Overview

URL 1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/
IP172.67.147.182
ASNCLOUDFLARENET
Location United States
Report completed2022-09-27 22:28:32 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-27 2 1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x26 (...) Malware
2022-09-27 2 glimtors.net/ntfc.php?p=2651991 Malware
2022-09-27 2 1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x26 (...) Malware
2022-09-27 2 glimtors.net/ntfc.php?p=2651991 Malware
2022-09-27 2 1337x.theproxy.best/sw.js Malware
2022-09-27 2 inpagepush.com/400/3064505 Malware
2022-09-27 2 1337x.theproxy.best/js/auto-searchv2.js Malware
2022-09-27 2 1337x.theproxy.best/js/equalheight.js Malware
2022-09-27 2 1337x.theproxy.best/js/jquery-1.11.0.min.js Malware
2022-09-27 2 1337x.theproxy.best/js/tab.js Malware
2022-09-27 2 1337x.theproxy.best/js/scrollbar.js Malware
2022-09-27 2 1337x.theproxy.best/js/lazyload.min.js Malware
2022-09-27 2 1337x.theproxy.best/js/pagination.js Malware
2022-09-27 2 1337x.theproxy.best/js/modal.js Malware
2022-09-27 2 1337x.theproxy.best/js/comment.js Malware
2022-09-27 2 1337x.theproxy.best/js/main9.d75f68f599f4db5a9ed621a398f35232.js Malware
2022-09-27 2 1337x.theproxy.best/app/apx14.js Malware
2022-09-27 2 1337x.theproxy.best/app/apx19.js Malware
2022-09-27 2 1337x.theproxy.best/hy.js?q22q2q2 Malware
2022-09-27 2 1337x.theproxy.best/app/x12.js Malware
2022-09-27 2 1337x.theproxy.best/zpp/zpp4.js?q22q2q2 Malware
2022-09-27 2 1337x.theproxy.best/css/webfonts/opensans-bold.woff Malware
2022-09-27 2 1337x.theproxy.best/css/webfonts/oswald-regular.woff Malware
2022-09-27 2 1337x.theproxy.best/css/webfonts/Flaticon.woff Malware
2022-09-27 2 1337x.theproxy.best/css/webfonts/oswald-bold.woff Malware
2022-09-27 2 1337x.theproxy.best/css/webfonts/opensans-regular.woff Malware
2022-09-27 2 1337x.theproxy.best/js/jquery-ui.js Malware
2022-09-27 2 1337x.theproxy.best/css/webfonts/oswald-light.woff Malware
2022-09-27 2 glimtors.net/ntfc.php?p=2651991 Malware
2022-09-27 2 1337x.theproxy.best/images/profile-load.svg Malware
2022-09-27 2 1337x.theproxy.best/helper-js/ Malware
2022-09-27 2 1337x.theproxy.best/images/logo.svg Malware
2022-09-27 2 glimtors.net/custom Malware
2022-09-27 2 glimtors.net/custom Malware
2022-09-27 2 glimtors.net/pfe/current/defaultSkin.min.js Malware
2022-09-27 2 glimtors.net/custom Malware
2022-09-27 2 glimtors.net/custom Malware
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-27 2 benumelan.com Sinkholed
2022-09-27 2 borrowdefeat.com Sinkholed
2022-09-27 2 rndskittytor.com Sinkholed
2022-09-27 2 benumelan.com Sinkholed
2022-09-27 2 benumelan.com Sinkholed
2022-09-27 2 benumelan.com Sinkholed
2022-09-27 2 benumelan.com Sinkholed
2022-09-27 2 benumelan.com Sinkholed
2022-09-27 2 fleraprt.com Sinkholed
2022-09-27 2 benumelan.com Sinkholed
2022-09-27 2 unphionetor.com Sinkholed
2022-09-27 2 reapinject.com Sinkholed
2022-09-27 2 unphionetor.com Sinkholed
2022-09-27 2 reapinject.com Sinkholed
2022-09-27 2 rndskittytor.com Sinkholed
2022-09-27 2 unseenreport.com Sinkholed
2022-09-27 2 reapinject.com Sinkholed
2022-09-27 2 reapinject.com Sinkholed
2022-09-27 2 reapinject.com Sinkholed
2022-09-27 2 reapinject.com Sinkholed
2022-09-27 2 rndskittytor.com Sinkholed
2022-09-27 2 rndskittytor.com Sinkholed
2022-09-27 2 benumelan.com Sinkholed


Files

URL glimtors.net/custom
IP  139.45.197.251
Magic gzip compressed data, max compression\012- data
Size 846
MD5 74f02c5dfc9a37974ffb82c7e527832b
SHA1 2a8866b6780c0948058a0d46cac9cab251307078
SHA256 ee1a68b331ab08dfd881eddd980a91fdc84d61f7758498b507080562048045ac
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (48)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS reswsentativ.xyz (7) 0 2022-09-18 06:49:11 UTC 2022-09-27 21:02:47 UTC 104.21.94.209 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-27 05:14:54 UTC 54.148.17.90
mnemonic passive DNS unphionetor.com (2) 54035 2022-02-11 12:53:49 UTC 2022-09-27 15:05:17 UTC 139.45.197.236
mnemonic passive DNS 1337x.theproxy.best (42) 0 2022-08-06 12:53:27 UTC 2022-09-27 12:11:20 UTC 104.21.28.218 Unknown ranking
mnemonic passive DNS cdn.pncloudfl.com (1) 13313 2021-06-07 14:28:03 UTC 2022-09-27 16:17:56 UTC 104.22.59.221
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-27 05:00:30 UTC 104.18.21.226
mnemonic passive DNS benumelan.com (8) 0 2022-09-20 16:35:46 UTC 2022-09-27 16:39:21 UTC 139.45.197.239 Unknown ranking
mnemonic passive DNS d2ers4gi7coxau.cloudfront.net (6) 0 2022-07-04 09:48:45 UTC 2022-09-12 15:56:26 UTC 143.204.42.65 Unknown ranking
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.100
mnemonic passive DNS simplewebanalysis.com (1) 0 2022-02-25 04:06:25 UTC 2022-09-27 20:23:39 UTC 3.66.118.16 Unknown ranking
mnemonic passive DNS dozubatan.com (10) 33479 2021-05-18 14:02:27 UTC 2022-09-27 18:59:40 UTC 139.45.197.237
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-09-27 13:22:33 UTC 34.120.237.76
mnemonic passive DNS hatsheisaco.xyz (4) 0 2022-09-18 19:36:40 UTC 2022-09-27 18:56:33 UTC 143.204.55.30 Unknown ranking
mnemonic passive DNS glimtors.net (11) 168336 2021-04-05 07:54:50 UTC 2022-09-27 16:11:38 UTC 139.45.197.251
mnemonic passive DNS unseenreport.com (1) 0 2022-03-30 14:33:17 UTC 2022-09-27 18:57:09 UTC 192.243.61.227 Unknown ranking
mnemonic passive DNS pogothere.xyz (4) 0 2022-09-04 19:11:25 UTC 2022-09-27 12:45:27 UTC 172.64.198.35 Unknown ranking
mnemonic passive DNS offerimage.com (2) 304078 2019-06-10 11:11:53 UTC 2022-09-27 20:31:39 UTC 172.67.22.216
mnemonic passive DNS my.rtmark.net (2) 9054 2017-08-22 14:11:49 UTC 2022-09-27 14:07:47 UTC 139.45.195.8
mnemonic passive DNS cdn.itskiddoan.club (2) 24539 2021-09-23 10:55:49 UTC 2022-09-27 20:31:41 UTC 139.45.197.236
mnemonic passive DNS cdn.yourwebbars.com (1) 62037 2021-01-29 17:47:27 UTC 2022-09-27 20:39:51 UTC 104.26.7.19
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-27 16:37:28 UTC 142.250.74.10
mnemonic passive DNS creepingbrings.com (1) 0 2022-05-27 14:56:26 UTC 2022-09-27 17:56:50 UTC 172.64.198.30 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-27 04:52:33 UTC 34.117.237.239
mnemonic passive DNS ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-09-27 04:53:14 UTC 142.250.74.3
mnemonic passive DNS borrowdefeat.com (1) 0 2022-09-12 08:11:50 UTC 2022-09-26 21:51:09 UTC 192.243.61.225 Unknown ranking
mnemonic passive DNS fonts.gstatic.com (2) 0 2014-08-29 13:43:22 UTC 2022-09-27 04:53:14 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS mc.yandex.ru (2) 2672 2017-01-29 05:34:36 UTC 2022-09-27 16:04:45 UTC 77.88.21.119
mnemonic passive DNS cdn.cloudimagesb.com (1) 23099 2021-02-12 16:15:41 UTC 2022-09-27 14:12:30 UTC 45.133.44.10
mnemonic passive DNS metrica-yandex.com (1) 783336 2021-09-19 04:17:37 UTC 2022-09-24 11:37:13 UTC 172.67.193.32
mnemonic passive DNS r3.o.lencr.org (13) 344 2020-12-02 08:52:13 UTC 2022-09-27 04:52:25 UTC 23.36.77.32
mnemonic passive DNS e1.o.lencr.org (12) 6159 2021-08-20 07:36:30 UTC 2022-09-27 05:36:01 UTC 23.36.76.226
mnemonic passive DNS cdn.sb4you1.com (3) 22321 2021-09-16 11:26:58 UTC 2022-09-27 17:56:53 UTC 172.64.200.2
mnemonic passive DNS stunningruin.com (1) 0 2022-09-15 09:20:52 UTC 2022-09-27 18:37:33 UTC 213.174.151.100 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-27 14:55:40 UTC 143.204.55.115
mnemonic passive DNS ocsp.digicert.com (8) 86 2012-05-21 07:02:23 UTC 2022-09-27 21:28:46 UTC 93.184.220.29
mnemonic passive DNS rndskittytor.com (4) 31865 2021-08-10 13:00:55 UTC 2022-09-27 15:28:09 UTC 139.45.197.238
mnemonic passive DNS ecma.sidebyz.com (1) 775739 2021-06-12 20:50:40 UTC 2022-09-24 11:36:59 UTC 172.67.167.53
mnemonic passive DNS tzegilo.com (1) 0 2022-01-14 15:27:15 UTC 2022-09-27 17:50:47 UTC 104.21.84.149 Unknown ranking
mnemonic passive DNS fleraprt.com (1) 0 2022-01-14 22:55:14 UTC 2022-09-27 15:22:08 UTC 139.45.195.254 Unknown ranking
mnemonic passive DNS interstitial-07.com (3) 36198 2017-03-09 00:00:07 UTC 2022-09-27 18:40:03 UTC 139.45.197.153
mnemonic passive DNS reapinject.com (6) 0 2022-08-25 13:04:49 UTC 2022-09-27 20:39:49 UTC 192.243.59.12 Unknown ranking
mnemonic passive DNS inpagepush.com (3) 78279 2019-12-03 20:32:41 UTC 2022-09-27 16:20:53 UTC 139.45.197.237
mnemonic passive DNS www.facebook.com (1) 99 2017-01-30 05:00:00 UTC 2022-09-27 04:38:43 UTC 157.240.200.35
mnemonic passive DNS i.imgur.com (1) 5110 2012-05-21 08:09:36 UTC 2022-09-27 06:19:23 UTC 151.101.84.193
mnemonic passive DNS matomo.hellohi.me (4) 545402 2019-07-03 20:13:04 UTC 2022-09-24 11:36:59 UTC 104.21.94.42
mnemonic passive DNS ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-09-27 20:01:39 UTC 172.64.155.188
mnemonic passive DNS accounts.google.com (2) 81 2016-09-05 09:39:47 UTC 2022-09-27 05:15:43 UTC 216.58.207.237
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-27 05:14:54 UTC 143.204.55.110


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 172.67.147.182

Date UQ / IDS / BL URL IP
2022-09-27 22:28:32 +0000
0 - 0 - 60 1337x.theproxy.best/torrent/1116615/The-Walki (...) 172.67.147.182

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-09 23:09:55 +0000
0 - 0 - 4 cba-helpcentre.info/a1b2c3/5b12c7cf1995fb5bd7 (...) 104.21.33.36
2022-12-09 23:06:24 +0000
0 - 0 - 1 night-of-dream.com/ 104.21.10.194
2022-12-09 23:05:46 +0000
0 - 0 - 4 wildfungames.com/land/rou?campaign=ThIi&web=1 (...) 104.26.5.134
2022-12-09 23:05:34 +0000
0 - 0 - 3 authenticatie.ri13hzt2p0g8.me/b2n/a1b2c3/74b2 (...) 172.67.218.16
2022-12-09 23:02:07 +0000
0 - 0 - 2 nsfw.xxx/search?q=nude+mini+loona+videos 104.21.233.153

Last 1 reports on domain: theproxy.best

Date UQ / IDS / BL URL IP
2022-09-27 22:28:32 +0000
0 - 0 - 60 1337x.theproxy.best/torrent/1116615/The-Walki (...) 172.67.147.182

No other reports with similar screenshot



JavaScript

Executed Scripts (61)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 51173, repeated: 1) - SHA256: a02c62087b771561959ee9eb7408ce089600b3f754aff0979778096198adfa94

