| cdn.akamai.steamstatic.com/steam/apps/804760/header.jpg | 23.36.76.241 | 200 OK | 44 kB |
URL GET HTTP/1.1cdn.akamai.steamstatic.com/steam/apps/804760/header.jpg IP23.36.76.241:443 ASN#20940 Akamai International B.V.
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerLet's Encrypt Subjectcdn.akamai.steamstatic.com FingerprintE0:5D:52:B1:76:EB:D8:4A:30:6F:25:76:22:B1:31:81:41:54:C4:74 ValidityThu, 04 Apr 2024 17:02:56 GMT - Wed, 03 Jul 2024 17:02:55 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 460x215, components 3 Hash2480631a6cdec5908f9ade556d18ca38 b84f62ec07a855998575a7214b8938b113ea399f 548c22b80df5675a2d8496121189c0c7f1c383f33add649e67def2bffb82c84e
GET /steam/apps/804760/header.jpg HTTP/1.1
Host: cdn.akamai.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Mon, 05 Mar 2018 15:36:43 GMT
ETag: "5a9d640b-aa09"
Server: nginx
Access-Control-Allow-Origin: *
Content-Type: image/jpeg
Content-Length: 43529
Accept-Ranges: bytes
Cache-Control: public, max-age=552735
Expires: Fri, 10 May 2024 19:46:31 GMT
Date: Sat, 04 May 2024 10:14:16 GMT
Connection: keep-alive
|
|
| www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2 | 188.114.97.1 | 200 OK | 27 kB |
URL GET HTTP/3www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2 IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash87e7470ed575fe2c31903e92fc0051a9 e46f7be29ccedf3cfe9803ad266c3a434e456b94 c5a77784312d1bddfc0c82e54d49291a16d73a45e2e8589ec27dba3d8201a85e
GET /css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2 HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ebhs3ZZZQXEzl%2Fqm1Nyshpkpc3qhTFRAo%2BKxFIhWa%2FGs6COLvPVftw3vJTQF%2BQ5oh%2BQBfV%2BFxhfSxrKIjexDBZxg9BmnCzWnt7%2F6nFEqXkZ0tk%2Fub2T3JFLz%2ByjwMCaE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b90f5b3eb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/static/css/modal.css | 188.114.97.1 | 200 OK | 26 kB |
URL GET HTTP/3www.1337xx.to/static/css/modal.css IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeASCII text, with CRLF line terminators Hash4598337dd3a46c4a93cd1ba051586a07 5287bf01328cc107f9c8319bc221e468f0df3d0c 23b0298637be3cae39eb10ebfddba6829621e4c11973b2659619887d376487e2
GET /static/css/modal.css HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: text/css
last-modified: Wed, 22 Jun 2022 05:26:32 GMT
vary: Accept-Encoding
etag: W/"62b2a808-103e"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=83QArJe4IFD%2Fj7d6I7rQn49OzwooEp0cb9Z8hnF9v2Bz2tM20BQr00UeDBYlqMHINV%2FKp0XFZVYgkU0llkDaQD6FYdkz4oN1ZfusFM8ZOukqbGPzrASTWr%2FnmbjgNQwK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b90f6b47b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/static/js/tab.js | 188.114.97.1 | 200 OK | 23 kB |
URL GET HTTP/3www.1337xx.to/static/js/tab.js IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeJavaScript source, ASCII text, with very long lines (1820), with no line terminators Hashbdccba90d093432de58bc0d3fc151a95 d6db9210b8d67d8486babaf2fa88fb1a3ef2c781 b44a83c3140140106709bd4a0a8e6500086f01b87b4480fcc0f3cdf196a268bb
GET /static/js/tab.js HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 05:27:34 GMT
vary: Accept-Encoding
etag: W/"62b2a846-71c"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ATC23JhJOtxY%2FIHDIPQrLddnkCeUMd2e1Zvm88hGq%2FL7ekOjswici5D0aY0cAOR6p%2FLhB6WOjHMfj9i3UKNpD8bzI9XOUbtCxGB1hbxGBFm04KhjEAlaWmjCi6anTHFi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b90f8b8cb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/static/js/main.js?v=1 | 188.114.97.1 | 200 OK | 55 kB |
URL GET HTTP/3www.1337xx.to/static/js/main.js?v=1 IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeJavaScript source, ASCII text Hash5c87297596179b890841cf19f434c4ba a956aeeb2e1cd686c21f4adac5688730e06638af 19c273d0582b3b6392302ece922088dfad5be1e094fb8510f1ed62320a3d2b26
GET /static/js/main.js?v=1 HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 05:27:30 GMT
vary: Accept-Encoding
etag: W/"62b2a842-63e"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XIkiASARD5DeWsBL93j%2BP1S80zdMevuZz9eJ1P07An7vgJGM1r6yzl0VyWQiuZGC%2F1Xu9oHOfWRt0VZA5b%2BDQ9n2GLi5%2BrBZVCp%2FOZXDo5HB73XHnxu1f8iSHKJ9KIow"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b90f7b6fb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/static/js/jquery-1.11.0.min.js | 188.114.97.1 | 200 OK | 86 kB |
URL GET HTTP/3www.1337xx.to/static/js/jquery-1.11.0.min.js IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeJavaScript source, ASCII text, with very long lines (32341), with CRLF line terminators Hasheaec1712551cd2792f4607f39fab12e7 2439711705752fac5dd1a6a8d6b1be63ffcbc76d 746e54e89161118a67bd59103c4ab55e3060735cc85c1d047c2cf04d4b12043d
GET /static/js/jquery-1.11.0.min.js HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 05:27:25 GMT
vary: Accept-Encoding
etag: W/"62b2a83d-17881"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QJHrQihI9YOKdDhyk2Z7zRM74C9JEN553HBqwGatlEJIh8tPElSu1yjAJrxNR3NePbqeFvwUxGDlJ5pmkmj%2Bs3fLGZtU7qClKUkTMlI04h1AqZAgQ1iBAazPzrRcyooA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b90f6b61b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/static/css/scrollbar.css | 188.114.97.1 | 200 OK | 79 kB |
URL GET HTTP/3www.1337xx.to/static/css/scrollbar.css IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeASCII text, with very long lines (43122), with no line terminators Hash623cff5077cfc4bd395df29169b62883 e64507b0cb896794fdf04d14008639bc8edae0c6 b983b9a17054f789d9873cd4b4ba2dedc7c040234e81b29edef8d0a455f13063
GET /static/css/scrollbar.css HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: text/css
last-modified: Wed, 22 Jun 2022 05:26:34 GMT
vary: Accept-Encoding
etag: W/"62b2a80a-a872"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sP3TIxG9TzPCk%2BI4sxD1cDHb1uAPfxHr924GSH6pnIeLjaX3pXoiLnNs%2FS1Ye3J1XNFibCmC03ClKXckHnkjTFpGDkW8axOH9Mo6EVUM2Z8xMeHoVt%2FUrpU3uHm9rRqc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b90f5b43b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/css/images/sep.png | 188.114.97.1 | 200 OK | 979 B |
URL GET HTTP/3www.1337xx.to/css/images/sep.png IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typePNG image data, 4 x 20, 8-bit/color RGBA, non-interlaced Hashf5ad1e8afade5211d93125e993a936ba cfda5224a37a1c391afc574ac33e7e9bde1e98ed fde5dfff31f2e819031fe7cf8a2729fe1c81ab96576167b5f4cebb3ca4c160d5
GET /css/images/sep.png HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: image/png; charset=utf-8
content-length: 979
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2BSEUX%2Bz5npZVUUDEtTlY3bQEjjVfYECdLlzTrqjVhkv16DSNmg2vtnstksDsJ5AJ11%2FW1qBij%2FGBqNy852VMFcmyxAd7d6ZLSBj%2BPs%2FlrzladofJOdSPuL29GE%2FTvLl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b9116dd3b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/css/images/nav-bg.png | 188.114.97.1 | 200 OK | 616 B |
URL GET HTTP/3www.1337xx.to/css/images/nav-bg.png IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typePNG image data, 224 x 38, 8-bit/color RGBA, non-interlaced Hashad83550eff315bb6a02e2cfd2cfde3ad 055c467e7c93ee76a9653e8b898f6823197dae8e 3794019a41c0284bee7a232dc11d922b847c614bc439cdac17de2c0175199752
GET /css/images/nav-bg.png HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: image/png; charset=utf-8
content-length: 616
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KAcnfaXqvnVdLMsRGno1PRzJREzqq2Ls8%2FUzLGDGqCnUvJr2gXrRtUqDSipKqwcOCRUZ%2FCWapvj9qHQtRUzMhNxBH%2FcQkaKhI5MLmIOmoV1acRjroeJu8dgem16llE6h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b9116dd0b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/css/images/black-gradient-bg.jpg | 188.114.97.1 | 200 OK | 1.2 kB |
