| www.1377x.to/torrent/5382554/XnView-2-51-1-Complete-Multilingual-crack-crackerfg/ |  104.21.20.189 | 301 Moved Permanently | 0 B |
URL HTTP/1.1www.1377x.to/torrent/5382554/XnView-2-51-1-Complete-Multilingual-crack-crackerfg/ IP104.21.20.189:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /torrent/5382554/XnView-2-51-1-Complete-Multilingual-crack-crackerfg/ HTTP/1.1
Host: www.1377x.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 11 Sep 2022 09:45:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 11 Sep 2022 10:45:26 GMT
Location: https://www.1377x.to/torrent/5382554/XnView-2-51-1-Complete-Multilingual-crack-crackerfg/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCiy0mHBO33%2FMthU%2Ft3g8kDICg3gFmcnN%2BcOxcR8BmXJjhACWbOPFfTKvT7MG9aNUW%2BeYOmFLEoipeABuQfdb9a5AyhfLPZBajXQNSmWvJR92ELsthcDoLkfw9vIjDg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748f7871d8eefabc-OSL
alt-svc: h2=":443"; ma=60
|
|
| firefox.settings.services.mozilla.com/v1/ |  143.204.55.36 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.36:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashb593eb39329cfe060d55be5e4a5405e2 78e46c1028e9f94f8569303ad2d90d7df13a059a 08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 11 Sep 2022 09:08:14 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Qv-YXB3QTcd3dCTHuc4NffF-F-LmcB58e3gSS7tvlfBIv5D1OsYooA==
Age: 2232
|
|
| r3.o.lencr.org/ |  23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash76d5eb597558e3dee0d99719d17e71e0 f3a0f3932fa8059f27dc9422d523b938fa9a7d09 d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4446
Expires: Sun, 11 Sep 2022 10:59:32 GMT
Date: Sun, 11 Sep 2022 09:45:26 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain | 143.204.55.35 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain IP143.204.55.35:0
File typePEM certificate\012- , ASCII text Hash742edb4038f38bc533514982f3d2e861 cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 11 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sc9z1SgMySspIqd0Qgj40kmmBYqUdoV8MiEBGw8xuelwYHML8Zb4BA==
age: 8894
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 09:45:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| i.postimg.cc/1tm7cZwH/S87-Me9-KUA64-Ic-Gi-GI3-SVp-B2e-Imwh-Fizy.gif |  141.94.200.42 | 200 OK | 15 kB |
URL HTTP/2i.postimg.cc/1tm7cZwH/S87-Me9-KUA64-Ic-Gi-GI3-SVp-B2e-Imwh-Fizy.gif IP141.94.200.42:0
File typeGIF image data, version 89a, 314 x 300\012- data Hash6db883b2979e3e2097e86ec58745e640 8b9a71ecefcff66c513111936987267278852e56 43719f01b14a552595d9d1759e3720fe5ed2cd5b3f61f2921ff1d789409b793a
GET /1tm7cZwH/S87-Me9-KUA64-Ic-Gi-GI3-SVp-B2e-Imwh-Fizy.gif HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 09:45:26 GMT
content-type: image/gif
content-length: 15229
last-modified: Fri, 09 Sep 2022 22:54:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashfb2a64a315479ad03071699ec60546e6 873dc44729887b0372a4ece14c46c286e0f88433 83359843d561670b28c91f20157778ef2641d6eb5943af7c4d5c79f50c407a0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83359843D561670B28C91F20157778EF2641D6EB5943AF7C4D5C79F50C407A0F"
Last-Modified: Thu, 08 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10640
Expires: Sun, 11 Sep 2022 12:42:47 GMT
Date: Sun, 11 Sep 2022 09:45:27 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.36 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.36:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 11 Sep 2022 08:56:07 GMT
Cache-Control: max-age=3600
Expires: Sun, 11 Sep 2022 09:23:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -z6upP064754QDI0xc3F-geklK9PbfPX8JwzIy7wDqPI7U3xOsKAEg==
Age: 2960
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash26e829ba5f754918e20cbd316dc4348e ba198501da0812dd11ca3b38a51325b5de6cfa60 4352c25d4af7637a8435b0df6d042fc606d37a348e966b99fecce8a853b8ebc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1116
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 09:45:27 GMT
Last-Modified: Sun, 11 Sep 2022 09:26:52 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
|
|
| stickssurelyhomesick.com/20/c1/05/20c1050f6509bda85a2632d1ec65d60e.js | 192.243.59.12 | 200 OK | 20 kB |
URL HTTP/1.1stickssurelyhomesick.com/20/c1/05/20c1050f6509bda85a2632d1ec65d60e.js IP192.243.59.12:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with very long lines (59387), with no line terminators Hash798a17fe0ea3569460596ec276fe847b 8ce0c531373a4c800072a8ac1a3c26fb4268cd58 3ad891b0c640585266ff8c65c3bd260ecafed4c38c5e76ee54ad4387f2c4fd60
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /20/c1/05/20c1050f6509bda85a2632d1ec65d60e.js HTTP/1.1
Host: stickssurelyhomesick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 11 Sep 2022 09:45:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 503918b543e864e1065b88c42fa8f164
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| stickssurelyhomesick.com/e3/93/f8/e393f80da8aac0cc70f9dbc6e1ea5bde.js | 192.243.59.12 | 200 OK | 13 kB |
URL HTTP/1.1stickssurelyhomesick.com/e3/93/f8/e393f80da8aac0cc70f9dbc6e1ea5bde.js IP192.243.59.12:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with very long lines (37109), with no line terminators Hashb43765a5d35035633bd8ced85cf44939 909fa9536382ec73028fd0f207409fb95c38b8cb 720ff5afcfc69029be1549035a1e638da12439cf00270825c25804e3eb48bbe4
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /e3/93/f8/e393f80da8aac0cc70f9dbc6e1ea5bde.js HTTP/1.1
Host: stickssurelyhomesick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 11 Sep 2022 09:45:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 072da7aaf7794c84238328626f669d82
