtVzp5gB0eePR5mzBxNTsrh6QJFw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sun, 16 Oct 2022 07:14:43 GMT
age: 47518
etag: "13f29acb7a694030fc2de0b42c0d95c4be49deb7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cebbc75-2448-4faf-839b-c39ac6e47b98.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7337 bytes)
Hash
6432c2bf0bab32f918d931dd98a6e1e4
bba4f37b146e5aea2b6490f8f7da63fa61ffc849
bde0d98cb1dcd70f22cd2aee5860eb0cd824d1bb12ab18245ab8eed06a79cf1d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cebbc75-2448-4faf-839b-c39ac6e47b98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7337
x-amzn-requestid: 43a16c4d-c5b9-4d01-8ba4-e811b09e96b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z-WYqEwVoAMFe5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6348d104-121eda8b7a73518849342e7a;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 03:01:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HUtvwwtoxo38w1ZiKkBZJL0dL3G7aCdUNzvcUhJ7CZ_Taj_tMyfjAQ==
via: 1.1 25b9a991f871f75614e7f92f97b136a4.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 16 Oct 2022 05:03:21 GMT
age: 55400
etag: "bba4f37b146e5aea2b6490f8f7da63fa61ffc849"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72044c0-fdd0-4da5-aa61-159d966f040f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7075 bytes)
Hash
3e86d948bf8ed2f5918f8323b043ad5f
41548e231e2358d3453e7630f0d07a645cc25ddc
6602f2a020618234d34a9b6cd107398f0405de6dd14227e265aca84b38eaa5cc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72044c0-fdd0-4da5-aa61-159d966f040f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7075
x-amzn-requestid: 254a8860-b3bf-4e8d-a08d-31effa209a6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL5iGQqIAMFmkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b26a3-1a2820f550f35bf830444c22;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: psWLknan4sVucDaNcLURe-XRPs5FKeJ0Il7ZGWvBxV2rgpTrQvbyVw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:41:19 GMT
etag: "41548e231e2358d3453e7630f0d07a645cc25ddc"
content-type: image/jpeg
age: 81922
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb25d7cce-c352-4b25-a8c5-aa8493d99e4c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9260 bytes)
Hash
e20daa74ab04b1b9859672acfc070f7e
d291947f161c928e6c6682a05835478b5f0cffc5
ebbe051930f46dd25de2a4c5795f3bdddf1513c0657cdc986c48f3dfdc90f575

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb25d7cce-c352-4b25-a8c5-aa8493d99e4c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9260
x-amzn-requestid: dfd8deb0-fc73-4321-b024-330b2a3d1759
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aENyFH9RoAMF24w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b29a6-0aaf75c43b51d5775bc48a95;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:44:06 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YVZ4EN-w7lmXTXKTy_A-9P0TW0zAqSa7j5_G2M1XnS-j3EfJSEFplw==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:58:49 GMT
age: 80872
etag: "d291947f161c928e6c6682a05835478b5f0cffc5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

invaderannihilationperky.com/sbar.json?key=75eb7bf55a6322e200a2e7f9c09f7eab&uuid=be801c51-3f52-440d-81ae-5dd5ea2e13a1%3A1%3A1

192.243.59.20

200 OK

3.6 kB

URL HTTP/1.1
invaderannihilationperky.com/sbar.json?key=75eb7bf55a6322e200a2e7f9c09f7eab&uuid=be801c51-3f52-440d-81ae-5dd5ea2e13a1%3A1%3A1
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , ASCII text, with very long lines (6189), with no line terminators
Size
3.6 kB (3565 bytes)
Hash
002ddfec97668910810b15d898671b95
88224e16002558d140c5bdc06080669d998cc20e
05c714a1a1fd269494ca346556326a2f44a9f64c30d10a54c4f4c38cf3f578b4

HTTP Headers

GET /sbar.json?key=75eb7bf55a6322e200a2e7f9c09f7eab&uuid=be801c51-3f52-440d-81ae-5dd5ea2e13a1%3A1%3A1 HTTP/1.1
Host: invaderannihilationperky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 16 Oct 2022 20:26:41 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.1337xx.to
Access-Control-Allow-Origin: https://www.1337xx.to
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16578592; expires=Mon, 17 Oct 2022 20:26:41 GMT; secure; SameSite=None
uid_id2=be801c51-3f52-440d-81ae-5dd5ea2e13a1:1:1; expires=Sun, 23 Oct 2022 20:26:41 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 17 Oct 2022 20:26:41 GMT; secure; SameSite=None
uncs=1; expires=Mon, 17 Oct 2022 20:26:41 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 17 Oct 2022 20:26:41 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 17 Oct 2022 20:26:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7aad95d1a34a99de7ec81ef1fc76aaa0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

s4.histats.com/stats/0.php?3352429&@f16&@g1&@h1&@i1&@j1665952005025&@k0&@l1&@mDownload%20DRIFT21%20(v.rev_19216%2C%20MULTi12)%20%5BFitGirl%20Repack%5D%20Torrent%20%7C%201337x&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:-50722135&@b3:1665952005&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.1337xx.to%2Ftorrent%2F4890940%2FDRIFT21-v-rev_19216-MULTi12-FitGirl-Repack%2F&@w