URL GET HTTP/3www.1337xx.to/css/images/black-gradient-bg.jpg IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 10x163, components 3 Hashcb17ba9d17b5dc975e48c45b4e257d65 1708d0bf5fd0bf4c5f4ca9f3ec54b9e56c2e8b1f 320b0fb44f87a3c51be6bbf2ea264f231667131016616d32918d31b31bb45a6f
GET /css/images/black-gradient-bg.jpg HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: image/jpg; charset=utf-8
content-length: 1180
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eEGSp3l%2FUvUwoj9686WUMBzR3r7%2FA61N4zszgy%2Fscpn%2FhAzH8JYY47zgCvGp0xpkPG9Ob0eUwX02APX7wXyTfSUVs4T6qHsMM6ZZnJDDeZTnh3ibkpKdYrvuBNql3OMS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b9116dd6b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/static/css/images/detail-bg.jpg | 188.114.97.1 | 200 OK | 1.3 kB |
URL GET HTTP/3www.1337xx.to/static/css/images/detail-bg.jpg IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 4x4, components 3 Hash22f4af1c6d3dfb8e7defd15cd4727660 2c00eaafee91994085bae813fcbe2275e71c0b39 7009cc20bd7c267c5950a4cf3d75c16e4f342f3c7d1ecb6082b199da1a71df80
GET /static/css/images/detail-bg.jpg HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/static/css/torrent.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: image/jpg; charset=utf-8
content-length: 1339
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sseUU1eYwkfbbB01dDRFnUERJBeWcJCSfWei0BPwhxmUarkLBdaappmqPYBCIY9fvhVOhtdkNqrNkWcR10Cjq19YY7KuXCr2MTcd5en7roADGVG%2BqYoJATKKGKHfcsEg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b9116dd7b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/css/images/nav-hover.jpg | 188.114.97.1 | 200 OK | 1.2 kB |
URL GET HTTP/3www.1337xx.to/css/images/nav-hover.jpg IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 20x20, components 3 Hash248a62fead4580264aee0ab8fdbf5d1b 46be6ecdbf1f20fbc3d007d70b69383857a8a2b7 48c3b716c25fb706acee3f768b06eec4722ca83174ae484b031b8447d126f8de
GET /css/images/nav-hover.jpg HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: image/jpg; charset=utf-8
content-length: 1208
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U5kXo7%2F55KDIGy009O0wlKxzBgxIfXS3LQ%2Ftwdjnbmk7qk6dcY8WTaqfh7R0jC9B1mPRcKC1urbf0ME6cOsacM3oTlPEuc8JBuS0wv6bsZiU%2FoID9DPXZUQuVNr47aUS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b9116dd5b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/css/images/notfication-bg.png | 188.114.97.1 | 200 OK | 121 B |
URL GET HTTP/3www.1337xx.to/css/images/notfication-bg.png IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typePNG image data, 4 x 4, 8-bit/color RGBA, non-interlaced Hash831c43c31346a124b70b6475490313f7 6bf7b325c7e207f9da08188af23723195ee5d3a3 19af91163505935886535f7b68b1528f99eb97d003fc03972e140da02c11d242
GET /css/images/notfication-bg.png HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/static/css/torrent.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: image/png; charset=utf-8
content-length: 121
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rEkVuFUQYiE2OgIuZo9%2FKgeV5BGGMu6MpvdHJr8LEQP6acMsl9OilQ4m55pFQJ0htmDAWyoXSxs3mUNtRkE99NR0VeNfHFzna%2FuBMS73OiK4jqTdFf1t6WMsMyvBHHMc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b911be24b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/css/images/tabs-nav-bg.jpg | 188.114.97.1 | 200 OK | 946 B |
URL GET HTTP/3www.1337xx.to/css/images/tabs-nav-bg.jpg IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typePNG image data, 10 x 46, 8-bit/color RGB, non-interlaced Hash74484aff30458cf3eef0104c2b48d070 7cf67e90bafd3519f360d4640c2ee0e029b500f8 879de89af5f1ff7a9174f0fc861a5d1bbd509584ea760b9c5c3168c97a10feb8
GET /css/images/tabs-nav-bg.jpg HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: image/jpg; charset=utf-8
content-length: 946
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pm3ykm2N1SIw8tk4%2FLPd%2FZ3qSrBDze%2FL6qCKlwrxla5HGyhaov6faSgOS4FKBgKdCcExOQoqPomR6hS5o7VyFtxuo%2FJfDQusPnIiloxLxMErPZ7NAslNCMCWgx%2BlCOb4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b911be2cb4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/static/fonts/Flaticon.woff | 188.114.97.1 | 200 OK | 27 kB |
URL GET HTTP/3www.1337xx.to/static/fonts/Flaticon.woff IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeWeb Open Font Format, TrueType, length 27404, version 0.0 Hash1dbab8d47aa2e11c55216ab3286d6f69 c7a7f3ddf37063ac02273eb4fe7ebc98e9cf97bf ef35a8d776774a5fba83f188738af52b85e278c4bf7c5695700161febdc36b05
GET /static/fonts/Flaticon.woff HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/static/css/icons.css?v=1.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: application/font-woff
content-length: 27404
last-modified: Wed, 22 Jun 2022 05:26:45 GMT
etag: "62b2a815-6b0c"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BTq2Qb0qL4bZAbyZZjwJXeZy8b9JVi0qhVyux5ST280ip3J9MAAlrfzHafaEzfIqjknWFjPuM6HROXfU%2FVlT4w2Slz2HamRuPb%2FhnU60xdKeUPmc%2FnDDcyS9I3A0uzbx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b911be33b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/css/webfonts/opensans-bold.woff | 188.114.97.1 | 200 OK | 22 kB |
URL GET HTTP/3www.1337xx.to/css/webfonts/opensans-bold.woff IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeWeb Open Font Format, TrueType, length 22432, version 1.0 Hash2e90d5152ce92858b62ba053c7b9d2cb 8cf65f42a2a8c349ccd6ab63b6cbd17c96fd665c a0357cb694b5284870c77c0dbcaf33f238004800419288afde313317b0dbd0b7
GET /css/webfonts/opensans-bold.woff HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: application/font-woff
content-length: 22432
last-modified: Wed, 22 Jun 2022 05:25:42 GMT
etag: "62b2a7d6-57a0"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HP6K4s%2F6PouoCqc0Q9Tm6Rc%2Fh7EAwo%2F8s9LRG8v8WVUQ48OeG7JlaIDN0%2BuKyLBisaBKkLpsQioOGpyRTaC10K8OovTI2wbJwURFWDk5nv43x3lm%2B9w0YIYnMucB6lou"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b9122ea6b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/css/webfonts/oswald-bold.woff | 188.114.97.1 | 200 OK | 22 kB |
URL GET HTTP/3www.1337xx.to/css/webfonts/oswald-bold.woff IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeWeb Open Font Format, TrueType, length 22548, version 1.0 Hash5737d9a70b478e869c68cd1dc1b67cbc f8095e94a0765bf23b164e9c06cf5112b3d50f3c a9ef49b82729c7b1961f04aa67ea4a305cf7d0e8391981a8164997001c5918e9
GET /css/webfonts/oswald-bold.woff HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: application/font-woff
content-length: 22548
last-modified: Wed, 22 Jun 2022 05:25:45 GMT
etag: "62b2a7d9-5814"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g%2Fcm4pjj3ouWz%2BT8wlgovI6eh8pOui2wR9dyrutqP2E%2BCX8PLlCIoP%2F%2FFmPTgs2%2FTfEoRIAqW1Fsw%2BBKX188lYy98rBVAWC685S8D9IMBlAm92Sd5BZ%2FN%2Fm1e8RmUpUt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b9122ea3b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/static/js/jquery-ui.js | 188.114.97.1 | 200 OK | 230 kB |
URL GET HTTP/3www.1337xx.to/static/js/jquery-ui.js IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeJavaScript source, ASCII text, with very long lines (4492) Size230 kB (229719 bytes) Hash7ddac2a3d1e7091bd51f23f0250a7fea 5537fb7969f7a8349e0292ce9710df8daae5ad3c ebdadbb78c8a4e8433168bcdb49b87d0cb4809bbca7aaf29fbe36a9c77be5e35
GET /static/js/jquery-ui.js HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 05:27:28 GMT
vary: Accept-Encoding