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 346 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashb32a5e9b733c4d6d00fa0ae101956367 a584d7ac68cf4e1e8d897ef1b0ba8d4d3037e997 6d41a9ea960766d6c7a93e01b3da41b93b651a3e38b00ec9873794c4bbdbee5b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6D41A9EA960766D6C7A93E01B3DA41B93B651A3E38B00EC9873794C4BBDBEE5B"
Last-Modified: Sat, 10 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6129
Expires: Sun, 11 Sep 2022 11:27:36 GMT
Date: Sun, 11 Sep 2022 09:45:27 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 44.242.41.15 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP44.242.41.15:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Uhf8PeR1EacM6XSkFkV1dw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CkDoSiUSjCpzsYOZeTIKA0lJtc0=
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.156 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.156:0
Hash5ada5a3460ccb735aad6c923c1abfb02 105c3e13eac9750088629e1c200794b102c48e4d 503713d1d8dfca76a5efc81db761b240cee2fd8d832225be9f00efe6332dccc4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 09:45:27 GMT
Last-Modified: Sun, 11 Sep 2022 09:21:44 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hU2m8cmlOvgmfcKjxQcQxzotfGo1NVe70urRaUMqcPKKW_jv_qusrA==
Age: 1424
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.156 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.156:0
Hash5ada5a3460ccb735aad6c923c1abfb02 105c3e13eac9750088629e1c200794b102c48e4d 503713d1d8dfca76a5efc81db761b240cee2fd8d832225be9f00efe6332dccc4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 09:45:27 GMT
Last-Modified: Sun, 11 Sep 2022 09:05:57 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: H_g8tBt4CBAg3xWfJhc6w2nGvPq81Tzdl7a-sSOsD1mu6DbHVKToFg==
Age: 2370
|
|
| simplewebanalysis.com/stats |  52.28.172.243 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP52.28.172.243:0
File typeASCII text, with no line terminators Hash9cf01562ebbfd1dec2b2967301d9c2e7 cb45cab0069cfd97769b78956a5140aa42e2ac7c 723c0460e0861f1a92a0101d34e3a882c813ca866205a17b6651f1789e40b7af
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1377x.to
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 09:45:27 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.1377x.to
access-control-allow-credentials: true
set-cookie: uid_id2=f9bcfab2-8e83-4768-9ae0-8bbdc5414702:3:1; expires=Wed, 08 Sep 2032 09:45:27 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| simplewebanalysis.com/stats | 52.28.172.243 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP52.28.172.243:0
File typeASCII text, with no line terminators Hashe9032c186b97d6a098d8566ba9f483bc c661b42a15ca6f962b1971a98ab74d16c61b70d7 9554a4f5e300290111fff1ff0e017506e5ca8cbe17c0a0c406ce9352394196ec
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1377x.to
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 09:45:27 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.1377x.to
access-control-allow-credentials: true
set-cookie: uid_id2=26fb3b0a-593d-43da-adee-11e45c1eb907:3:1; expires=Wed, 08 Sep 2032 09:45:27 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 346 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashb32a5e9b733c4d6d00fa0ae101956367 a584d7ac68cf4e1e8d897ef1b0ba8d4d3037e997 6d41a9ea960766d6c7a93e01b3da41b93b651a3e38b00ec9873794c4bbdbee5b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6D41A9EA960766D6C7A93E01B3DA41B93B651A3E38B00EC9873794C4BBDBEE5B"
Last-Modified: Sat, 10 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6129
Expires: Sun, 11 Sep 2022 11:27:36 GMT
Date: Sun, 11 Sep 2022 09:45:27 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashe882f2bf3b72890a1a24e46a0d0f1c14 f13a2211522f126532be5ad09af299cbd41bfdf4 e3d0aaff58faf19edb149dde906c56249532effec2d7ff4d0174b7bac96d696f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3D0AAFF58FAF19EDB149DDE906C56249532EFFEC2D7FF4D0174B7BAC96D696F"
Last-Modified: Fri, 09 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4454
Expires: Sun, 11 Sep 2022 10:59:41 GMT
Date: Sun, 11 Sep 2022 09:45:27 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash503237177a3d86d83f4c970effc37833 e2c733d5fe37ec941521578d5bdcf0bcad00d7e5 16380371ae5fc51ca985271a1fccdcd8e203b4af6134e8ffbe4e957a04180764
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "16380371AE5FC51CA985271A1FCCDCD8E203B4AF6134E8FFBE4E957A04180764"
Last-Modified: Sun, 11 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5362
Expires: Sun, 11 Sep 2022 11:14:49 GMT
Date: Sun, 11 Sep 2022 09:45:27 GMT
Connection: keep-alive
|
|
| banquetunarmedgrater.com/advertisers.js | 173.233.139.164 | 200 OK | 0 B |
URL HTTP/1.1banquetunarmedgrater.com/advertisers.js IP173.233.139.164:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 11 Sep 2022 09:45:27 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: effbd9eac95f61d2b00c4631c43e79e6
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| obituaryfuneral.com/pixel/purst?dl=0&th=0&sc=0&rs=1362&rd=1362&fd=867&bv=22.8.v.1&tmpl=70 | 192.243.59.13 | 200 OK | 0 B |
URL HTTP/1.1obituaryfuneral.com/pixel/purst?dl=0&th=0&sc=0&rs=1362&rd=1362&fd=867&bv=22.8.v.1&tmpl=70 IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/purst?dl=0&th=0&sc=0&rs=1362&rd=1362&fd=867&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: obituaryfuneral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 11 Sep 2022 09:45:27 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashf9586374bb1bef58a7f21c55bdcccbcf f4dfc53e23c579b828c19a2ab88d095b05d7b8df 545d01bc8dd9ba4d616be5179a3ae220c605bfba00982fd639835ca09a4dc56f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "545D01BC8DD9BA4D616BE5179A3AE220C605BFBA00982FD639835CA09A4DC56F"