192.99.8.28

200 OK

47 B

URL HTTP/1.1
s4.histats.com/stats/0.php?3352429&@f16&@g1&@h1&@i1&@j1665952005025&@k0&@l1&@mDownload%20DRIFT21%20(v.rev_19216%2C%20MULTi12)%20%5BFitGirl%20Repack%5D%20Torrent%20%7C%201337x&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:-50722135&@b3:1665952005&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.1337xx.to%2Ftorrent%2F4890940%2FDRIFT21-v-rev_19216-MULTi12-FitGirl-Repack%2F&@w
IP
192.99.8.28:0
ASN
#16276 OVH SAS

File type
ASCII text, with no line terminators
Size
47 B (47 bytes)
Hash
06b05ae9614bafae9b0b09cfbeed559e
9b087683529b7b89a117b2d5cbb35a93e7dcbaca
a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2

HTTP Headers

GET /stats/0.php?3352429&@f16&@g1&@h1&@i1&@j1665952005025&@k0&@l1&@mDownload%20DRIFT21%20(v.rev_19216%2C%20MULTi12)%20%5BFitGirl%20Repack%5D%20Torrent%20%7C%201337x&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:-50722135&@b3:1665952005&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.1337xx.to%2Ftorrent%2F4890940%2FDRIFT21-v-rev_19216-MULTi12-FitGirl-Repack%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 20:26:41 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 47
Connection: close

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
618c6998deadeff1c1bd3c5c2a7380ee
b18462fd7d0df781bdbde02201d8d58231bf1a3d
237bb0fe3e531cafa69c5f0a921099190c1955a2f54ad1e8b95d4746c793a5d6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "237BB0FE3E531CAFA69C5F0A921099190C1955A2F54AD1E8B95D4746C793A5D6"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19154
Expires: Mon, 17 Oct 2022 01:45:55 GMT
Date: Sun, 16 Oct 2022 20:26:41 GMT
Connection: keep-alive

invaderannihilationperky.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSzWskRRjGqzfx4p4Me1nEZQ4edmEz6e756BkXCcZsJBh3l40fOQhSXVU9KVPT1VR1T0%2BCh%2BCC7M3Zg3jtPJMPVoPoXRfpLHjIKeMpB%2FMfeFoUDyIys8G4LxTvW%2FW8Bb966v1iJzsjLjJ6uvie3pJK0blG1a1cX%2FO8W5UVGWf9Sr%2FV%2FKRZv1UxvTfazap7o%2FKOYBt6znc91%2FVcr7IkjYh0f24sQiaHba%2Fadqt1v%2Bo16uibF%2Fc2c2CpA947IzOQfDT91LkCyUrE3e8Xhd1IdXLzdjdTNNUGPX7wQbwR6zxG96KMjIMoPjjvhrYnS0%2Bg470JLnTvv8ZQjojzyxOE8cE5JMLe7oQzVBAxQn4Zea%2BEUCUkLcH0A0h%2BQgDGcecu4u7%2BHW1yuvlcpWN1RKb%2FfAaZj8j0b1cQd79bULJfWdUqS6WOLfpRAdkvITslkuwI6dYlyPwILP0ckhPE3QKSn74eipbrsYY3W4sa%2Fmy97vLZlkfFbIPzhqC%2B8GrUmxgjZQkZlVBiAGodZOMlHWSRgyxx0OWnFeZ5XuByRt1Wm7EaD0TY5K5Hg8ijnttsIWNj9gHSZACmBmBmG4nZxoZ8dNKYgcl%2Bhl0vYLkDmxL0eIFcEOSWIKcEuSTIU4K8V%2BxxZX1b7HNls9A7z%2F55rhVDnXZ26J5OOyImO8kZeWXi2d9%2FVbAhTitBQ4RBGDUatFnzfeG7LvVFELWZ244CQUNYWUDaS5OXbskRufrmbSRyRF76%2Bh%2BE9AhWHYHJGdDsNdB8GPgu6Pqw3nKxFT%2F2arWg36%2BmGlwXSNJppJvOjjojVycQrf01CHY8f3j9j%2FLLj2%2BAmQKJKfCpfErQUQ%2BH93VOdu%2Fr3JIf7iap7MotOv7U1ZSmYuqbd8Vmrg1fXrSDx2%2BxsTAuD98XNl2hMZdxx5JvFyTnwixpwwT5adl%2BJMJ7mV1fyEycJSv33l5a7iZGWCt1XILKkw8%2FA5Mj8vKr1cm0Xrs8gjQlTFagmx2T84DUJViyDZtc0Fs9BaMuesLEQZ4VQ%2BOHF4dKjoj%2FbBVKHM%2Fv%2Fjjz1drvN0HDAlb87%2BJFvWMfomOugaYPJoPaMwV6qgBVA9hsapgm5nj%2B19okECpnGCrj7IbKqEfP7bXytBLUai5tthteEFARhHW%2FFTU9Tqlfb%2FrNJq0htSO2Ip1%2FAQAA%2F%2F8BAAD%2F%2F5DVlhl8BAAA