etag: W/"62b2a840-4aff8"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gYe3gPJUbchSVPG%2FYrCjZaGmss3SnWL5ABbFb8Qcrq5TPIJBcpOPU2jWseCVq1to%2Fkan2l5E2x%2FeEv%2BerKAOdByZlCRtH6lR6E0pdBMekjT3LScqXNZoOlKcJCAWJK95"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b90f7b64b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| growingcastselling.com/bd/6c/33/bd6c3375a35d155e03aef20bbbe563ea.js | 192.243.61.227 | 200 OK | 28 kB |
URL GET HTTP/1.1growingcastselling.com/bd/6c/33/bd6c3375a35d155e03aef20bbbe563ea.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerLet's Encrypt Subjectgrowingcastselling.com Fingerprint3E:B6:D3:62:BC:57:AD:19:9E:FA:67:C4:B3:FA:10:7C:98:4A:71:2B ValidityThu, 18 Apr 2024 13:01:11 GMT - Wed, 17 Jul 2024 13:01:10 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash47a4a1ba273f27e95b99a0192bb6ef52 241e5d0268483f04f5924a07047c2322671b29a5 901667f6b5f9f221a2581e8dc6b22cf4eee9e793c0f6999570974bebc3ed361e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bd/6c/33/bd6c3375a35d155e03aef20bbbe563ea.js HTTP/1.1
Host: growingcastselling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 10:14:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 61098f424eb7cf5267ffded459e10c49
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| growingcastselling.com/75/eb/7b/75eb7bf55a6322e200a2e7f9c09f7eab.js | 192.243.61.227 | 200 OK | 16 kB |
URL GET HTTP/1.1growingcastselling.com/75/eb/7b/75eb7bf55a6322e200a2e7f9c09f7eab.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerLet's Encrypt Subjectgrowingcastselling.com Fingerprint3E:B6:D3:62:BC:57:AD:19:9E:FA:67:C4:B3:FA:10:7C:98:4A:71:2B ValidityThu, 18 Apr 2024 13:01:11 GMT - Wed, 17 Jul 2024 13:01:10 GMT
File typeJavaScript source, ASCII text, with very long lines (45342), with no line terminators Hash5cc582b5baaef2ac272a76b082d05ad9 d9b64613774ea246ae7d5908ad90aff5a99f9674 f13e30291bce6eb7f39b0dcf55b6c59bbd6521c272f32ae0bc3af2fb953d9b23
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /75/eb/7b/75eb7bf55a6322e200a2e7f9c09f7eab.js HTTP/1.1
Host: growingcastselling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 10:14:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3448=1; expires=Tue, 07 May 2024 13:14:16 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0ed69de577fe5c2e97954edbce7e2d01
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| proftrafficcounter.com/stats | 18.185.9.67 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.9.67:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashdeb9c323a1c4b3356240b087f60b4d48 eb060aaefb0c038585373a7e49578ed476d2fee8 7c84ac5571533dbe4ab1b6ee964f9b89cad50f53f6df6348ab5c73724613d5c6
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 10:14:17 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.1337xx.to
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=6eaa5988-a702-4ccd-86d7-201cd3e40af7:3:1; expires=Tue, 02 May 2034 10:14:17 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 18.185.9.67 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.9.67:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash8e2dc4f9f1537740737a4c8ef8ce07ae 2d0f0eff14a3ad7d0cde607be949270386a8e8ad ac7d2448d332199d3c515dd7df5db85142492711a3404549beaaaf365878eb6f
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 10:14:17 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.1337xx.to
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=f1250720-9b06-4646-ac6b-32987bfbcf81:1:1; expires=Tue, 02 May 2034 10:14:17 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| capaciousdrewreligion.com/advertisers.js | 192.243.59.13 | 200 OK | 0 B |
URL GET HTTP/1.1capaciousdrewreligion.com/advertisers.js IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerLet's Encrypt Subjectcapaciousdrewreligion.com Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 10:14:17 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d6bee6e2da072454e496b2a0d3379ef7
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| dudleynutmeg.com/sbar.json?key=75eb7bf55a6322e200a2e7f9c09f7eab&psid=CF-3448_1&uuid=6eaa5988-a702-4ccd-86d7-201cd3e40af7%3A3%3A1 | 192.243.59.13 | 200 OK | 5.9 kB |
URL GET HTTP/1.1dudleynutmeg.com/sbar.json?key=75eb7bf55a6322e200a2e7f9c09f7eab&psid=CF-3448_1&uuid=6eaa5988-a702-4ccd-86d7-201cd3e40af7%3A3%3A1 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerLet's Encrypt Subjectdudleynutmeg.com Fingerprint62:D3:F0:A3:00:F3:7A:E7:CF:5D:4D:AE:08:F0:E9:8D:45:2E:0D:90 ValidityTue, 30 Apr 2024 15:24:37 GMT - Mon, 29 Jul 2024 15:24:36 GMT
Hash14d1b5f5398bdf28ea40797481904364 d379ed34b7f6cdb11fda80587b9f039cd82d0382 8e2515d6652d401fdac8d633e05dc5ddd17d724903ca201d677663a6a2e3b053
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=75eb7bf55a6322e200a2e7f9c09f7eab&psid=CF-3448_1&uuid=6eaa5988-a702-4ccd-86d7-201cd3e40af7%3A3%3A1 HTTP/1.1
Host: dudleynutmeg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 10:14:17 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.1337xx.to
Access-Control-Allow-Origin: https://www.1337xx.to
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16578592; expires=Sun, 05 May 2024 10:14:17 GMT; secure; SameSite=None
uid_id2=6eaa5988-a702-4ccd-86d7-201cd3e40af7:3:1; expires=Sat, 11 May 2024 10:14:17 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 May 2024 10:14:17 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 May 2024 10:14:17 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 05 May 2024 10:14:17 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 05 May 2024 10:14:17 GMT; secure; SameSite=None
slec75eb7bf55a6322e200a2e7f9c09f7eab=[5212671,5212672]; expires=Sat, 04 May 2024 10:14:22 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a9914a85e2165cf73dcbd006eff4db55
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| dudleynutmeg.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwW8bRRTGZ9NwgQNQ9YIQkg8cADXO7tretakQIm2DKkJTtSA4Uc3OzDpDxjurmR2vk1NEJVQ4GS5cN5%2BTRoEKwR9ABU4lDpWQYk45kBt%2FAVLFAQGyiTC8y3tvvjfS730zH%2B%2B6UxLC0ZMrb%2BttqRRdbtX92kvvB8Gl2prM3KA2aEe3o%2Balmum%2F2onq%2Fsu1NwXb1MuhH%2Fh%2B4Ae1VWlEqgfLUxEyv98J6h2%2F3gzrQauJgfl%2Fb50HSz3w%2Fik5D8kniw%2B9C5BsjKz3zRVhNwudX7zac4oW2qDPD97NNjNdZujNy9R4SLODs2loe7z6ADrbn%2BFC9%2F8dTOSEeD8%2BQJIdnEEi6e%2FNOBMFkSHhT6HsjyHUGJKOwfQdSH5MAMZxfR1Z7951bUq69Y9Kp%2BqELD7%2BDbKckMVfLiDrfb2i5KB2SytXSJ1ZDNIKcjCG7I6RuyMU2wuQ5RFY8REk%2F4ksP15D1ttbt0pD8pMXI0Fpq9NuL9HYD5eajPGldsTjpdAPGG%2BIpk%2FTeGaQlGPIdAwlhqD2HJz14KQHl3pwuYceP6mxIAhinzPqtzuMNXgskoj7AY3TgAZ%2B1IZj0x2GKPIhmBqCmR3kZgeb8rPj1nkY9z3sRgXLPdiCoM8rlIKgtAQlJSglQVkQlP1qnysb2uoeV9YlwVkOz3KjGumiu0v3ddEVGQE1Qxhe7ean5NmZh3%2F8XsOmOKnFLZHESdpq0agRhiL0fRqKOO0wv5PGgiaw8vDy6lKj2WzfDiDtAqj1sC0n5LnXriKXE%2FLEF38ioUew6ghMPgPqXgAtK9CNCtvZYdBoxINBvdDgukJeLKLY8nbVKXl%2BxrH%2ByV8Q7NHrPzdmAWYq5KbCh%2FIhQVfdHd3UJdm7qUtLvl3PC9mT23T6zrcKWohzX74ltkpt%2BLUrdnj4BpsK0%2FL%2BO8IWazTjMuta8tWK5FyYVW2YIN9ds%2B%2BJ5IazGyvOZC5fu3F59VovN8JaqbMxqDxeme4xIU%2F%2F8MrsA1%2F84FdIM4ZxFXruETkLSH0Elu%2FA5nN6qwmMms8kuYfSVSMTJvNDJQmUmPc0qWD%2F0yfzemTo9DaV1a69i65ZAC3uIOtV6JsKfVWBqiGsOzcqcjPHSNTCKFFmYS9RRn0%2BM3lC1j8lsPKkFjcaPo06rSCOqYiTZthOo4BTGjajMIpoA4WdpNGTW38DAAD%2F%2FwEAAP%2F%2FqiBsa5oEAAA%3D | 192.243.59.13 | 200 OK | 7 B |