Last-Modified: Fri, 09 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4627
Expires: Sun, 11 Sep 2022 11:02:35 GMT
Date: Sun, 11 Sep 2022 09:45:28 GMT
Connection: keep-alive
|
|
| s10.histats.com/js15_as.js | 46.105.201.240 | 200 OK | 4.4 kB |
URL HTTP/2s10.histats.com/js15_as.js IP46.105.201.240:0
File typeHTML document, ASCII text, with very long lines (11440), with no line terminators Hashed192092c129db6123a3397855f42619 067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e 998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 09:44:36 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 225280897
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashe2ed353bc6b7a6f02940d36e4d1f8216 cd5a23ded4f8e042b292ce4e1028d342d3a70b53 0111452a199c97d6251ddf6f8bd059eb0531c8a335a0c1faba2725b987089e1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0111452A199C97D6251DDF6F8BD059EB0531C8A335A0C1FABA2725B987089E1F"
Last-Modified: Thu, 08 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1871
Expires: Sun, 11 Sep 2022 10:16:39 GMT
Date: Sun, 11 Sep 2022 09:45:28 GMT
Connection: keep-alive
|
|
| s10.histats.com/counters/cc_511.js | 46.105.201.240 | 200 OK | 6.0 kB |
URL HTTP/2s10.histats.com/counters/cc_511.js IP46.105.201.240:0
File typeHTML document, ASCII text, with very long lines (14926), with no line terminators Hashe0963faf9f8d4dd4683c649033bfe3e6 8b8365dac8c2d50836e19456f025370ee782598f 80ac8877a54d16e397e9518ce7221d0abad87a39ffd0221a99227540eeb8b2a8
GET /counters/cc_511.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Sep 2022 09:36:31 GMT
etag: "1364484781"
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-request-id: 278528072
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 5984
X-Firefox-Spdy: h2
|
|
| grandsupple.com/sbar.json?key=e393f80da8aac0cc70f9dbc6e1ea5bde&uuid=f9bcfab2-8e83-4768-9ae0-8bbdc5414702%3A3%3A1 | 173.233.137.52 | 200 OK | 4.1 kB |
URL HTTP/1.1grandsupple.com/sbar.json?key=e393f80da8aac0cc70f9dbc6e1ea5bde&uuid=f9bcfab2-8e83-4768-9ae0-8bbdc5414702%3A3%3A1 IP173.233.137.52:0
File typeJSON data\012- , ASCII text, with very long lines (5763), with no line terminators Hash0575a1f1ab8d1ae61c9900771699ed22 40a169b3af88c4859ef4cea1fbede297ee38c979 73e2747324bd860efba9adad4d2c90c07160b784c5f9902eccd4113ceb0ca54a
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /sbar.json?key=e393f80da8aac0cc70f9dbc6e1ea5bde&uuid=f9bcfab2-8e83-4768-9ae0-8bbdc5414702%3A3%3A1 HTTP/1.1
Host: grandsupple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1377x.to
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 11 Sep 2022 09:45:28 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.1377x.to
Access-Control-Allow-Origin: https://www.1377x.to
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16578187; expires=Mon, 12 Sep 2022 09:45:28 GMT; secure; SameSite=None
uid_id2=f9bcfab2-8e83-4768-9ae0-8bbdc5414702:3:1; expires=Sun, 18 Sep 2022 09:45:28 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 12 Sep 2022 09:45:28 GMT; secure; SameSite=None
uncs=1; expires=Mon, 12 Sep 2022 09:45:28 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 12 Sep 2022 09:45:28 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 12 Sep 2022 09:45:28 GMT; secure; SameSite=None
slece393f80da8aac0cc70f9dbc6e1ea5bde=[3364848]; expires=Sun, 11 Sep 2022 09:45:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 75af0b4238014cad4e6e03094cab6027
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash477fd76de0b69553430d504fe527cc06 88fe80a099e610212f27427ae6fd5b4e03b3df16 f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10730
Expires: Sun, 11 Sep 2022 12:44:18 GMT
Date: Sun, 11 Sep 2022 09:45:28 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash477fd76de0b69553430d504fe527cc06 88fe80a099e610212f27427ae6fd5b4e03b3df16 f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10730
Expires: Sun, 11 Sep 2022 12:44:18 GMT
Date: Sun, 11 Sep 2022 09:45:28 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash477fd76de0b69553430d504fe527cc06 88fe80a099e610212f27427ae6fd5b4e03b3df16 f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10730
Expires: Sun, 11 Sep 2022 12:44:18 GMT
Date: Sun, 11 Sep 2022 09:45:28 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash477fd76de0b69553430d504fe527cc06 88fe80a099e610212f27427ae6fd5b4e03b3df16 f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10730
Expires: Sun, 11 Sep 2022 12:44:18 GMT
Date: Sun, 11 Sep 2022 09:45:28 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg | 34.120.237.76 | 200 OK | 8.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe407da4d97d497925b1ab523fd416787 166741631fb93d109b18dde6d316b3fa3276aa8f 707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mfmj40aUc8l5RPk56M-pbqTwhde_HzYcmN5MDrfv-WFPhbpoShWYNw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 22:14:30 GMT
age: 41458
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234d0658-5bd0-4cc9-a828-3300a0005951.jpeg | 34.120.237.76 | 200 OK | 9.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234d0658-5bd0-4cc9-a828-3300a0005951.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashde6622cfd812509b317913e1a5e9cfc8 84e4a39c92ab111cc1072f898990cea6b05da6cf 6d41b564c2e15215d05ba74ba2ae08abf74f6aef9e58e808d31afc6d1ba123af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234d0658-5bd0-4cc9-a828-3300a0005951.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9319
x-amzn-requestid: 44d731e9-1da0-4ad0-9fbb-1b170fac3bf0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XnTxaFtpIAMFWAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c666f-2e155359546dae806f6dbfe2;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 07:10:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: a4f99UhuEWfzdGyMv22TnGq98xCUpM1at-u8BNxNrDUSNC4yfHLHVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:40:34 GMT