192.243.59.20

200 OK

7 B

URL HTTP/1.1
invaderannihilationperky.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSzWskRRjGqzfx4p4Me1nEZQ4edmEz6e756BkXCcZsJBh3l40fOQhSXVU9KVPT1VR1T0%2BCh%2BCC7M3Zg3jtPJMPVoPoXRfpLHjIKeMpB%2FMfeFoUDyIys8G4LxTvW%2FW8Bb966v1iJzsjLjJ6uvie3pJK0blG1a1cX%2FO8W5UVGWf9Sr%2FV%2FKRZv1UxvTfazap7o%2FKOYBt6znc91%2FVcr7IkjYh0f24sQiaHba%2Fadqt1v%2Bo16uibF%2Fc2c2CpA947IzOQfDT91LkCyUrE3e8Xhd1IdXLzdjdTNNUGPX7wQbwR6zxG96KMjIMoPjjvhrYnS0%2Bg470JLnTvv8ZQjojzyxOE8cE5JMLe7oQzVBAxQn4Zea%2BEUCUkLcH0A0h%2BQgDGcecu4u7%2BHW1yuvlcpWN1RKb%2FfAaZj8j0b1cQd79bULJfWdUqS6WOLfpRAdkvITslkuwI6dYlyPwILP0ckhPE3QKSn74eipbrsYY3W4sa%2Fmy97vLZlkfFbIPzhqC%2B8GrUmxgjZQkZlVBiAGodZOMlHWSRgyxx0OWnFeZ5XuByRt1Wm7EaD0TY5K5Hg8ijnttsIWNj9gHSZACmBmBmG4nZxoZ8dNKYgcl%2Bhl0vYLkDmxL0eIFcEOSWIKcEuSTIU4K8V%2BxxZX1b7HNls9A7z%2F55rhVDnXZ26J5OOyImO8kZeWXi2d9%2FVbAhTitBQ4RBGDUatFnzfeG7LvVFELWZ244CQUNYWUDaS5OXbskRufrmbSRyRF76%2Bh%2BE9AhWHYHJGdDsNdB8GPgu6Pqw3nKxFT%2F2arWg36%2BmGlwXSNJppJvOjjojVycQrf01CHY8f3j9j%2FLLj2%2BAmQKJKfCpfErQUQ%2BH93VOdu%2Fr3JIf7iap7MotOv7U1ZSmYuqbd8Vmrg1fXrSDx2%2BxsTAuD98XNl2hMZdxx5JvFyTnwixpwwT5adl%2BJMJ7mV1fyEycJSv33l5a7iZGWCt1XILKkw8%2FA5Mj8vKr1cm0Xrs8gjQlTFagmx2T84DUJViyDZtc0Fs9BaMuesLEQZ4VQ%2BOHF4dKjoj%2FbBVKHM%2Fv%2Fjjz1drvN0HDAlb87%2BJFvWMfomOugaYPJoPaMwV6qgBVA9hsapgm5nj%2B19okECpnGCrj7IbKqEfP7bXytBLUai5tthteEFARhHW%2FFTU9Tqlfb%2FrNJq0htSO2Ip1%2FAQAA%2F%2F8BAAD%2F%2F5DVlhl8BAAA
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSzWskRRjGqzfx4p4Me1nEZQ4edmEz6e756BkXCcZsJBh3l40fOQhSXVU9KVPT1VR1T0%2BCh%2BCC7M3Zg3jtPJMPVoPoXRfpLHjIKeMpB%2FMfeFoUDyIys8G4LxTvW%2FW8Bb966v1iJzsjLjJ6uvie3pJK0blG1a1cX%2FO8W5UVGWf9Sr%2FV%2FKRZv1UxvTfazap7o%2FKOYBt6znc91%2FVcr7IkjYh0f24sQiaHba%2Fadqt1v%2Bo16uibF%2Fc2c2CpA947IzOQfDT91LkCyUrE3e8Xhd1IdXLzdjdTNNUGPX7wQbwR6zxG96KMjIMoPjjvhrYnS0%2Bg470JLnTvv8ZQjojzyxOE8cE5JMLe7oQzVBAxQn4Zea%2BEUCUkLcH0A0h%2BQgDGcecu4u7%2BHW1yuvlcpWN1RKb%2FfAaZj8j0b1cQd79bULJfWdUqS6WOLfpRAdkvITslkuwI6dYlyPwILP0ckhPE3QKSn74eipbrsYY3W4sa%2Fmy97vLZlkfFbIPzhqC%2B8GrUmxgjZQkZlVBiAGodZOMlHWSRgyxx0OWnFeZ5XuByRt1Wm7EaD0TY5K5Hg8ijnttsIWNj9gHSZACmBmBmG4nZxoZ8dNKYgcl%2Bhl0vYLkDmxL0eIFcEOSWIKcEuSTIU4K8V%2BxxZX1b7HNls9A7z%2F55rhVDnXZ26J5OOyImO8kZeWXi2d9%2FVbAhTitBQ4RBGDUatFnzfeG7LvVFELWZ244CQUNYWUDaS5OXbskRufrmbSRyRF76%2Bh%2BE9AhWHYHJGdDsNdB8GPgu6Pqw3nKxFT%2F2arWg36%2BmGlwXSNJppJvOjjojVycQrf01CHY8f3j9j%2FLLj2%2BAmQKJKfCpfErQUQ%2BH93VOdu%2Fr3JIf7iap7MotOv7U1ZSmYuqbd8Vmrg1fXrSDx2%2BxsTAuD98XNl2hMZdxx5JvFyTnwixpwwT5adl%2BJMJ7mV1fyEycJSv33l5a7iZGWCt1XILKkw8%2FA5Mj8vKr1cm0Xrs8gjQlTFagmx2T84DUJViyDZtc0Fs9BaMuesLEQZ4VQ%2BOHF4dKjoj%2FbBVKHM%2Fv%2Fjjz1drvN0HDAlb87%2BJFvWMfomOugaYPJoPaMwV6qgBVA9hsapgm5nj%2B19okECpnGCrj7IbKqEfP7bXytBLUai5tthteEFARhHW%2FFTU9Tqlfb%2FrNJq0htSO2Ip1%2FAQAA%2F%2F8BAAD%2F%2F5DVlhl8BAAA HTTP/1.1
Host: invaderannihilationperky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: u_pl=16578592; uid_id2=be801c51-3f52-440d-81ae-5dd5ea2e13a1:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 16 Oct 2022 20:26:41 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b053d1538be34fb28829b4f6ab3ce070
Strict-Transport-Security: max-age=0; includeSubdomains