                                        < meta charset = "UTF-8" > < meta name = "viewport"
content = "width=device-width, initial-scale=1" > < html class = "desktop left " > < html lang = "en" > < head > < meta charset = "UTF-8" > < meta name = "robots"
content = "noindex" > < meta name = "viewport"
content = "width=device-width, initial-scale=1.0" > < meta http - equiv = "X-UA-Compatible"
content = "ie=edge" > < /head><body><main class="sc"><div class="sc__wrp"><div class="sc__sw"><div class="sc__sw__close"></div > < div class = "sc__sw__icon" > < /div><div class="sc__sw__heading">1337x.theproxy.best wants to</div > < div class = "sc__sw__text sc__sw__text-desktop" > Show notifications < /div><div class="sc__sw__text sc__sw__text-mobile">1337x.theproxy.best wants to send you notifications.</div > < div class = "sc__sw__btn-c" > < button id = "B2"
class = "sc__sw__btn sc__sw__btn--allow" > Allow < /button><button id="B1" class="sc__sw__btn sc__sw__btn--block">Block</button > < /div></div > < /div></main > < style > html {
    line - height: 1.15; - webkit - text - size - adjust: 100 %
}
body {
    margin: 0
}
main {
    display: block
}
h1 {
    font - size: 2e m;
    margin: .67e m 0
}
hr {
    box - sizing: content - box;
    height: 0;
    overflow: visible
}
pre {
    font - family: monospace, monospace;
    font - size: 1e m
}
a {
    background - color: transparent
}
abbr[title] {
    border - bottom: none;
    text - decoration: underline;
    text - decoration: underline dotted
}
b, strong {
    font - weight: bolder
}
code, kbd, samp {
    font - family: monospace, monospace;
    font - size: 1e m
}
small {
    font - size: 80 %
}
sub, sup {
    font - size: 75 % ;
    line - height: 0;
    position: relative;
    vertical - align: baseline
}
sub {
    bottom: -.25e m
}
sup {
    top: -.5e m
}
img {
    border - style: none
}
button, input, optgroup, select, textarea {
    font - family: inherit;
    font - size: 100 % ;
    line - height: 1.15;
    margin: 0
}
button, input {
    overflow: visible
}
button, select {
    text - transform: none
}[type = button], [type = reset], [type = submit], button {
    -webkit - appearance: button
}[type = button]::-moz - focus - inner, [type = reset]::-moz - focus - inner, [type = submit]::-moz - focus - inner, button::-moz - focus - inner {
    border - style: none;
    padding: 0
}[type = button]: -moz - focusring, [type = reset]: -moz - focusring, [type = submit]: -moz - focusring, button: -moz - focusring {
    outline: 1 px dotted ButtonText
}
fieldset {
    padding: .35e m.75e m.625e m
}
legend {
    box - sizing: border - box;
    color: inherit;
    display: table;
    max - width: 100 % ;
    padding: 0;
    white - space: normal
}
progress {
    vertical - align: baseline
}
textarea {
    overflow: auto
}[type = checkbox], [type = radio] {
    box - sizing: border - box;
    padding: 0
}[type = number]::-webkit - inner - spin - button, [type = number]::-webkit - outer - spin - button {
    height: auto
}[type = search] {
    -webkit - appearance: textfield;
    outline - offset: -2 px
}[type = search]::-webkit - search - decoration {
    -webkit - appearance: none
}::-webkit - file - upload - button {
    -webkit - appearance: button;
    font: inherit
}
details {
    display: block
}
summary {
    display: list - item
}[hidden], template {
    display: none
}@
keyframes fadeIn {
    0 % {
        opacity: 0;transform: scale(.9)
    }
    to {
        opacity: 1;transform: scale(1)
    }
}.sc {
    -webkit - touch - callout: none; - webkit - user - select: none; - khtml - user - select: none; - moz - user - select: none; - ms - user - select: none;
    user - select: none;
    display: flex;
    justify - content: center;
    align - items: center
}.sc.rtl {
        direction: rtl
    }.sc__sw {
        width: 100 % ;max - width: 30 rem;font - family: Roboto,
        Segoe UI,
        Helvetica,
        sans - serif;background - color: # fff;border - radius: .3 rem;margin: 1 rem;padding: 1 rem 1.5 rem 4.5 rem;position: relative;box - shadow: 0.5 rem.5 rem rgba(0, 0, 0, .1);animation: fadeIn.4 s ease - in -out
    }.sc__sw__icon {
        height: 1.6 rem;width: 1.6 rem;float: left;background - size: contain;background - image: url("data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIyNCIgaGVpZ2h0PSIyNCI+PHBhdGggZD0iTTEyIDIyYzEuMSAwIDItLjkgMi0yaC00YTIgMiAwIDAgMCAyIDJ6bTYtNnYtNWMwLTMuMDctMS42NC01LjY0LTQuNS02LjMyVjRjMC0uODMtLjY3LTEuNS0xLjUtMS41cy0xLjUuNjctMS41IDEuNXYuNjhDNy42MyA1LjM2IDYgNy45MiA2IDExdjVsLTIgMnYxaDE2di0xbC0yLTJ6IiBmaWxsPSIjNDI4NWY2Ii8+PC9zdmc+")
    }.sc__sw__heading {
        display: none
    }.sc__sw__text {
        color: #666;margin-left:2.3rem;margin-top:.2rem}.sc__sw__text-desktop,.sc__sw__text-mobile{display:none}.sc__sw__btn-c{position:absolute;bottom:.2rem;right:.5rem;display:flex;flex-flow:row-reverse}.sc__sw__btn{border:none;padding:1rem;background-color:transparent;color:# 4283e f;font - weight: 400
    }.sc.sc--mobile {
        width: 100 % ;height: 100 %
    }.sc.sc--mobile__sw__text - mobile {
        display: block
    }.sc.sc--mobile.sc--android - browser, .sc.sc--mobile.sc--chrome, .sc.sc--mobile.sc--firefox {
        background - color: rgba(0, 0, 0, .3);
        position: absolute;
        top: 0;
        bottom: 0;
        left: 0;
        right: 0;
    }.sc.sc--mobile.sc--android - browser, .sc.sc--mobile.sc--chrome {
        width: 100 % ;height: 100 %
    }.sc.sc--mobile.sc--android - browser.sc__sw, .sc.sc--mobile.sc--chrome.sc__sw {
        position: absolute;margin: 0;left: 50 % ;top: 50 % ;width: 92 % ;max - width: 520 px;height: auto;padding - left: 3.8 rem;transform: translate(-50 % , -50 % )
    }.sc.sc--mobile.sc--android - browser.sc__sw__text - mobile, .sc.sc--mobile.sc--chrome.sc__sw__text - mobile {
        display: inline;color: #666;margin-left:0;margin-top:.2rem}.sc.sc--mobile.sc--android-browser .sc__sw__icon,.sc.sc--mobile.sc--chrome .sc__sw__icon{position:absolute;float:none;left:1.5rem;top:1rem}.sc.sc--mobile.sc--android-browser .sc__wrp,.sc.sc--mobile.sc--chrome .sc__wrp{position:relative;width:100%;height:100%;box-sizing:border-box}.sc.sc--mobile.sc--android-browser .sc__wrp *,.sc.sc--mobile.sc--chrome .sc__wrp *{box-sizing:border-box}.sc.sc--mobile.sc--firefox{background-color:rgba(0,0,0,.6);align-items:flex-start;margin-top:-16px}.sc.sc--mobile.sc--firefox .sc__sw{font-family:Fira Sans,Roboto,Segoe UI,Helvetica,sans-serif;background-color:# e6e6e6;font - weight: 400;padding - bottom: 4.5 rem;overflow: hidden;max - width: 66.6 % ;margin: 0 auto
    }.sc.sc--mobile.sc--firefox.sc__sw__icon {
        width: 2.5 rem;height: 2.5 rem;margin - top: .5 rem;background - repeat: no - repeat;background - position: 50 % ;background - image: url("data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIyNCIgaGVpZ2h0PSIyNCI+PHBhdGggZD0iTTMuMjU0IDIuMDk0Yy0xLjE0NyAwLTIuMDcuOTIyLTIuMDcgMi4wNjh2MTEuMzVjMCAxLjE0Ni45MjMgMi4wNjggMi4wNyAyLjA2OGg5LjUzbDMuNzYyIDMuNzYycy41ODguNTY0IDEuMjA3LjU2NGMuNjE4IDAgLjg2Mi0uMzQ2Ljg2Mi0uNTY0VjE3LjU4aDIuMTMxYzEuMTQ3IDAgMi4wNy0uOTIyIDIuMDctMi4wNjlWNC4xNjJhMi4wNjUgMi4wNjUgMCAwIDAtMi4wNy0yLjA2OHptOC43NzcgMi4wNDhBMS40MDggMS40MDggMCAwIDEgMTMuNDQgNS41NWExLjQwOCAxLjQwOCAwIDAgMS0xLjQwOCAxLjQwNyAxLjQwOCAxLjQwOCAwIDAgMS0xLjQwOC0xLjQwNyAxLjQwOCAxLjQwOCAwIDAgMSAxLjQwOC0xLjQwOHptLS4yMTYgNC4yNzhoLjQzMmMuNjYgMCAxLjE5Mi41MzIgMS4xOTIgMS4xOTJ2NC44NjVjMCAuNjYtLjUzMiAxLjE5Mi0xLjE5MiAxLjE5MmgtLjQzMmMtLjY2IDAtMS4xOTItLjUzMi0xLjE5Mi0xLjE5MlY5LjYxMmMwLS42Ni41MzItMS4xOTIgMS4xOTItMS4xOTJ6IiBmaWxsPSIjYTVhNWE1Ii8+PC9zdmc+")
    }.sc.sc--mobile.sc--firefox.sc__sw__text - mobile {
        font - weight: 300;
        display: block;
        margin - left: 3.5 rem;
        margin - top: .5 rem;
        margin - bottom: 1 rem
    }.sc.sc--mobile.sc--firefox.sc__sw__btn - c {
        bottom: 0;left: 0;right: 0
    }.sc.sc--mobile.sc--firefox.sc__sw__btn {
        width: 50 % ;color: #000;font-weight:400}.sc.sc--mobile.sc--firefox .sc__sw__btn--allow{background-color:# 008 bcc;color: # fff
    }.sc.sc--mobile.sc--firefox.sc__sw__btn--block {
        background - color: # d1d0d5
    }.sc.sc--mobile.sc--uc - browser {
        align - items: flex - end;
        height: 100 %
    }.sc.sc--mobile.sc--uc - browser.sc__wrp {
        position: absolute;left: 0;right: 0;top: auto;bottom: 0;width: auto;padding: 0 5 px 5 px
    }.sc.sc--mobile.sc--uc - browser.sc__sw {
        box - shadow: 0 0 4 px rgba(0, 0, 0, .2);
        border - radius: 1.5 rem;
        padding - right: 2.5 rem;
        width: auto;
        margin: auto
    }.sc.sc--mobile.sc--uc - browser.sc__sw: after, .sc.sc--mobile.sc--uc - browser.sc__sw: before {
        position: absolute;right: 1.5 rem;top: 1 rem;content: " ";height: .8 rem;width: 1 px;background - color: # aaa
    }.sc.sc--mobile.sc--uc - browser.sc__sw: before {
        transform: rotate(45 deg)
    }.sc.sc--mobile.sc--uc - browser.sc__sw: after {
        transform: rotate(-45 deg)
    }.sc.sc--mobile.sc--uc - browser.sc__sw__text - mobile {
        display: block;font - weight: 700;margin - bottom: .5 rem;margin - left: 3 rem;color: #444;margin-top:.25rem}.sc.sc--mobile.sc--uc-browser .sc__sw__btn-c{flex-flow:row}.sc.sc--mobile.sc--uc-browser .sc__sw__btn--allow{color:# fdb83f
    }.sc.sc--mobile.sc--uc - browser.sc__sw__btn--block {
        font - weight: 400;
        color: # aaa
    }.sc.sc--mobile.sc--uc - browser.sc__sw__icon {
        width: 2.5 rem;height: 2.5 rem;background - repeat: no - repeat;background - image: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADwAAABQCAIAAADKqIEEAAALgUlEQVRo3u1az49k11X+vnPuq/4xM5mZWHYUOfYgga1IKAtiZUVkTCw2WbJFQmIFSxQhIbDgH4jwigVZEH5vAkIgggAhISuIADFxHGPZMxM7djyezNie6Z81XVXvvXs+Fve9qurq6Z7udpkE1Fet1z1Tr+777nfPPec75zxKwv+1YT9qAGegf5zHGegz0GegTzoCWHYk+OhBG6Al407Lxpjzi3/ir/9jvX3bIL/8KJ/+NT3+DJf6DC43jOtfn+fLfxNNhGDR0Eh3PP3L+uyvLhH3Ms2jfec/+MrXI8Moc6FKYd5K+Lc/5+2XlsjNEkGHfeuPkDMJkEYAMMJgTRDf/EMqfhSgjz5P+W6++0PBQQEhCQopRLg7tt7F8C6wHNwnZ/ow3MMdSxEpwwULIGhiglVgxfCMZhuIpeCe9x4CGkACQymTBCzCCCIAAglHnKZ7N3x1ImYiEKBCAEgYaRmDGqNbiiu0JRjkPGgCRARASjBrqbDMGKeoU0vkc9QANLqUyOlX997Te/+kH7xgazVSICRJhARCRAiTFrl66y/IXVx+Cmuf+JCg97s8ARDE7k9kWmRYwMsnqDPqiafWrcb4+/jeV/MHb3regwOiYApRkoQI5EAEBYAymlHjPawAqw/HE79kT/4KcUo3eMBPq78qgAxCtEwvh5BoE0bMd7H1XVz967x1kwCZwQBASAABgd36I5AzcrFjRoTCHIJlPvQkfuZ3cenTS2F6em1AACYxK6Cgy20Pu9/fuf733L221m5YWwuyzq0cckIFKNi2ylnFzOVhYIQ58PjP47O/A6x/SKYFAQghAwQdYCg7atgob3739tW/Wx1+bz32VhgsjBLoZ+E89nnaJUSwbrobScgkI4yPXMHnfx+4dHxjWQAdxSoENUiAkTDAkIlmdPvFzdf+8ny6sdYMmTNVTm6HbX6rDpDdrYiR2WY1rbr1mSxZ5Vxdw8/9KapHjgl6vwNSYTqHGGSQAoggEFtv169/7WG8vd5MUmvszFZHYZ0xQ5Ck4K5BUuWEEAJEZWXUu/f0778OtCcHLUBEMKLKqkJWlmDtOG59c/zfz6/HG6aGOUfntgnw+IpC3a6S1QCDiiwEBaNJUmzfaF79cj4N0wBoQRdJApBFi/ru+MY3NLzlEcjF1jUFvW/JD3waKRAkUgVPnTUqA5nB6tpf+a1/OI7oXABd9hGGMMkjku5h/HY9GlUMhIAMTeGdyssSAERiUHXRsbjX3NYY4JXf0zFmtYMzAoLEiIEmxHa981au73iXNgnU8Qz50KHCuBGDAQl1mxRJhtEdu/PtB85+HyWgEoaVoR1M3t/ZuL4Sdy0aKaQO9+x6KrIFioQ7zLtJJFANVvHqlyPH0dto83N1XlowydXC6uHdN3TnzbW8K1PRaKJkIS4hX5VRaSZ+aDIkbFzV1stHf3Ef02IUz0AYk8HavZvXV+odZ6tCLaWO4MCHxy3QHWad6BFMyC3tg385AehCtwE0UgRG2Li5YnWY+u0yyRBGEcc5Mg8cJYkEwOJBIyJ0+z+P/tK+bJzFHxkgITImt1a5y85+BbhknmlTy6ZOK9R6hgC4o21R7FIyM2zcODHTBMgAW9SbxJhFsbFju+NYi376dEMAOsc3JSKhmUDNCUD3bgGIhLaJPHVwUymn2T1LGWRv1iraVmyxfXu6qKNBa+4PQVQUfTAf/rR42xJAF3HSL6ColPp94NCgfj+mu5ERtSWyCNBpNnO0ej7FEIpm6B/OgOArRzC9UBYLoZdvBHLbiU92jGjptcQe9pR0AE7BB0dUCuY/YEhdim8AqWg5y/j7lSzh+M09slzniYZCROQjNnNRMPXHjgCVA3CBxWPMMr8PE8MXOZ5dO1+t4nl1BDf7QBuTsQIdANDQxpZIOOSQ9Ywsp+Cyn+/+zKj/h+L4TGO6YyVW0wrHBtgsBM4O5XKG9s9nAGjHZXphKrK334+4q7uATsBJmcacrHZFdEb2UY7+fExt+jRMl4iYwa62tfyuyQJJ07RC6FTDSZOAfgRJLjNeHzr2eQ/AHpTOHWEegpmSzftQLTcWzj+P0yCG6P7r0PzlMPMQaGoU0UASe/En9pFgmXauWcyFBEMG1roizP3GvjCegVA4whQA23t7TYwGgguisa8TlWBOLC009sW0rjIRgvlgFiePYLoPTkWNCu24He6KEWylTEWXInS5zdJo7rROEaWgUfIKozcQh4Ywm/suDHC4wRA57l5v29318+dpIU1Ck+AEVgdalXLCchVIL30JhJ9vXv9jcHIsm6bggkdgsnnvg1dzvekRZhQlZjALGYxShzs9voVRgneX2kLGJFW3Xsa1rxzm+/bX8soXY5x3XhvuXuN4S8ORB9yS0dCX+05YxFtA+IDPSvbSplVc/Rpyvu8yFzKXAFrk94cbL1l7c6Cx2kZZhBOOaR47K0RNoxlP9dPPQuuPXZkzHAZM+O7fakGXLIImQSKadvN6vXN1xXZgrTJVJ7WOnJQNmRKnBfQuOTIj7/vD/trdOP8npsKGZDK4TYUOBZky1/TKH3B8e6FUf4DpyJi8N7z9LY3eTxQdZi5fD78gv0BbJ1fENGsGAXCXJXiCO0rlxUxzV5jBXG4wF0100EQnnebdBltiSuLUgwkIC+XxFq4+rwNnYaGPOMpb32h3XktqTZUl+MUVqy5FWiNB1Iq6qYe8t50jC0wXHmM6RyvlWkISwZBoAEnrNrAPRSxiZkpbtMxDjrcRtdxgnLaUIAlhNPzgBT7xDs4/Pt9x2N9H5Hux8Z21essTosnwAS9doF92rAoWCFiYPlAeMsu9svOPYeU8cgsY6GCXVU8ruP2DNFeBYL/bGTA0I9VX0Y4FwhOiQXT1CUoBa+TprT/DZ57jnCDZn9iO9jjaqyyMUG7RBoZAcoRTcmRgF/VmSEgEGmxcw/pDSKvdwWLJOPoMWHlGx/zJmZ6fXGt4i+12lHs8MSS1QFdEpcEtcfPbsXeP67MO2D7zUAxSw4xgDjPlaFVv5lHOeV2U+YQYCnv0MBJkbjZsZwusVARl7wdL9jBfGsBc92C60REZalVaRuzqnmDX5VC3K0S9Zc270E/2eeAC09W57JdGk7Q2qOVmCaG9SKOwCsZsomc0YQHASdAICWo6r6f+zJTfmhcomqaqpfEy530AGSQhd+30/ghAbJtx5Z/C6idBuy/ToH1s78Lj9+7c8mZzZWVEZBgVUmrNjaSCWRaUi6SrbUqzx/Yd7gOutXcKLJVAkGZMzmL/XbsxWPK7UiITwIg8SlzLP/0lX/nYPpxzfUQJ4/Hov7D1DnfeysOb1uxWCrQWDWnJBiHfU7PbtFg5d9HTp3Tz1VxPLELITJQREmOfTTAg6+VxIECjcUBcfhjVWrQTUwMfgCtABRnMEBMQWLmMj38On/gC1h+Zs6lF0FAINqEUmuTRdohuTgwQJM2cSDU0RjsCDRjiha/i5isA0GS1gZDYJdOdnC+9lWIqBiSXmZHxyc/407+B6uPII+QJvIKvwSswAQQyIqs8Gn4wj1kwDwIrAMxW7dzF2fmZNeoJEFW/5U9+UTdep6AshcorNchd9UzldghS6cSxgiWnuz/xi1h7FEhI8/s+TVUqWHB6bg+oj/vVPTgvD6yXFgdLPsRPfJFXnopJLVkfqI3o+gR9sDbSDeZwa8k28OhTuPIMUB2Y0OY0iR0h24/xnkt5NOdn7JdvwDPPmae2bQgDnPROj5A2o8pgCfQaDjP8wm/D7UjB94B64Qlfzjn4oMHFePZLFZIil+jd9dfLQGmVkW5IUVUZX/gtpIuzZZ9qnOBlwulLDwcXwtEW/vk5vf2SGkQgSiykjHSIKaESfupZPPub+434owd9dDUiQ37zO3jz6/UbL6a7PywNR1rKDz3GK5+zJz+PR38WvpzXAJf82ub/zjh7f/oM9BnoH4NxBvoM9P830P8DWBywwp+xTnsAAAAASUVORK5CYII=")
    }.sc.sc--mobile.sc--samsung - internet -
    for -android {
        height: 100 % ;align - items: flex - end
    }.sc.sc--mobile.sc--samsung - internet -
    for -android.sc__wrp {
        position: absolute;left: 0;right: 0;top: auto;bottom: 0;width: auto;padding: 0 5 px
    }.sc.sc--mobile.sc--samsung - internet -
    for -android.sc__sw {
        width: auto;margin: 1 rem auto;box - shadow: 0 0 3 px rgba(0, 0, 0, .4);border - radius: 2 rem;padding - bottom: 4.5 rem;padding - top: 1.333 rem
    }.sc.sc--mobile.sc--samsung - internet -
    for -android.sc__sw: after, .sc.sc--mobile.sc--samsung - internet -
    for -android.sc__sw: before {
        position: absolute;right: 1.75 rem;top: 1.333 rem;content: " ";height: 1 rem;width: 1 px;background - color: #777}.sc.sc--mobile.sc--samsung-internet-for-android .sc__sw:before{transform:rotate(45deg)}.sc.sc--mobile.sc--samsung-internet-for-android .sc__sw:after{transform:rotate(-45deg)}.sc.sc--mobile.sc--samsung-internet-for-android .sc__sw__text-mobile{display:block;font-weight:700;color:# 444;margin - left: 3 rem;margin - right: 1.5 rem
    }.sc.sc--mobile.sc--samsung - internet -
    for -android.sc__sw__btn - c {
        flex - flow: row;
        display: flex;
        left: .5 rem
    }.sc.sc--mobile.sc--samsung - internet -
    for -android.sc__sw__btn {
        flex: 1;padding: .25 rem;margin - bottom: 1 rem;color: #4285f6}.sc.sc--mobile.sc--samsung-internet-for-android .sc__sw__btn--allow{border-right:1px solid # ddd
    }.sc.sc--mobile.sc--samsung - internet -
    for -android.sc__sw__icon {
        width: 2 rem;position: relative;top: .33 rem;height: 2 rem;background - repeat: no - repeat
    }.sc.sc--mobile.sc--yandex - browser {
        align - items: flex - end
    }.sc.sc--mobile.sc--yandex - browser.sc__wrp {
        position: absolute;left: 0;right: 0;top: auto;bottom: 0;width: auto;padding: 0 5 px
    }.sc.sc--mobile.sc--yandex - browser.sc__sw {
        width: auto;border: 1 px solid # ededed;border - radius: 1 rem;margin: .5 rem;box - shadow: 0 0 10 px 10 px # f0f0f0,
        0 50 px 20 px 40 px # f0f0f0
    }.sc.sc--mobile.sc--yandex - browser.sc__sw__text - mobile {
        display: block;margin - left: 0;margin - right: 1 rem
    }.sc.sc--mobile.sc--yandex - browser.sc__sw__icon {
        position: absolute;right: .5 rem;top: .5 rem;background - image: url("data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSI2NCIgaGVpZ2h0PSI2NCIgdmlld0JveD0iMCAwIDE2LjkzMyAxNi45MzMiPjxnIHRyYW5zZm9ybT0idHJhbnNsYXRlKDAgLTI4MC4wNjcpIj48Y2lyY2xlIGN4PSI4LjQ2NyIgY3k9IjI4OC41MzMiIHI9IjcuNTYiIGZpbGw9IiNkOWQ5ZDkiLz48cGF0aCBkPSJNNS42MzggMjg1LjQzM2EuMjYzLjI2MyAwIDAgMC0uMTk1LjA3Ny4yNzkuMjc5IDAgMCAwIC4wMTEuMzk0bDIuNjMgMi42My0yLjYzIDIuNjI4YS4yNzkuMjc5IDAgMCAwLS4wMTEuMzk1LjI3OS4yNzkgMCAwIDAgLjM5NS0uMDExbDIuNjI5LTIuNjMgMi42MjkgMi42M2EuMjc5LjI3OSAwIDAgMCAuMzk0LjAxLjI3OS4yNzkgMCAwIDAtLjAxLS4zOTRsLTIuNjMtMi42MjkgMi42My0yLjYyOWEuMjc5LjI3OSAwIDAgMCAuMDEtLjM5NC4yNzkuMjc5IDAgMCAwLS4zOTQuMDFsLTIuNjMgMi42My0yLjYyOC0yLjYzYS4yOTQuMjk0IDAgMCAwLS4yLS4wODd6IiBmaWxsPSIjZmZmIi8+PC9nPjwvc3ZnPg==")
    }.sc.sc--mobile.sc--yandex - browser.sc__sw__btn - c {
        bottom: 0;right: 0;left: 0;display: flex;border - top: 1 px solid # cbcbcb
    }.sc.sc--mobile.sc--yandex - browser.sc__sw__btn {
        flex: 1;color: #2488e0;font-weight:400}.sc.sc--mobile.sc--yandex-browser .sc__sw__btn--allow{color:# 2488e0;font - weight: 600;border - left: 1 px solid # cbcbcb
    }.sc.sc--mobile.sc--yandex - browser.sc__sw__btn--block {
        color: #2488e0}.sc.sc--desktop{margin-left:21px;margin-top:-3px;width:326px;height:136px;display:flex;justify-content:center;align-items:center}.sc.sc--desktop.rtl{margin-left:0;margin-right:106px}.sc.sc--desktop .sc__sw{box-sizing:border-box;width:320px;height:130px;border-radius:2px;box-shadow:0 -1px 3px rgba(0,0,0,.3),0 2px 3px 1px rgba(0,0,0,.3);padding:16px;margin:0;font-family:Segoe UI,Helvetica,sans-serif}.sc.sc--desktop .sc__sw__close{position:absolute;display:block;height:24px;width:24px;right:5px;top:5px;border-radius:100%;background-color:transparent;transition:background-color .5s}.sc.sc--desktop .sc__sw__close:hover{background-color:rgba(0,0,0,.08)}.sc.sc--desktop .sc__sw__close:after,.sc.sc--desktop .sc__sw__close:before{content:" ";position:absolute;height:13px;width:2px;left:11px;top:5px;background-color:# 666;pointer - events: none
    }.sc.sc--desktop.sc__sw__close: before {
        transform: rotate(45 deg)
    }.sc.sc--desktop.sc__sw__close: after {
        transform: rotate(-45 deg)
    }.sc.sc--desktop.sc__sw__heading {
        display: block;position: absolute;top: 19 px;left: 16 px;right: 30 px;font - size: 15 px;white - space: nowrap;text - overflow: ellipsis;overflow: hidden
    }.sc.sc--desktop.sc__sw__icon {
        background - image: url("data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIyNCIgaGVpZ2h0PSIyNCI+PHBhdGggZD0iTTEyIDIyYzEuMSAwIDItLjkgMi0yaC00YTIgMiAwIDAgMCAyIDJ6bTYtNnYtNWMwLTMuMDctMS42NC01LjY0LTQuNS02LjMyVjRjMC0uODMtLjY3LTEuNS0xLjUtMS41cy0xLjUuNjctMS41IDEuNXYuNjhDNy42MyA1LjM2IDYgNy45MiA2IDExdjVsLTIgMnYxaDE2di0xbC0yLTJ6IiBmaWxsPSIjNWY2MzY4Ii8+PC9zdmc+");
        height: 18 px;
        width: 18 px;
        position: absolute;
        top: 47 px;
        left: 16 px
    }.sc.sc--desktop.sc__sw__text {
        font - size: 12 px;
        position: absolute;
        top: 49 px;
        left: 46 px;
        color: #000;margin:0}.sc.sc--desktop .sc__sw__text-desktop{display:block}.sc.sc--desktop .sc__sw__btn-c{bottom:16px;right:16px;flex-flow:row}.sc.sc--desktop .sc__sw__btn{font-size:12px;font-weight:400;border:1px solid # ddd;
        border - radius: 2 px;
        padding: 0 16 px;
        height: 32 px;
        margin - left: 8 px;