URL GET HTTP/1.1dudleynutmeg.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSwW8bRRTGZ9NwgQNQ9YIQkg8cADXO7tretakQIm2DKkJTtSA4Uc3OzDpDxjurmR2vk1NEJVQ4GS5cN5%2BTRoEKwR9ABU4lDpWQYk45kBt%2FAVLFAQGyiTC8y3tvvjfS730zH%2B%2B6UxLC0ZMrb%2BttqRRdbtX92kvvB8Gl2prM3KA2aEe3o%2Balmum%2F2onq%2Fsu1NwXb1MuhH%2Fh%2B4Ae1VWlEqgfLUxEyv98J6h2%2F3gzrQauJgfl%2Fb50HSz3w%2Fik5D8kniw%2B9C5BsjKz3zRVhNwudX7zac4oW2qDPD97NNjNdZujNy9R4SLODs2loe7z6ADrbn%2BFC9%2F8dTOSEeD8%2BQJIdnEEi6e%2FNOBMFkSHhT6HsjyHUGJKOwfQdSH5MAMZxfR1Z7951bUq69Y9Kp%2BqELD7%2BDbKckMVfLiDrfb2i5KB2SytXSJ1ZDNIKcjCG7I6RuyMU2wuQ5RFY8REk%2F4ksP15D1ttbt0pD8pMXI0Fpq9NuL9HYD5eajPGldsTjpdAPGG%2BIpk%2FTeGaQlGPIdAwlhqD2HJz14KQHl3pwuYceP6mxIAhinzPqtzuMNXgskoj7AY3TgAZ%2B1IZj0x2GKPIhmBqCmR3kZgeb8rPj1nkY9z3sRgXLPdiCoM8rlIKgtAQlJSglQVkQlP1qnysb2uoeV9YlwVkOz3KjGumiu0v3ddEVGQE1Qxhe7ean5NmZh3%2F8XsOmOKnFLZHESdpq0agRhiL0fRqKOO0wv5PGgiaw8vDy6lKj2WzfDiDtAqj1sC0n5LnXriKXE%2FLEF38ioUew6ghMPgPqXgAtK9CNCtvZYdBoxINBvdDgukJeLKLY8nbVKXl%2BxrH%2ByV8Q7NHrPzdmAWYq5KbCh%2FIhQVfdHd3UJdm7qUtLvl3PC9mT23T6zrcKWohzX74ltkpt%2BLUrdnj4BpsK0%2FL%2BO8IWazTjMuta8tWK5FyYVW2YIN9ds%2B%2BJ5IazGyvOZC5fu3F59VovN8JaqbMxqDxeme4xIU%2F%2F8MrsA1%2F84FdIM4ZxFXruETkLSH0Elu%2FA5nN6qwmMms8kuYfSVSMTJvNDJQmUmPc0qWD%2F0yfzemTo9DaV1a69i65ZAC3uIOtV6JsKfVWBqiGsOzcqcjPHSNTCKFFmYS9RRn0%2BM3lC1j8lsPKkFjcaPo06rSCOqYiTZthOo4BTGjajMIpoA4WdpNGTW38DAAD%2F%2FwEAAP%2F%2FqiBsa5oEAAA%3D IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerLet's Encrypt Subjectdudleynutmeg.com Fingerprint62:D3:F0:A3:00:F3:7A:E7:CF:5D:4D:AE:08:F0:E9:8D:45:2E:0D:90 ValidityTue, 30 Apr 2024 15:24:37 GMT - Mon, 29 Jul 2024 15:24:36 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSwW8bRRTGZ9NwgQNQ9YIQkg8cADXO7tretakQIm2DKkJTtSA4Uc3OzDpDxjurmR2vk1NEJVQ4GS5cN5%2BTRoEKwR9ABU4lDpWQYk45kBt%2FAVLFAQGyiTC8y3tvvjfS730zH%2B%2B6UxLC0ZMrb%2BttqRRdbtX92kvvB8Gl2prM3KA2aEe3o%2Balmum%2F2onq%2Fsu1NwXb1MuhH%2Fh%2B4Ae1VWlEqgfLUxEyv98J6h2%2F3gzrQauJgfl%2Fb50HSz3w%2Fik5D8kniw%2B9C5BsjKz3zRVhNwudX7zac4oW2qDPD97NNjNdZujNy9R4SLODs2loe7z6ADrbn%2BFC9%2F8dTOSEeD8%2BQJIdnEEi6e%2FNOBMFkSHhT6HsjyHUGJKOwfQdSH5MAMZxfR1Z7951bUq69Y9Kp%2BqELD7%2BDbKckMVfLiDrfb2i5KB2SytXSJ1ZDNIKcjCG7I6RuyMU2wuQ5RFY8REk%2F4ksP15D1ttbt0pD8pMXI0Fpq9NuL9HYD5eajPGldsTjpdAPGG%2BIpk%2FTeGaQlGPIdAwlhqD2HJz14KQHl3pwuYceP6mxIAhinzPqtzuMNXgskoj7AY3TgAZ%2B1IZj0x2GKPIhmBqCmR3kZgeb8rPj1nkY9z3sRgXLPdiCoM8rlIKgtAQlJSglQVkQlP1qnysb2uoeV9YlwVkOz3KjGumiu0v3ddEVGQE1Qxhe7ean5NmZh3%2F8XsOmOKnFLZHESdpq0agRhiL0fRqKOO0wv5PGgiaw8vDy6lKj2WzfDiDtAqj1sC0n5LnXriKXE%2FLEF38ioUew6ghMPgPqXgAtK9CNCtvZYdBoxINBvdDgukJeLKLY8nbVKXl%2BxrH%2ByV8Q7NHrPzdmAWYq5KbCh%2FIhQVfdHd3UJdm7qUtLvl3PC9mT23T6zrcKWohzX74ltkpt%2BLUrdnj4BpsK0%2FL%2BO8IWazTjMuta8tWK5FyYVW2YIN9ds%2B%2BJ5IazGyvOZC5fu3F59VovN8JaqbMxqDxeme4xIU%2F%2F8MrsA1%2F84FdIM4ZxFXruETkLSH0Elu%2FA5nN6qwmMms8kuYfSVSMTJvNDJQmUmPc0qWD%2F0yfzemTo9DaV1a69i65ZAC3uIOtV6JsKfVWBqiGsOzcqcjPHSNTCKFFmYS9RRn0%2BM3lC1j8lsPKkFjcaPo06rSCOqYiTZthOo4BTGjajMIpoA4WdpNGTW38DAAD%2F%2FwEAAP%2F%2FqiBsa5oEAAA%3D HTTP/1.1
Host: dudleynutmeg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: u_pl=16578592; uid_id2=6eaa5988-a702-4ccd-86d7-201cd3e40af7:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec75eb7bf55a6322e200a2e7f9c09f7eab=[5212671,5212672]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 10:14:18 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6a08cddb5a41e70bbc71a30c90393680
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.barscreative1.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html | 45.133.44.4 | 200 OK | 3.7 kB |
URL GET HTTP/2cdn.barscreative1.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html IP45.133.44.4:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerLet's Encrypt Subjectcdn.barscreative1.com FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3 ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT
File typegzip compressed data, from Unix Hash68bbe3c48e9efe8254d7249b98acaee9 2e483abfe661f02138d17b5b881b08b028379a79 fac06ba3a36f87c076fa2dc8ddea20588ea3614ff3fc36b856d7b19b08e42318
GET /sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 10:14:18 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Tue, 29 Mar 2022 08:27:42 GMT
etag: W/"6242c2fe-ba1"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 04 May 2024 11:14:18 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| dudleynutmeg.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=88 | 192.243.59.13 | 200 OK | 0 B |
URL GET HTTP/1.1dudleynutmeg.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=88 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerLet's Encrypt Subjectdudleynutmeg.com Fingerprint62:D3:F0:A3:00:F3:7A:E7:CF:5D:4D:AE:08:F0:E9:8D:45:2E:0D:90 ValidityTue, 30 Apr 2024 15:24:37 GMT - Mon, 29 Jul 2024 15:24:36 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=88 HTTP/1.1
Host: dudleynutmeg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: u_pl=16578592; uid_id2=6eaa5988-a702-4ccd-86d7-201cd3e40af7:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec75eb7bf55a6322e200a2e7f9c09f7eab=[5212671,5212672]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 10:14:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/img/close.png | 172.67.141.24 | 200 OK | 6.0 kB |
URL GET HTTP/3cdn.creative-bars1.com/sb/chat/mob/ssp/1/img/close.png IP172.67.141.24:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typePNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced Hashc489ce2c491a22ee37a55e26a92dfd73 2fa588ab09e94dd902e5bd24b48f98ad1949c9d6 1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/chat/mob/ssp/1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:18 GMT
content-type: image/png
content-length: 5982
last-modified: Mon, 21 Feb 2022 08:25:06 GMT
etag: "62134c62-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 315354
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C611DG9yrQ0ayqY88Sts2gooQchv0bCEcRCIoXim5e66hikTEmz2Rdxt6rOxJfkuB8hZtYL%2FPgaGZBgm%2FKH0mszU9r23E6QN3Lpl0WMJ5Lrr2qtSbmEdY7S83inuQFFDWSmZQgZAOCUi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e7b91c3b4d56be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/script.js | 172.67.141.24 | 200 OK | 686 B |
URL GET HTTP/3cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/script.js IP172.67.141.24:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash4f5f05ab032dd8fc0db448fcf51a35e2 78f94f93fdb792d95ea3ac293ac1b8e3bc13d609 7fd8e9c0e5ca0c7123954a109fa8b7e8368c7e1262880925e2ac7b8c877a9e38
GET /sb/chat/mob/ssp/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:18 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 08:25:08 GMT
etag: W/"62134c64-17e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 308355
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pJhXwuK%2FRom6el5YEHnX0yCST3dw%2FGIvMqHtgOm12KUyRWGoAQq0dkme55U9WWb6sDF1znXq5FdGmpYKL%2F6j2JJtkOPghMErRJhM40Fdyl7u%2FJlT5hipMLDhA92%2Flhjz%2Bj3ojnO587Xe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e7b91c9bc056be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| dudleynutmeg.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=91 | 192.243.59.13 | 200 OK | 0 B |
URL GET HTTP/1.1dudleynutmeg.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=91 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerLet's Encrypt Subjectdudleynutmeg.com Fingerprint62:D3:F0:A3:00:F3:7A:E7:CF:5D:4D:AE:08:F0:E9:8D:45:2E:0D:90 ValidityTue, 30 Apr 2024 15:24:37 GMT - Mon, 29 Jul 2024 15:24:36 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=91 HTTP/1.1
Host: dudleynutmeg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: u_pl=16578592; uid_id2=6eaa5988-a702-4ccd-86d7-201cd3e40af7:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec75eb7bf55a6322e200a2e7f9c09f7eab=[5212671,5212672]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 10:14:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| www.1337xx.to/favicon.ico | 188.114.97.1 | 200 OK | 612 B |