age: 43494
etag: "84e4a39c92ab111cc1072f898990cea6b05da6cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| s4.histats.com/stats/0.php?3352401&@f16&@g1&@h1&@i1&@j1662889517515&@k0&@l1&@mDownload%20XnView%202.51.1%20Complete%20Multilingual%20%2B%20crack%20%7Bcrackerfg%7D%20Torrent%20%7C%201337x&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:-51052554&@b3:1662889518&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.1377x.to%2Ftorrent%2F5382554%2FXnView-2-51-1-Complete-Multilingual-crack-crackerfg%2F&@w |  158.69.248.123 | 200 OK | 47 B |
URL HTTP/1.1s4.histats.com/stats/0.php?3352401&@f16&@g1&@h1&@i1&@j1662889517515&@k0&@l1&@mDownload%20XnView%202.51.1%20Complete%20Multilingual%20%2B%20crack%20%7Bcrackerfg%7D%20Torrent%20%7C%201337x&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:-51052554&@b3:1662889518&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.1377x.to%2Ftorrent%2F5382554%2FXnView-2-51-1-Complete-Multilingual-crack-crackerfg%2F&@w IP158.69.248.123:0
File typeASCII text, with no line terminators Hash06b05ae9614bafae9b0b09cfbeed559e 9b087683529b7b89a117b2d5cbb35a93e7dcbaca a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2
GET /stats/0.php?3352401&@f16&@g1&@h1&@i1&@j1662889517515&@k0&@l1&@mDownload%20XnView%202.51.1%20Complete%20Multilingual%20%2B%20crack%20%7Bcrackerfg%7D%20Torrent%20%7C%201337x&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1280&@b1:-51052554&@b3:1662889518&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.1377x.to%2Ftorrent%2F5382554%2FXnView-2-51-1-Complete-Multilingual-crack-crackerfg%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 09:45:28 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 47
Connection: close
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7443d7c-c2ec-4e8c-ad91-c2f3cdcecead.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7443d7c-c2ec-4e8c-ad91-c2f3cdcecead.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf25dc1e7a2da853e32c6509b061f49d7 cd9eedb9b5b31a4df3c13410e734d823ec36d71d a143650a7d355826e68eb313bfd4ce0f4b744b9408ecc5b0473dc04058978220
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7443d7c-c2ec-4e8c-ad91-c2f3cdcecead.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11701
x-amzn-requestid: 9c0ca08c-36ec-49fb-b8b2-d38616c7d1c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YEjhIHlfoAMFvbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6318193a-41fe17a45f5248864d01ce01;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 04:08:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lm_HMR8w44p0RQczWOCkPxuED_3WZxOxTl2i6F_A6PJC7DcvkUvLjQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 22:25:54 GMT
age: 40774
etag: "cd9eedb9b5b31a4df3c13410e734d823ec36d71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg | 34.120.237.76 | 200 OK | 8.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasheee5b4d617dab6f10d7053f5c4f4e98e 6c728c56797ba921e8001919df4d36e56dd37e54 76a53e2c81ec8da2bc469760b2c57098d587c6a36fa70e5b7c743a224a47d362
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8171
x-amzn-requestid: 39c8c044-5287-47bb-8731-5706c27a73e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0feFFtkIAMF9NA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311ac59-246e1b7e019965f74db95df0;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:10:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FVraudPaXgrkcCLGkaxntfC3h4XtbSfnRgzyp72Wgwb-WgWkDwjYPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 12:19:07 GMT
age: 77181
etag: "6c728c56797ba921e8001919df4d36e56dd37e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg | 34.120.237.76 | 200 OK | 6.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8c35b7f5f8e1b0b24570a41b7d18533a c5b82c9d77851820b8d206573d5c03cd36d27a20 bb2456b31c48e6ebc9595c2bb9972b74531e93dd02ec4571d5af614f2d116ec7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6109
x-amzn-requestid: 271b006e-9d17-46ba-9eed-22fd638c4e9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2AhHZgIAMFlSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d039c-444e7d6b22f2a08f7215a986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1ZoYLM2Mj7teQm-1Dz80IZxKGqzuzAoEiT85R3RldbJwO6iJR-JJA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:44:01 GMT
etag: "c5b82c9d77851820b8d206573d5c03cd36d27a20"
content-type: image/jpeg
age: 43287
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7d1d7d9-dc6d-4841-a150-2f22abc6729a.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7d1d7d9-dc6d-4841-a150-2f22abc6729a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashcd709702d50113aec782e45bb5ecb2a8 c5fcae1c388ff8f44b9e47734b6b65fd4e0fd856 0ec10618a7f2f77cd339e9d1b4e58d29c1c9ad1575f434c813c1d3014c90bf76
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7d1d7d9-dc6d-4841-a150-2f22abc6729a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9990
x-amzn-requestid: 712405bf-0677-4711-bde0-8040561267a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLlngEY0IAMF3AA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ae963-75feb6255b5cf4fa51ba7d54;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 07:21:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LMS65rPhliq1UWuz823twST0_lBxm7VrcLy28tOMTvCm85TsR7OVCg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 14:30:06 GMT
age: 69322