        min - width: 64 px;
        font - weight: 500
    }.sc.sc--desktop.sc__sw__btn: hover {
        background - color: # fafafa
    }.sc.sc--desktop.sc--firefox {
        width: 380 px;height: 120 px;margin - left: 0;margin - top: 0
    }.sc.sc--desktop.sc--firefox.rtl {
        margin - left: 0;
        margin - right: 0
    }.sc.sc--desktop.sc--firefox.rtl.sc__sw: after, .sc.sc--desktop.sc--firefox.rtl.sc__sw: before {
        left: auto;right: 7 px
    }.sc.sc--desktop.sc--firefox.rtl.sc__sw: before {
        right: 6 px
    }.sc.sc--desktop.sc--firefox.rtl.sc__sw__btn--block: after {
        left: 0;right: auto
    }.sc.sc--desktop.sc--firefox.sc__sw {
        width: 360 px;height: 102 px;border: 1 px solid # d0d1d1;box - shadow: 0 0 1 rem # d0d1d1;padding: 12 px 10 px;position: relative
    }.sc.sc--desktop.sc--firefox.sc__sw: after, .sc.sc--desktop.sc--firefox.sc__sw: before {
        display: none;background - color: transparent;position: absolute;left: 7 px;top: -8 px;transform: none;content: " ";display: block;width: 0;height: 0;border - color: transparent transparent # fff;border - style: solid;border - width: 0 8 px 8 px
    }.sc.sc--desktop.sc--firefox.sc__sw: before {
        top: -9 px;left: 6 px;border - width: 0 9 px 9 px;border - color: transparent transparent # d0d1d1
    }.sc.sc--desktop.sc--firefox.sc__sw * {
        position: unset
    }.sc.sc--desktop.sc--firefox.sc__sw__close {
        display: none
    }.sc.sc--desktop.sc--firefox.sc__sw__heading {
        font - family: Segoe UI, Helvetica, sans - serif;
        font - size: 12 px;
        white - space: wrap;
        margin - bottom: .5e m;
        overflow: visible;
        margin - left: 48 px
    }.sc.sc--desktop.sc--firefox.sc__sw__text {
        overflow: visible;margin - left: 48 px;line - height: .95
    }.sc.sc--desktop.sc--firefox.sc__sw__icon {
        background - image: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAeCAYAAABNChwpAAABj0lEQVRIie2Wv4oyMRTFf7pWsdQyBCzUVwgznXkFwc6xthNLERbU0gew1E7wFbQbmHewG9IJgoW22WJB0PUP6IzKx3e6ZO7NOUluztyMc84BRFHEcrkkjmPShFIKYwxaawAyzjk3m80IwzBV4nP4vk+z2SQXRdHLyQHCMKRSqfBVKpW+d7vdywUAbLdbcud33u/3kVKmQmitZTAYHMdxHJM9D0qL/NrafwS8Gm8XkLsXMBqNHvYGpRS9Xu9mzOefwL0dPIvPP4H/NfDP18DnCbDWpkZ2ae3McDh0SXRBvu9Tr9cRQgCwXq+ZTqdsNpurOUopssaYp8nht8FYLBbH8T1yAGMMWa01nuclJmK1WgHcJfc8D6317zMMgoBqtZpIUzqfzykUCle/X2xKnyG01jIejzkcDse5fD7Pfr8/iZtMJhfzn36GUkra7fbJ3Dn5LSTiA+VymUaj8VBuYkZUq9UeKuZEnTAIApRS7xMA0Ol0jmb0FgFCCLrd7omIW4JS+RlJKWm1WhSLRYQQNwv0BySZkZGaX+NiAAAAAElFTkSuQmCC");
        width: 32 px;
        margin - right: 16 px;
        height: 30 px
    }.sc.sc--desktop.sc--firefox.sc__sw__btn - c {
        position: absolute;left: 0;right: 0;bottom: 0
    }.sc.sc--desktop.sc--firefox.sc__sw__btn {
        margin: 0;border: none;display: flex;flex: 1;text - align: center;justify - content: center;align - items: center;height: 39 px;color: #000;border-radius:0;box-shadow:inset 0 0 1px 1px rgba(0,0,0,.1);background-color:# ededed;position: relative
    }.sc.sc--desktop.sc--firefox.sc__sw__btn--allow {
        background - color: #0060df;color:# fff
    }.sc.sc--desktop.sc--firefox.sc__sw__btn--allow: hover {
        background - color: #003eaa}.sc.sc--desktop.sc--firefox .sc__sw__btn--block{padding-right:55px}.sc.sc--desktop.sc--firefox .sc__sw__btn--block:before{display:block;content:"";position:absolute;left:0;top:0;bottom:0;right:0;z-index:1}.sc.sc--desktop.sc--firefox .sc__sw__btn--block:hover:before{background-color:rgba(0,0,0,.045)}.sc.sc--desktop.sc--firefox .sc__sw__btn--block:after{content:"";display:block;position:absolute;right:0;background-image:url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAA4AAAAHCAYAAAA4R3wZAAAAhUlEQVQYlXXQyw2EMAyE4Z9tAMpwSkn6BUoJt3QwUioYDitWLA8fPf4s2YMkl1LovbMsC+M48lS9d0opTNPEPM98jqDWyrHgDdVasf1tSnJrzRFhwCklt9YsyUeWUjLgiPhlnAeu+A39wSf8hiR5kOTrPTlntm0DICJY1/X2tBs8Y+ARAezFmqaAOZvAjAAAAABJRU5ErkJggg= = ");background-repeat:no-repeat;background-position:12px 11px;border-left:1px solid #cecece;height:26px;width:39px}.sc.sc--desktop.sc--firefox.sc--macos .sc__sw{border-radius:4px}.sc.sc--desktop.sc--firefox.sc--macos .sc__sw__btn-c{overflow:hidden;border-radius:0 0 4px 4px}.sc.sc--desktop.sc--firefox.sc--macos .sc__sw__btn{box-shadow:none}.sc.sc--desktop.sc--firefox.sc--macos .sc__sw__btn--allow{background-color:#0896f8;border-top:1px solid #0c84d8}.sc.sc--desktop.sc--firefox.sc--macos .sc__sw__btn--allow:hover{background-color:#0c84d8}.sc.sc--desktop.sc--firefox.sc--macos .sc__sw__btn--block{border-top:1px solid #ccc}.sc.sc--desktop.sc--yandex-browser{width:460px;height:180px;overflow:hidden;align-items:flex-start;position:absolute;right:17px;margin:0}.sc.sc--desktop.sc--yandex-browser *{position:unset}.sc.sc--desktop.sc--yandex-browser.rtl{right:auto;left:17px}.sc.sc--desktop.sc--yandex-browser.rtl .sc__sw__btn-c:before{left:auto;right:0}.sc.sc--desktop.sc--yandex-browser .sc__sw{width:435px;height:150px;border-radius:3px;border:1px solid #d1d1d1;box-shadow:0 10px 20px rgba(0,0,0,.1);margin-top:13px;overflow:visible;padding:20px 25px;position:relative}.sc.sc--desktop.sc--yandex-browser .sc__sw:after,.sc.sc--desktop.sc--yandex-browser .sc__sw:before{width:1px;background-color:#d1d1d1}.sc.sc--desktop.sc--yandex-browser .sc__sw__close{content:"
        ";display:block;width:16px;height:16px;background-image:url("
        data: image / png;
        base64, iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8 / 9 hAAABj0lEQVQ4ja2TzYrqQBCFv5b8qdABI26MUSGLvIRrn1XwNeYRBNGsTMgiYCDZxG4XfRcSb2bUCwP3LLvrVJ06VSWMMYYe2rbler3SNA1aawAcx0FKSRAEDIfDfjiiS2CMIc9zqqpiNpvh + z6u6wKglKKua8qyZDKZEIYhQoi / CYwxpGkKQBRFT + JPKKW4XC4AxHGMEIIBQJ7nz8dPZADXdYnjmD7HatuWqqpIkuQpC + B0OnE4HBBCkCQJSZI8JAtBFEUcj0em0ylkWWaKojB9FEVhdrud0VobrbXZ7 / cmy7KXmCzLzKBpGnzf / yZVSsl2u8W2bWzbRkr5nEgH3 / dpmgZLa / 3 S93g8ppvM19cXnuexXq9f / NBaP0z8hPP5zP1 + Z7PZfPOnD8txHJRSjEajl8 / lcslqtXpLVErhOA4DKSV1XX9U0O3HT9R1jZSSQRAElGWJUupVnmVhWdbb6mVZEgTBYxOzLON2uz2361 / ottbzPBaLxcPE + XwOQJqmb5X0K3cthWEI / K9j6lf57Tn / Aa0MA10JheTaAAAAAElFTkSuQmCC ");background-size:contain;background-repeat:no-repeat;background-color:red;position:absolute;left:25px;bottom:25px;top:auto}.sc.sc--desktop.sc--yandex-browser .sc__sw__close:after,.sc.sc--desktop.sc--yandex-browser .sc__sw__close:before{display:none}.sc.sc--desktop.sc--yandex-browser .sc__sw__icon{background-image:url("
        data: image / png;
        base64, iVBORw0KGgoAAAANSUhEUgAAABwAAAAaCAYAAACkVDyJAAABP0lEQVRIie3VMW6DMBTG8T8oYyaba4SNOdnJARhYmMlx8BoWJDhAjpGJXAMzsb8Olau0TVKUGKlDvvHpwU / Y5jkQEbHWUtc1fd8zjiM + o5QijmOKokBrTTAMg5RlyTRNXqGfWa / XGGNYHY9HpmkiSRLKsiSKIq / QMAxUVcX5fKaua8LL5QKwCAYQRRGHwwGAvu8J3Z4tgV2jAOM4Ei6m3MkbfINv8B + ASingc + YtFfdupRThZrMBwBiDtdY7Zq2lqioA4jh + 7 XrK85wsy77V9vv9zV53PYVaa4wxbLdb3PLOTdM0dF33sEcpxW63wxiD1hrkybRtK2maSpqm0rbtV93V7uXpU5plGXmez / 5 Sl9WzoEMd2DTNrGcCEZFXUICu636Bp9PpZq + XH / 96e f + Kt0kzF / U62uagLx2ae + ijfAAz9t9V2rINEgAAAABJRU5ErkJggg == ");width:28px;height:26px}.sc.sc--desktop.sc--yandex-browser .sc__sw__icon:after,.sc.sc--desktop.sc--yandex-browser .sc__sw__icon:before{display:none;background-color:transparent;position:absolute;left:295px;top:-12px;transform:none;content:"
        ";display:block;width:0;height:0;border-color:transparent transparent #fff;border-style:solid;border-width:0 12px 12px}.sc.sc--desktop.sc--yandex-browser .sc__sw__icon:before{top:-13px;left:294px;z-index:-1;border-width:0 13px 13px;border-color:transparent transparent #d0d1d1}.sc.sc--desktop.sc--yandex-browser .sc__sw__heading,.sc.sc--desktop.sc--yandex-browser .sc__sw__text{margin-left:45px}.sc.sc--desktop.sc--yandex-browser .sc__sw__heading{font-weight:700;font-size:16px;margin-top:-3px;width:330px;white-space:normal;margin-bottom:8px;direction:auto}.sc.sc--desktop.sc--yandex-browser .sc__sw__text{font-size:13px;line-height:1.333}.sc.sc--desktop.sc--yandex-browser .sc__sw__btn-c{position:absolute;right:25px;bottom:20px;justify-content:flex-end}.sc.sc--desktop.sc--yandex-browser .sc__sw__btn{color:#000;font-weight:400;border:none;background-color:#e6e6e6}.sc.sc--desktop.sc--yandex-browser .sc__sw__btn:hover{background-color:#ccc}.sc.sc--desktop.sc--macos .sc__sw{border-top:0;border-right:1px solid #ccc;border-bottom:1px solid #c1c1c1;border-left:1px solid #ccc;box-shadow:0 0 15px 0 #c6c6c6;border-radius:4px}.sc.sc--desktop.sc--macos .sc__sw__text-desktop{top:50px}.sc.sc--desktop.sc--macos .sc__sw__close{transform:scale(.9)}.sc.sc--desktop.sc--macos .sc__sw__btn{border-color:#eee;border-radius:3px}.sc.sc--desktop.sc--macos .sc__sw__btn-c{display:flex;flex-flow:row-reverse}.sc.sc--tablet .sc__sw__text-mobile{display:block}</style><script>parcelRequire=function(e,r,t,n){var i,o="
        function "==typeof parcelRequire&&parcelRequire,u="
        function "==typeof require&&require;function f(t,n){if(!r[t]){if(!e[t]){var i="
        function "==typeof parcelRequire&&parcelRequire;if(!n&&i)return i(t,!0);if(o)return o(t,!0);if(u&&"
        string "==typeof t)return u(t);var c=new Error("
        Cannot find module ");throw c.code="
        MODULE_NOT_FOUND ",c}p.resolve=function(r){return e[t][1][r]||r},p.cache={};var l=r[t]=new f.Module(t);e[t][0].call(l.exports,p,l,l.exports,this)}return r[t].exports;function p(e){return f(p.resolve(e))}}f.isParcelRequire=!0,f.Module=function(e){this.id=e,this.bundle=f,this.exports={}},f.modules=e,f.cache=r,f.parent=o,f.register=function(r,t){e[r]=[function(e,r){r.exports=t},{}]};for(var c=0;c<t.length;c++)try{f(t[c])}catch(e){i||(i=e)}if(t.length){var l=f(t[t.length-1]);"
        object "==typeof exports&&"
        undefined "!=typeof module?module.exports=l:"
        function "==typeof define&&define.amd?define(function(){return l}):n&&(this[n]=l)}if(parcelRequire=f,i)throw i;return f}({"
        9 KIJ ":[function(require,module,exports) {},{}],"
        JSid ":[function(require,module,exports) {var define;var e;!function(t,r){"
        object "==typeof exports&&"
        object "==typeof module?module.exports=r():"
        function "==typeof e&&e.amd?e([],r):"
        object "==typeof exports?exports.bowser=r():t.bowser=r()}(this,function(){return function(e){var t={};function r(n){if(t[n])return t[n].exports;var i=t[n]={i:n,l:!1,exports:{}};return e[n].call(i.exports,i,i.exports,r),i.l=!0,i.exports}return r.m=e,r.c=t,r.d=function(e,t,n){r.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:n})},r.r=function(e){"
        undefined "!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"
        Module "}),Object.defineProperty(e,"
        __esModule ",{value:!0})},r.t=function(e,t){if(1&t&&(e=r(e)),8&t)return e;if(4&t&&"
        object "==typeof e&&e&&e.__esModule)return e;var n=Object.create(null);if(r.r(n),Object.defineProperty(n,"
        default ",{enumerable:!0,value:e}),2&t&&"
        string "!=typeof e)for(var i in e)r.d(n,i,function(t){return e[t]}.bind(null,i));return n},r.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return r.d(t,"
        a ",t),t},r.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},r.p="
        ",r(r.s=86)}({17:function(e,t,r){var n,i,s;i=[t,r(89)],void 0===(s="
        function "==typeof(n=function(r,n){"
        use strict ";function i(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"
        value "in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}Object.defineProperty(r,"
        __esModule ",{value:!0}),r.default=void 0;var s=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("
        Cannot call a class as a
        function ")}(this,e)}return t=e,r=[{key:"
        getFirstMatch ",value:function(e,t){var r=t.match(e);return r&&r.length>0&&r[1]||"
        "}},{key:"
        getSecondMatch ",value:function(e,t){var r=t.match(e);return r&&r.length>1&&r[2]||"
        "}},{key:"
        matchAndReturnConst ",value:function(e,t,r){if(e.test(t))return r}},{key:"
        getWindowsVersionName ",value:function(e){switch(e){case"
        NT ":return"
        NT ";case"
        XP ":return"
        XP ";case"
        NT 5.0 ":return"
        2000 ";case"
        NT 5.1 ":return"
        XP ";case"
        NT 5.2 ":return"
        2003 ";case"
        NT 6.0 ":return"
        Vista ";case"
        NT 6.1 ":return"
        7 ";case"
        NT 6.2 ":return"
        8 ";case"
        NT 6.3 ":return"
        8.1 ";case"
        NT 10.0 ":return"
        10 ";default:return}}},{key:"
        getAndroidVersionName ",value:function(e){var t=e.split(".
        ").splice(0,2).map(function(e){return parseInt(e,10)||0});if(t.push(0),!(1===t[0]&&t[1]<5))return 1===t[0]&&t[1]<6?"
        Cupcake ":1===t[0]&&t[1]>=6?"
        Donut ":2===t[0]&&t[1]<2?"
        Eclair ":2===t[0]&&2===t[1]?"
        Froyo ":2===t[0]&&t[1]>2?"
        Gingerbread ":3===t[0]?"
        Honeycomb ":4===t[0]&&t[1]<1?"
        Ice Cream Sandwich ":4===t[0]&&t[1]<4?"
        Jelly Bean ":4===t[0]&&t[1]>=4?"
        KitKat ":5===t[0]?"
        Lollipop ":6===t[0]?"
        Marshmallow ":7===t[0]?"
        Nougat ":8===t[0]?"
        Oreo ":void 0}},{key:"
        getVersionPrecision ",value:function(e){return e.split(".
        ").length}},{key:"
        compareVersions ",value:function(t,r){var n=arguments.length>2&&void 0!==arguments[2]&&arguments[2],i=e.getVersionPrecision(t),s=e.getVersionPrecision(r),a=Math.max(i,s),o=0,u=e.map([t,r],function(t){var r=a-e.getVersionPrecision(t),n=t+new Array(r+1).join(".0 ");return e.map(n.split(".
        "),function(e){return new Array(20-e.length).join("
        0 ")+e}).reverse()});for(n&&(o=a-Math.min(i,s)),a-=1;a>=o;){if(u[0][a]>u[1][a])return 1;if(u[0][a]===u[1][a]){if(a===o)return 0;a-=1}else if(u[0][a]<u[1][a])return-1}}},{key:"
        map ",value:function(e,t){var r,n=[];if(Array.prototype.map)return Array.prototype.map.call(e,t);for(r=0;r<e.length;r+=1)n.push(t(e[r]));return n}},{key:"
        getBrowserAlias ",value:function(e){return n.BROWSER_ALIASES_MAP[e]}}],null&&i(t.prototype,null),r&&i(t,r),e;var t,r}();r.default=s,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)},86:function(e,t,r){var n,i,s;i=[t,r(87)],void 0===(s="
        function "==typeof(n=function(r,n){"
        use strict ";function i(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"
        value "in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}var s;Object.defineProperty(r,"
        __esModule ",{value:!0}),r.default=void 0,n=(s=n)&&s.__esModule?s:{default:s};var a=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("
        Cannot call a class as a
        function ")}(this,e)}return t=e,r=[{key:"
        getParser ",value:function(e){var t=arguments.length>1&&void 0!==arguments[1]&&arguments[1];if("
        string "!=typeof e)throw new Error("
        UserAgent should be a string ");return new n.default(e,t)}},{key:"
        parse ",value:function(e){return new n.default(e).getResult()}}],null&&i(t.prototype,null),r&&i(t,r),e;var t,r}();r.default=a,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)},87:function(e,t,r){var n,i,s;i=[t,r(88),r(90),r(91),r(92),r(17)],void 0===(s="
        function "==typeof(n=function(r,n,i,s,a,o){"
        use strict ";function u(e){return e&&e.__esModule?e:{default:e}}function c(e){return(c="
        function "==typeof Symbol&&"
        symbol "==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"
        function "==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"
        symbol ":typeof e})(e)}function d(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"
        value "in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}Object.defineProperty(r,"
        __esModule ",{value:!0}),r.default=void 0,n=u(n),i=u(i),s=u(s),a=u(a),o=u(o);var f=function(){function e(t){var r=arguments.length>1&&void 0!==arguments[1]&&arguments[1];if(function(e,t){if(!(e instanceof t))throw new TypeError("
        Cannot call a class as a
        function ")}(this,e),null==t||"
        "===t)throw new Error("
        UserAgent parameter cant be empty ");this._ua=t,this.parsedResult={},!0!==r&&this.parse()}return t=e,(r=[{key:"
        getUA ",value:function(){return this._ua}},{key:"
        test ",value:function(e){return e.test(this._ua)}},{key:"
        parseBrowser ",value:function(){var e=this;this.parsedResult.browser={};var t=n.default.find(function(t){if("
        function "==typeof t.test)return t.test(e);if(t.test instanceof Array)return t.test.some(function(t){return e.test(t)});throw new Error("
        Browsers test
        function is not valid ")});return t&&(this.parsedResult.browser=t.describe(this.getUA())),this.parsedResult.browser}},{key:"
        getBrowser ",value:function(){return this.parsedResult.browser?this.parsedResult.browser:this.parseBrowser()}},{key:"
        getBrowserName ",value:function(e){return e?String(this.getBrowser().name).toLowerCase()||"
        ":this.getBrowser().name||"
        "}},{key:"
        getBrowserVersion ",value:function(){return this.getBrowser().version}},{key:"
        getOS ",value:function(){return this.parsedResult.os?this.parsedResult.os:this.parseOS()}},{key:"
        parseOS ",value:function(){var e=this;this.parsedResult.os={};var t=i.default.find(function(t){if("
        function "==typeof t.test)return t.test(e);if(t.test instanceof Array)return t.test.some(function(t){return e.test(t)});throw new Error("
        Browsers test
        function is not valid ")});return t&&(this.parsedResult.os=t.describe(this.getUA())),this.parsedResult.os}},{key:"
        getOSName ",value:function(e){var t=this.getOS().name;return e?String(t).toLowerCase()||"
        ":t||"
        "}},{key:"
        getOSVersion ",value:function(){return this.getOS().version}},{key:"
        getPlatform ",value:function(){return this.parsedResult.platform?this.parsedResult.platform:this.parsePlatform()}},{key:"
        getPlatformType ",value:function(){var e=arguments.length>0&&void 0!==arguments[0]&&arguments[0],t=this.getPlatform().type;return e?String(t).toLowerCase()||"
        ":t||"
        "}},{key:"
        parsePlatform ",value:function(){var e=this;this.parsedResult.platform={};var t=s.default.find(function(t){if("
        function "==typeof t.test)return t.test(e);if(t.test instanceof Array)return t.test.some(function(t){return e.test(t)});throw new Error("
        Browsers test
        function is not valid ")});return t&&(this.parsedResult.platform=t.describe(this.getUA())),this.parsedResult.platform}},{key:"
        getEngine ",value:function(){return this.parsedResult.engine?this.parsedResult.engine:this.parseEngine()}},{key:"
        getEngineName ",value:function(e){return e?String(this.getEngine().name).toLowerCase()||"
        ":this.getEngine().name||"
        "}},{key:"
        parseEngine ",value:function(){var e=this;this.parsedResult.engine={};var t=a.default.find(function(t){if("
        function "==typeof t.test)return t.test(e);if(t.test instanceof Array)return t.test.some(function(t){return e.test(t)});throw new Error("
        Browsers test
        function is not valid ")});return t&&(this.parsedResult.engine=t.describe(this.getUA())),this.parsedResult.engine}},{key:"
        parse ",value:function(){return this.parseBrowser(),this.parseOS(),this.parsePlatform(),this.parseEngine(),this}},{key:"
        getResult ",value:function(){return Object.assign({},this.parsedResult)}},{key:"