URL GET HTTP/3www.1337xx.to/favicon.ico IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash769362362d52b0cfc3271ecb6dec43fb 9df2439bce4e08d28c14c37cd2f74fc678465b23 7d524db2f0ca2d20b89f7f197110cb9a5bbaea45b19939dc6e30dc366d20eb61
GET /favicon.ico HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=f1250720-9b06-4646-ac6b-32987bfbcf81%3A1%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:17 GMT
content-type: image/x-icon
last-modified: Wed, 22 Jun 2022 05:22:57 GMT
etag: W/"62b2a731-47e"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a6qECxPWDlwSkciD8JScUCQmRuNmXBYoLhBPVnmdZ0bRksK8Q7pUVB8VzFWNw%2BpFi%2BsGu81nEzTKeWOG%2FNGm%2Bg%2Bxs7CnxnLPVvjwUkFSCiypG6k2roqSb%2BfoYqpja8XG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b9163b47b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| unseenreport.com/pxf.gif?uuid=f1250720-9b06-4646-ac6b-32987bfbcf81&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=75eb7bf55a6322e200a2e7f9c09f7eab&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10 | 192.243.61.225 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=f1250720-9b06-4646-ac6b-32987bfbcf81&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=75eb7bf55a6322e200a2e7f9c09f7eab&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=f1250720-9b06-4646-ac6b-32987bfbcf81&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=75eb7bf55a6322e200a2e7f9c09f7eab&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 10:14:18 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bc71073b201e507e5b3b22ebb77defc9
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.cloudimagesb.com/si/05/df/df/05dfdf1479fcdecf5cb0e1650af9d701/1712888890.png | 45.133.44.10 | 200 OK | 70 kB |
URL GET HTTP/2cdn.cloudimagesb.com/si/05/df/df/05dfdf1479fcdecf5cb0e1650af9d701/1712888890.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash20e13b789cc58d0f36883ae6c91f2ca7 0a2801895b47935784acb30402525622743c3597 fbfb120ee38444011a9b1ac38721af490f157798ef489450595395603bce8f78
GET /si/05/df/df/05dfdf1479fcdecf5cb0e1650af9d701/1712888890.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 10:14:18 GMT
content-type: image/png
content-length: 70321
server: nginx/1.21.6
last-modified: Fri, 12 Apr 2024 02:28:18 GMT
etag: "66189c42-112b1"
expires: Mon, 06 May 2024 10:14:18 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/style.css | 172.67.141.24 | 200 OK | 1.1 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/style.css IP172.67.141.24:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash630f303dfe147dec2c4a226287393b69 3e9f8270b84e09595181bd55de6785a89f53ba10 967d085a33a12064d83cb38f582c3e418e021a2d523dd9597bb75dc00589fec7
GET /sb/chat/mob/ssp/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 10:14:18 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 08:25:04 GMT
etag: W/"62134c60-1209"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 319036
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OB00GIIJAeorHVXQD8OpZWCPBvL3RPM3ltGleDnAHagGg3UD0GGWrzsqTjm9RBhIJ3qiHilndYVW6NdZ%2F66BpjlrQ8VgsBmpSrZ3DwFSgV9mjx1%2BNjVOoFZOEE%2BU%2B8ov7qiFcQNxHNFT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e7b91baf40b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dudleynutmeg.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=97 | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1dudleynutmeg.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=97 IP172.240.127.234:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerLet's Encrypt Subjectdudleynutmeg.com Fingerprint62:D3:F0:A3:00:F3:7A:E7:CF:5D:4D:AE:08:F0:E9:8D:45:2E:0D:90 ValidityTue, 30 Apr 2024 15:24:37 GMT - Mon, 29 Jul 2024 15:24:36 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=97 HTTP/1.1
Host: dudleynutmeg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: u_pl=16578592; uid_id2=6eaa5988-a702-4ccd-86d7-201cd3e40af7:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec75eb7bf55a6322e200a2e7f9c09f7eab=[5212671,5212672]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 10:14:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| dudleynutmeg.com/pixel/sbs?c=1 | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1dudleynutmeg.com/pixel/sbs?c=1 IP172.240.127.234:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerLet's Encrypt Subjectdudleynutmeg.com Fingerprint62:D3:F0:A3:00:F3:7A:E7:CF:5D:4D:AE:08:F0:E9:8D:45:2E:0D:90 ValidityTue, 30 Apr 2024 15:24:37 GMT - Mon, 29 Jul 2024 15:24:36 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: dudleynutmeg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: u_pl=16578592; uid_id2=6eaa5988-a702-4ccd-86d7-201cd3e40af7:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec75eb7bf55a6322e200a2e7f9c09f7eab=[5212671,5212672]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 10:14:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| dudleynutmeg.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSv28cRRTHZx3TQAFEaRBCuoICUHze3fuxd0QI4SRGESaOEhBURPNrz4Nnd1Yzu7dnVxaRUKA6aGjX37NjGSIEfwARnCNRRELyUbnAHX8BUkSBAN1hcfCa995830if9535eLc4JSEKenLlbbOttKbLrbpfe%2Bn9ILhUW1NpMagNOu3b7ealmu2%2F2m3X%2FZdrb0q%2BaZZDP%2FD9wA9qq8rK2AyWpyJUdr8b1Lt%2BvRnWg1YTA%2Fv%2F3hUeHPUg%2BqfkPJSYLD70LkDxMdLkmyvSbeYmu3g1KTTNjUVfHLybbqamTJHMy9h6iNODs2kYd7z6ACbdn%2BHC9P8dZGpCvB8fgKUHZ5Bg%2Fb0ZJ9OQKZh4CmV%2FDKnHUHQMbu5AiWMCcIHr60iTe9eNLenWPyqdqhOy%2BPg3qHJCFn%2B5gDT5ekWrQe2W0UWuTOowiCuowRiqN0ZWHCHfXoAqj8Dzj6DET2T58RrSZG%2FdaQMlTl5sS0pb3U5niUZ%2BuNTkXCx12iJaCv2Ai4Zs%2BjSOZgYpNYaKx9ByCOrOoXAeCuWhiD0UmYdEnNR4EASRLzj1O13OGyKSrC38gEZxQAO%2F3UHBpzsMkWdDcD0EtzvI7A421WfHrfOwxfdwGxWc8OBygr6oUEqC0hGUlKBUBGVOUParfaFd6Kp7QruCBWc5PMuNamTy3i7dN3lPpgTUDmFFtZudkmdnHv7xew2b8qQWtSSLWNxq0XYjDGXo%2BzSUUdzlfjeOJGVw6vDy6lKj2ezcDqDcAqjzsK0m5LnXriJTE%2FLEF3%2BC0SM4fQSungEtXgAtK9CNCtvpYdBoRINBPTcQpkKWLyLf8nb1KXl%2BxrH%2ByV%2BQ%2FNHrPzdmAW4rZLbCh%2BohQU%2FfHd00Jdm7aUpHvl3PcpWobTp951s5zeW5L9%2BSW6Wx4toVNzx8g0%2BFaXn%2FHenyNZoKlfYc%2BWpFCSHtqrFcku%2Buufcku1G4jZXCpkW2duPy6rUks9I5ZdIxqDpeme4xIU%2F%2F8MrsA1%2F84FcoO4YtKiTFI3IWUOYIPNuBy%2Bb0zhBYPZ9hmYeyqEY2ZPNDrQi0nPeUVXD%2F6dm8Hlk6vU1VtevuomcXQPM7SJMKfVuhrytQPYQrzo3yzM4xmF4YMW0X9pi2%2BvOZyROy%2FimBUye1hi8iJmMZMdlsNWPJBWu1mM9jzhqi0%2BHI3SRuP7n1NwAAAP%2F%2FAQAA%2F%2F8q9LmDmgQAAA%3D%3D | 192.243.59.13 | 200 OK | 7 B |
URL GET HTTP/1.1dudleynutmeg.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSv28cRRTHZx3TQAFEaRBCuoICUHze3fuxd0QI4SRGESaOEhBURPNrz4Nnd1Yzu7dnVxaRUKA6aGjX37NjGSIEfwARnCNRRELyUbnAHX8BUkSBAN1hcfCa995830if9535eLc4JSEKenLlbbOttKbLrbpfe%2Bn9ILhUW1NpMagNOu3b7ealmu2%2F2m3X%2FZdrb0q%2BaZZDP%2FD9wA9qq8rK2AyWpyJUdr8b1Lt%2BvRnWg1YTA%2Fv%2F3hUeHPUg%2BqfkPJSYLD70LkDxMdLkmyvSbeYmu3g1KTTNjUVfHLybbqamTJHMy9h6iNODs2kYd7z6ACbdn%2BHC9P8dZGpCvB8fgKUHZ5Bg%2Fb0ZJ9OQKZh4CmV%2FDKnHUHQMbu5AiWMCcIHr60iTe9eNLenWPyqdqhOy%2BPg3qHJCFn%2B5gDT5ekWrQe2W0UWuTOowiCuowRiqN0ZWHCHfXoAqj8Dzj6DET2T58RrSZG%2FdaQMlTl5sS0pb3U5niUZ%2BuNTkXCx12iJaCv2Ai4Zs%2BjSOZgYpNYaKx9ByCOrOoXAeCuWhiD0UmYdEnNR4EASRLzj1O13OGyKSrC38gEZxQAO%2F3UHBpzsMkWdDcD0EtzvI7A421WfHrfOwxfdwGxWc8OBygr6oUEqC0hGUlKBUBGVOUParfaFd6Kp7QruCBWc5PMuNamTy3i7dN3lPpgTUDmFFtZudkmdnHv7xew2b8qQWtSSLWNxq0XYjDGXo%2BzSUUdzlfjeOJGVw6vDy6lKj2ezcDqDcAqjzsK0m5LnXriJTE%2FLEF3%2BC0SM4fQSungEtXgAtK9CNCtvpYdBoRINBPTcQpkKWLyLf8nb1KXl%2BxrH%2ByV%2BQ%2FNHrPzdmAW4rZLbCh%2BohQU%2FfHd00Jdm7aUpHvl3PcpWobTp951s5zeW5L9%2BSW6Wx4toVNzx8g0%2BFaXn%2FHenyNZoKlfYc%2BWpFCSHtqrFcku%2Buufcku1G4jZXCpkW2duPy6rUks9I5ZdIxqDpeme4xIU%2F%2F8MrsA1%2F84FcoO4YtKiTFI3IWUOYIPNuBy%2Bb0zhBYPZ9hmYeyqEY2ZPNDrQi0nPeUVXD%2F6dm8Hlk6vU1VtevuomcXQPM7SJMKfVuhrytQPYQrzo3yzM4xmF4YMW0X9pi2%2BvOZyROy%2FimBUye1hi8iJmMZMdlsNWPJBWu1mM9jzhqi0%2BHI3SRuP7n1NwAAAP%2F%2FAQAA%2F%2F8q9LmDmgQAAA%3D%3D IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerLet's Encrypt Subjectdudleynutmeg.com Fingerprint62:D3:F0:A3:00:F3:7A:E7:CF:5D:4D:AE:08:F0:E9:8D:45:2E:0D:90 ValidityTue, 30 Apr 2024 15:24:37 GMT - Mon, 29 Jul 2024 15:24:36 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSv28cRRTHZx3TQAFEaRBCuoICUHze3fuxd0QI4SRGESaOEhBURPNrz4Nnd1Yzu7dnVxaRUKA6aGjX37NjGSIEfwARnCNRRELyUbnAHX8BUkSBAN1hcfCa995830if9535eLc4JSEKenLlbbOttKbLrbpfe%2Bn9ILhUW1NpMagNOu3b7ealmu2%2F2m3X%2FZdrb0q%2BaZZDP%2FD9wA9qq8rK2AyWpyJUdr8b1Lt%2BvRnWg1YTA%2Fv%2F3hUeHPUg%2BqfkPJSYLD70LkDxMdLkmyvSbeYmu3g1KTTNjUVfHLybbqamTJHMy9h6iNODs2kYd7z6ACbdn%2BHC9P8dZGpCvB8fgKUHZ5Bg%2Fb0ZJ9OQKZh4CmV%2FDKnHUHQMbu5AiWMCcIHr60iTe9eNLenWPyqdqhOy%2BPg3qHJCFn%2B5gDT5ekWrQe2W0UWuTOowiCuowRiqN0ZWHCHfXoAqj8Dzj6DET2T58RrSZG%2FdaQMlTl5sS0pb3U5niUZ%2BuNTkXCx12iJaCv2Ai4Zs%2BjSOZgYpNYaKx9ByCOrOoXAeCuWhiD0UmYdEnNR4EASRLzj1O13OGyKSrC38gEZxQAO%2F3UHBpzsMkWdDcD0EtzvI7A421WfHrfOwxfdwGxWc8OBygr6oUEqC0hGUlKBUBGVOUParfaFd6Kp7QruCBWc5PMuNamTy3i7dN3lPpgTUDmFFtZudkmdnHv7xew2b8qQWtSSLWNxq0XYjDGXo%2BzSUUdzlfjeOJGVw6vDy6lKj2ezcDqDcAqjzsK0m5LnXriJTE%2FLEF3%2BC0SM4fQSungEtXgAtK9CNCtvpYdBoRINBPTcQpkKWLyLf8nb1KXl%2BxrH%2ByV%2BQ%2FNHrPzdmAW4rZLbCh%2BohQU%2FfHd00Jdm7aUpHvl3PcpWobTp951s5zeW5L9%2BSW6Wx4toVNzx8g0%2BFaXn%2FHenyNZoKlfYc%2BWpFCSHtqrFcku%2Buufcku1G4jZXCpkW2duPy6rUks9I5ZdIxqDpeme4xIU%2F%2F8MrsA1%2F84FcoO4YtKiTFI3IWUOYIPNuBy%2Bb0zhBYPZ9hmYeyqEY2ZPNDrQi0nPeUVXD%2F6dm8Hlk6vU1VtevuomcXQPM7SJMKfVuhrytQPYQrzo3yzM4xmF4YMW0X9pi2%2BvOZyROy%2FimBUye1hi8iJmMZMdlsNWPJBWu1mM9jzhqi0%2BHI3SRuP7n1NwAAAP%2F%2FAQAA%2F%2F8q9LmDmgQAAA%3D%3D HTTP/1.1
Host: dudleynutmeg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: u_pl=16578592; uid_id2=6eaa5988-a702-4ccd-86d7-201cd3e40af7:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec75eb7bf55a6322e200a2e7f9c09f7eab=[5212671,5212672]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 10:14:18 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 465df840bbbc076f6cb9d16052075063
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.67 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.67:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 2741
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.67 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.67:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 202758
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.1337xx.to/css/webfonts/oswald-light.woff | 188.114.97.1 | 200 OK | 23 kB |
URL GET HTTP/3www.1337xx.to/css/webfonts/oswald-light.woff IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeWeb Open Font Format, TrueType, length 22568, version 1.0 Hasha4d5b8f448ec86ddb2e57a2912a3fcd6 579df89a925a4e5e46d63fe5ad84492a810ed3be dc1e478c0ada70ebba3817df17ad49d0b288351d777cf6582dba4a5390be73e3
GET /css/webfonts/oswald-light.woff HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: application/font-woff
content-length: 22568
last-modified: Wed, 22 Jun 2022 05:25:46 GMT
etag: "62b2a7da-5828"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SquXJiI1fQt9TIjAHsc%2FvVJwFF0cFMq3gbPOftOm721Rmx2cgsUXTamQ9OYlPpoJ5zlQ84MhPcUSkdk6hHSRcPSngabDn4IAvMnfo7Vp0%2Bua446O2KKzIVo3EVz9J9OD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b9122eaab4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| downstairsnegotiatebarren.com/sfp.js | 172.67.180.87 | 200 OK | 86 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP172.67.180.87:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 10:14:17 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 3a6a0330fee46ede3ad88123583826d4
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 10:14:16 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FStxLzwOtP%2FjqKVk2mI9b2xBP342OHZwfHOAKa14LlfmLZCD2RlTZT8OCMP%2BPn0ojWYRH39sAexnWTpC9pRhMJ8pzgvJnXkyBkZkkFHN%2B9q%2B8jDvIW%2FL87irL1Aqo%2BrCROzoccnNTX53wZu0kUfcoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e7b913bf5856b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.138 | 200 OK | 7.0 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.138:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (7193), with no line terminators Hash16b49a99486594c0b42d9bd7821deb2c 2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a 3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 10:14:18 GMT
date: Sat, 04 May 2024 10:14:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.1337xx.to/static/js/pagination.js | 188.114.97.1 | 200 OK | 3.0 kB |
URL GET HTTP/3www.1337xx.to/static/js/pagination.js IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeJavaScript source, ASCII text, with very long lines (3079), with no line terminators Hash944d2b6146c4fb28fe31a23a35e64f06 c42d9b8961e312a6b129439b6c451de2d5210659 378d0a91ccab057c7b92d0ae0a9cc5764be1d55b376e85f357c1845636db0f38
GET /static/js/pagination.js HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 05:27:31 GMT
vary: Accept-Encoding
etag: W/"62b2a843-bcc"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qwLiWcEQlwQMjmIVcdw4mDdmUFd1RVlfAwztO1ciPFTVM%2F3dnFnxzQUIP0nT%2B7a67JgLwXqXT%2F33tFtcHbeYCECTp5gUq%2BeG2x75y%2B6OeQGS%2FssowCFCd%2FIL3iQxmYfs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b90f8b92b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/static/js/auto-searchv2.js | 188.114.97.1 | 200 OK | 716 B |
URL GET HTTP/3www.1337xx.to/static/js/auto-searchv2.js IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeJavaScript source, ASCII text, with very long lines (734), with no line terminators Hash7e0853a6cfd91001c9d0396a9fbb5b5c 6b1ae072c7d1172c1ac67e0b256b488fb1b6e214 dc5e6c646bbeaaecec35c9e6c4239ab84332f4aac8e74a62118c15c2b34eeadb
GET /static/js/auto-searchv2.js HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 05:27:20 GMT
etag: W/"62b2a838-2cc"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2sI47%2F%2FceNfyhnAfRHxkzO%2B%2FUcG%2FacoNG8v02apYt4N3HkvqCDKaMYeKSomnmZLSMq%2FZnzTkhMzKkcsKFt1mwb%2BbwJIXw30nknDZffQ2QOdOaeo96hJGJfxxaocP3ZHc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b90f7b69b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/static/js/modal.js | 188.114.97.1 | 200 OK | 10 kB |
URL GET HTTP/3www.1337xx.to/static/js/modal.js IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash8289720aa01982ad7b48c62b7f96dd93 7c5370aa27127c0cafb643b671dd2c9a906a8b8e a2589ffb2fd098b789870f1b48c8d83614c29df22739921ee3347d741b57dd4a
GET /static/js/modal.js HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 05:27:30 GMT
vary: Accept-Encoding
etag: W/"62b2a842-2857"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IZb81TRiQFR2I87UZ3FDR5GVfAYuzcjmwxbsItRqE6Y3nJbvDy0vqMruYSIHTuvRNqHJSPkNkW7u%2BlHVmXe8H0I0p5Sb2O5gDhD8qu0q9t2E6SOEum5j%2BFQ9qHgcJnJz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b90f8b95b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/static/css/jquery-ui.css?v=1.3 | 188.114.97.1 | 200 OK | 29 kB |
URL GET HTTP/3www.1337xx.to/static/css/jquery-ui.css?v=1.3 IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeASCII text, with very long lines (27411), with CRLF line terminators Hash316041ab3b238141b76d82ae38c16f1a e7b8969e26035b7331d9e3bbad44413dc6772c3f 2703365754030d176a91731daf96d79d7125e0c939a7b6cc704181ab2f7166c4
GET /static/css/jquery-ui.css?v=1.3 HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: text/css
last-modified: Wed, 22 Jun 2022 05:26:31 GMT
vary: Accept-Encoding