etag: "c5fcae1c388ff8f44b9e47734b6b65fd4e0fd856"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| grandsupple.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2Btzu4XvuDJkEuEyBw8KLiz3dMz3T1GCMa4Etz8IFHiTetXT8qt6Wqquqcne5BgUAJeJievvW92E6MhKHg1yGwghwUl42kP7t%2BgCHsKIjNZHP1cPu%2FVe4dXr%2BqLrfKA%2BCjp%2FrkLZlNpTVc7Tb%2Fx6odBcLqxrrJy2Bgm0UdR%2B3TDDt7oRk3%2Ftca7km%2BY1ZYf%2BH7gB401ZWVqhqszESp%2F0A2aXb%2FZbjWDThtD%2B1%2FuSg%2BOehCDA3IcSkyXH3snoPgEWf%2B7c9JtFCZ%2F%2FZ1%2BqWlhLAbi3gfZRmaqDP0FTK2HNLt35IZxT9cewWQ787gwg3%2BMTE2J9%2BQRWHbvKCTYYHuek2nIDEy8gGowgdQTKDoBN7egxFMCcIGLl5D17140tqI3nqt0pk7J8uGfUNWULP92Aln%2F4Vmtho2rRpeFMpnDMK2hhhOo3gR5uYti8xhUtQtefAYlfiarh%2BvI%2BtuXnDZQYv%2BVtMt4SllrJZFJuNKOo2SlS6W%2FkjAmeKcdtGO%2FNS9IqQlUOoGWI1C3hNJ5KJWHMvVQ5h76Yr%2FBgyCIfcGpn3Q5D0UsWST8gMZpQAM%2FSlDy2R1GKPIRuB6B25vI7U1sqDtPO8dhy5%2FgrtdwwoMrCAaiRiUJKkdQUYJKEVQFQTWod4R2LVffFdqVLDjaraMd1mNT9Lbojil6MiNb%2BQF5cd7ds8MvsSH3GzLshmniC5pQyn3OYz%2FtCsYjGUjaYULCqRrKHQN1HjbVlJx88xfkakr%2B99VfYHQXTu%2BCq%2BOg5SnQahy3fNDr43biYzP7OgjDeNgsKghTIy%2BWUdzwtvQBOTnPEF77HZLvnfmYXZj%2Bcf8ZuK2R2xqfqMcEPX17fMVUZPuKqRz5%2FlJeqL7apLO3vVrQQi598568URkrzp9zo%2Ftv8Zkwgw%2Fel65Yp5lQWc%2BRb88qIaRdM5ZL8uN5d02yy6W7fra0WZmvX3577Xw%2Ft9I5ZbIJqJoS8mQPXE3J%2F3%2FYmX%2Fblz7%2FFMpOYMsa%2FXKPHA2U2QXPb8Lli%2FzOLMHqhYflHqqyHtsWWxxqRaDlglNWw%2F2LswXecrfRsy%2BDFreQ9WsMbI2BrkH1CK5cGhe53TvzazgfMO2NmbbeNtNW33lerlP7jTgMfRp1O0EcUxmzditJo0BQ2mpHrSiiIQo35aceJn8DAAD%2F%2FwEAAP%2F%2F9uR%2F9oEEAAA%3D | 173.233.137.52 | 200 OK | 7 B |
URL HTTP/1.1grandsupple.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2Btzu4XvuDJkEuEyBw8KLiz3dMz3T1GCMa4Etz8IFHiTetXT8qt6Wqquqcne5BgUAJeJievvW92E6MhKHg1yGwghwUl42kP7t%2BgCHsKIjNZHP1cPu%2FVe4dXr%2BqLrfKA%2BCjp%2FrkLZlNpTVc7Tb%2Fx6odBcLqxrrJy2Bgm0UdR%2B3TDDt7oRk3%2Ftca7km%2BY1ZYf%2BH7gB401ZWVqhqszESp%2F0A2aXb%2FZbjWDThtD%2B1%2FuSg%2BOehCDA3IcSkyXH3snoPgEWf%2B7c9JtFCZ%2F%2FZ1%2BqWlhLAbi3gfZRmaqDP0FTK2HNLt35IZxT9cewWQ787gwg3%2BMTE2J9%2BQRWHbvKCTYYHuek2nIDEy8gGowgdQTKDoBN7egxFMCcIGLl5D17140tqI3nqt0pk7J8uGfUNWULP92Aln%2F4Vmtho2rRpeFMpnDMK2hhhOo3gR5uYti8xhUtQtefAYlfiarh%2BvI%2BtuXnDZQYv%2BVtMt4SllrJZFJuNKOo2SlS6W%2FkjAmeKcdtGO%2FNS9IqQlUOoGWI1C3hNJ5KJWHMvVQ5h76Yr%2FBgyCIfcGpn3Q5D0UsWST8gMZpQAM%2FSlDy2R1GKPIRuB6B25vI7U1sqDtPO8dhy5%2FgrtdwwoMrCAaiRiUJKkdQUYJKEVQFQTWod4R2LVffFdqVLDjaraMd1mNT9Lbojil6MiNb%2BQF5cd7ds8MvsSH3GzLshmniC5pQyn3OYz%2FtCsYjGUjaYULCqRrKHQN1HjbVlJx88xfkakr%2B99VfYHQXTu%2BCq%2BOg5SnQahy3fNDr43biYzP7OgjDeNgsKghTIy%2BWUdzwtvQBOTnPEF77HZLvnfmYXZj%2Bcf8ZuK2R2xqfqMcEPX17fMVUZPuKqRz5%2FlJeqL7apLO3vVrQQi598568URkrzp9zo%2Ftv8Zkwgw%2Fel65Yp5lQWc%2BRb88qIaRdM5ZL8uN5d02yy6W7fra0WZmvX3577Xw%2Ft9I5ZbIJqJoS8mQPXE3J%2F3%2FYmX%2Fblz7%2FFMpOYMsa%2FXKPHA2U2QXPb8Lli%2FzOLMHqhYflHqqyHtsWWxxqRaDlglNWw%2F2LswXecrfRsy%2BDFreQ9WsMbI2BrkH1CK5cGhe53TvzazgfMO2NmbbeNtNW33lerlP7jTgMfRp1O0EcUxmzditJo0BQ2mpHrSiiIQo35aceJn8DAAD%2F%2FwEAAP%2F%2F9uR%2F9oEEAAA%3D IP173.233.137.52:0
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2Btzu4XvuDJkEuEyBw8KLiz3dMz3T1GCMa4Etz8IFHiTetXT8qt6Wqquqcne5BgUAJeJievvW92E6MhKHg1yGwghwUl42kP7t%2BgCHsKIjNZHP1cPu%2FVe4dXr%2BqLrfKA%2BCjp%2FrkLZlNpTVc7Tb%2Fx6odBcLqxrrJy2Bgm0UdR%2B3TDDt7oRk3%2Ftca7km%2BY1ZYf%2BH7gB401ZWVqhqszESp%2F0A2aXb%2FZbjWDThtD%2B1%2FuSg%2BOehCDA3IcSkyXH3snoPgEWf%2B7c9JtFCZ%2F%2FZ1%2BqWlhLAbi3gfZRmaqDP0FTK2HNLt35IZxT9cewWQ787gwg3%2BMTE2J9%2BQRWHbvKCTYYHuek2nIDEy8gGowgdQTKDoBN7egxFMCcIGLl5D17140tqI3nqt0pk7J8uGfUNWULP92Aln%2F4Vmtho2rRpeFMpnDMK2hhhOo3gR5uYti8xhUtQtefAYlfiarh%2BvI%2BtuXnDZQYv%2BVtMt4SllrJZFJuNKOo2SlS6W%2FkjAmeKcdtGO%2FNS9IqQlUOoGWI1C3hNJ5KJWHMvVQ5h76Yr%2FBgyCIfcGpn3Q5D0UsWST8gMZpQAM%2FSlDy2R1GKPIRuB6B25vI7U1sqDtPO8dhy5%2FgrtdwwoMrCAaiRiUJKkdQUYJKEVQFQTWod4R2LVffFdqVLDjaraMd1mNT9Lbojil6MiNb%2BQF5cd7ds8MvsSH3GzLshmniC5pQyn3OYz%2FtCsYjGUjaYULCqRrKHQN1HjbVlJx88xfkakr%2B99VfYHQXTu%2BCq%2BOg5SnQahy3fNDr43biYzP7OgjDeNgsKghTIy%2BWUdzwtvQBOTnPEF77HZLvnfmYXZj%2Bcf8ZuK2R2xqfqMcEPX17fMVUZPuKqRz5%2FlJeqL7apLO3vVrQQi598568URkrzp9zo%2Ftv8Zkwgw%2Fel65Yp5lQWc%2BRb88qIaRdM5ZL8uN5d02yy6W7fra0WZmvX3577Xw%2Ft9I5ZbIJqJoS8mQPXE3J%2F3%2FYmX%2Fblz7%2FFMpOYMsa%2FXKPHA2U2QXPb8Lli%2FzOLMHqhYflHqqyHtsWWxxqRaDlglNWw%2F2LswXecrfRsy%2BDFreQ9WsMbI2BrkH1CK5cGhe53TvzazgfMO2NmbbeNtNW33lerlP7jTgMfRp1O0EcUxmzditJo0BQ2mpHrSiiIQo35aceJn8DAAD%2F%2FwEAAP%2F%2F9uR%2F9oEEAAA%3D HTTP/1.1
Host: grandsupple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Cookie: u_pl=16578187; uid_id2=f9bcfab2-8e83-4768-9ae0-8bbdc5414702:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece393f80da8aac0cc70f9dbc6e1ea5bde=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 11 Sep 2022 09:45:28 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2565a37f7f874c75d51828264e25344d
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 344 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash11a62de4541037ab66a1ee3a198916bd 767beb0fd7d3ef086d2dff0a984f54f6b6f9d0e4 1f6a4b80a80691e041057bf8a0a5beb9440df1a1a9af8d2447af252055850d1a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "1F6A4B80A80691E041057BF8A0A5BEB9440DF1A1A9AF8D2447AF252055850D1A"
Last-Modified: Sat, 10 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11841
Expires: Sun, 11 Sep 2022 13:02:49 GMT
Date: Sun, 11 Sep 2022 09:45:28 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 344 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash11a62de4541037ab66a1ee3a198916bd 767beb0fd7d3ef086d2dff0a984f54f6b6f9d0e4 1f6a4b80a80691e041057bf8a0a5beb9440df1a1a9af8d2447af252055850d1a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "1F6A4B80A80691E041057BF8A0A5BEB9440DF1A1A9AF8D2447AF252055850D1A"
Last-Modified: Sat, 10 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11841
Expires: Sun, 11 Sep 2022 13:02:49 GMT
Date: Sun, 11 Sep 2022 09:45:28 GMT
Connection: keep-alive
|
|
| cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css | 172.67.183.56 | 200 OK | 2.6 kB |
URL HTTP/2cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css IP172.67.183.56:0
Hashdf0556a52eae3699896a74de41257321 6716001ed7ed3a1d70393eb69e9e3ded3e9f9153 c36d902c9f4ff7d82a5477a6c4155dcceafb2d6b8b500bc7a288efaa8167a650
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1377x.to
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 09:45:28 GMT
content-type: text/css
last-modified: Mon, 31 Jan 2022 14:46:40 GMT
etag: W/"61f7f650-2516"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2523780
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtbHY2PUJQPvDIT3fnVONskjQKAAaqKu2LIXe0z8%2B%2FPpPiYda2sn1mK8ayzfKJ%2B747Ev1kWZ%2BEtz0BAvEIRfV5YPyd7psl4PGHrH27NcyyHQGLUyclDcU%2F4g3DPUP0rVhc8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748f78835f83b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html | 104.26.7.19 | 200 OK | 753 B |
URL HTTP/2cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html IP104.26.7.19:0
File typeHTML document, ASCII text Hash02d756b0215fa66b697ede172298cf4f 54b5b071ab478303579e6356dc4e47ee4dbcd47d 4c6bb2233288f112a0a7f3403ef1b60510e0ef7d2cbba7366fc853aaf325e974
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1377x.to
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 09:45:28 GMT
content-type: text/html
last-modified: Wed, 09 Feb 2022 14:12:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1017341
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5jKfW8iS0lCT1M3KeEf%2BjUz1dgMAw6PL7%2By2E2cWXtHpjIjzc9rxfxYKNwXDBUzVMDz9hgb%2FBMH4G1Gof9j474dL5PkWhu9phfcS7AFyuRz9XsRikpQ3cygKkXJ%2BWhvDAEhV%2Bw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748f78827beab521-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css | 172.67.183.56 | 200 OK | 6.0 kB |
URL HTTP/2cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css IP172.67.183.56:0
Hash1114d6fd67e3c05347c70750a133952d db9e20bd9065ddd9dfdd73d59fed8bf29e65ee15 b9c186793659e2428597e0930091c2b8b192101e3bb0023fed4ee514ead21552
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.1377x.to
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 09:45:28 GMT
content-type: text/css
last-modified: Fri, 21 May 2021 10:10:46 GMT
etag: W/"60a78726-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2523780
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYAMkybK0P0aiucWXf18nHnT3DnlQDZqtuXWGXkUDQk3%2BP9v8%2FbDuiFUNI8u4OgbhV%2BDa%2B%2FeD5lCCLmIzfRrKFfymvUkhF%2FahuRZilYA6mQvzUgd%2BPcwxBbkoUw4%2BFIIIKs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748f78835f89b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| grandsupple.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fanimate.css&l=79249&fd=81 | 173.233.137.52 | 502 Bad Gateway | 157 B |
URL HTTP/1.1grandsupple.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fanimate.css&l=79249&fd=81 IP173.233.137.52:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hashd41a93f6d3a61aa8e32d7a0afcfbb2d0 77718bef53accc9fd03bea992dc25e4086a17d50 3f72ba697c379550b6005be4ed325a33b228eea31e056a4dfa1150c6ace3f6cd
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fanimate.css&l=79249&fd=81 HTTP/1.1
Host: grandsupple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Cookie: u_pl=16578187; uid_id2=f9bcfab2-8e83-4768-9ae0-8bbdc5414702:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece393f80da8aac0cc70f9dbc6e1ea5bde=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 502 Bad Gateway
Server: nginx/1.19.5
Date: Sun, 11 Sep 2022 09:45:28 GMT
Content-Type: text/html
Content-Length: 157
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash65deebab57142db522e6c874673bdd9f bfd022181afaec5035f868ccd05fac58113f81dc 7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 09:45:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.10 | 200 OK | 1.1 kB |
URL HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.10:0
Hashca9b0b0569fcc460b63d1f59e7477f9e e53f27fda9f0af4192b4837bcd867388afbd9263 754c807d476317797e17fb000be3f16997d8f8210549c110ba15d8f1f1b546a0
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 09:45:29 GMT
date: Sun, 11 Sep 2022 09:45:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| grandsupple.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=70 | 173.233.137.52 | 502 Bad Gateway | 157 B |
URL HTTP/1.1grandsupple.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=70 IP173.233.137.52:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hashd41a93f6d3a61aa8e32d7a0afcfbb2d0 77718bef53accc9fd03bea992dc25e4086a17d50 3f72ba697c379550b6005be4ed325a33b228eea31e056a4dfa1150c6ace3f6cd
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fstyle.css&l=9494&fd=70 HTTP/1.1
Host: grandsupple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Cookie: u_pl=16578187; uid_id2=f9bcfab2-8e83-4768-9ae0-8bbdc5414702:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece393f80da8aac0cc70f9dbc6e1ea5bde=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 502 Bad Gateway
Server: nginx/1.19.5
Date: Sun, 11 Sep 2022 09:45:29 GMT
Content-Type: text/html
Content-Length: 157
Connection: keep-alive
|
|
| grandsupple.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fjs%2Fscript.js&l=711&fd=16 | 173.233.137.52 | 502 Bad Gateway | 157 B |
URL HTTP/1.1grandsupple.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fjs%2Fscript.js&l=711&fd=16 IP173.233.137.52:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hashd41a93f6d3a61aa8e32d7a0afcfbb2d0 77718bef53accc9fd03bea992dc25e4086a17d50 3f72ba697c379550b6005be4ed325a33b228eea31e056a4dfa1150c6ace3f6cd
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fjs%2Fscript.js&l=711&fd=16 HTTP/1.1