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
483b069ba949f3b38cb5efaa5133def4
9926ffeacae23089f625bf687f5aaaa1c592acb1
20c3bcfcb4987e5b014dff8beb7b15e984388ae7ad0279a576e6d137a078ade3

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "20C3BCFCB4987E5B014DFF8BEB7B15E984388AE7AD0279A576E6D137A078ADE3"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10858
Expires: Sun, 16 Oct 2022 23:27:40 GMT
Date: Sun, 16 Oct 2022 20:26:42 GMT
Connection: keep-alive

cdn.sb4you1.com/sb/ssp/vpn/classic-push/small/img/close.png

172.64.111.27

200 OK

591 B

URL HTTP/2
cdn.sb4you1.com/sb/ssp/vpn/classic-push/small/img/close.png
IP
172.64.111.27:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size
591 B (591 bytes)
Hash
9fd5bcb6103d86e317bd1eb019bcbe71
6b5a52ea669dcb74946f2bed4bdd7ec985026113
0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae

HTTP Headers

GET /sb/ssp/vpn/classic-push/small/img/close.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:26:42 GMT
content-type: image/png
content-length: 591
last-modified: Tue, 21 Sep 2021 12:03:43 GMT
etag: "6149ca1f-24f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 6430953
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sO%2Fen08sJnZMagxZ%2FrtvLTQLbyKqrav2aNM9vE29v8bL6zAhSaK%2FRjfF1AYrXtScyh6pwUuYaWqcjGxPygjSxBUNRxOZ8p4nL9MLXcmSuCtZwztzmCXRcCTa70L46uGBZ0Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b387ed0b1d776d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/ssp/vpn/classic-push/small/css/style.css

172.64.111.27

200 OK

1.4 kB

URL HTTP/2
cdn.sb4you1.com/sb/ssp/vpn/classic-push/small/css/style.css
IP
172.64.111.27:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.4 kB (1434 bytes)
Hash
55a49aa362a96699351dde0c90290d72
3eada04054266c8f3d7b660e32a8881025c614d0
6173d303f8b97852e512d047c6802fadc4cd4f9d69bbfc71b04a3c47f5097b44

HTTP Headers

GET /sb/ssp/vpn/classic-push/small/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:26:42 GMT
content-type: text/css
last-modified: Tue, 21 Sep 2021 12:03:42 GMT
etag: W/"6149ca1e-d31"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 66781
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdiQRcEkcDu2LjYe9SnrADLHvRZecVWj0BaQdSf9c7uvB%2BP002c%2B7qiyKJR3dqHMzmrTWZ49JxF1EDzDIdeeX3EXEGRid0xcbZ9o6mAmsCZUQi%2F%2BHqvLMgMszRlALzsEH50%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b387ecdad5776d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
483b069ba949f3b38cb5efaa5133def4
9926ffeacae23089f625bf687f5aaaa1c592acb1
20c3bcfcb4987e5b014dff8beb7b15e984388ae7ad0279a576e6d137a078ade3