etag: W/"62b2a807-71ce"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ffPixQZnpoSs%2F1WlF5LsmvpEqbScvtfSV%2FtXZVzm8N1qOJx7oap5zloI5hbk1iL0bKNpw1osX1ESlFXi%2BOyYu24kcciO4W5MUezpxGFXXxzDFKM0frdwyONlBAMVVB0O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b90f5b33b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/static/js/lazyload.min.js | 188.114.97.1 | 200 OK | 3.4 kB |
URL GET HTTP/3www.1337xx.to/static/js/lazyload.min.js IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeJavaScript source, ASCII text, with very long lines (3454), with no line terminators Hash60d2900c5bd77480d72c87a0757e53a4 a14ab5f1d902491ad7d9e0be7f7df2d2047a587f d86dbcd6ce632288c61916f31f7df15a4570d569cfb3d2017bec1193d86c2a5f
GET /static/js/lazyload.min.js HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 05:27:28 GMT
vary: Accept-Encoding
etag: W/"62b2a840-d35"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=71g3uM37wIDILr%2BXiYKEVOlXWDlsKQSAFNwyIqcZacbqmZ9SVOIsTCNxru3sDzrxGInyb3yVjiYvh6e1LNfbenAMLgkzD9CIe0DQ4GVdwhcTKSUQEg6SEgTFkwgHhgof"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b90f8b90b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/css/webfonts/opensans-regular.woff | 188.114.97.1 | 200 OK | 23 kB |
URL GET HTTP/3www.1337xx.to/css/webfonts/opensans-regular.woff IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeWeb Open Font Format, TrueType, length 22660, version 1.0 Hash79515ad0788973c533405f7012dfeccd 5092881fad2caffdc6bf71bdab1ea547b73d3564 22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40
GET /css/webfonts/opensans-regular.woff HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: application/font-woff
content-length: 22660
last-modified: Wed, 22 Jun 2022 05:25:44 GMT
etag: "62b2a7d8-5884"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IT9NeEBSOdZjAEzT3h8RCLL156i0DIN3BebKGf4Y6u3ObtvqlERu8ObIv0JlJRthhXtfsxKZK1JUQNQ01U67xEYRPdOStXoOs0450oN%2FWvjy4EizFp3UFP0uJBzmWM1X"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b9108cb7b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/static/css/icons.css?v=1.3 | 188.114.97.1 | 200 OK | 8.3 kB |
URL GET HTTP/3www.1337xx.to/static/css/icons.css?v=1.3 IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeASCII text, with very long lines (8886), with no line terminators Hash03a7d25cbaa604c87875716deeb2da04 c47032142d8a0d788df4b96cdeb522add38e3c66 59996ec83d1cd237295189dd8f91492e20f689f61ed374fdf95859f9c740937f
GET /static/css/icons.css?v=1.3 HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: text/css
last-modified: Wed, 22 Jun 2022 05:26:31 GMT
vary: Accept-Encoding
etag: W/"62b2a807-208d"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kMvE6hJjuJ9to2ob%2Fv0stHFJOkIWAn0tyKHm6%2FC%2FwAIKQ5xEyYfWJxOswJCCHGzIlBXTgYwNFL6EFaJKz5g6jTKZxKJ%2F5srnPQH2IJiXqvpDfH%2F2XeqgKLYzj%2FIwXo24"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b90f5b37b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/static/js/equalheight.js | 188.114.97.1 | 200 OK | 307 B |
URL GET HTTP/3www.1337xx.to/static/js/equalheight.js IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeJavaScript source, ASCII text, with very long lines (307), with no line terminators Hashc5400113e82af2006936f4da906de973 4fcb2efc6c62d22351539de5120b971195727cb9 dfcfd312395fac51053cb661b4bece35f269d95ebbdfcd9f63a878eccef60396
GET /static/js/equalheight.js HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 05:27:22 GMT
etag: W/"62b2a83a-133"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WsPrSZZdVngda6RbdbdqpJiAZMpUQPMGktiRZ9w%2BmZE1FGlkOaSCl0Bp4GDEJmoI8jFY2AmodUaoUvGYLzeepKO0E%2B3Mxpzt5ptoubb6rmwFb3yBrm0bGFEJMCeBSzcx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b90f7b74b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/images/logo.svg | 188.114.97.1 | 200 OK | 4.0 kB |
URL GET HTTP/3www.1337xx.to/images/logo.svg IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeSVG Scalable Vector Graphics image Hash7ad8a17064571d19b20ad2aa318d97c9 e4e416920d107269697cf9bb12677997aefd58f2 d15f260bd32ff788ba0770c8b8e9d4288491379d30200fddbf2e036c13eb1477
GET /images/logo.svg HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: image/svg+xml
last-modified: Wed, 22 Jun 2022 05:23:45 GMT
etag: W/"62b2a761-f94"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8JnX8R2BXdL6%2Bpsc%2Fsg4vUC5Ob3Tk1dFt7Ackp6Bfm%2Fgou1nJgsqF8R%2Fy3Pu7SICPPFrT6DFj2baRkU6bf%2FTC0EeiYFBezeV8W9Ue%2FC4eiPhU%2BXjWYV8ZzaY%2F6vNE06O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b90f6b52b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.akamai.steamstatic.com/steam/apps/804760/ss_52d50c95daba86788820ca9d2cd561729f58e18b.600x338.jpg | 23.36.76.241 | 200 OK | 54 kB |
URL GET HTTP/1.1cdn.akamai.steamstatic.com/steam/apps/804760/ss_52d50c95daba86788820ca9d2cd561729f58e18b.600x338.jpg IP23.36.76.241:443 ASN#20940 Akamai International B.V.
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerLet's Encrypt Subjectcdn.akamai.steamstatic.com FingerprintE0:5D:52:B1:76:EB:D8:4A:30:6F:25:76:22:B1:31:81:41:54:C4:74 ValidityThu, 04 Apr 2024 17:02:56 GMT - Wed, 03 Jul 2024 17:02:55 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 38x38, segment length 16, baseline, precision 8, 600x337, components 3 Hashe4f2da6a2ec26b337a937651af4e906a 116a127e525f95822fcb5fc89929c668332beedb 863d88c964ab4b0ab6e9d4d0d2c77d651329a7a7c80c0e11af4dac7b089f0357
GET /steam/apps/804760/ss_52d50c95daba86788820ca9d2cd561729f58e18b.600x338.jpg HTTP/1.1
Host: cdn.akamai.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Mon, 05 Mar 2018 15:36:44 GMT
ETag: "5a9d640c-d3b1"
Server: nginx
Access-Control-Allow-Origin: *
Content-Type: image/jpeg
Content-Length: 54193
Accept-Ranges: bytes
Cache-Control: public, max-age=88373
Expires: Sun, 05 May 2024 10:47:09 GMT
Date: Sat, 04 May 2024 10:14:16 GMT
Connection: keep-alive
|
|
| downstairsnegotiatebarren.com/sfp.js | 172.67.180.87 | 200 OK | 86 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP172.67.180.87:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 10:14:17 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: d1e97ad3b2ad175c7d3e3d2b26e66c9d
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 10:14:16 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h8K81ml905ahLpQx9zXPSDd0nRvYnx3IDe4vMTbdXsCoAfkYphj%2Bsu74ehVR2NW3TzUQ%2F6YoWphikRWwPbMu1WM92LYv4Ura%2FzXZdzjie9AmU4I5DRomLHtdmGhWQe9XqFxnh6ykWcywigKt2pO3ow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e7b913bf5c56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| unseenreport.com/pxf.gif?uuid=f1250720-9b06-4646-ac6b-32987bfbcf81&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=bd6c3375a35d155e03aef20bbbe563ea&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10 | 192.243.61.225 | 200 OK | 0 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=f1250720-9b06-4646-ac6b-32987bfbcf81&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=bd6c3375a35d155e03aef20bbbe563ea&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=f1250720-9b06-4646-ac6b-32987bfbcf81&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=bd6c3375a35d155e03aef20bbbe563ea&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 10:14:18 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f4e98b1a546bcee00db549fc951b76d9
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.akamai.steamstatic.com/steam/apps/804760/ss_0f83d7c07a959fbeb7f13cb83d317ee5788a9c5d.600x338.jpg | 23.36.76.241 | 200 OK | 75 kB |
URL GET HTTP/1.1cdn.akamai.steamstatic.com/steam/apps/804760/ss_0f83d7c07a959fbeb7f13cb83d317ee5788a9c5d.600x338.jpg IP23.36.76.241:443 ASN#20940 Akamai International B.V.