Host: grandsupple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Cookie: u_pl=16578187; uid_id2=f9bcfab2-8e83-4768-9ae0-8bbdc5414702:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece393f80da8aac0cc70f9dbc6e1ea5bde=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 502 Bad Gateway
Server: nginx/1.19.5
Date: Sun, 11 Sep 2022 09:45:29 GMT
Content-Type: text/html
Content-Length: 157
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash090a097732f15b625208ab10faeea110 33b4fbb528d5b24e6edeebec3887e9b92bed4272 dd912cb8f4b18a02f086446af981c96af8de389bb8872f8bb6dd76cb5b018194
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD912CB8F4B18A02F086446AF981C96AF8DE389BB8872F8BB6DD76CB5B018194"
Last-Modified: Sat, 10 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6106
Expires: Sun, 11 Sep 2022 11:27:15 GMT
Date: Sun, 11 Sep 2022 09:45:29 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash43e44f5fe147594a8dd7e263eabca2ae 99a970746a212194f339b3fdc7df516af9f2ffdf f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 09:45:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash43e44f5fe147594a8dd7e263eabca2ae 99a970746a212194f339b3fdc7df516af9f2ffdf f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 09:45:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.163:0
Hashda7b59c153ec8506cfec5787662b101b aa94b9aeb4131d61b32d3b64edd3095831ba1c6d d5c9a6460319a82e95dca9e408881dbd97669de2a7dcea64d920a6e688917899
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.1377x.to
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 310281
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.1377x.to
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 310281
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| grandsupple.com/pixel/sbs?c=1 | 173.233.137.52 | 502 Bad Gateway | 157 B |
URL HTTP/1.1grandsupple.com/pixel/sbs?c=1 IP173.233.137.52:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hashd41a93f6d3a61aa8e32d7a0afcfbb2d0 77718bef53accc9fd03bea992dc25e4086a17d50 3f72ba697c379550b6005be4ed325a33b228eea31e056a4dfa1150c6ace3f6cd
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
GET /pixel/sbs?c=1 HTTP/1.1
Host: grandsupple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Cookie: u_pl=16578187; uid_id2=f9bcfab2-8e83-4768-9ae0-8bbdc5414702:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece393f80da8aac0cc70f9dbc6e1ea5bde=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 502 Bad Gateway
Server: nginx/1.19.5
Date: Sun, 11 Sep 2022 09:45:29 GMT
Content-Type: text/html
Content-Length: 157
Connection: keep-alive
|
|
| grandsupple.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tc1R%2B9r8kXvuDK0k2FyixcKJjJe%2FPzjRWKNUaCaVNape70%2FnqTa%2B5793Hve%2FMmWUiwKAU305XblzNJY7UUBbcWmRS6CCgZV1mYv0ERsioiMw2Ofjafc%2B45i3PPvV%2Fs5CfER06Pl66ZLaU1XWxW%2FcqrHwbB5cqqSvJ%2BpR%2B2Pmo1Llds741Oq%2Bq%2FVnlX8g2zWPMD3w%2F8oLKsrIxMf3EiQqUPO0G141cbtWrQbKBv%2F8td7sFRD6J3Qs5DifH8E%2B8CFB8hib9bkm4jM%2Bnr78S5ppmx6In9D5KNxBQJ4hmMrIco2T9zw7ij5ccwyd40LkzvHyNTY%2BI9fQyW7J%2BFBOvtTnMyDZmAiRdQ9EaQegRFR%2BDmDpQ4IgAXuL6GJL5%2F3diCbj5X6UQdk%2FnTP6GKMZn%2F7QKS%2BNFVrfqVW0bnmTKJQz8qofojqO4IaX6AbOscVHEAnn0GJX4mi6erSOLdNacNlDh%2BJeowHlFWWwhlWF9otFvhQodKfyFkTPBmI2i0%2Fdq0IKVGUNEIWg5A3Rxy5yFXHvLIQ556iMVxhQdB0PYFp37Y4bwu2pK1hB%2FQdhTQwG%2BFyPnkDgNk6QBcD8DtNlK7jQ1176h5Hjb%2FCW69hBMeXEbQEyUKSVA4goISFIqgyAiKXrkntKu58r7QLmfB2a6d7Xo5NFl3h%2B6ZrCsTspOekBen3T07%2FRIb8rgi6516FPqChpRyn%2FO2H3UE4y0ZSNpkQsKpEsqdA3UettSYXHzzF6RqTP731V9g9ABOH4Cr86D5JdBi2K75oOvDRuhjK%2Fk6qNfb%2FWpWQJgSaTaPbNPb0Sfk4jRD%2FfbvkPzwysfs2viPB8%2FAbYnUlvhEPSHo6rvDm6YguzdN4cj3a2mmYrVFJ297K6OZnPvmPblZGCtWltzgwVt8Ikzgw%2Fely1ZpIlTSdeTbq0oIaZeN5ZL8uOJuS3Yjd%2BtXc5vk6eqNt5dX4tRK55RJRqBqTMjTQ3A1Jv%2F%2FYW%2F6bV%2F6%2FFMoO4LNS8T5ITkbKHMAnm7DpbP8zszB6pmHpR6KvBzaGpsdakWg5YxTVsL9i7MZ3nF30bUvg2Z3kMQlerZET5egegCXzw2z1B5e%2BbU%2BHTDtDZm23i7TVt97Xq5Tx5W6L9pMRrLNZKPZiCQXrNlkPo84q4sw5MjcmF96FP4NAAD%2F%2FwEAAP%2F%2FdjCqHoEEAAA%3D | 173.233.137.52 | 200 OK | 7 B |
URL HTTP/1.1grandsupple.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tc1R%2B9r8kXvuDK0k2FyixcKJjJe%2FPzjRWKNUaCaVNape70%2FnqTa%2B5793Hve%2FMmWUiwKAU305XblzNJY7UUBbcWmRS6CCgZV1mYv0ERsioiMw2Ofjafc%2B45i3PPvV%2Fs5CfER06Pl66ZLaU1XWxW%2FcqrHwbB5cqqSvJ%2BpR%2B2Pmo1Llds741Oq%2Bq%2FVnlX8g2zWPMD3w%2F8oLKsrIxMf3EiQqUPO0G141cbtWrQbKBv%2F8td7sFRD6J3Qs5DifH8E%2B8CFB8hib9bkm4jM%2Bnr78S5ppmx6In9D5KNxBQJ4hmMrIco2T9zw7ij5ccwyd40LkzvHyNTY%2BI9fQyW7J%2BFBOvtTnMyDZmAiRdQ9EaQegRFR%2BDmDpQ4IgAXuL6GJL5%2F3diCbj5X6UQdk%2FnTP6GKMZn%2F7QKS%2BNFVrfqVW0bnmTKJQz8qofojqO4IaX6AbOscVHEAnn0GJX4mi6erSOLdNacNlDh%2BJeowHlFWWwhlWF9otFvhQodKfyFkTPBmI2i0%2Fdq0IKVGUNEIWg5A3Rxy5yFXHvLIQ556iMVxhQdB0PYFp37Y4bwu2pK1hB%2FQdhTQwG%2BFyPnkDgNk6QBcD8DtNlK7jQ1176h5Hjb%2FCW69hBMeXEbQEyUKSVA4goISFIqgyAiKXrkntKu58r7QLmfB2a6d7Xo5NFl3h%2B6ZrCsTspOekBen3T07%2FRIb8rgi6516FPqChpRyn%2FO2H3UE4y0ZSNpkQsKpEsqdA3UettSYXHzzF6RqTP731V9g9ABOH4Cr86D5JdBi2K75oOvDRuhjK%2Fk6qNfb%2FWpWQJgSaTaPbNPb0Sfk4jRD%2FfbvkPzwysfs2viPB8%2FAbYnUlvhEPSHo6rvDm6YguzdN4cj3a2mmYrVFJ297K6OZnPvmPblZGCtWltzgwVt8Ikzgw%2Fely1ZpIlTSdeTbq0oIaZeN5ZL8uOJuS3Yjd%2BtXc5vk6eqNt5dX4tRK55RJRqBqTMjTQ3A1Jv%2F%2FYW%2F6bV%2F6%2FFMoO4LNS8T5ITkbKHMAnm7DpbP8zszB6pmHpR6KvBzaGpsdakWg5YxTVsL9i7MZ3nF30bUvg2Z3kMQlerZET5egegCXzw2z1B5e%2BbU%2BHTDtDZm23i7TVt97Xq5Tx5W6L9pMRrLNZKPZiCQXrNlkPo84q4sw5MjcmF96FP4NAAD%2F%2FwEAAP%2F%2FdjCqHoEEAAA%3D IP173.233.137.52:0
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | | | quad9 | Sinkholed | |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tc1R%2B9r8kXvuDK0k2FyixcKJjJe%2FPzjRWKNUaCaVNape70%2FnqTa%2B5793Hve%2FMmWUiwKAU305XblzNJY7UUBbcWmRS6CCgZV1mYv0ERsioiMw2Ofjafc%2B45i3PPvV%2Fs5CfER06Pl66ZLaU1XWxW%2FcqrHwbB5cqqSvJ%2BpR%2B2Pmo1Llds741Oq%2Bq%2FVnlX8g2zWPMD3w%2F8oLKsrIxMf3EiQqUPO0G141cbtWrQbKBv%2F8td7sFRD6J3Qs5DifH8E%2B8CFB8hib9bkm4jM%2Bnr78S5ppmx6In9D5KNxBQJ4hmMrIco2T9zw7ij5ccwyd40LkzvHyNTY%2BI9fQyW7J%2BFBOvtTnMyDZmAiRdQ9EaQegRFR%2BDmDpQ4IgAXuL6GJL5%2F3diCbj5X6UQdk%2FnTP6GKMZn%2F7QKS%2BNFVrfqVW0bnmTKJQz8qofojqO4IaX6AbOscVHEAnn0GJX4mi6erSOLdNacNlDh%2BJeowHlFWWwhlWF9otFvhQodKfyFkTPBmI2i0%2Fdq0IKVGUNEIWg5A3Rxy5yFXHvLIQ556iMVxhQdB0PYFp37Y4bwu2pK1hB%2FQdhTQwG%2BFyPnkDgNk6QBcD8DtNlK7jQ1176h5Hjb%2FCW69hBMeXEbQEyUKSVA4goISFIqgyAiKXrkntKu58r7QLmfB2a6d7Xo5NFl3h%2B6ZrCsTspOekBen3T07%2FRIb8rgi6516FPqChpRyn%2FO2H3UE4y0ZSNpkQsKpEsqdA3UettSYXHzzF6RqTP731V9g9ABOH4Cr86D5JdBi2K75oOvDRuhjK%2Fk6qNfb%2FWpWQJgSaTaPbNPb0Sfk4jRD%2FfbvkPzwysfs2viPB8%2FAbYnUlvhEPSHo6rvDm6YguzdN4cj3a2mmYrVFJ297K6OZnPvmPblZGCtWltzgwVt8Ikzgw%2Fely1ZpIlTSdeTbq0oIaZeN5ZL8uOJuS3Yjd%2BtXc5vk6eqNt5dX4tRK55RJRqBqTMjTQ3A1Jv%2F%2FYW%2F6bV%2F6%2FFMoO4LNS8T5ITkbKHMAnm7DpbP8zszB6pmHpR6KvBzaGpsdakWg5YxTVsL9i7MZ3nF30bUvg2Z3kMQlerZET5egegCXzw2z1B5e%2BbU%2BHTDtDZm23i7TVt97Xq5Tx5W6L9pMRrLNZKPZiCQXrNlkPo84q4sw5MjcmF96FP4NAAD%2F%2FwEAAP%2F%2FdjCqHoEEAAA%3D HTTP/1.1
Host: grandsupple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Cookie: u_pl=16578187; uid_id2=f9bcfab2-8e83-4768-9ae0-8bbdc5414702:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece393f80da8aac0cc70f9dbc6e1ea5bde=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 11 Sep 2022 09:45:29 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5a4f23732d181915cde737160f8df7c0
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash43e44f5fe147594a8dd7e263eabca2ae 99a970746a212194f339b3fdc7df516af9f2ffdf f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 09:45:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| unseenreport.com/pxf.gif?uuid=26fb3b0a-593d-43da-adee-11e45c1eb907&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=e393f80da8aac0cc70f9dbc6e1ea5bde&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=9 | 192.243.61.227 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=26fb3b0a-593d-43da-adee-11e45c1eb907&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=e393f80da8aac0cc70f9dbc6e1ea5bde&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=9 IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pxf.gif?uuid=26fb3b0a-593d-43da-adee-11e45c1eb907&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=e393f80da8aac0cc70f9dbc6e1ea5bde&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=9 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 11 Sep 2022 09:45:29 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ece6ed244d435e2c9a7289c6295b237d
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=26fb3b0a-593d-43da-adee-11e45c1eb907&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=20c1050f6509bda85a2632d1ec65d60e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=9 | 192.243.61.227 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=26fb3b0a-593d-43da-adee-11e45c1eb907&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=20c1050f6509bda85a2632d1ec65d60e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=9 IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pxf.gif?uuid=26fb3b0a-593d-43da-adee-11e45c1eb907&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=20c1050f6509bda85a2632d1ec65d60e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=9 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 11 Sep 2022 09:45:29 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9289ac44d59f32e2a19354c27d4ee921
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| www.1377x.to/torrent/5382554/XnView-2-51-1-Complete-Multilingual-crack-crackerfg/ | 104.21.20.189 | 200 OK | 0 B |
URL HTTP/2www.1377x.to/torrent/5382554/XnView-2-51-1-Complete-Multilingual-crack-crackerfg/ IP104.21.20.189:0
GET /torrent/5382554/XnView-2-51-1-Complete-Multilingual-crack-crackerfg/ HTTP/1.1
Host: www.1377x.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 11 Sep 2022 09:45:26 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/5.4.45
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7SjixXjkqUtPllO78LfnVx5Tsn3spk4PdDljWJEOUal2%2FP%2FPXL3ouwR6sKhMZBN7NviItanYM83KcAcQ59G5O1aZKiOLYCf3ljJ7aRwV6byE%2F7fphF9oThaYcoOi9zk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748f78738c9fb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| addresseepaper.com/sfp.js | 104.21.234.254 | 200 OK | 0 B |
URL HTTP/2addresseepaper.com/sfp.js IP104.21.234.254:0
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 09:45:27 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 8d12b37f530a2f41daabdc8072b1e516
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 11 Sep 2022 09:45:27 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHvfXoA0AX5Z92%2FsJqxmPBTeg0eF8f4ej3uptl%2Bm3xca%2BQrNLmCKENYiax%2B08%2Fet5vjJypPbiZE8EOS9Oz8NRVoiE2imLkpXhypvJAgGnqBJH74%2FBZl3N8A9bLKs%2BrHN8o4mysw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748f787acea2002a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| creepingbrings.com/sfp.js | 104.21.234.233 | 200 OK | 0 B |
URL HTTP/2creepingbrings.com/sfp.js IP104.21.234.233:0
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.1377x.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 09:45:27 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 92efcecafff01eba1813296bc8e66cda
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 11 Sep 2022 09:45:27 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGvo1ZSLhxF9MFn8dR5knCkHtMR2lDq8ToFllEvPQqKbKj0vYX0M4KMtPEunbjXV%2BEPB4IlLcp29ldO%2FqbZFy4ckfSw%2B3xL%2Ba7q6mjxF6B9OeZ9iCKCq46MCOIZQPDUtbEclcqw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 748f787acf2672df-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
104.21.20.189