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "20C3BCFCB4987E5B014DFF8BEB7B15E984388AE7AD0279A576E6D137A078ADE3"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10858
Expires: Sun, 16 Oct 2022 23:27:40 GMT
Date: Sun, 16 Oct 2022 20:26:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9f54a5e8bc9df618c759b36171c3dc59
daa13f44d63b193afc97b0f174b933aa20cb4f05
3b64fc1e4fb9f3f723929f5b66eecff56ffad04b823db4a168d363f5232314bb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3B64FC1E4FB9F3F723929F5B66EECFF56FFAD04B823DB4A168D363F5232314BB"
Last-Modified: Sat, 15 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11148
Expires: Sun, 16 Oct 2022 23:32:30 GMT
Date: Sun, 16 Oct 2022 20:26:42 GMT
Connection: keep-alive

cdn.cloudimagesb.com/si/fc/33/81/fc33814d675ad242ad715b78b1449b34/1658582644.jpg

45.133.44.9

200 OK

8.7 kB

URL HTTP/2
cdn.cloudimagesb.com/si/fc/33/81/fc33814d675ad242ad715b78b1449b34/1658582644.jpg
IP
45.133.44.9:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
8.7 kB (8684 bytes)
Hash
2c29eb5172d6284ce44e9bdddbc9f7f9
7e636afa5c449686a67c15a3eb42e24b4060f3e2
843c2d3a6a428708bfc4ff66793db619e93662cd4a0fe42657ddbc612b4faa7e

HTTP Headers

GET /si/fc/33/81/fc33814d675ad242ad715b78b1449b34/1658582644.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:26:42 GMT
content-type: image/jpeg
content-length: 8684
server: nginx/1.17.6
last-modified: Sat, 23 Jul 2022 13:24:12 GMT
etag: "62dbf67c-21ec"
expires: Tue, 18 Oct 2022 20:26:42 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0efa623bed47d42f69be9e523e7725f4
b301c00ee9ab5778b326edea3bc274f8ae46da15
c7d4afc16dd19b5216a9c34cf3048b4e6dff056608666d6d40c9f5eeeae309a5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:26:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f3c1b705b929543711cc96507a60952b
b20afa731c5a5925bcf23b2a5e673c1ff0d7ec77
4eaaa1fa789a46a4a1ee02c23c7188bc7609383fc66dd259093de5911935e2b6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4EAAA1FA789A46A4A1EE02C23C7188BC7609383FC66DD259093DE5911935E2B6"
Last-Modified: Sat, 15 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9640
Expires: Sun, 16 Oct 2022 23:07:22 GMT
Date: Sun, 16 Oct 2022 20:26:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f3c1b705b929543711cc96507a60952b
b20afa731c5a5925bcf23b2a5e673c1ff0d7ec77
4eaaa1fa789a46a4a1ee02c23c7188bc7609383fc66dd259093de5911935e2b6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4EAAA1FA789A46A4A1EE02C23C7188BC7609383FC66DD259093DE5911935E2B6"
Last-Modified: Sat, 15 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9640
Expires: Sun, 16 Oct 2022 23:07:22 GMT
Date: Sun, 16 Oct 2022 20:26:42 GMT
Connection: keep-alive

creepingbrings.com/sfp.js

104.21.234.232

200 OK

27 kB

URL HTTP/2
creepingbrings.com/sfp.js
IP
104.21.234.232:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
27 kB (27120 bytes)
Hash
7d08e108469ec4f191e487612733570d
2266c4c3096af8f69a10bc37510286c32b473ba3
a59c526f279e496457e39c08b2db1db6a7bdaca08af2d514f0a761b93246a46c

HTTP Headers

GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:26:40 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 034da1b107408ba3f0b63281f5367390
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 16 Oct 2022 20:26:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k59a5qMifimBfn7Y8g%2BCLD0JNJLSAadieuzeGYDFD2ygk2rmprzrtcqCuU3GSUK0BHtMi33uOEIyQCVluaZLYfHHLFScGRBrw%2FufHBrKBhiisg2VZ1NSaNkZXflrjuAIhbvCiP4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b387e30efcf42f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.barscreative1.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html

45.133.44.3

200 OK

441 B

URL HTTP/2
cdn.barscreative1.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html
IP
45.133.44.3:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
441 B (441 bytes)
Hash
8134225bb30600edf37c493044ecef93
91c0256804ea93c2bec713d96d5015a843054443
2753bd5fd3458b31b4f81c6519f2aca7f900e182b5641571e3d000db9d40ebf7