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerLet's Encrypt Subjectcdn.akamai.steamstatic.com FingerprintE0:5D:52:B1:76:EB:D8:4A:30:6F:25:76:22:B1:31:81:41:54:C4:74 ValidityThu, 04 Apr 2024 17:02:56 GMT - Wed, 03 Jul 2024 17:02:55 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 38x38, segment length 16, baseline, precision 8, 600x337, components 3 Hash0f0da641d22bf49ea61a5920081a8f29 59f702a53ca9fed6302d84fcf4281ab1d42ae3b8 c0a99124ec9d7ceb9f79e4537bacfa348103e26755327b5b742185b9d491cec8
GET /steam/apps/804760/ss_0f83d7c07a959fbeb7f13cb83d317ee5788a9c5d.600x338.jpg HTTP/1.1
Host: cdn.akamai.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Mon, 05 Mar 2018 15:36:44 GMT
ETag: "5a9d640c-12355"
Server: nginx
Access-Control-Allow-Origin: *
Content-Type: image/jpeg
Content-Length: 74581
Accept-Ranges: bytes
Cache-Control: public, max-age=47940
Expires: Sat, 04 May 2024 23:33:16 GMT
Date: Sat, 04 May 2024 10:14:16 GMT
Connection: keep-alive
|
|
| www.1337xx.to/css/webfonts/oswald-regular.woff | 188.114.97.1 | 200 OK | 25 kB |
URL GET HTTP/3www.1337xx.to/css/webfonts/oswald-regular.woff IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeWeb Open Font Format, TrueType, length 25248, version 1.0 Hash77f9ec053e5256b45207e37effb5a1b1 b881bffa5a7dd80494d621ec6f72c3f5545448f3 c5bccac5053a0089da4fb1a1693579ed4893a75b8fdc1c4f43a9151a2a9fb754
GET /css/webfonts/oswald-regular.woff HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: application/font-woff
content-length: 25248
last-modified: Wed, 22 Jun 2022 05:25:48 GMT
etag: "62b2a7dc-62a0"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8M6T38gMKZMou7XO8EVKwMWsYdCw1gYw9wrwaoyw0XfYBHEDFhcCciI2fm4wsYpl87hVWk94XM8YjBsVK7oiMrZlFvVYOBANKBRY28jvZ1jpdGsW2EXK9czTJ%2BZ3PnQc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b9108cbbb4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/animate.css | 172.67.141.24 | 200 OK | 79 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/animate.css IP172.67.141.24:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hashfc638645a938f69e69360c75335ffd1a 143132fb8361c3ad0acf88cb70bf0b07c0ecc2d4 7ef76aab275d0221c68602d18f81b4285b280756f0f71d535ed8b5b889bc2f90
GET /sb/chat/mob/ssp/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1337xx.to
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 10:14:18 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 08:25:04 GMT
etag: W/"62134c60-135d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 308355
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=021om2wV5J%2FJtXaF1aK1A5%2FScOdu70j2cRjptXdohGqtNVPWwSSEnUU8NfS16xwdl5tV3CIxgWj0RisO8%2BLDHWUBbsuVSi0JhNy98L3AeSK%2BLn2SK%2Bt3CIlCceptibGa4l7ENU7H0xbT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e7b91baf47b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.1337xx.to/static/css/torrent.css | 188.114.97.1 | 200 OK | 2.5 kB |
URL GET HTTP/3www.1337xx.to/static/css/torrent.css IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeASCII text, with very long lines (2665), with no line terminators Hash57123b93bf2966605efa018f2ea675cd f71a3f02ae6c6b2a756b5e3aa5da350e7549595f 73df6f77191d3da5e00460867c13489e701075ebd93b8927c5dc4e680ca3e03d
GET /static/css/torrent.css HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: text/css
last-modified: Wed, 22 Jun 2022 05:26:38 GMT
vary: Accept-Encoding
etag: W/"62b2a80e-9ac"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WE2f%2Blnijchv8r409bQAUk3sdxGwJKxPBVrU%2Fik2TXfpl7fXUx8fvc00Ltj7jYxRDr9g61ZKvIRNOailT8z5Tz%2BQTCbTl1bDbTR8XAXevjuGuu7mT9yhCshYxnbYD%2Fln"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b90f6b4db4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/jquery.min.js | 172.67.141.24 | 200 OK | 90 kB |
URL GET HTTP/3cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/jquery.min.js IP172.67.141.24:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hash561acb3e541133bbdd2c0c19f8ee35a1 ffd1353cf3f77d25f801c84d8208613eb0d3d548 9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc
GET /sb/chat/mob/ssp/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:18 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 08:25:09 GMT
etag: W/"62134c65-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 323802
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dPTe3YNhvNQO9xmTZLrl1pjgomY3d45YxCcyCYVV6hh11C4h5ycoMoBwe5PHOF1OoX87c2p8L5HlymChdL8boPd4b7sON9YMNpfPpYLTD3RKZ1K6D7d%2Fxq1QBFzoQEXgw4ygEyX8p0zd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e7b91c3b4f56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/css/images/body-bg.jpg | 188.114.97.1 | 200 OK | 2.5 kB |
URL GET HTTP/3www.1337xx.to/css/images/body-bg.jpg IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3 Hash57176455b267a90c419d442f311cab4a 8ce7305a8e73bf2cea887b1b011c349e41b426d3 44411fdbd6a244c923866126c233c854cae07718591506d315a86e34e159f20b
GET /css/images/body-bg.jpg HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: image/jpg; charset=utf-8
content-length: 2454
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6dM33gQ5Nyh5SPJfPCyvarPZrdkKWRbNldW22UQG3MTHRXO%2F%2B6SJCukj928csbpZUWcsreO3wLUwmp9GaMp2cUd2CZMgzw94xn1ekaJnHHrnfcKtAVxWHrQgAuVq%2BN04"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b9107cb2b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.akamai.steamstatic.com/steam/apps/804760/ss_eab763cb5c3cabb1da3fffd041a2b84ce85fcf74.600x338.jpg | 23.36.76.241 | 200 OK | 52 kB |
URL GET HTTP/1.1cdn.akamai.steamstatic.com/steam/apps/804760/ss_eab763cb5c3cabb1da3fffd041a2b84ce85fcf74.600x338.jpg IP23.36.76.241:443 ASN#20940 Akamai International B.V.
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerLet's Encrypt Subjectcdn.akamai.steamstatic.com FingerprintE0:5D:52:B1:76:EB:D8:4A:30:6F:25:76:22:B1:31:81:41:54:C4:74 ValidityThu, 04 Apr 2024 17:02:56 GMT - Wed, 03 Jul 2024 17:02:55 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 38x38, segment length 16, baseline, precision 8, 600x337, components 3 Hashdc07e6486d46be9fc172123472d07573 ab2a81f44bd04460073d1fa36852cd0d4beb4bc1 0361cb0cffeb511f1880d86aecc1d3eeb0f079e50a8261f99b93d5f767c0d5c8
GET /steam/apps/804760/ss_eab763cb5c3cabb1da3fffd041a2b84ce85fcf74.600x338.jpg HTTP/1.1
Host: cdn.akamai.steamstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Last-Modified: Mon, 05 Mar 2018 15:36:43 GMT
ETag: "5a9d640b-c900"
Access-Control-Allow-Origin: *
Content-Type: image/jpeg
Content-Length: 51456
Accept-Ranges: bytes
Cache-Control: public, max-age=96608
Expires: Sun, 05 May 2024 13:04:24 GMT
Date: Sat, 04 May 2024 10:14:16 GMT
Connection: keep-alive
|
|
| dudleynutmeg.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=15 | 192.243.59.13 | 200 OK | 0 B |
URL GET HTTP/1.1dudleynutmeg.com/pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=15 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerLet's Encrypt Subjectdudleynutmeg.com Fingerprint62:D3:F0:A3:00:F3:7A:E7:CF:5D:4D:AE:08:F0:E9:8D:45:2E:0D:90 ValidityTue, 30 Apr 2024 15:24:37 GMT - Mon, 29 Jul 2024 15:24:36 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.18.6785&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=15 HTTP/1.1
Host: dudleynutmeg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/
Cookie: u_pl=16578592; uid_id2=6eaa5988-a702-4ccd-86d7-201cd3e40af7:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec75eb7bf55a6322e200a2e7f9c09f7eab=[5212671,5212672]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 10:14:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| www.1337xx.to/css/images/main-bg.png | 188.114.97.1 | 200 OK | 130 kB |
URL GET HTTP/3www.1337xx.to/css/images/main-bg.png IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typePNG image data, 935 x 788, 8-bit/color RGBA, non-interlaced Size130 kB (129988 bytes) Hash8fc059a7e1758ad0c0e17be4b0575b93 df3d910563829c3b2e6fb0767038f75af4d4fcbd 6be2d61547095ffeb30a1fd03fd7d6aba9009edc719144812c5610bd2e27fb97
GET /css/images/main-bg.png HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/css/style9.952e1c4f6e649c835aa0b27f7e583caf.css?v=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: image/png; charset=utf-8
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A3SyR0NIVbPKPIm9hzAJZ8J5AWsaKTGZDQus0PQniZwTDYRZ7%2FnD918UmItoTnAdPfrAWE23hySQ9daF7nBTcRpwjAicCPsDRcSGqTPpaFzytsUMgYy1nB9UeF2O74T0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b9108cb6b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/static/js/scrollbar.js | 188.114.97.1 | 200 OK | 40 kB |
URL GET HTTP/3www.1337xx.to/static/js/scrollbar.js IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeJavaScript source, ASCII text, with very long lines (2564) Hasha9dbd5c265a5fbb9c24df23438b5492d f05001780b0223d840b7ec19221ac21bd659fa58 027643f8d1ed4fad0eb9f35c0a4909e60385a799f45091cf9ba6a3aa8877197b
GET /static/js/scrollbar.js HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 05:27:34 GMT
vary: Accept-Encoding
etag: W/"62b2a846-9d1d"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HtZa8Z41N9gIyqMGfaz%2FFCcOBepavo6TKYSwcx6eZ%2FO4SohCfPbuwmtGc8rQKMbB4bLRi6XPTtgI47g6IXClZy4AizLqRNY0eK%2BCA4B3znZ7KMEmxxP9nSzTD72Pncdg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b90f7b7eb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/static/css/fancySelect.css?v=1.3 | 188.114.97.1 | 200 OK | 4.3 kB |
URL GET HTTP/3www.1337xx.to/static/css/fancySelect.css?v=1.3 IP188.114.97.1:443
Requested byhttps://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeASCII text, with very long lines (4632), with no line terminators Hash53c1791dc3336e0a63ef55543784dfd9 99402c02f48ff465f35ec9cf44115f00f6832f4f 517e93e8e1c37a3a770c086f53b333d037af5098a8e0c08ebb5978e45827d067
GET /static/css/fancySelect.css?v=1.3 HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 10:14:16 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ksNBS1LeaRdfhEThHW4eqmSP56QLLqWi0HVpmxVOnp0WpOrY89j4n7UD1857QtoPFfuMAwXDPT8T3kqdlP3jBSr5BPgtOSb6IhA5XdzUMhgOWINlEeACbyqPZJtd53vn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b90f5b38b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ | 188.114.97.1 | 200 OK | 20 kB |
URL User Request GET HTTP/2www.1337xx.to/torrent/2876384/Turmoil-The-Heat-Is-On/ IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subject1337xx.to FingerprintF9:CB:3E:19:21:2C:5B:61:D3:94:19:71:A6:B0:4A:96:AB:2A:0C:A5 ValiditySun, 10 Mar 2024 10:13:49 GMT - Sat, 08 Jun 2024 10:13:48 GMT
File typeHTML document, ASCII text, with very long lines (1262), with CRLF, LF line terminators Hash0ef9f6dce8bbd1ff536b09b1517cbacd caf8ee10dc49a50324e8af823bb01991171a780d 40e66524d9d6140795298de69e0ca99d5a941930754f37a04c789b6365f47e1a
GET /torrent/2876384/Turmoil-The-Heat-Is-On/ HTTP/1.1
Host: www.1337xx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 10:14:15 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.36
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5BVbDuYZAJnl9LJteGERL3sq9nFDj3ZnOgw8y68PV610KXOl%2BcGmYb5QueCK8dkOf4BNaNzqT%2FfjLnmgPu1lrEEAp480AG2XJbvxHIxadSTrdfhyOkPu4GRCMPPpKfV%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7b90cef081c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|