        satisfies ",value:function(e){var t=this,r={},n=0,i={},s=0;if(Object.keys(e).forEach(function(t){var a=e[t];"
        string "==typeof a?(i[t]=a,s+=1):"
        object "===c(a)&&(r[t]=a,n+=1)}),n>0){var a=Object.keys(r),o=a.find(function(e){return t.isOS(e)});if(o){var u=this.satisfies(r[o]);if(void 0!==u)return u}var d=a.find(function(e){return t.isPlatform(e)});if(d){var f=this.satisfies(r[d]);if(void 0!==f)return f}}if(s>0){var l=Object.keys(i).find(function(e){return t.isBrowser(e,!0)});if(void 0!==l)return this.compareVersion(i[l])}}},{key:"
        isBrowser ",value:function(e){var t=arguments.length>1&&void 0!==arguments[1]&&arguments[1],r=this.getBrowserName(),n=[r.toLowerCase()],i=o.default.getBrowserAlias(r);return t&&void 0!==i&&n.push(i.toLowerCase()),-1!==n.indexOf(e.toLowerCase())}},{key:"
        compareVersion ",value:function(e){var t=[0],r=e,n=!1,i=this.getBrowserVersion();if("
        string "==typeof i)return" > "===e[0]||" < "===e[0]?(r=e.substr(1)," = "===e[1]?(n=!0,r=e.substr(2)):t=[]," > "===e[0]?t.push(1):t.push(-1)):" = "===e[0]?r=e.substr(1):"~"===e[0]&&(n=!0,r=e.substr(1)),t.indexOf(o.default.compareVersions(i,r,n))>-1}},{key:"
        isOS ",value:function(e){return this.getOSName(!0)===String(e).toLowerCase()}},{key:"
        isPlatform ",value:function(e){return this.getPlatformType(!0)===String(e).toLowerCase()}},{key:"
        isEngine ",value:function(e){return this.getEngineName(!0)===String(e).toLowerCase()}},{key:"
        is ",value:function(e){return this.isBrowser(e)||this.isOS(e)||this.isPlatform(e)}},{key:"
        some ",value:function(){var e=this;return(arguments.length>0&&void 0!==arguments[0]?arguments[0]:[]).some(function(t){return e.is(t)})}}])&&d(t.prototype,r),e;var t,r}();r.default=f,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)},88:function(e,t,r){var n,i,s;i=[t,r(17)],void 0===(s="
        function "==typeof(n=function(r,n){"
        use strict ";var i;Object.defineProperty(r,"
        __esModule ",{value:!0}),r.default=void 0,n=(i=n)&&i.__esModule?i:{default:i};var s=/version\/(\d+(\.?_?\d+)+)/i,a=[{test:[/googlebot/i],describe:function(e){var t={name:"
        Googlebot "},r=n.default.getFirstMatch(/googlebot\/(\d+(\.\d+))/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/opera/i],describe:function(e){var t={name:"
        Opera "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:opera)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/opr\/|opios/i],describe:function(e){var t={name:"
        Opera "},r=n.default.getFirstMatch(/(?:opr|opios)[\s\/](\S+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/SamsungBrowser/i],describe:function(e){var t={name:"
        Samsung Internet
        for Android "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:SamsungBrowser)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/Whale/i],describe:function(e){var t={name:"
        NAVER Whale Browser "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:whale)[\s\/](\d+(?:\.\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/MZBrowser/i],describe:function(e){var t={name:"
        MZ Browser "},r=n.default.getFirstMatch(/(?:MZBrowser)[\s\/](\d+(?:\.\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/focus/i],describe:function(e){var t={name:"
        Focus "},r=n.default.getFirstMatch(/(?:focus)[\s\/](\d+(?:\.\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/swing/i],describe:function(e){var t={name:"
        Swing "},r=n.default.getFirstMatch(/(?:swing)[\s\/](\d+(?:\.\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/coast/i],describe:function(e){var t={name:"
        Opera Coast "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:coast)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/yabrowser/i],describe:function(e){var t={name:"
        Yandex Browser "},r=n.default.getFirstMatch(/(?:yabrowser)[\s\/](\d+(\.?_?\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/ucbrowser/i],describe:function(e){var t={name:"
        UC Browser "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:ucbrowser)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/Maxthon|mxios/i],describe:function(e){var t={name:"
        Maxthon "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:Maxthon|mxios)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/epiphany/i],describe:function(e){var t={name:"
        Epiphany "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:epiphany)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/puffin/i],describe:function(e){var t={name:"
        Puffin "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:puffin)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/sleipnir/i],describe:function(e){var t={name:"
        Sleipnir "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:sleipnir)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/k-meleon/i],describe:function(e){var t={name:"
        K - Meleon "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/(?:k-meleon)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/micromessenger/i],describe:function(e){var t={name:"
        WeChat "},r=n.default.getFirstMatch(/(?:micromessenger)[\s\/](\d+(\.?_?\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/msie|trident/i],describe:function(e){var t={name:"
        Internet Explorer "},r=n.default.getFirstMatch(/(?:msie |rv:)(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/\sedg\//i],describe:function(e){var t={name:"
        Microsoft Edge "},r=n.default.getFirstMatch(/\sedg\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/edg([ea]|ios)/i],describe:function(e){var t={name:"
        Microsoft Edge "},r=n.default.getSecondMatch(/edg([ea]|ios)\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/vivaldi/i],describe:function(e){var t={name:"
        Vivaldi "},r=n.default.getFirstMatch(/vivaldi\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/seamonkey/i],describe:function(e){var t={name:"
        SeaMonkey "},r=n.default.getFirstMatch(/seamonkey\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/sailfish/i],describe:function(e){var t={name:"
        Sailfish "},r=n.default.getFirstMatch(/sailfish\s?browser\/(\d+(\.\d+)?)/i,e);return r&&(t.version=r),t}},{test:[/silk/i],describe:function(e){var t={name:"
        Amazon Silk "},r=n.default.getFirstMatch(/silk\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/phantom/i],describe:function(e){var t={name:"
        PhantomJS "},r=n.default.getFirstMatch(/phantomjs\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/slimerjs/i],describe:function(e){var t={name:"
        SlimerJS "},r=n.default.getFirstMatch(/slimerjs\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/blackberry|\bbb\d+/i,/rim\stablet/i],describe:function(e){var t={name:"
        BlackBerry "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/blackberry[\d]+\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/(web|hpw)[o0]s/i],describe:function(e){var t={name:"
        WebOS Browser "},r=n.default.getFirstMatch(s,e)||n.default.getFirstMatch(/w(?:eb)?[o0]sbrowser\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/bada/i],describe:function(e){var t={name:"
        Bada "},r=n.default.getFirstMatch(/dolfin\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/tizen/i],describe:function(e){var t={name:"
        Tizen "},r=n.default.getFirstMatch(/(?:tizen\s?)?browser\/(\d+(\.?_?\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/qupzilla/i],describe:function(e){var t={name:"
        QupZilla "},r=n.default.getFirstMatch(/(?:qupzilla)[\s\/](\d+(\.?_?\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/firefox|iceweasel|fxios/i],describe:function(e){var t={name:"
        Firefox "},r=n.default.getFirstMatch(/(?:firefox|iceweasel|fxios)[\s\/](\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/chromium/i],describe:function(e){var t={name:"
        Chromium "},r=n.default.getFirstMatch(/(?:chromium)[\s\/](\d+(\.?_?\d+)+)/i,e)||n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/chrome|crios|crmo/i],describe:function(e){var t={name:"
        Chrome "},r=n.default.getFirstMatch(/(?:chrome|crios|crmo)\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:function(e){var t=!e.test(/like android/i),r=e.test(/android/i);return t&&r},describe:function(e){var t={name:"
        Android Browser "},r=n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/playstation 4/i],describe:function(e){var t={name:"
        PlayStation 4 "},r=n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/safari|applewebkit/i],describe:function(e){var t={name:"
        Safari "},r=n.default.getFirstMatch(s,e);return r&&(t.version=r),t}},{test:[/.*/i],describe:function(e){var t=-1!==e.search("\\ (")?/^(.*)\/(.*)[ \t]\((.*)/:/^(.*)\/(.*) /;return{name:n.default.getFirstMatch(t,e),version:n.default.getSecondMatch(t,e)}}}];r.default=a,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)},89:function(e,t,r){var n,i;void 0===(i="function "==typeof(n=function(e){"
                use strict ";Object.defineProperty(e,"
                __esModule ",{value:!0}),e.BROWSER_ALIASES_MAP=void 0,e.BROWSER_ALIASES_MAP={"
                Amazon Silk ":"
                amazon_silk ","
                Android Browser ":"
                android ",Bada:"
                bada ",BlackBerry:"
                blackberry ",Chrome:"
                chrome ",Chromium:"
                chromium ",Epiphany:"
                epiphany ",Firefox:"
                firefox ",Focus:"
                focus ",Generic:"
                generic ",Googlebot:"
                googlebot ","
                Internet Explorer ":"
                ie ","
                K - Meleon ":"
                k_meleon ",Maxthon:"
                maxthon ","
                Microsoft Edge ":"
                edge ","
                MZ Browser ":"
                mz ","
                NAVER Whale Browser ":"
                naver ",Opera:"
                opera ","
                Opera Coast ":"
                opera_coast ",PhantomJS:"
                phantomjs ",Puffin:"
                puffin ",QupZilla:"
                qupzilla ",Safari:"
                safari ",Sailfish:"
                sailfish ","
                Samsung Internet
                for Android ":"
                samsung_internet ",SeaMonkey:"
                seamonkey ",Sleipnir:"
                sleipnir ",Swing:"
                swing ",Tizen:"
                tizen ","
                UC Browser ":"
                uc ",Vivaldi:"
                vivaldi ","
                WebOS Browser ":"
                webos ",WeChat:"
                wechat ","
                Yandex Browser ":"
                yandex "}})?n.apply(t,[t]):n)||(e.exports=i)},90:function(e,t,r){var n,i,s;i=[t,r(17)],void 0===(s="
                function "==typeof(n=function(r,n){"
                use strict ";var i;Object.defineProperty(r,"
                __esModule ",{value:!0}),r.default=void 0,n=(i=n)&&i.__esModule?i:{default:i};var s=[{test:[/windows phone/i],describe:function(e){return{name:"
                Windows Phone ",version:n.default.getFirstMatch(/windows phone (?:os)?\s?(\d+(\.\d+)*)/i,e)}}},{test:[/windows/i],describe:function(e){var t=n.default.getFirstMatch(/Windows ((NT|XP)( \d\d?.\d)?)/i,e);return{name:"
                Windows ",version:t,versionName:n.default.getWindowsVersionName(t)}}},{test:[/macintosh/i],describe:function(e){return{name:"
                macOS ",version:n.default.getFirstMatch(/mac os x (\d+(\.?_?\d+)+)/i,e).replace(/[_\s]/g,".
                ")}}},{test:[/(ipod|iphone|ipad)/i],describe:function(e){return{name:"
                iOS ",version:n.default.getFirstMatch(/os (\d+([_\s]\d+)*) like mac os x/i,e).replace(/[_\s]/g,".
                ")}}},{test:function(e){var t=!e.test(/like android/i),r=e.test(/android/i);return t&&r},describe:function(e){var t=n.default.getFirstMatch(/android[\s\/-](\d+(\.\d+)*)/i,e),r=n.default.getAndroidVersionName(t),i={name:"
                Android ",version:t};return r&&(i.versionName=r),i}},{test:[/(web|hpw)[o0]s/i],describe:function(e){var t=n.default.getFirstMatch(/(?:web|hpw)[o0]s\/(\d+(\.\d+)*)/i,e),r={name:"
                WebOS "};return t&&t.length&&(r.version=t),r}},{test:[/blackberry|\bbb\d+/i,/rim\stablet/i],describe:function(e){return{name:"
                BlackBerry ",version:n.default.getFirstMatch(/rim\stablet\sos\s(\d+(\.\d+)*)/i,e)||n.default.getFirstMatch(/blackberry\d+\/(\d+([_\s]\d+)*)/i,e)||n.default.getFirstMatch(/\bbb(\d+)/i,e)}}},{test:[/bada/i],describe:function(e){return{name:"
                Bada ",version:n.default.getFirstMatch(/bada\/(\d+(\.\d+)*)/i,e)}}},{test:[/tizen/i],describe:function(e){return{name:"
                Tizen ",version:n.default.getFirstMatch(/tizen[\/\s](\d+(\.\d+)*)/i,e)}}},{test:[/linux/i],describe:function(){return{name:"
                Linux "}}},{test:[/CrOS/],describe:function(){return{name:"
                Chrome OS "}}},{test:[/PlayStation 4/],describe:function(e){return{name:"
                PlayStation 4 ",version:n.default.getFirstMatch(/PlayStation 4[\/\s](\d+(\.\d+)*)/i,e)}}}];r.default=s,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)},91:function(e,t,r){var n,i,s;i=[t,r(17)],void 0===(s="
                function "==typeof(n=function(r,n){"
                use strict ";var i;Object.defineProperty(r,"
                __esModule ",{value:!0}),r.default=void 0,n=(i=n)&&i.__esModule?i:{default:i};var s="
                tablet ",a="
                mobile ",o="
                desktop ",u="
                tv ",c=[{test:[/googlebot/i],describe:function(){return{type:"
                bot ",vendor:"
                Google "}}},{test:[/huawei/i],describe:function(e){var t=n.default.getFirstMatch(/(can-l01)/i,e)&&"
                Nova ",r={type:a,vendor:"
                Huawei "};return t&&(r.model=t),r}},{test:[/nexus\s*(?:7|8|9|10).*/i],describe:function(){return{type:s,vendor:"
                Nexus "}}},{test:[/ipad/i],describe:function(){return{type:s,vendor:"
                Apple ",model:"
                iPad "}}},{test:[/kftt build/i],describe:function(){return{type:s,vendor:"
                Amazon ",model:"
                Kindle Fire HD 7 "}}},{test:[/silk/i],describe:function(){return{type:s,vendor:"
                Amazon "}}},{test:[/tablet/i],describe:function(){return{type:s}}},{test:function(e){var t=e.test(/ipod|iphone/i),r=e.test(/like (ipod|iphone)/i);return t&&!r},describe:function(e){var t=n.default.getFirstMatch(/(ipod|iphone)/i,e);return{type:a,vendor:"
                Apple ",model:t}}},{test:[/nexus\s*[0-6].*/i,/galaxy nexus/i],describe:function(){return{type:a,vendor:"
                Nexus "}}},{test:[/[^-]mobi/i],describe:function(){return{type:a}}},{test:function(e){return"
                blackberry "===e.getBrowserName(!0)},describe:function(){return{type:a,vendor:"
                BlackBerry "}}},{test:function(e){return"
                bada "===e.getBrowserName(!0)},describe:function(){return{type:a}}},{test:function(e){return"
                windows phone "===e.getBrowserName()},describe:function(){return{type:a,vendor:"
                Microsoft "}}},{test:function(e){var t=Number(String(e.getOSVersion()).split(".
                ")[0]);return"
                android "===e.getOSName(!0)&&t>=3},describe:function(){return{type:s}}},{test:function(e){return"
                android "===e.getOSName(!0)},describe:function(){return{type:a}}},{test:function(e){return"
                macos "===e.getOSName(!0)},describe:function(){return{type:o,vendor:"
                Apple "}}},{test:function(e){return"
                windows "===e.getOSName(!0)},describe:function(){return{type:o}}},{test:function(e){return"
                linux "===e.getOSName(!0)},describe:function(){return{type:o}}},{test:function(e){return"
                playstation 4 "===e.getOSName(!0)},describe:function(){return{type:u}}}];r.default=c,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)},92:function(e,t,r){var n,i,s;i=[t,r(17)],void 0===(s="
                function "==typeof(n=function(r,n){"
                use strict ";var i;Object.defineProperty(r,"
                __esModule ",{value:!0}),r.default=void 0,n=(i=n)&&i.__esModule?i:{default:i};var s=[{test:function(e){return"
                microsoft edge "===e.getBrowserName(!0)},describe:function(e){return/\sedg\//i.test(e)?{name:"
                Blink "}:{name:"
                EdgeHTML ",version:n.default.getFirstMatch(/edge\/(\d+(\.?_?\d+)+)/i,e)}}},{test:[/trident/i],describe:function(e){var t={name:"
                Trident "},r=n.default.getFirstMatch(/trident\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:function(e){return e.test(/presto/i)},describe:function(e){var t={name:"
                Presto "},r=n.default.getFirstMatch(/presto\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:function(e){var t=e.test(/gecko/i),r=e.test(/like gecko/i);return t&&!r},describe:function(e){var t={name:"
                Gecko "},r=n.default.getFirstMatch(/gecko\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}},{test:[/(apple)?webkit\/537\.36/i],describe:function(){return{name:"
                Blink "}}},{test:[/(apple)?webkit/i],describe:function(e){var t={name:"
                WebKit "},r=n.default.getFirstMatch(/webkit\/(\d+(\.?_?\d+)+)/i,e);return r&&(t.version=r),t}}];r.default=s,e.exports=t.default})?n.apply(t,i):n)||(e.exports=s)}})});},{}],"
                H99C ":[function(require,module,exports) {"
                use strict ";require("
                normalize.css "),require(". / style.scss ");var e=t(require("
                bowser "));function t(e){return e&&e.__esModule?e:{default:e}}var s=e.default.parse(window.navigator.userAgent),a="
                firefox "==s.browser.name.toLowerCase().replace(/\s/g," - "),r="
                yandex - browser "==s.browser.name.toLowerCase().replace(/\s/g," - "),o=document.querySelector(".sc "),i=(window.navigator.language||window.navigator.languages[0]).slice(0,2),n=-1!=["
                ar ","
                dv ","
                he ","
                ku ","
                fa ","
                ur "].indexOf(i)?"
                rtl ":"
                ltr ";o.classList.add(i),o.classList.add(n),o.classList.add("
                sc--".concat(s.platform.type)),o.classList.add("
                sc--".concat(s.os.name.toLowerCase())),o.classList.add("
                sc--".concat(s.browser.name.toLowerCase().replace(/\s/g," - ")));var l={};"
                desktop "==s.platform.type?("
                macos "==s.os.name.toLowerCase()&&(l.height=150),"
                rtl "==n?(l.left="
                auto ",l.right=0,a?l.right=262:r&&(l.left=17,l.right="
                auto ")):(l.left=85,l.right="
                auto ",a?l.left=262:r&&(l.left="
                auto ",l.right=17))):l.left=0,void 0===window.setStyle&&(console.error("
                window.setStyle is not a
                function "),window.setStyle=function(){}),window.setStyle(l);},{"
                normalize.css ":"
                9 KIJ ",". / style.scss ":"
                9 KIJ ","
                bowser ":"
                JSid "}]},{},["
                H99C "], null)</script></body></html></html>
                                    


HTTP Transactions (198)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 22:03:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QhdDWkn5plqcqvo839qN-Ez9LWx9c5hUXqtKquPLEEqVWIN5KJWNTw==
Age: 1481


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3013
Expires: Tue, 27 Sep 2022 23:18:33 GMT
Date: Tue, 27 Sep 2022 22:28:20 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wX6giD5N6qsymrnlO8Ri-ADf6e7nz8SKdnSSJcsoFPE5L7XRTZ2RIA==
age: 47047
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/ HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
                                        
Date: Tue, 27 Sep 2022 22:28:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8C06KuIOa1hUky0QN7elgjH6AUwrHDfxqo3VU81NdnPL7V5zSRZOSD3Qng36Wuv77HE4YVmhASIg9H7oxOxYBbXRgpcDSsVuFvdq%2BBgTtEy4xFmDubLEcH4Umnd6KUpQamRItQYh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7517abfd6c5eb509-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (60411), with CRLF, LF line terminators
Size:   350190
Md5:    52cfdebfe56e05dea309452306e104ee
Sha1:   c28ec6ac98e29d5eb48260b7ee40e544decffbe6
Sha256: 76ee45dffee39e0c31323fb826d764fb174491f0a341412e6e9eacff0ecac2f3

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 27 Sep 2022 22:28:21 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /ntfc.php?p=2651991 HTTP/1.1 
Host: glimtors.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/

                                         
                                         139.45.197.251
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 27 Sep 2022 22:28:21 GMT
Last-Modified: Tue, 27 Sep 2022 13:19:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6332f869-38a8"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (14504), with no line terminators
Size:   5941
Md5:    1609bee48bdf1fd65d6538c2bd4305b8
Sha1:   dfdbfe7c83015676985e72a1a9cbc4590e32c816
Sha256: 3a4ab584d97816bb567424b5fb673c67a5d8ac7ececf1cb4dd4a07fb0b3cf2fb

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/ HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
                                        
Date: Tue, 27 Sep 2022 22:28:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upLs1HGnw%2BFXFA2NJ594Vp%2FDYsikrB745dgqZbdXb0ulB7Qsz%2Fv09uUqDkSJDB4r4AE0jAtjv8%2FDVwwtHa5rD82dYy9nZiqnkmqil8se3ABBN0I1vy6mxd0btJJUmImChX%2FAbsUl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7517ac00ded8b509-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (60411), with CRLF, LF line terminators
Size:   350190
Md5:    52cfdebfe56e05dea309452306e104ee
Sha1:   c28ec6ac98e29d5eb48260b7ee40e544decffbe6
Sha256: 76ee45dffee39e0c31323fb826d764fb174491f0a341412e6e9eacff0ecac2f3

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /ntfc.php?p=2651991 HTTP/1.1 
Host: glimtors.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/
If-Modified-Since: Tue, 27 Sep 2022 13:19:37 GMT
If-None-Match: W/"6332f869-38a8"

                                         
                                         139.45.197.251
HTTP/1.1 304 Not Modified
                                        
Server: nginx
Date: Tue, 27 Sep 2022 22:28:21 GMT
Last-Modified: Tue, 27 Sep 2022 13:19:37 GMT
Connection: keep-alive
ETag: "6332f869-38a8"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /TH5z5DM.png HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://1337x.theproxy.best/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.84.193
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Sun, 25 Jul 2021 13:23:59 GMT
etag: "063ed504acc2ee96cec413d248379761"
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 27 Sep 2022 22:28:21 GMT
age: 3077991
x-served-by: cache-iad-kcgs7200177-IAD, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 2
x-timer: S1664317702.591813,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 1476
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 94 x 89, 8-bit/color RGBA, non-interlaced\012- data
Size:   1476
Md5:    063ed504acc2ee96cec413d248379761
Sha1:   c2ba3db79e0b25c801ff431539a63d17014533ca
Sha256: 5718709bc4408d9d06689ad12333e3e79299dd44abcf447ca6a5718aedc8a517
                                        
                                            GET /sw.js HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 22:28:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 01 Feb 2022 00:10:55 GMT
ETag: W/"61f87a8f-1476"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBBNWsCgDjjxw1k64kTwMu0KzsIZvMrY4EDFdW8tmXbELriC2fxahIGe6B7Z9fqtDEJvmg%2FPghc18qtB3IXVFSzAjlPyzQ6t7Kr0n7ydxtUnpjcb8Fgv3up4toCMxZZRxfc2mPd3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac027857b509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (5237)
Size:   2411
Md5:    22c2983078661daa049e0ef56f648252
Sha1:   aa14933a8986c5e447cae783efce1b4c5b473f41
Sha256: 24b37aa018792653d2d6d8fff5a03ff9d6966e132e2a10b9301400cf89781784

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css/icons.css HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: text/css;charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 22:28:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Last-Modified: Mon, 26 Sep 2022 17:06:08 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pIgq0JN32T5dSOKAOROlQniy1bZswJvOeoY3SWXNdKBig53i%2BW%2FLvm7fVOmnGfYaJ6eNCp04G5YeyTFqtDUpefJusYkR5VimsudMpAI2M5IzIXpkAqHWhMHmewt4tCIecpHsDYEn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac02394bb51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1788
Md5:    d66f4f633c7543803b1e3a6c487576d6
Sha1:   4f988d8fea026908ba2ad751e97656e8aac0728f
Sha256: 7bad6c5da1cb217b8cd33857ae4f1a4b8dd4a328ac8565ff35a4b14ff99ca965
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 22:28:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /400/3064505 HTTP/1.1 
Host: inpagepush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/

                                         
                                         139.45.197.237
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 27 Sep 2022 22:28:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 79b019332b38f7c50504131dcb9da19c
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=b205c3dcef4849f7b83f50ae52014122; expires=Wed, 27 Sep 2023 22:28:21 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   31026
Md5:    6a97575155f111e6c731384f57578229
Sha1:   89571bf0db79161c005657b199fc39513984a200
Sha256: 11635752a329d619d5830ee4174aeccf1c95d7bd8181ae703193cc6ac0ad70c1

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /5/2632704 HTTP/1.1 
Host: benumelan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/

                                         
                                         139.45.197.239
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 27 Sep 2022 22:28:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: badf524619cdfd6f550db736ea13b209
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=5b260b75c93c426ca1fa085d4a6d6aca; expires=Wed, 27 Sep 2023 22:28:21 GMT; path=/ oaidts=1664317701; expires=Wed, 27 Sep 2023 22:28:21 GMT; path=/ syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (62332), with no line terminators
Size:   23232
Md5:    829ce52e96e283b1f6d3d746f5b36c20
Sha1:   69cc6873288fa47a75086245bb7511c22891ff78
Sha256: ee9cfe8fd430d14b7870003a4d35e4632b597dbf748ad725292e47a07783003f

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /css/modal.css HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: text/css;charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 22:28:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:21 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpuDj2S3IjVI9%2F3R9oBz1oXaCJSHdFQs8MdLhOYgMBrpDe69FkWYO255kQRef7d5YHscQCj1jWuZZrMt%2FMJkVXFp8rbMiTdNfSU3Cf3smdfYf1LDTia7aVRbkvmJYEouHdSj%2BTjq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac023c1c1c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1145
Md5:    c6d764bdcaaf9260d076364e90add22a
Sha1:   7a1322ae6153d37a97ec7f28ff6bddf79c0060ca
Sha256: 72451558efe2878f55c108f003621a9096f511875c80572ba6898b8eda98c3a9
                                        
                                            GET /css/scrollbar.css HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: text/css;charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 22:28:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:21 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYxI3EN9e0CwUB1vv2XW7IQrXX%2FMFHAUi%2BH9WyP8VIh6pIBwZp1%2F9m6FnG8BfHQcRZpXi0qkwIPDg8yHoPYBY6p8DVspKqppfHchzBHVG3Ff5pbvm%2F%2F0%2FYuzgBVkV8fr3R%2Fn%2FKHv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac023bf4fab4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (550)
Size:   4050
Md5:    0539ab1028ec5185d305d6ffffb35983
Sha1:   903c34a56e117c2fc8c24207623b876214dadf44
Sha256: 60692edceafd9a5f4f2ec6f0ec01cfeb35f23accee5a564ebc42ad92807288a7
                                        
                                            GET /?gsred=949060 HTTP/1.1 
Host: d2ers4gi7coxau.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/

                                         
                                         143.204.42.65
HTTP/1.1 200 OK
                                        
Content-Length: 159102
Connection: keep-alive
Date: Tue, 27 Sep 2022 22:28:21 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 57GeCHrN0EJ1EFUVFNQI6Ap_sYKbkfklXvhQzT1hYz2WG03EjTiEPA==


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15945)
Size:   159102
Md5:    c392ae93802f9200f6c4031a3ac52ba0
Sha1:   f09b402d99c6521f5695feff8b71e696f02ebccc
Sha256: 9af55ebf9ff5ae3d3c91ce7da2249256d5a9c15d13e4ea4fd8c1d63a3712fe3b
                                        
                                            GET /css/jquery-ui.css HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: text/css;charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 22:28:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:21 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erGzCbRjoSy5fzP4tRlRHb4MQPZz8QfHNEwAl6szs47GaAjQLiXjcDaPB5QefFkAbyZkd%2FXpwtFo5S08QykUEtH3VmPiqhkZ7lu%2BqAihc1V0xUEPUU6O59jKWxEYqJkIn%2BrQeP8Q"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac023942b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (2363), with CRLF line terminators
Size:   8117
Md5:    6a44ae12794af1e90e2560b83c37364a
Sha1:   435eac4849f4a46d0ba588dc302dcaf8f46525c4
Sha256: 581d5ea4f984edea296a9f9384cfdc99bf17c7c1efe4388b8d8b576c73f08ae8
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6EEC030808D16DF7D0955FD8B1DE63139B3FF5CDB2514B0AD2AA8CB4423650F8"
Last-Modified: Sun, 25 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3727
Expires: Tue, 27 Sep 2022 23:30:28 GMT
Date: Tue, 27 Sep 2022 22:28:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "9B75749C5214838A89D2AD56E9621CF079D19A41DD6A4DE7010BD27008499A68"
Last-Modified: Mon, 26 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5085
Expires: Tue, 27 Sep 2022 23:53:06 GMT
Date: Tue, 27 Sep 2022 22:28:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "52C2D69FAF208D562EFE5F266EBE31A1AE8F173E0378FE37508DA511BF68B833"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6434
Expires: Wed, 28 Sep 2022 00:15:35 GMT
Date: Tue, 27 Sep 2022 22:28:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "52C2D69FAF208D562EFE5F266EBE31A1AE8F173E0378FE37508DA511BF68B833"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6434
Expires: Wed, 28 Sep 2022 00:15:35 GMT
Date: Tue, 27 Sep 2022 22:28:21 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 22:28:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 22:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 23:08:53 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JGTzjWp-OWfVvDJY0YjrTmcJ_hLl3zsjA6CTKukyGaa_3msnOyubtw==
Age: 1055


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /zone?pub=0&zone_id=2651991&is_mobile=false&domain=1337x.theproxy.best&var=&ymid=&var_3= HTTP/1.1 
Host: glimtors.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://1337x.theproxy.best/
Origin: http://1337x.theproxy.best
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 22:28:21 GMT
content-length: 705
x-trace-id: a2b4a1789015477dc3ec984928e3371d
access-control-allow-origin: http://1337x.theproxy.best
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (704)
Size:   705
Md5:    f59afb1c13afa3cad586606ab117e8ea
Sha1:   d70df5755956671c2d38da1b6ddf2576916b0362
Sha256: a57a393cfd93ec626b4c72c793ca3bdd452b98beb4613a4d7707aaf307de8949
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "9B75749C5214838A89D2AD56E9621CF079D19A41DD6A4DE7010BD27008499A68"
Last-Modified: Mon, 26 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5085
Expires: Tue, 27 Sep 2022 23:53:06 GMT
Date: Tue, 27 Sep 2022 22:28:21 GMT
Connection: keep-alive

                                        
                                            GET /js/auto-searchv2.js HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 22:28:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Last-Modified: Mon, 26 Sep 2022 17:06:09 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7s8QL5TlujG6NCM4jds86Vh%2FxVk029PTW7oX%2BcH6Ct5Opq2J4T1HfI%2BRbBhjexmSf8iN6akdEdi2aHzQ3EZwv4qAxrN5gn6ddfiLsAoWARIVsRl24KP8wAUVoaIwu0s6eSQIAkG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac03cd811c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   543
Md5:    fc0da7bef37efa0232a5c754529b9f57
Sha1:   845a70ee1e73017c193a2b460df4363bdf563eff
Sha256: 0671e8cfbe56566015b56c1304a41cb57cae29902e6e0a964d147a7154a8f9a1

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /js/equalheight.js HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 22:28:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:21 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOUtBmVB%2FuL9Kw9wlQwnyrbRh39ShmPyOWsuqsi9rAsIvWTTOlRBU%2F%2F1Dui0MKTc5sATkyEy03tYuc5Kqy9W8WoaL185X8vZeP1WTb707QDmyKdaXt8%2BfXw7O2L1Vu51L%2FEg5cEP"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac03ccc8fab4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   217
Md5:    693f482ceee034e84c02df3ed0fd1710
Sha1:   cd80e4af11b0d8d9c6c2df2687ff6c42c839e018
Sha256: f6a555ac47395bb4b66ca61a75c61091d6473b5a2b52872da4eaab2edabde74e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /js/jquery-1.11.0.min.js HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 22:28:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:21 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKCtYNim5CMERbTawcFPB9UUMbe40y%2BqN7GPHlQUY8ghPtLnOt8K%2FX3Hx6XKfGX%2B1AOIiFSxC2b2sbUBnziPMZTFRQds1eF1A6%2F6DrnrvSTAYsbc%2Bvgptm6EeOC0OurWP0jUHShT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac0318b7b509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (32341), with CRLF line terminators
Size:   27936
Md5:    e6c909bf6d13ac8149b23f946c800f07
Sha1:   f68587fca528d3ac6712e732dc9e5c099604621e
Sha256: bcad06379d2359223287b1941f44b5ac4eb9ee21bb2977ce96b973de4e31442b

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css/style10.2022-09-27-14.css HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: text/css;charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 22:28:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:21 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5t5KDtkhZmFTaYH4%2FWZU%2BCOR68AiufX%2FcjJYlQLD9g4osnMRCKkJtE8x1X8BXBtGLUORU8IbVQr%2BgvjbErSSP9brXeN0aPIhIt4PWpSU4%2BHXwUcc12liyHeSHJXA3IDyGXsaIcf"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac023fe1b4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with CRLF, CR line terminators
Size:   30946
Md5:    c4d619d642eb308626f53ce07fc13413
Sha1:   1b7ffa15fd1b1d37c8e90970ea21be72dc06445c
Sha256: c47e18aeb0a5e2683e56430c02a67f8fde0f85e769b0331ee902c6952684b158
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3177
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 22:28:21 GMT
Last-Modified: Tue, 27 Sep 2022 21:35:24 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /js/tab.js HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 22:28:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:21 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1eKJOkhTIu0iYZgQxZASKEhzyfllIyXmmqWXAxZQcDlpGNZC21WdrKrkrMeOQcm259v7V7YlS%2BsQqLHYmiuzaF8u7n1YxBQBja51mdlbHNcVtRVkf2%2BddKeC6P91kfe3biMPfj9"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac047e011c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (1820), with no line terminators
Size:   802
Md5:    b707ac50311c714a9d194a00b2205551
Sha1:   d4c431e8f089bbd6e48fa7bcfa2094ac310ea3f2
Sha256: 2aebea2d31865a8efbe2fcdc47d7310a5707937cb404cc8314b730507ed1e212

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /js/scrollbar.js HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 22:28:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:21 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfqxJCIvuQQ64TAfA8efHNz8NthPLO82lotlbJyw7tyrSuBnRlil8z9cUUwAHn7hziTP2NLOH0QHmMYlgcHKjMNiVQTQAP4lWaTh9K7JJpzXR49wb2yIAQYaEW2AGOYyxU58D5Gp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac03da3ab512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (1329)
Size:   13635
Md5:    7f2682a3ebddfbb024979cda2878399a
Sha1:   6069ebce7c336cc110d457eddf5fe3349dc1094f
Sha256: 261a8d821751f76ee5c9812d2078e1fc0c094344f3b649b6a5d067fd3b6b6121

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /js/lazyload.min.js HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:22 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YG%2FZcLIHr9IX5OCKAD206M1lfXvseEHb1tq%2Ff2SOvft%2Bh1VIU03xpKEu9%2BrGnr3ppHA4xnZ8lQApai5n8gt16JvCDUYK5X2YwjOMtiSn%2Fj%2FsypRqAHq4g890K3YYcpd115pYigzg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac04cd37fab4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (3309)
Size:   1302
Md5:    5d4bfd7bf9d24155ce9de97594f04baa
Sha1:   70f15df262adef9cbec76bff3fe82adb22069037
Sha256: 60d10300a8ecd424c636f40e978972bb291eef4a83b9c0ec3bd8f838ccaaca73

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /js/pagination.js HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:22 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9qewu8GkL3mJhKt5H5TP1B3IDfIpA7jU%2FaKtHSWQYvKhyEIDJXvuNs0%2BlmAJgG6iWi%2BnUPLQJdXJK%2BkLtFVmyyKDJHyailiIgX%2ByKP4Q5o%2F3K4NP7fdZkV9RR2vYibmiM6RZnP9"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac054a2db4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (395)
Size:   1027
Md5:    41049cc11d77d3cc4a9d3a9f49757e0b
Sha1:   00eab2a93a6536ed46f578fe82bfd766fb786d52
Sha256: 8fc4bb84b02582786c9976bc8cabf35c6adbbce9884a3423cd30deae85245143

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /js/modal.js HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:22 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XikvDIBe2KeEmKUKa6%2BISIgQkfgidhcqsblXZYjmSVXY2tET3EwCKBPWjwxyAbkMDUT7GYV7L0g29evs8vdFYzi95v16cD5CrnpKy8J8zQ0Jl0eoISpSyN%2FnGBS%2FlsUAYYsJn%2BvG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac056eec1c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   2716
Md5:    1fb83510515a474f47b83d5e9fd0769b
Sha1:   f4f774a2c45a824b1ba4af5e3aa1b7224c6537a5
Sha256: 38d0349d2308d60fa884f39bcbdccc1b4fbb68b54bfa6b512edd41c92eb7a0c7

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /popunder.gif HTTP/1.1 
Host: reswsentativ.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/

                                         
                                         104.21.94.209
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Content-Length: 58
Connection: keep-alive
access-control-allow-origin: *
Pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
CF-Cache-Status: HIT
Age: 100672
Last-Modified: Mon, 26 Sep 2022 18:30:30 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cylTh4SOc9NYMYO0WuRf7fBDJe4kMKOW3NghPlauBpSnldlG%2FJeE77G4%2BRAb2xBQ5iXWJbFWYNpBkHKwZ8JGERlHLQkawO%2FXiOGh2rwSTZ%2FBgb1ak3Jg%2BsCfDYKJrCOl7M5R"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac05fe68b51b-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   58
Md5:    79c15b369d32d2f0f17c116f541b6df3
Sha1:   3039289d4d1f5bc7385a81621deb2614423b769b
Sha256: e3a3c6b90f511e80a77636fdd4c6047336d4ed5b2c86adf74318a08142649e08
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "813D7D8A58566A30965F10CE59D9598D593983DC87D3F9A35E97F4F9B103CE8E"
Last-Modified: Mon, 26 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18586
Expires: Wed, 28 Sep 2022 03:38:08 GMT
Date: Tue, 27 Sep 2022 22:28:22 GMT
Connection: keep-alive

                                        
                                            GET /js/comment.js HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:22 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvEledHNVBTBH7XjOhlaFYo7JvV3wsSl%2FzG2LjrjbxAmY3QDj3D8JbEKModtakQBp5R6Mck1Wx3bnuMjt%2FI08oGVkE3wiqlDDcXymoNx8RfRFrpOdUDSu6xs9H00YIPMXQ96qA0m"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac052a85b509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (579), with CRLF line terminators
Size:   803
Md5:    66817f7e9026f81da3ad9685a198dbcd
Sha1:   662bff47032912e582792e339cb54c7347196dbd
Sha256: 5e46b71539a300785f9cf7cc62095d213254eac30d66510bbcd4d83ece71f09c

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "813D7D8A58566A30965F10CE59D9598D593983DC87D3F9A35E97F4F9B103CE8E"
Last-Modified: Mon, 26 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18586
Expires: Wed, 28 Sep 2022 03:38:08 GMT
Date: Tue, 27 Sep 2022 22:28:22 GMT
Connection: keep-alive

                                        
                                            GET /js/main9.d75f68f599f4db5a9ed621a398f35232.js HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:22 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIqnv0QTggx%2FduTEmBV%2BqYBIunsu20zvWGowtHGW2RcD65shQUuRn8togNeYKXzUgE9vQdnzt8si%2FY4%2BIorqfDaAAs5yWB%2FfKJvcWkWjS8cX5eiHUwbe%2BEjk%2FcyrfMQ6I%2BB4sNkX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac057b77b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   696
Md5:    9284ea48b9cfcc3f2c2fbd0ddca049a6
Sha1:   5910acdb5df8ae454d33300a9f6a0b6909d5218e
Sha256: 04e5aca515103445c305555c4cb102c617be4adf0cfbfe1ce4be3d32372e0a4f

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /app/apx14.js HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Sep 2020 18:26:19 GMT
ETag: W/"5f61074b-1def"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y9hXKPLy1P6xI1pZxojxRNvvSHUDn0R44VhSV%2Fpsbgqcn%2F4QJvPK%2FtI%2Fm9Cw0H7FMT1t%2FnJyNd5acQ0N%2BU8BeT4niKmuccwumm6bZ%2FpC7m9FHgj%2Bc1Bi87ulHJ8YkAWKSxQp5t3u"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac061babb509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (7663), with no line terminators
Size:   2220
Md5:    5fd0d992c153321728eef72725f9e2f1
Sha1:   11af100c190b0c91d3126ca0c792aa6cd3954897
Sha256: f39352e9834fda1868dab410b72a2850f516686f140843e9f0eef835be503330

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /a2/86/90/a286902791a7f4c98bcb1e812322cd78.js HTTP/1.1 
Host: borrowdefeat.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Tue, 27 Sep 2022 22:28:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 623fb12906a2a5ebd93c836935e9f9c7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (37107), with no line terminators
Size:   13405
Md5:    bf62580391d4c1786346ed9918cf43a4
Sha1:   729c850b3231bab41a2f31c6469d6d92c5e18228
Sha256: 5895121c2b1c0d0ac804955953068c8eac82d184f4ebb4f66d4942abdeca7fb5

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /app/apx19.js HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Sep 2020 18:46:59 GMT
ETag: W/"5f610c23-23df"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5T8VOWApsOT4ZCsC2%2BXZCx47gKYysWw1CBHx1GIlsd1D2i6sHoFPp0A%2Bz4hgJ9OCRjFM7LAQx5GTKPQT2pvwORKmb6f5oDifReQV6idnSJgVLHa3U9cNMkturPOCjqyJqEeFiUD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac05bd9efab4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (9183), with no line terminators
Size:   2613
Md5:    9ea8acd8d74e4f328d558b64219e02c5
Sha1:   156ce99860c738bee0a97dbe9c543a83f4fd5457
Sha256: cc0dc5bf2c19d0830dd3962179d22ed40f200ecf8dc905a4e64bba0c1ccf9dff

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /hy.js?q22q2q2 HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 02 Mar 2021 05:53:48 GMT
ETag: W/"603dd2ec-db43"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OiV%2BFx%2Be3uoLLetVlQcg%2BNcvZWxNoA4Jfz4Pvn6wRuMXd%2BhpLCK6VZgL%2BcuqZPvHJ%2F0zR0wmtSu4fR9yevBR5%2Bw%2Fi897eJqAjWvLsQKdv4hO%2F4caXCV7bxgnuR3uuiFU7fB7S8NY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac05ea96b4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (56131), with no line terminators
Size:   17517
Md5:    f12634066d38736854588dc61b5ba109
Sha1:   623e90c430f1609e59e16407553e2d2ff8882d8e
Sha256: 7ca898a6218b8e61a9a999ffb0c76a9c60f86dfd4353b2496225e6473c72c0de

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /app/x12.js HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Sep 2020 18:26:18 GMT
ETag: W/"5f61074a-2bac"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShMa5filn%2B4rvl8dcuo7x6CxUs0u107VmPX6G2fWrS7Ggz%2BbiqIV0W1uwwOKUEGl1jGeP5FNYcivAEHC4KeLlkpQ%2BpKNsy9syVff%2FQklPABQt5glXOJTRE331y%2BWkKVKzjO3W5s9"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac064c11b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (11180), with no line terminators
Size:   3024
Md5:    7f0c811d15a31a93662cfa30df4ef5ea
Sha1:   3f5b8f499bc7f50d2315eadc7cf043d317b60b95
Sha256: af3050874dc2886642989014b75a7b4734239520ee7d36ea06d4527e41d92beb

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /zpp/zpp4.js?q22q2q2 HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 02 Mar 2021 05:53:53 GMT
ETag: W/"603dd2f1-9853"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhVr15SV0Hr9PU3w4lcvdfyrSseNN%2BdDahPlp1xa3X%2FB8RvO5JJ9yrnehMTBGNgwJasYT%2BrrCtIel90TVqdG3OU7zQSxQjp5BUP9O4wuDD%2FBQgQdUIoCmJKHOMjtlnFEWiPLzZFY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac060f621c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (38995), with no line terminators
Size:   14287
Md5:    3c741ddc90399bc2910b2cdc0a826716
Sha1:   163182c6b04f146fbf6de424ead05c91e59e3c51
Sha256: e6753c7588e28e17f44aa00cbe8c314de3f2bbcb8e892a439eed11dd989b1d84

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /UDlHRWp/BiQ2VwZ/FnAOPWMsJztpfBICKCN9Egc8CgsOCzgGdGExAzQEfnFTYA93Yxo5XXp0TCNNJjEfIwR2YwM+Xyh4TCYEdmtZZBd1fURhHzJ4W3ZNNyQNbQhhNR4kVXp0XGYNdHRdZgB+cllh HTTP/1.1 
Host: reswsentativ.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://1337x.theproxy.best/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.94.209
HTTP/2 204 No Content
                                        
date: Tue, 27 Sep 2022 22:28:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGpDI9mYzm7rGSCtcwcbI6Adhj%2Fso8kFIsyqJOIh2X1zYGhGEZsToLF0z04Z7%2BjQjy5Vk27GSoscyBJlokZA118JrEJZhyFmk635E25fAuIAXzqfLE1aj3YdfFDPpGf%2BxE58"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7517ac064f911c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /NDl4ZjIbBhsVD1BtFDRmc1E8JXViASAzUXVgFh5gYHgAAVRYSl4SW1AEQVILAA9OQEJdXUVXFEdNGRJHRwRJQFtaXxdbFEIESUgBABdKXhwFHw1bAxJNCAdVCQheFkZAVUVXBAINS1cFAgBBUQYB HTTP/1.1 
Host: reswsentativ.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://1337x.theproxy.best/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.94.209
HTTP/2 204 No Content
                                        
date: Tue, 27 Sep 2022 22:28:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UhJ5aLj1JXZkfxsgkH0O8vtFu9yJr0eRIDg859ucm26MhrrxEic7tavwTrK0ZW0jPK%2BijDUHIaW4lZb46n8W3kXPKuqy0ZE6r881T%2BMP1hRZ2RVExiZ0R3T2I0wmX0BX%2BH9E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7517ac064f9a1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /NERkM2obewdAV1UuDFo5bAYCcDxufTVlWnYSLFsrbAVVYAxxI0JHA1B5XQVaAX1VFRpdIFkAWBI3EFIeQTdZAkxdKgJcVxIyWQNEDGpdHVsSMVkCTEA0BVRXBWIURx5YeVUFXAB3VQRcDX1TB1M HTTP/1.1 
Host: reswsentativ.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://1337x.theproxy.best/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.94.209
HTTP/2 204 No Content
                                        
date: Tue, 27 Sep 2022 22:28:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQm5sFvuAVJAi6A6LFYWH2zOkfAW3h%2F6ghPZ5oZ%2Bplt55uOC8xIpgs4vIY2%2FC1WAogjfAI2L%2BDBJI2g%2FNJbWCLVIsWl0lzmuJX9q3z580Bjz31qii2d0UyIniCo120VtJtvu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7517ac064f9c1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /WEJnVlN3fQQlbjwUKQYJaxAmDz0sFjUDGSknMQwWCXA9c2EeFwwhdSwrA2tqbnJSb2J+Mg4ybmtwQSUnOTYSJW5qcldhdTEsATluamQRa2N2eklvfWlkEmtifjYXNzRlc0EmJywuWmdlbnZUZ2Rue15hZmk HTTP/1.1 
Host: reswsentativ.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://1337x.theproxy.best/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.94.209
HTTP/2 204 No Content
                                        
date: Tue, 27 Sep 2022 22:28:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVRssaomyCA70SoJHdWjQ0CjHBulrkBhIE5sBVCBv08CCb2Dczl0W0%2B56rPWjyOm6kxB2W1NLqY3IOlGINwMEJfdvQs8V%2FnmuVcnXlBCDJ9puHsO%2FHWjTZHQEV6Ccb6r%2FOJg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7517ac065f9f1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /clhVT2FdZzY8XCciAz07GRY4DjdDADEiODUAOStSKz9kKzQcCXM7CBZlbHtYRm5gaREbPGh+WVQrIS4VBytofkcbNjMgXFQuaH5PQnZkYVJULWh+RwYoNChcQ34lOxUeZWR5V0ZrZHhXS2FifFk HTTP/1.1 
Host: reswsentativ.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://1337x.theproxy.best/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.94.209
HTTP/2 204 No Content
                                        
date: Tue, 27 Sep 2022 22:28:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8oycZWEcaouATD3qEnj75TRbJaUUddtKUI6x%2FLja6%2F6cgu0RbYcPWqw8Yo9D3BzNwfwellpdGSTKYTw948auRG7k%2BykkacMt16%2FsNwRAL65286gD5mwXqlNF48u38leqQx%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7517ac065fa41c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://1337x.theproxy.best
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 528854
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "813D7D8A58566A30965F10CE59D9598D593983DC87D3F9A35E97F4F9B103CE8E"
Last-Modified: Mon, 26 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18586
Expires: Wed, 28 Sep 2022 03:38:08 GMT
Date: Tue, 27 Sep 2022 22:28:22 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jxxBnt6h3IItQMh4liF4Xg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.148.17.90
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WwOeBPsIsMzvO7Jdkb1N5iMxPXQ=

                                        
                                            POST /aG1oSFpHUgs7ZzwBAAANLSNfKQImHgsmNgAOPyQgDSpZezgwHk48MwxQUX5qXVRZbioBCVV7aE4eHCkuHR5VempYWk4hNA4CVXp8HlBYZmJGVEZ5fB1QWW4uGAwPdWtOHRw8NlVcXn5uW1xffmNRVFh4 HTTP/1.1 
Host: reswsentativ.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://1337x.theproxy.best
Connection: keep-alive
Referer: http://1337x.theproxy.best/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         104.21.94.209
HTTP/2 204 No Content
                                        
date: Tue, 27 Sep 2022 22:28:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pI9ZuNOQuNqOgWyehmr5VTGpLK3N0OPVzQOJ0ON6aVnR7XJrPWbdE1KJQ4lOb747k9CY5kNkZ9yLEvLgdzueJR7OjFimjboB%2F0gteiKc6MqDubjGqnicRjAwJh1lZ%2BVYoPQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7517ac06bfdd1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css/webfonts/opensans-bold.woff HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://1337x.theproxy.best/css/style10.2022-09-27-14.css

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:22 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WU1tyjyqpJLrBHTKjC%2Bnz72x2JvffjsT%2F4Et6W3jg3M%2BiXJWBK6N5b8XMxAFXtHwbzZwC3WKz57dvR%2BFDWa0BVh2zPElnL4oN7GTC%2BwOxCYdIv1My%2FGOt9t%2Bdn8cNn5bBlbvIpUR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac06dc71b512-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 22432, version 1.0\012- data
Size:   22432
Md5:    2e90d5152ce92858b62ba053c7b9d2cb
Sha1:   8cf65f42a2a8c349ccd6ab63b6cbd17c96fd665c
Sha256: a0357cb694b5284870c77c0dbcaf33f238004800419288afde313317b0dbd0b7

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css/webfonts/oswald-regular.woff HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://1337x.theproxy.best/css/style10.2022-09-27-14.css

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:22 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2Bwnl35WSWj%2FzOL%2BulOR9GMznq86vvAL6eXPPwsw0c%2FIdJDxBJ4zUpgcptPh%2BPFkYMO1cyZXSkhVkUFjmBbqOVB%2FNBVl%2BjeYRmRG4L6LgKY9YatAYimRh8Mv%2B7Fdbeuiv7m0ziyj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac069debfab4-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 25248, version 1.0\012- data
Size:   25248
Md5:    77f9ec053e5256b45207e37effb5a1b1
Sha1:   b881bffa5a7dd80494d621ec6f72c3f5545448f3
Sha256: c5bccac5053a0089da4fb1a1693579ed4893a75b8fdc1c4f43a9151a2a9fb754

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css/webfonts/Flaticon.woff HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://1337x.theproxy.best/css/icons.css

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:22 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2FkmgzLj9ThP6V%2FQ22GY%2FlSQzTw8ggrkVraI%2FtBdax1LDxEQ1mfTfPSKyP7OTDWzMQKJJOwGKhaqd5Tzs4FskdDJLFvPk7TrAr6FpWisSu5YXKyfw%2FUayVVxwb7MvhD%2BGdu9T5zT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac06cb5fb4fd-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 27404, version 0.0\012- data
Size:   27404
Md5:    1dbab8d47aa2e11c55216ab3286d6f69
Sha1:   c7a7f3ddf37063ac02273eb4fe7ebc98e9cf97bf
Sha256: ef35a8d776774a5fba83f188738af52b85e278c4bf7c5695700161febdc36b05

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css/webfonts/oswald-bold.woff HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://1337x.theproxy.best/css/style10.2022-09-27-14.css

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:22 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kf2gJHDqdP8Yr5W3yTBpGgsQWpjAM25C%2FQxUfuNx%2B2axh2%2Biqs5qnGVaR11no%2F38aNFCGNkFNFHzXAvmYovc4HSTsXztm5pHrmCP4Y6FW8amFZRz4PXLq5JWmwCJsk45EfJ8RMNR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac06e8021c0e-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 22548, version 1.0\012- data
Size:   22548
Md5:    5737d9a70b478e869c68cd1dc1b67cbc
Sha1:   f8095e94a0765bf23b164e9c06cf5112b3d50f3c
Sha256: a9ef49b82729c7b1961f04aa67ea4a305cf7d0e8391981a8164997001c5918e9

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css/webfonts/opensans-regular.woff HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://1337x.theproxy.best/css/style10.2022-09-27-14.css

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:22 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSs2qP4dOPVE6vIMFwVeGpLumT401IkTqn4g3l2l6XaWmUlDVA%2FXO%2BnBIgpTHAJNL%2FpVkWPGfe4g6vPDSQvV8XXDvzdI6DAvLD0PLjPltEBwf%2Bkv8L%2Byc%2Fd51KAsCvNHDfidbpXl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac067be8b509-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 22660, version 1.0\012- data
Size:   22660
Md5:    79515ad0788973c533405f7012dfeccd
Sha1:   5092881fad2caffdc6bf71bdab1ea547b73d3564
Sha256: 22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /js/jquery-ui.js HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Last-Modified: Mon, 26 Sep 2022 17:06:08 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBNCNhR2S4vdV2CYzjVQvFHTqw29W75KCbzKLy3zQB1mZ5eNXaizxpzdoV68V59OBs%2BUidc0xD%2FCD3q%2FtCOTmnvF30XZP4RDUEzLY4ZMrWRvkjoMudeMM1jicwbuQLHHC9KgHgd%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac0319e4b51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (4566)
Size:   85122
Md5:    cfffc4c4d0fbfed91a46cbdd4ac33773
Sha1:   38f5dfdac017c03c8e62e28d2b3ef9c01df9e1e4
Sha256: 78f48c49e0469bde503f0326106b52488c9850d92e31a111fdaeda385bc2d59d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css/images/body-bg.jpg HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/css/style10.2022-09-27-14.css

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Last-Modified: Mon, 26 Sep 2022 17:06:10 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JiAJ42%2BrVVAbVqbXjRsUbHGTACJEHUc7C4NMF6T4CQ2%2Bc8iDClHRrmd0OtwKt9j2YKNbZqOAE%2BoPT6%2FUIOEAkd79FFUkRpTWXj%2FiouIrEmV5n%2BeigdQl7VP6qRpo4yEfGY2mfCHl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac078e53fab4-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3\012- data
Size:   2454
Md5:    57176455b267a90c419d442f311cab4a
Sha1:   8ce7305a8e73bf2cea887b1b011c349e41b426d3
Sha256: 44411fdbd6a244c923866126c233c854cae07718591506d315a86e34e159f20b
                                        
                                            GET /matomo.js HTTP/1.1 
Host: matomo.hellohi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/

                                         
                                         104.21.94.42
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://matomo.hellohi.me/matomo.js
Referrer-Policy: origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 827
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNA81an4jYjae9gHCmhw%2BMw2L6YlD7Q4TYai7OI0ISaUF4nszxMoHBu7nf51TMwGZlOLOq%2FKmhQwR3XZMd7NVIGb6nTd1%2FU%2Fv3pi0uivC%2FqUMSWV5pnwPZHuFQ0UHqKJWv1Xmg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac08da67b518-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   169
Md5:    f3099a531821c476589c3d2d00d53772
Sha1:   8e539d05a8355d6835a56f94b75f405c6e55f6f3
Sha256: a5287e1cf9fe9dc106bd2172a5b175c7833427866b7819872b1b6fa34b66daef
                                        
                                            GET /css/images/sep.png HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/css/style10.2022-09-27-14.css

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:22 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DdMa43lqarDK3cuTnYr3eSVGSlUbADoZKTYMqrmUNHp0MaHEKHy0Io6edCa41sTrPcN9Imo1w5pejNwkJs817LtGAkiUVHV6ZdbMpDJSNwIy1OaAS97gZC%2FXzfmz5IsgPDdowjC7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac07ac8fb509-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 4 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size:   979
Md5:    f5ad1e8afade5211d93125e993a936ba
Sha1:   cfda5224a37a1c391afc574ac33e7e9bde1e98ed
Sha256: fde5dfff31f2e819031fe7cf8a2729fe1c81ab96576167b5f4cebb3ca4c160d5
                                        
                                            GET /css/images/nav-bg.png HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/css/style10.2022-09-27-14.css

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Last-Modified: Mon, 26 Sep 2022 17:06:13 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZDOU%2F49GrwN3ouw9QsGxaoimBQdw8AgLXzf4f7%2FyCbZyIH41F3w0JLEybYna28G%2BxGs6imuGbLsPcl5awQdjgBFK9xup9SO1mayxV0dn5NnGDDz1shb9JGt4ZxsrMo2OmtOqSIP"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac0798711c0e-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 224 x 38, 8-bit/color RGBA, non-interlaced\012- data
Size:   616
Md5:    ad83550eff315bb6a02e2cfd2cfde3ad
Sha1:   055c467e7c93ee76a9653e8b898f6823197dae8e
Sha256: 3794019a41c0284bee7a232dc11d922b847c614bc439cdac17de2c0175199752
                                        
                                            GET /css/webfonts/oswald-light.woff HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://1337x.theproxy.best/css/style10.2022-09-27-14.css

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:22 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mn92dD%2BODv30%2B%2B0UT9PboC1lNa5PVcAclkL201D6kB5lovrleXn1nm99F7o8Vo5fA6bwowtNN9mliNSHOSWHdczl%2Fw3%2BHPh3Cow7xRZJzS70jqAKIwbWp9j9QCWpjTf4JpWzNf6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac078d0bb512-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 22568, version 1.0\012- data
Size:   22568
Md5:    a4d5b8f448ec86ddb2e57a2912a3fcd6
Sha1:   579df89a925a4e5e46d63fe5ad84492a810ed3be
Sha256: dc1e478c0ada70ebba3817df17ad49d0b288351d777cf6582dba4a5390be73e3

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css/images/main-bg.png HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/css/style10.2022-09-27-14.css

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Last-Modified: Mon, 26 Sep 2022 17:06:10 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2pdmtQ1c%2BCiEMP99GsPWQQD0YGsNmFE7H1xdO0jCTrj03t1K%2BqxcxItfoSapiG96At5uXVOIOFI3aH3KBnGkUdJZ1PN4nSNpfNDwh6BlYAFQ7qh5TdAg1%2BPHkIWKsmpTTNLdhlW"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac078c08b4fd-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 935 x 788, 8-bit/color RGBA, non-interlaced\012- data
Size:   129988
Md5:    8fc059a7e1758ad0c0e17be4b0575b93
Sha1:   df3d910563829c3b2e6fb0767038f75af4d4fcbd
Sha256: 6be2d61547095ffeb30a1fd03fd7d6aba9009edc719144812c5610bd2e27fb97
                                        
                                            GET /ntfc.php?p=2651991 HTTP/1.1 
Host: glimtors.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/
If-Modified-Since: Tue, 27 Sep 2022 13:19:37 GMT
If-None-Match: W/"6332f869-38a8"

                                         
                                         139.45.197.251
HTTP/1.1 304 Not Modified
                                        
Server: nginx
Date: Tue, 27 Sep 2022 22:28:22 GMT
Last-Modified: Tue, 27 Sep 2022 13:19:37 GMT
Connection: keep-alive
ETag: "6332f869-38a8"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css/images/nav-hover.jpg HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/css/style10.2022-09-27-14.css

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Last-Modified: Mon, 26 Sep 2022 17:06:13 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aT0vMstQaQ5YuU2s5lsLVb%2Br8Fi1YyvRBCLr1UB84BcFZa5lu%2FmGIJQlCwWbqhSUlCOpRKjX0780YWJN2BamG4gi6Pl9JBA6B5WqJFsbKZSdomOJgYcFE1QZ8Zzh8dZBy9FTo3%2BO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac083d97b51d-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 20x20, components 3\012- data
Size:   1208
Md5:    248a62fead4580264aee0ab8fdbf5d1b
Sha1:   46be6ecdbf1f20fbc3d007d70b69383857a8a2b7
Sha256: 48c3b716c25fb706acee3f768b06eec4722ca83174ae484b031b8447d126f8de
                                        
                                            GET /css/images/tabs-nav-bg.jpg HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/css/style10.2022-09-27-14.css

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:22 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vUcjaN7rUa9o%2BCb5e0q1WVdDJM%2FQ87n66RIN6zvpIhJQW3gVVbLQtY6kv7tT9Si4K4qXGwuwSsuad8aPMrRnlPLK9XDJ%2B91V3FEoNcluihTMjXBdOs63%2FD8lCqD%2Fh1%2BhEGdnu5LG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac0919371c0e-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 10 x 46, 8-bit/color RGB, non-interlaced\012- data
Size:   946
Md5:    74484aff30458cf3eef0104c2b48d070
Sha1:   7cf67e90bafd3519f360d4640c2ee0e029b500f8
Sha256: 879de89af5f1ff7a9174f0fc861a5d1bbd509584ea760b9c5c3168c97a10feb8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6256
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 22:28:22 GMT
Last-Modified: Tue, 27 Sep 2022 20:44:06 GMT
Server: ECS (amb/6B89)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /images/profile-load.svg HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:22 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qC40UTLz4dhj%2B4be%2F6zMWNen7862gBrhabYIqNeP%2FOE9ysopTz9th73oaFOJNEMIocitNXsb5yFgweD3oUKukZChL7HpNd354b2FNEqiREZIqBm%2FwYLq2a3pLNHIn9ZYJsNBs8Ul"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac092e3cb512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1999), with no line terminators
Size:   413
Md5:    80ca6e02640f946fec020eda0a0bbdf8
Sha1:   b899cc4e84c599f206ee3d846ed48d427fec88e7
Sha256: 81000e1cbff3e6628888f4e681b7adae303d94de6a6203f9807bc531a3a15a32

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /400/4837723 HTTP/1.1 
Host: rndskittytor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/

                                         
                                         139.45.197.238
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 4c1b320d993149542b203ae90598f4e3
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=b8855658b4cf4cd9aede863312396c84; expires=Wed, 27 Sep 2023 22:28:22 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   30100
Md5:    e078b3d2c596dd31fe12196c548753e4
Sha1:   97691ad3f5b6eb56b311a0adcb98f778dc904bda
Sha256: cc9b13046a0843cd452a55408a736840370b19872af0d40112a2028e22ee54d0

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /helper-js/ HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: s-maxage=0, max-age=0 no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42jx9gTzoAIq94ib5PS8wyOGgfJ%2BbAZTudvWi%2FjtEwi2EUQ0kVnLjF2fvkFDDSlD6paKY45%2FAXLFi20mBziLU6V7g3mQE5KR%2BWw8Vm9bI379RvIrfHnE1lA4r5zviLRmw6UUMWvZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7517ac0a2efab51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (2612), with CRLF line terminators
Size:   1027
Md5:    7f47b89ff0d9e1295b5e6973db5a3b38
Sha1:   bf81f4c905f8f25a89e0b5f41a4f30f36523cfb0
Sha256: 88b18dd3e9a9c1502ae8a37e29b633e2ff30de7cf96536fd1f337e6d49720c0f

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /images/logo.svg HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/torrent/1116615/The-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013/

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:22 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uoekvHSLpzc9lBYSCvFHFm0Ox4MAq2mJu3ovngpa4WgHWhTACs%2FZ%2Bx9H4K7T0hVvIdEX9s%2FbhKSjfHC%2Bm8AB6C3kCEfRTWdLROAh9in4LMqdXKU%2BvAVI4MISy6AfGVHCk62B3lbG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac098db5b4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   1992
Md5:    cceb9991e6922ddd1631beaa3b5f098e
Sha1:   8d89b4e0e3b4d417102de7a0f2059ec99ad880ee
Sha256: ecd7393c2d9605ddab449ed27418beba329535157a13b5c4585b78596fb0313d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /sfp.js HTTP/1.1 
Host: creepingbrings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/

                                         
                                         172.64.198.30
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: ba093f9d502d9fa34990f69a3e99ccab
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Tue, 27 Sep 2022 22:28:22 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggwqXcOAP7djZUPka%2FJ7D7xdHHv0KjbwiKUs8TKN1vj0pOwj9FNb4JNabN%2Fz5DZPDBQVnWHYfvJjaECE%2FQUTquLNwrGG2oOm%2FT59oe5lE42droGwXwSQkK%2B7dmeEajiBxMIT9P8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac0a1bc2405d-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size:   27574
Md5:    b1fa950e77a7db5425f9a5257af02e9c
Sha1:   2d5580451f34ad96218f8b97edf9708f9ee1be87
Sha256: d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6256
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 22:28:22 GMT
Last-Modified: Tue, 27 Sep 2022 20:44:06 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 22:28:22 GMT
Last-Modified: Tue, 27 Sep 2022 21:24:03 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kQ1ugiyyvjoZcqHmPSGkjJTGPR8jgarlZ4IPFP8sD4mJiffhdifBuQ==
Age: 3859

                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://1337x.theproxy.best
Connection: keep-alive
Referer: http://1337x.theproxy.best/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         3.66.118.16
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 27 Sep 2022 22:28:22 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: http://1337x.theproxy.best
access-control-allow-credentials: true
set-cookie: uid_id2=97a88c90-7868-4e5c-a67d-0fadde2921cf:3:1; expires=Fri, 24 Sep 2032 22:28:22 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    a363924262ccdf01c76c9b2fb9f89cfb
Sha1:   cf42bd27516375b567c2eed9039b8061ea6a5d0c
Sha256: 762b0eb07db628221cafc296e829ca3c214f3397f8589bf7f2fc098428505b39
                                        
                                            GET /5/2632704 HTTP/1.1 
Host: benumelan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/

                                         
                                         139.45.197.239
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 27 Sep 2022 22:28:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 67fb28ab48994b7d4c62a817c84f05d8
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=1b876655efcd4244aa1e113e02056d7c; expires=Wed, 27 Sep 2023 22:28:22 GMT; path=/ oaidts=1664317702; expires=Wed, 27 Sep 2023 22:28:22 GMT; path=/ syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (62332), with no line terminators
Size:   23230
Md5:    3b5be43ff12b439953262c96c58dc063
Sha1:   0364f41376bc213393e024bf4fc45106f9419cf5
Sha256: afb32353bd927586635d70aae327feba0eef4255eec3fe8b4608fcc80c7844b8

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /j/m/w2.js.php HTTP/1.1 
Host: ecma.sidebyz.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://1337x.theproxy.best/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.167.53
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Tue, 27 Sep 2022 22:28:22 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4IT2RxEwG3%2FbRokA%2BSj0Qmvrs9q8kI1t%2FzQ8Av1NiL%2BgLmBwXbAONT3J9tfMCn1gMPPm5SuIZw59AgqXOdFsdlRwjZMM26hUXgz%2FXWfUOESfYN5CyUupYmHWDlY4M%2BMu7Wh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7517ac0a4e4eb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (492)
Size:   23476
Md5:    8aaea7f1ab2fb18417bacc0f6372c982
Sha1:   d427b7b84dc91cb04e7d1bb7ec5683c200b67e62
Sha256: c572ef03221597124be08d897bed5ca591dcffb2914763113316c88263167571
                                        
                                            GET /42/38?z=3372123 HTTP/1.1 
Host: benumelan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://1337x.theproxy.best/
Cookie: scm=1; OAID=1fad92768ac24dcd8ad4cf8d74383c69; oaidts=1664317701
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
                                        
server: nginx
date: Tue, 27 Sep 2022 22:28:22 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: d79f9501769a5c387e9e696cddeffb82
access-control-expose-headers: X-Sc
set-cookie: OAID=1fad92768ac24dcd8ad4cf8d74383c69; expires=Wed, 27 Sep 2023 22:28:22 GMT; secure; SameSite=None oaidts=1664317701; expires=Wed, 27 Sep 2023 22:28:22 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /css/images/black-gradient-bg.jpg HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/css/style10.2022-09-27-14.css

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 27 Sep 2022 22:28:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:23 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrMhZvsYl5Dg9XnWhfr5emwE4WWmHElWgpadA0BrJZSn4wugV3vgqdxidj1HFPswZ%2FYeQ1naWr0pJW1yC%2BSypobEOZmFC3Nqo6nUffDmcCqJUUpki6TXDrhV82cMX6JJq7xs7VkH"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac08aeaefab4-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 10x163, components 3\012- data
Size:   1180
Md5:    cb17ba9d17b5dc975e48c45b4e257d65
Sha1:   1708d0bf5fd0bf4c5f4ca9f3ec54b9e56c2e8b1f
Sha256: 320b0fb44f87a3c51be6bbf2ea264f231667131016616d32918d31b31bb45a6f
                                        
                                            GET /27/b7bd02994a2771796f8a835cfb750d4b HTTP/1.1 
Host: benumelan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://1337x.theproxy.best/
Cookie: scm=1; OAID=1fad92768ac24dcd8ad4cf8d74383c69; oaidts=1664317701
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 27 Sep 2022 22:28:22 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 22 Sep 2022 08:42:06 GMT
expires: Thu, 22 Oct 2082 08:42:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65523)
Size:   145077
Md5:    87a84d3dda688be5f61bf169a48c4e5b
Sha1:   b213b88effd646fb68403079d5970fc817a62be6
Sha256: 1b18356c12cbc59a068262de98560df84863e41b98b2f52c1143d12472ba9b33

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /css/images/notfication-bg.png HTTP/1.1 
Host: 1337x.theproxy.best
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/css/style10.2022-09-27-14.css

                                         
                                         104.21.28.218
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 27 Sep 2022 22:28:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 27 Sep 2022 22:28:23 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2U%2BAtSbKD0Hn%2FhMfiP%2FC0bNCGivfrfQYcoVK6A4wBKR4msysusz1p%2B3NVOR2VsC6zNbNquCJ2yHMnLAn8Um2cAkuGOu%2F4uTyjxwp3NlyPyBvF3yaUSngROCMGeJ1Zywo3LgGb9Nn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac090d60b509-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 4 x 4, 8-bit/color RGBA, non-interlaced\012- data
Size:   121
Md5:    831c43c31346a124b70b6475490313f7
Sha1:   6bf7b325c7e207f9da08188af23723195ee5d3a3
Sha256: 19af91163505935886535f7b68b1528f99eb97d003fc03972e140da02c11d242
                                        
                                            GET /400/4495524 HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/

                                         
                                         139.45.197.237
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 27 Sep 2022 22:28:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: edfa6c2606a69b03789bb73ce7967e17
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=f42e6470f7c44d48a02e2769e9b0b96b; expires=Wed, 27 Sep 2023 22:28:23 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   30247
Md5:    df8ef9797e4f021bbf4a22c6960d45f9
Sha1:   c4190edc0ea69720dbd93420197b0f670a27f768
Sha256: d859438a9a45696d6a11b45cf3468b6c216737d86a36b7326b7da07dfe68bffa
                                        
                                            GET /pfe/current/universal.min.js?v=3.1.396 HTTP/1.1 
Host: glimtors.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://1337x.theproxy.best/
Origin: http://1337x.theproxy.best
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 27 Sep 2022 13:19:37 GMT
If-None-Match: W/"6332f869-1fafa"
TE: trailers

                                         
                                         139.45.197.251
HTTP/2 304 Not Modified
                                        
server: nginx
date: Tue, 27 Sep 2022 22:28:23 GMT
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
etag: "6332f869-1fafa"
access-control-allow-origin: http://1337x.theproxy.best
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 22:28:23 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 06:25:19 GMT
Expires: Mon, 03 Oct 2022 06:25:18 GMT
Etag: "f2ec69fdaca2a0327cd3599ac05d0051df3dee41"
Cache-Control: max-age=460014,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7517ac0cecba0b55-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5801
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 22:28:23 GMT
Last-Modified: Tue, 27 Sep 2022 20:51:42 GMT
Server: ECS (amb/6B89)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /gid.js?userId=5b260b75c93c426ca1fa085d4a6d6aca HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://1337x.theproxy.best
Connection: keep-alive
Referer: http://1337x.theproxy.best/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 22:28:23 GMT
content-length: 65
access-control-allow-origin: http://1337x.theproxy.best
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5b260b75c93c426ca1fa085d4a6d6aca; expires=Wed, 27 Sep 2023 22:28:23 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    e7a149ce5dffa7cd9a7df6d0349c3e70
Sha1:   7be8224ef87a8dfdcc2108623b4aaafae28f4c63
Sha256: 0d44e08e18f7a6099321e40f22d4b5918905c2fc32f5ab9ff9aec6486cc4dacc
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5801
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 22:28:23 GMT
Last-Modified: Tue, 27 Sep 2022 20:51:42 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /400/4495524 HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/

                                         
                                         139.45.197.237
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 27 Sep 2022 22:28:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 5e56ae1ab752ea11f7fe081d0d0d12f6
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=ac14e2532505427d892577ffdc527338; expires=Wed, 27 Sep 2023 22:28:23 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   30247
Md5:    df8ef9797e4f021bbf4a22c6960d45f9
Sha1:   c4190edc0ea69720dbd93420197b0f670a27f768
Sha256: d859438a9a45696d6a11b45cf3468b6c216737d86a36b7326b7da07dfe68bffa
                                        
                                            GET /400/4495524 HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/

                                         
                                         139.45.197.237
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 27 Sep 2022 22:28:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 90428feb6557e0f08d36df0a14e08046
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=bfed050e6188490eb4bc42f519a0b0e0; expires=Wed, 27 Sep 2023 22:28:23 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   30247
Md5:    df8ef9797e4f021bbf4a22c6960d45f9
Sha1:   c4190edc0ea69720dbd93420197b0f670a27f768
Sha256: d859438a9a45696d6a11b45cf3468b6c216737d86a36b7326b7da07dfe68bffa
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18380
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Tue, 27 Sep 2022 22:28:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18380
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Tue, 27 Sep 2022 22:28:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 22:28:23 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 15:02:18 GMT
Expires: Mon, 03 Oct 2022 15:02:17 GMT
Etag: "02745fc47df86f86aeb0f8c25bbd67cff0bdbab7"
Cache-Control: max-age=491033,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7517ac0d6d0e0b55-OSL

                                        
                                            GET /stattag.js HTTP/1.1 
Host: tzegilo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://1337x.theproxy.best/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.84.149
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 22:28:23 GMT
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2295
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shnx7j7w6xZB%2FsCTtVG2WeGEZZinreJ0i1gRng96Y7qX7GOz0CzohBIVHKjU14cBJVT14stR%2Ftt54gBz5wbZhrugzNbR32d58i5UNr178MCGB1qFQzFjcOsKgBs3Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7517ac0cea000b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with very long lines (32771), with no line terminators
Size:   18776
Md5:    729f376c59d0822c230e6513dd79b89a
Sha1:   ab9738727c310c5eb66cd40e13cb06104e27789d
Sha256: dd7894c1f4e548125ddbd1c6171e475ffdad85f293d331f6319511f8c2ff4a9d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11314
x-amzn-requestid: 9f410158-cd1a-45a9-9e86-4005b25577e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4Hw7oAMFpAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-70683c681f22a3b6103fcb4a;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l9IinQYCcQV_iymSArIEnOWgbmLlmVqz94402zcsmga5Bp3Sty7QRg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:40:49 GMT
age: 2854
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11314
Md5:    ee83d08d024d127fad5918e1ffacb78b
Sha1:   8ad289a77705358ab660b6123e9d90de991b6c13
Sha256: aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9646ccba-7fc2-470a-b04e-5cef02e234cd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13058
x-amzn-requestid: 2ce70ac3-0451-41f4-bd82-596a92582a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EiiIAMFQLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-25deabef6235856b6d9bb19f;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: oGmQtgwLy_unp2_L3WP10HsyeCSgao4_37Kf6K8JeeVgz8YXbDvDWQ==
via: 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:47 GMT
age: 2496
etag: "7d8b30445dadc44a17e5a26301212fced3aaa2af"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13058
Md5:    e49757d877a437a57f39d458862e8369
Sha1:   7d8b30445dadc44a17e5a26301212fced3aaa2af
Sha256: e8b481bd5fe7ce92aa614cb77c9318ef8b763e71a178126805a4c363e6f91a9b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6721
x-amzn-requestid: ea4416a4-ffbe-4006-bb09-aa0a70763ab2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xTGNOoAMFXeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-6634cd372bd677227f755769;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TlEcmqE03c_aVOwGbXRCTsU5MOTiUF4C93U3zcIVqzg6NCGJJGup7A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:09:10 GMT
age: 1153
etag: "e951f6b11e473b68d2fdd95b822cef120d37b1eb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6721
Md5:    c4a66beda24621e812a929933c52025d
Sha1:   e951f6b11e473b68d2fdd95b822cef120d37b1eb
Sha256: 28efb1495fdb363cea9ccc6c38f84b2731dbd44dd4dbbe42996fa6fab74e1ce6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a264fec-4624-4025-b0d1-044fc33e338f.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9780
x-amzn-requestid: 9938422e-12cd-4aab-9e58-c26b8fee53b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UOH3DoAMFZRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-37105d923f19437025abec71;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Halsx09hxT_sMRc2jy-fJA0tE85F6Bgz9P9Trx02Z9aMfIZVLkLW4g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:11:14 GMT
age: 1029
etag: "1a1139cff14aff6755b9e43ff4ef8c9ece1102c1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9780
Md5:    43d7c0db2af42ad4d0095324b2691f6c
Sha1:   1a1139cff14aff6755b9e43ff4ef8c9ece1102c1
Sha256: 42073c84e0c215109b54ab55a53cce9e6cce44f4619f5988fa4e2776ff70b362
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14464
x-amzn-requestid: 6627e07e-034b-432e-ab9e-afe035fa0b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e9HgIoAMFxUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-7f34c3f6454379724a7ac413;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: J27vcANRhkMUuGwTZjXkO0EF0-UjN-MODVQRKgsc7hJI2S-UPF8Ctw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:40:53 GMT
age: 2850
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14464
Md5:    aa5cad224dbddd71881bd07255beb4da
Sha1:   bc214d60be395d4cf753216ff8f9691c33d25e75
Sha256: 82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada
                                        
                                            GET /utx?cb=4vrV3Br1UQBv&top=1337x.theproxy.best&tid=949060 HTTP/1.1 
Host: hatsheisaco.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://1337x.theproxy.best
Connection: keep-alive
Referer: http://1337x.theproxy.best/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.30
HTTP/2 204 No Content
                                        
date: Tue, 27 Sep 2022 22:28:23 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://1337x.theproxy.best
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 27 Sep 2022 22:29:23 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mJPY1Yapantj03A6HwoyzU1O0YG7tKSbcKahJyshFm9voSSemKH5Lg==
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /9?z=3372123&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2F1337x.theproxy.best%2Ftorrent%2F1116615%2FThe-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=5b260b75c93c426ca1fa085d4a6d6aca HTTP/1.1 
Host: benumelan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://1337x.theproxy.best/
Origin: http://1337x.theproxy.best
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 27 Sep 2022 22:28:23 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://1337x.theproxy.best
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /vNWQzRW1WC10jUkENV3hUAV0Dc10TDkAqA0VZQR8gTBZqdAVnEWkQWlFCRz8JCFQVKQxbAw5jCFsHDnRLVABReF0TEEMqBggSUiQeRBNDNQdeQkYkUFgLSSwBWQUWdysASgNgXwVMS3RcEFdxYF8FCForGE1BAXUVDVJsc1kQV3FgXwUWRWBedF0Fa10cQQ-F1ClAHWCpIByIBdVwFVAJ1XBBWAyMERwFVKhUQVnV8WxtUFTBQBA HTTP/1.1 
Host: d2ers4gi7coxau.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/

                                         
                                         143.204.42.65
HTTP/1.1 200 OK
                                        
Content-Length: 584
Connection: keep-alive
Date: Tue, 27 Sep 2022 22:28:23 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8hZS5HFYzwo3MuUUhu4GQr2TFhVhIJLmZRs5FF-sVw0PjK0hV37mFw==


--- Additional Info ---
Magic:  ASCII text, with very long lines (810), with no line terminators
Size:   584
Md5:    c34cf2e64ab0267356a252324e149b08
Sha1:   30ff5526dcf86e6f1b9e0710aca1e5b5d54aa7a9
Sha256: 0343aa4cd22b7b69ff9e05fe8511284069624379d9c3fa46af32a58613faeab9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 22:28:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /3WEk0bkc7JloIeCwgUFN+bnkBV3Z+I0cBKSh0fVkpbxxhLDEwAgRfYSwzUFN3fiVVACBlb1EAJGV4Eg8jOnQESDMoJl9TMjYtUQguNixQSDI5dFkBPTElWA9iag8BQHd9ewRGP2l4EV0FfXsEAi42PExLdWgxDFgYbn0RXQV9ewQcMX16dVdxdnkdS3VoLl-ENLDdsBih1aHgEXnZoeBFcdz4gRgshNzERXAFhfxpeYS10BQ HTTP/1.1 
Host: d2ers4gi7coxau.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/

                                         
                                         143.204.42.65
HTTP/1.1 200 OK
                                        
Content-Length: 335
Connection: keep-alive
Date: Tue, 27 Sep 2022 22:28:23 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xLdhO7QhrqjJ-5PibW0vcJOi6Mo7GhN8fOF1ln25gooMY18e56TCEQ==


--- Additional Info ---
Magic:  ASCII text, with very long lines (416), with no line terminators
Size:   335
Md5:    06b9480fbff7c344a762028829b30f2f
Sha1:   6b799bd19a12a71b542801381f0ce4486f41bee7
Sha256: 0b8b7c5c4999ae047a777a142c6811d356690076b7d0bd80df71e2a992beb215
                                        
                                            OPTIONS /custom HTTP/1.1 
Host: glimtors.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://1337x.theproxy.best/
Origin: http://1337x.theproxy.best
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.251
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 22:28:23 GMT
content-length: 0
access-control-allow-origin: http://1337x.theproxy.best
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 22:28:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /?gsred=949060 HTTP/1.1 
Host: d2ers4gi7coxau.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://1337x.theproxy.best/
Origin: http://1337x.theproxy.best
Connection: keep-alive

                                         
                                         143.204.42.65
HTTP/1.1 200 OK
                                        
Content-Length: 159102
Connection: keep-alive
Date: Tue, 27 Sep 2022 22:28:23 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://1337x.theproxy.best
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nrQnOdKqIv3vVPphxgZc3oDaTljV6wMpfOa_9J2FtN81Zt0BCeSSYg==


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15945)
Size:   159102
Md5:    17c3fa00d1c5c387b8c302c549cf8ae2
Sha1:   cd3629c3fb3721d6686937ff4fbc2a46fcbd0af7
Sha256: 0c47dc224478ed3fdf8b7c6af7f5dd70d345dc0e858cb1ff7a2772dccd21e1a5
                                        
                                            GET /gid.js?pub=0&userId=764ab9ae662d434c8b6932dd20db898d&zoneId=2651991&checkDuplicate=true&ymid=&var= HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://1337x.theproxy.best/
Origin: http://1337x.theproxy.best
Connection: keep-alive
Cookie: ID=5b260b75c93c426ca1fa085d4a6d6aca
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 22:28:23 GMT
content-length: 65
access-control-allow-origin: http://1337x.theproxy.best
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5b260b75c93c426ca1fa085d4a6d6aca; expires=Wed, 27 Sep 2023 22:28:23 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    e7a149ce5dffa7cd9a7df6d0349c3e70
Sha1:   7be8224ef87a8dfdcc2108623b4aaafae28f4c63
Sha256: 0d44e08e18f7a6099321e40f22d4b5918905c2fc32f5ab9ff9aec6486cc4dacc
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3926
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 22:28:23 GMT
Last-Modified: Tue, 27 Sep 2022 21:22:57 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://1337x.theproxy.best/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.237
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 27 Sep 2022 22:28:23 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1743953535%3A1664317703715074&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWooc5vcUlO6RV_p_N6LYAPKFWEWS8-594FUcqmWV7iKpKsPpM3yp72fUAAlL679KhtA7YlvHw
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-z8O5aExuhm_9NLTXFliZaw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:o1K0zMn4kh25-R6N0ybCZTUi1Mr_mQ:EImj6ocEw3MkWFkQ;Path=/;Expires=Thu, 26-Sep-2024 22:28:23 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)
Size:   395
Md5:    3b1e3361ab1470acf95f6a3b54db5e0c
Sha1:   2cf32bb7450057c25c719c20e08615c17cb5a3b1
Sha256: 3d0c51391d1c1cae10c5844b7d1e5363eaab42e38de0c7497499770a08c2a611
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "432FAA36D729ED00FC79BC1C33DA908B86DF850FEE389570476DC27390B557AC"
Last-Modified: Tue, 27 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6692
Expires: Wed, 28 Sep 2022 00:19:55 GMT
Date: Tue, 27 Sep 2022 22:28:23 GMT
Connection: keep-alive

                                        
                                            POST /custom HTTP/1.1 
Host: glimtors.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://1337x.theproxy.best/
Content-Type: application/json
Origin: http://1337x.theproxy.best
Content-Length: 444
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 22:28:23 GMT
content-length: 39
x-trace-id: 0edc8501fcd4905022320496a8917340
access-control-allow-origin: http://1337x.theproxy.best
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /dS3hQTVooFz4rZT8RNHBjf0Fke2xtEiMiNDtFKAEKGz4RDhA7GiAdfD8CNHBqbRQxIz12XjUjOXZJdiw+KUVgay47FztwLCoZIzwtOwg6Jnw+GW0gNTERPCE7bkoWeHR7XWJ9cjNJYWhpCV1ifTYiFiU1f3lIKHVsFE5kaGkJXWJ9KD1dYwxjfVZgZH95SD-coOSAXdX8ceUhhfWp6SGFoaHseOT8/LRcoaGgNQWZjam0NbXw HTTP/1.1 
Host: d2ers4gi7coxau.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/

                                         
                                         143.204.42.65
HTTP/1.1 200 OK
                                        
Content-Length: 474
Connection: keep-alive
Date: Tue, 27 Sep 2022 22:28:23 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: irg6TWW6diNkJY6dYlapu8D99B1VtmZxldUckpG0IFp3dIdM0Nm8qg==


--- Additional Info ---
Magic:  ASCII text, with very long lines (664), with no line terminators
Size:   474
Md5:    85eca5c54fb79ce4a1643765a812a73b
Sha1:   891b2426c61963039dacc3d251c958dcd25fb2fc
Sha256: 1aa37d8e6ed5b152310938b7fd6b3506dabc3227bf1005a3c505fe0fc7af9555
                                        
                                            GET /Rcm1CZnURAiwASgYEJltMRlR2UEBUBzEJGwJQFAAXQhcLEhcYDmQSDxZQckAZEwMlW1MXAyFbRFQMJgRIQks3B0gfAjgPGR4MZ1QzR0NyQ0dCRTpXRFdeAENHQgErCAAKSHBWDUpbHVBBV14AQ0dCHzRDRjNUdEhFW0hwVhIXDikJUEArcFZEQl1zVkRXX3-IAHAAIJAkNV18EX0NcXWQTSEM HTTP/1.1 
Host: d2ers4gi7coxau.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1337x.theproxy.best/

                                         
                                         143.204.42.65
HTTP/1.1 200 OK
                                        
Content-Length: 185
Connection: keep-alive
Date: Tue, 27 Sep 2022 22:28:23 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ev-6fm0bNMjRNmgDlvMz2Iz2ggSK-hmu0e44x9Z9a6RUNG4JvMYNgQ==


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   185
Md5:    553be9e6b3a1f7660fe8e9e5590d8c50
Sha1:   513188274d1caf6938f31312deba48c9a96ff35f
Sha256: 39d78fc2af4c1673e0c403ce12bbb2364e28a95ae683ceb09b89a38a990517ab
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "432FAA36D729ED00FC79BC1C33DA908B86DF850FEE389570476DC27390B557AC"
Last-Modified: Tue, 27 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6692
Expires: Wed, 28 Sep 2022 00:19:55 GMT
Date: Tue, 27 Sep 2022 22:28:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "432FAA36D729ED00FC79BC1C33DA908B86DF850FEE389570476DC27390B557AC"
Last-Modified: Tue, 27 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6692
Expires: Wed, 28 Sep 2022 00:19:55 GMT
Date: Tue, 27 Sep 2022 22:28:23 GMT
Connection: keep-alive

                                        
                                            GET /?rb=HY7BDekgn9NeoiI1krpQz2b66Acg7G5FL2pj4zAX7X9rC9QGa3F_OVM9oynn4FJYTJ21txiLsep3Vp26Ucuz7VsVADitkSD7c9H6kEB3lOJ6hwzz-fulcfD_bysLYvpY-gkgfLF3uLy48C0Ufwmm-0BoP8q-JK1dM6Q0O0w8vBGp_kC7c7yeFvaLVvQt_HYC6uhiA3a3aiEqa_2DK8q9sgujrG7Wq1SL&request_ab2=0&zoneid=3388548&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2F1337x.theproxy.best%2Ftorrent%2F1116615%2FThe-Walking-Dead-S04-Complete-BDRip-x264-ENG-ITA-2013%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.430.0&bs=60be4180-c7b4-44a4-8a61-daa38425d60f&userId=5b260b75c93c426ca1fa085d4a6d6aca&m=link HTTP/1.1 
Host: cdn.itskiddoan.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://1337x.theproxy.best/
Origin: http://1337x.theproxy.best
Connection: keep-alive

                                         
                                         139.45.197.236
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Tue, 27 Sep 2022 22:28:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: abd40b03efa610b899bbd17d73dca952
Access-Control-Allow-Origin: http://1337x.theproxy.best
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=5b260b75c93c426ca1fa085d4a6d6aca; expires=Wed, 27 Sep 2023 22:28:23 GMT; path=/ oaidts=1664317703; expires=Wed, 27 Sep 2023 22:28:23 GMT; path=/ syncedCookie=true; expires=Tue, 04 Oct 2022 22:28:23 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2362), with no line terminators
Size:   1849
Md5:    dc68b6aa0070c9e1fd0a28050d93e6a6
Sha1:   5cccd3d5c672bea04ae341a8d63d05e87269140d
Sha256: 1b779a5ccfc0e2a38e1c7eadf782809df99c6c5ccde0e4f9bd9436101e716f21
                                        
                                            GET /utx?cb=ABaNN1IKIrOQ&top=1337x.theproxy.best&tid=949466 HTTP/1.1 
Host: hatsheisaco.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://1337x.theproxy.best
Connection: keep-alive
Referer: http://1337x.theproxy.best/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.30
HTTP/2 204 No Content
                                        
date: Tue, 27 Sep 2022 22:28:23 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://1337x.theproxy.best
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 27 Sep 2022 22:29:23 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zrXo6C_X4MnezalRQN6Jgx833H4SOn7nKY71CYqYm2w_wtwvygQj4A==
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "432FAA36D729ED00FC79BC1C33DA908B86DF850FEE389570476DC27390B557AC"
Last-Modified: Tue, 27 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6692
Expires: Wed, 28 Sep 2022 00:19:55 GMT
Date: Tue, 27 Sep 2022 22:28:23 GMT
Connection: keep-alive

                                        
                                            GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://1337x.theproxy.best/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.237
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 27 Sep 2022 22:28:23 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S957121861%3A1664317703777259&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpbWkHWDE3mot3S11T6tnAhNT68knTacYnmIrSgkIT0AEk6nKKFwGstaQQ2eiaz-45Bww4cbA
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-SnMsniySC-dW5axA6Su_qQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 389
server: GSE
set-cookie: __Host-GAPS=1:rHukY0G3KumFNsu8tJx_CBFT8aQGYA:yQPiqa8cPpspWVYt;Path=/;Expires=Thu, 26-Sep-2024 22:28:23 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379)
Size:   389
Md5:    6b63008a2e2774487a5c4932423ea4cd
Sha1:   b459af673d4e958eb26cc770f0eb59a58b269485
Sha256: c25f8cf8fa4d1135d540de0ec4382bcf64d18a3571b170aecf28bebd6299854f
                                        
                                            GET /utx?cb=vHeVmBrGUOXr&top=1337x.theproxy.best&tid=960591 HTTP/1.1 
Host: hatsheisaco.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://1337x.theproxy.best
Connection: keep-alive
Referer: http://1337x.theproxy.best/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.30
HTTP/2 204 No Content
                                        
date: Tue, 27 Sep 2022 22:28:23 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://1337x.theproxy.best
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 27 Sep 2022 22:29:23 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IMBtglRKB0JlUeImjVFRYSb4feNFubuQtfrGqXz-p25rtNc_5f95hA==
X-Firefox-Spdy: h2

                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 22:28:23 GMT
Content-Length: 940
Connection: keep-alive
Expires: Sat, 01 Oct 2022 19:00:19 GMT
ETag: "95e2cfa0bc8c74729ab615e273bc9eb52d08e4de"
Last-Modified: Tue, 27 Sep 2022 19:00:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1471
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517ac10b964b518-OSL