HTTP Headers

GET /sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:26:41 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Mon, 27 Sep 2021 07:43:24 GMT
etag: W/"6151761c-52d"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 16 Oct 2022 21:26:41 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
78b7645f1c755a897caba5a6e41f40be
3aae69c7b4828bbcf4ab3149e2c95445e582c616
ae99de957282172b4585bba3f8d09a3f6e774a1bbf270031b99f31a1b07c219a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:26:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
78b7645f1c755a897caba5a6e41f40be
3aae69c7b4828bbcf4ab3149e2c95445e582c616
ae99de957282172b4585bba3f8d09a3f6e774a1bbf270031b99f31a1b07c219a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:26:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.1337xx.to
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Oct 2022 19:34:08 GMT
expires: Thu, 12 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 348754
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.1337xx.to
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Oct 2022 19:34:08 GMT
expires: Thu, 12 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 348754
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
78b7645f1c755a897caba5a6e41f40be
3aae69c7b4828bbcf4ab3149e2c95445e582c616
ae99de957282172b4585bba3f8d09a3f6e774a1bbf270031b99f31a1b07c219a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 20:26:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

invaderannihilationperky.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSzWskRRjGqzfx4p4Me1nEZQ4edmEz6e6Zng8XCcZsJBh3l40fOQhSXz0p09PVVHVPT4KH4ILszdmDeO08kw9Wg%2BhdF%2BkseMgp4ykH8x94WhQPIjKzwbgvFO9b9bwFv3rq%2FWInOyMuMnq6%2BJ7eUlFE54KqW7m%2B5nm3KisqzvqVfqvxSaN%2Bq2J6b7QbVfdG5R3JN%2FSc73qu67leZUkZGer%2B3FiESg7bXrXtVut%2B1Qvq6JsX9zZzYKkD0TsjM1BiNP3UuQLFS8Td7xel3Uh1cvN2N4toqg164uCDeCPWeYzuRRkaB2F8cN4NbU%2BWnkDHexNc6N5%2FjUyNiPPLE7D44BwSrLc74WQRZAwmLiPvlZBRCUVLcP0ASpwQgAvcuYu4u39Hm5xuPlfpWB2R6T%2BfQeUjMv3bFcTd7xYi1a%2Bs6ihLlY4t%2BmEB1S%2BhOiWS7Ajp1iWo%2FAg8%2FRxKEMTdAkqcvs5ky%2FV44M3WwsCfrdddMdvyqJwNhAgk9aVXo97EGKVKqLBEJAeg1kE2XspBFjrIEgddcVrhnuc1XcGp22pzXhNNyRrC9Wgz9KjnNlrI%2BJh9gDQZgEcDcLONxGxjQz06CWZgsp9h1wtY4cCmBD1RIJcEuSXIKUGuCPKUIO8VeyKyvi32RWQz5p1n%2FzzXiqFOOzt0T6cdGZOd5Iy8MvHs778q2JCnlWYgWZOFQUAbNd%2BXvutSXzbDNnfbYVNSBqsKKHtp8tItNSJX37yNRI3IS1%2F%2FA0aPYKMjcDUDmr0Gmg%2Bbvgu6Pqy3XGzFj71ardnvV1MNoQsk6TTSTWcnOiNXJxCt%2FTVIfjx%2FeP2P8suPb4CbAokp8Kl6StCJHg7v65zs3te5JT%2FcTVLVVVt0%2FKmrKU3l1Dfvys1cG7G8aAeP3%2BJjYVwevi9tukJjoeKOJd8uKCGkWdKGS%2FLTsv1IsnuZXV%2FITJwlK%2FfeXlruJkZaq3RcgqqTDz8DVyPy8qvVybReuzyCMiVMVqCbHZPzgNIleLINm1zQWz0FE130sMRBnhVD47OLw0iNiP9sFZE8nt%2F9ceartd9vgrICVv7v4kW9Yx%2BiY66Bpg8mg9ozBXpRARoNYLOpYZqY4%2Flfa5MAi5whi4yzyyITPXpur1WnlZormkyGsslkPaiHkgsWBMzlIWc10WpxpHbEV5TzLwAAAP%2F%2FAQAA%2F%2F8QAUPxfAQAAA%3D%3D

192.243.59.20

200 OK

7 B

URL HTTP/1.1
invaderannihilationperky.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSzWskRRjGqzfx4p4Me1nEZQ4edmEz6e6Zng8XCcZsJBh3l40fOQhSXz0p09PVVHVPT4KH4ILszdmDeO08kw9Wg%2BhdF%2BkseMgp4ykH8x94WhQPIjKzwbgvFO9b9bwFv3rq%2FWInOyMuMnq6%2BJ7eUlFE54KqW7m%2B5nm3KisqzvqVfqvxSaN%2Bq2J6b7QbVfdG5R3JN%2FSc73qu67leZUkZGer%2B3FiESg7bXrXtVut%2B1Qvq6JsX9zZzYKkD0TsjM1BiNP3UuQLFS8Td7xel3Uh1cvN2N4toqg164uCDeCPWeYzuRRkaB2F8cN4NbU%2BWnkDHexNc6N5%2FjUyNiPPLE7D44BwSrLc74WQRZAwmLiPvlZBRCUVLcP0ASpwQgAvcuYu4u39Hm5xuPlfpWB2R6T%2BfQeUjMv3bFcTd7xYi1a%2Bs6ihLlY4t%2BmEB1S%2BhOiWS7Ajp1iWo%2FAg8%2FRxKEMTdAkqcvs5ky%2FV44M3WwsCfrdddMdvyqJwNhAgk9aVXo97EGKVKqLBEJAeg1kE2XspBFjrIEgddcVrhnuc1XcGp22pzXhNNyRrC9Wgz9KjnNlrI%2BJh9gDQZgEcDcLONxGxjQz06CWZgsp9h1wtY4cCmBD1RIJcEuSXIKUGuCPKUIO8VeyKyvi32RWQz5p1n%2FzzXiqFOOzt0T6cdGZOd5Iy8MvHs778q2JCnlWYgWZOFQUAbNd%2BXvutSXzbDNnfbYVNSBqsKKHtp8tItNSJX37yNRI3IS1%2F%2FA0aPYKMjcDUDmr0Gmg%2Bbvgu6Pqy3XGzFj71ardnvV1MNoQsk6TTSTWcnOiNXJxCt%2FTVIfjx%2FeP2P8suPb4CbAokp8Kl6StCJHg7v65zs3te5JT%2FcTVLVVVt0%2FKmrKU3l1Dfvys1cG7G8aAeP3%2BJjYVwevi9tukJjoeKOJd8uKCGkWdKGS%2FLTsv1IsnuZXV%2FITJwlK%2FfeXlruJkZaq3RcgqqTDz8DVyPy8qvVybReuzyCMiVMVqCbHZPzgNIleLINm1zQWz0FE130sMRBnhVD47OLw0iNiP9sFZE8nt%2F9ceartd9vgrICVv7v4kW9Yx%2BiY66Bpg8mg9ozBXpRARoNYLOpYZqY4%2Flfa5MAi5whi4yzyyITPXpur1WnlZormkyGsslkPaiHkgsWBMzlIWc10WpxpHbEV5TzLwAAAP%2F%2FAQAA%2F%2F8QAUPxfAQAAA%3D%3D
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSzWskRRjGqzfx4p4Me1nEZQ4edmEz6e6Zng8XCcZsJBh3l40fOQhSXz0p09PVVHVPT4KH4ILszdmDeO08kw9Wg%2BhdF%2BkseMgp4ykH8x94WhQPIjKzwbgvFO9b9bwFv3rq%2FWInOyMuMnq6%2BJ7eUlFE54KqW7m%2B5nm3KisqzvqVfqvxSaN%2Bq2J6b7QbVfdG5R3JN%2FSc73qu67leZUkZGer%2B3FiESg7bXrXtVut%2B1Qvq6JsX9zZzYKkD0TsjM1BiNP3UuQLFS8Td7xel3Uh1cvN2N4toqg164uCDeCPWeYzuRRkaB2F8cN4NbU%2BWnkDHexNc6N5%2FjUyNiPPLE7D44BwSrLc74WQRZAwmLiPvlZBRCUVLcP0ASpwQgAvcuYu4u39Hm5xuPlfpWB2R6T%2BfQeUjMv3bFcTd7xYi1a%2Bs6ihLlY4t%2BmEB1S%2BhOiWS7Ajp1iWo%2FAg8%2FRxKEMTdAkqcvs5ky%2FV44M3WwsCfrdddMdvyqJwNhAgk9aVXo97EGKVKqLBEJAeg1kE2XspBFjrIEgddcVrhnuc1XcGp22pzXhNNyRrC9Wgz9KjnNlrI%2BJh9gDQZgEcDcLONxGxjQz06CWZgsp9h1wtY4cCmBD1RIJcEuSXIKUGuCPKUIO8VeyKyvi32RWQz5p1n%2FzzXiqFOOzt0T6cdGZOd5Iy8MvHs778q2JCnlWYgWZOFQUAbNd%2BXvutSXzbDNnfbYVNSBqsKKHtp8tItNSJX37yNRI3IS1%2F%2FA0aPYKMjcDUDmr0Gmg%2Bbvgu6Pqy3XGzFj71ardnvV1MNoQsk6TTSTWcnOiNXJxCt%2FTVIfjx%2FeP2P8suPb4CbAokp8Kl6StCJHg7v65zs3te5JT%2FcTVLVVVt0%2FKmrKU3l1Dfvys1cG7G8aAeP3%2BJjYVwevi9tukJjoeKOJd8uKCGkWdKGS%2FLTsv1IsnuZXV%2FITJwlK%2FfeXlruJkZaq3RcgqqTDz8DVyPy8qvVybReuzyCMiVMVqCbHZPzgNIleLINm1zQWz0FE130sMRBnhVD47OLw0iNiP9sFZE8nt%2F9ceartd9vgrICVv7v4kW9Yx%2BiY66Bpg8mg9ozBXpRARoNYLOpYZqY4%2Flfa5MAi5whi4yzyyITPXpur1WnlZormkyGsslkPaiHkgsWBMzlIWc10WpxpHbEV5TzLwAAAP%2F%2FAQAA%2F%2F8QAUPxfAQAAA%3D%3D HTTP/1.1
Host: invaderannihilationperky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: u_pl=16578592; uid_id2=be801c51-3f52-440d-81ae-5dd5ea2e13a1:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 16 Oct 2022 20:26:42 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f1ba8fefebe0d80737f1edfc320f7ec5
Strict-Transport-Security: max-age=0; includeSubdomains

invaderannihilationperky.com/pixel/sbs?c=1

192.243.59.20

200 OK

0 B

URL HTTP/1.1
invaderannihilationperky.com/pixel/sbs?c=1
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: invaderannihilationperky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: u_pl=16578592; uid_id2=be801c51-3f52-440d-81ae-5dd5ea2e13a1:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 16 Oct 2022 20:26:42 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.sb4you1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js

172.64.111.27

200 OK

0 B

URL HTTP/2
cdn.sb4you1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js
IP
172.64.111.27:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/ssp/vpn/classic-push/small/js/jquery.min.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:26:42 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 12:03:44 GMT
etag: W/"6149ca20-1499c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 6430953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTITuYxFGoQPb%2FtrTmMzdLhEq8wV%2BQxPrM80gc5ogy%2FEUHrPYs9xkB0yqN%2FoIgTSNpM3zOxdF7O803%2BxOgMC7JvTHEqGedhEzYugDCsv3qWuCgpMh0Csd4ZHIkesNTTq0Nw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b387ed1b2b776d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/ssp/vpn/classic-push/small/js/script.js

172.64.111.27

200 OK

0 B

URL HTTP/2
cdn.sb4you1.com/sb/ssp/vpn/classic-push/small/js/script.js
IP
172.64.111.27:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/ssp/vpn/classic-push/small/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:26:42 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 12:03:44 GMT
etag: W/"6149ca20-3c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 66780
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmO80HCl6xRQcguPEW6zjtgrsfOA3BKUeCSPgceDe0vj5w9vX%2F7TYzIVVQVyC5ndXPlXHX0Ou%2BLH7p0Ged%2Btpokyty%2FOvCGVEkhUDXHIaL64wfZ8M%2FA2%2BcxhEEl6EPw79WI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b387ed7bf5776d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.1337xx.to/torrent/4890940/DRIFT21-v-rev_19216-MULTi12-FitGirl-Repack/

104.21.11.234

200 OK

0 B

URL HTTP/2
www.1337xx.to/torrent/4890940/DRIFT21-v-rev_19216-MULTi12-FitGirl-Repack/
IP
104.21.11.234:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /torrent/4890940/DRIFT21-v-rev_19216-MULTi12-FitGirl-Repack/ HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:26:39 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKNlN%2F8OeRzC6FK89lxQMtmzckTVWw9RIUuRqNgBOcYO4jU9tWPsU9sNUnjvsibDmw%2FGSA%2F0LUsHl4uYT2qkc5Dq11bgZhuEQwO636MHBagsYwHfnZU5yNjBAIJNHfB3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75b387db5af8b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

addresseepaper.com/sfp.js

104.21.235.2

200 OK

0 B

URL HTTP/2
addresseepaper.com/sfp.js
IP
104.21.235.2:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:26:40 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 41920792b17ce375ef825d4fdf5128e9
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 16 Oct 2022 20:26:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GIcaeE5jBdtm9%2BN8g8AU1OvubQXiyD5xNHSLu5gAF68WUjlA7HpL4rYeUDY0jyCAB49xP9Sqd2on7nuJRa7FsbZ8L%2FFkAahz0r9qdDfWp5M7eU5LzK3m7%2BmUuJxtBYUuQlAql4E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b387e2ccac75cf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/ssp/vpn/classic-push/small/css/animate.css

172.64.111.27

200 OK

0 B

URL HTTP/2
cdn.sb4you1.com/sb/ssp/vpn/classic-push/small/css/animate.css
IP
172.64.111.27:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/ssp/vpn/classic-push/small/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 16 Oct 2022 20:26:42 GMT
content-type: text/css
last-modified: Tue, 21 Sep 2021 12:03:42 GMT
etag: W/"6149ca1e-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 66782
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31%2FOjMBcmLsOzDvwt5wYev8DP7FI%2BpmcowRDdnfA0fiaN5w%2BxheCbMK%2F%2BohMqAyjGX5Dk4%2FJ8%2FrucOxkNVbZ5PdF3kFDbQnVqXdI5%2FJBvE7sCSQAb%2F5PJvkJ7BRG3j7UfC4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b387ecdac8776d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 16 Oct 2022 20:26:42 GMT
date: Sun, 16 Oct 2022 20:26:42 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations