torrent-indir.net/img/unitcareupdates/files/reboot/login/login.php
172.67.188.165301 Moved Permanently 0 B URL HTTP/1.1 torrent-indir.net/img/unitcareupdates/files/reboot/login/login.php
IP 172.67.188.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /img/unitcareupdates/files/reboot/login/login.php HTTP/1.1
Host: torrent-indir.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 03 Feb 2023 14:08:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 03 Feb 2023 15:08:47 GMT
Location: https://torrent-indir.net/img/unitcareupdates/files/reboot/login/login.php
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CvKzMcbfTxKk%2B8VVGOXv9ciYtGPilw2bLMPLBMciwN9bnZU5JKXOeSG3CcgkbJhWjfi5jmWdcQa70lJU9Icg7SrawZL0YlqRie9KRULOHpvmsGsuA1B984U5LX3FvM78E6Fj7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793bbd9a5bf00b69-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11716
Expires: Fri, 03 Feb 2023 17:24:03 GMT
Date: Fri, 03 Feb 2023 14:08:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11088
Expires: Fri, 03 Feb 2023 17:13:35 GMT
Date: Fri, 03 Feb 2023 14:08:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12066
Expires: Fri, 03 Feb 2023 17:29:53 GMT
Date: Fri, 03 Feb 2023 14:08:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 13:43:35 GMT
content-type: application/json
age: 1512
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: o+JDVvT14QuV0t6rU5r8d/4O4Q4TCsncyFUt1TrMAnTzbxSP/onVZ5CBL5p2IM9VxTG2vdFg4DX6M7mmfIkUvg==
x-amz-request-id: V8H3MY8GSGP80XTY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 13:23:33 GMT
age: 2714
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2a952fd6aff238df0a21a15447f352e0
cd4c766404f9be8214db39f40ecf9e578ff21dd9
8abb119db9aeb354b1f7dacb1a24bafa94faf9e0fdb8ead9cd5c5c0fcfa85dd1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 14:08:47 GMT
Etag: "63dcbb0b-117"
Server: ECS (amb/6B74)
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 14:08:47 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 13:49:06 GMT
age: 1182
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10848
Expires: Fri, 03 Feb 2023 17:09:36 GMT
Date: Fri, 03 Feb 2023 14:08:48 GMT
Connection: keep-alive
push.services.mozilla.com/
52.42.252.225101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.252.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: v7piWhqqnu3NTu7lPzeyPA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 62/pjHyVeswW5PdsiOShJIP8rKo=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13477
Expires: Fri, 03 Feb 2023 17:53:27 GMT
Date: Fri, 03 Feb 2023 14:08:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13477
Expires: Fri, 03 Feb 2023 17:53:27 GMT
Date: Fri, 03 Feb 2023 14:08:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13477
Expires: Fri, 03 Feb 2023 17:53:27 GMT
Date: Fri, 03 Feb 2023 14:08:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13477
Expires: Fri, 03 Feb 2023 17:53:27 GMT
Date: Fri, 03 Feb 2023 14:08:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13477
Expires: Fri, 03 Feb 2023 17:53:27 GMT
Date: Fri, 03 Feb 2023 14:08:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vUJO-Pt9Hi1ndrCQQT1nNCGT7oDOYBpA8-EawHanESoZAsZv32dQdg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 00:25:04 GMT
age: 49426
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a6aaf87a867f93dc9268a8b27973b97
f52ccbe6cbced1994acb13a00b05436553b6813e
3fbd7441712035f4d53c17eec93bc278e6c072043f3b5a721cac349fc0dabe77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10166
x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_4zHEcoAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G0R-0w9HtLB5OXb-w-RyR9QCnrddkS29FqF_GeAQa1CRWkqaUJwQoA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:27:53 GMT
age: 56457
etag: "f52ccbe6cbced1994acb13a00b05436553b6813e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab97f766ee1ed6ebbb2b3889a9157b4
f87f165404dec4d65531e6e25146cb77601f3616
f3d0f76f956371b1733a526f10a8253fc3396a459d7af59380d8e8db7dee8ec2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14071
x-amzn-requestid: 40cb363f-2c4d-4361-9fe1-10e4c8b2fe29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiTo4Ek2oAMFs6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d73305-6cb63d3c49f9f84e639467f6;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:01:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aTs6L8dJENFRdtBn7ggAbY5yaYRAzSY2B0bmElV4YNPrJg-KRDAyNA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:46:56 GMT
age: 58914
etag: "f87f165404dec4d65531e6e25146cb77601f3616"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 114e345e134986d7451148fcea31b29d
541e878afee68c8802bb52b0cbbe5a5a0a185392
5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8211
x-amzn-requestid: 2df5779a-a808-46ec-9246-1a9b9bddd9e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmKLVHwroAMF72Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bd7b-3cfe97e07d17958836425784;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:04:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZZXEXszbtmGh7kLfhabCGd41rZRnSmQvdcySUQRTDtJRBqZVUK3LaQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 07:19:27 GMT
age: 24563
etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 04:53:21 GMT
age: 33329
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:28:50 GMT
age: 56400
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2a952fd6aff238df0a21a15447f352e0
cd4c766404f9be8214db39f40ecf9e578ff21dd9
8abb119db9aeb354b1f7dacb1a24bafa94faf9e0fdb8ead9cd5c5c0fcfa85dd1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 14:08:53 GMT
Etag: "63dcbb0b-117"
Last-Modified: Fri, 03 Feb 2023 14:08:47 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8169363293906eba24d364920ae7fed0
fe0e782a398b6e2394cfcde0a0bf9bff1f739451
c15a28b036e531fcf474165fb42f8211e7aa3193508db31eff1d89e22113dbd0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C15A28B036E531FCF474165FB42F8211E7AA3193508DB31EFF1D89E22113DBD0"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11080
Expires: Fri, 03 Feb 2023 17:13:33 GMT
Date: Fri, 03 Feb 2023 14:08:53 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 14:08:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 14:08:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8169363293906eba24d364920ae7fed0
fe0e782a398b6e2394cfcde0a0bf9bff1f739451
c15a28b036e531fcf474165fb42f8211e7aa3193508db31eff1d89e22113dbd0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C15A28B036E531FCF474165FB42F8211E7AA3193508DB31EFF1D89E22113DBD0"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11080
Expires: Fri, 03 Feb 2023 17:13:33 GMT
Date: Fri, 03 Feb 2023 14:08:53 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-107208628-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-107208628-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 75eac3a397107257ab088e6a72d6ec95
cb1e1514e5d6382ebd63e8dc328d8b9cc787cc15
5422a45f8c2559a6bdd515f98167654000cddc02e808545200e848901450cdfd
GET /gtag/js?id=UA-107208628-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 14:08:53 GMT
expires: Fri, 03 Feb 2023 14:08:53 GMT
cache-control: private, max-age=900
last-modified: Fri, 03 Feb 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43885
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-107193880-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-107193880-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash b0c45f075ca13818fb83ddd5566c3065
871f7e1ab1feefd6464b42169632f91d9dada9b5
7a777e1390a04cdcae539acc6713a7e093b907751bde35b8dd843fb2ecd0a978
GET /gtag/js?id=UA-107193880-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 14:08:53 GMT
expires: Fri, 03 Feb 2023 14:08:53 GMT
cache-control: private, max-age=900
last-modified: Fri, 03 Feb 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43914
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-70BKR8JE7Z
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-70BKR8JE7Z
IP 142.250.74.168:0
File type ASCII text, with very long lines (19467)
Hash 0139974891d5b3c0370f58d7afd1d035
8d1e1452b95864914be4be2957b9dcd53895dd5a
9ac5a5410d5eccbd805155a33ce652444653df0250d713755c9d90f626e893cc
GET /gtag/js?id=G-70BKR8JE7Z HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 14:08:53 GMT
expires: Fri, 03 Feb 2023 14:08:53 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77062
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 14:08:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8169363293906eba24d364920ae7fed0
fe0e782a398b6e2394cfcde0a0bf9bff1f739451
c15a28b036e531fcf474165fb42f8211e7aa3193508db31eff1d89e22113dbd0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C15A28B036E531FCF474165FB42F8211E7AA3193508DB31EFF1D89E22113DBD0"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21507
Expires: Fri, 03 Feb 2023 20:07:21 GMT
Date: Fri, 03 Feb 2023 14:08:54 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 1.3 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2b321a37edb1076368fd3fe72de89043
b6429e4eb34e8e179a1eb250ee6982729b153e4a
eca5acd3f554c653aad8c518aece25147229394e6782888fc2c6e898fe4bc3ec
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C15A28B036E531FCF474165FB42F8211E7AA3193508DB31EFF1D89E22113DBD0"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21578
Expires: Fri, 03 Feb 2023 20:08:32 GMT
Date: Fri, 03 Feb 2023 14:08:54 GMT
Connection: keep-alive
torrent-indir.net/img/unitcareupdates/files/reboot/login/login.php
172.67.188.165404 Not Found 31 kB URL HTTP/2 torrent-indir.net/img/unitcareupdates/files/reboot/login/login.php
IP 172.67.188.165:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash 788f02855e435a6e6b9b34021b0f7990
6ae4ac55eabfe5ca043e3e66f636f9bba8d57037
0e63a02e4198b0071d24917fab42462f2438d5814677f7aef3375627ed27d040
Analyzer Verdict Alert fortinet Phishing
GET /img/unitcareupdates/files/reboot/login/login.php HTTP/1.1
Host: torrent-indir.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
date: Fri, 03 Feb 2023 14:08:53 GMT
content-type: text/html; charset=UTF-8
set-cookie: wordpress_sec_7c4eb74856b9bd3d843b811baf0068e2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/wp-content/plugins; secure; HttpOnly
wordpress_sec_7c4eb74856b9bd3d843b811baf0068e2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/wp-admin; secure; HttpOnly
wordpress_logged_in_7c4eb74856b9bd3d843b811baf0068e2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://torrent-indir.net/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding,Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xs8jO%2FeaIui%2Fec0N49%2BvR1mzQ7G67voPjccCUcf3u3nMqNfzhx0rCOgx49bnlCNV5CGLBB5W7YJGWY%2BUU2gEy8xTaBew5LRPFFoweBq%2FHBWuSVMElakRs3btBHR%2BOWFPPctt%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793bbd9c1ed30b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 30c771a8869b6deeb1e124caf5efbd18
1de33af59338047c0af4ba7f48d3b5ed114b21cc
eedc1b33dd4eb45789de929c9441fae9d99df6f6e64292d2ffc56e3cd09036fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEDC1B33DD4EB45789DE929C9441FAE9D99DF6F6E64292D2FFC56E3CD09036FD"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3902
Expires: Fri, 03 Feb 2023 15:13:56 GMT
Date: Fri, 03 Feb 2023 14:08:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 51f234245a9718a637c7f5c28fc6ad13
6bc6f1f3e3f5ff317eb6fd3f78c978b60abdfa2a
f66600fd3f2170d74714a1d7dea6e5d1560ae3cf0e3a19d80863fef329171638
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F66600FD3F2170D74714A1D7DEA6E5D1560AE3CF0E3A19D80863FEF329171638"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9181
Expires: Fri, 03 Feb 2023 16:41:55 GMT
Date: Fri, 03 Feb 2023 14:08:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 51f234245a9718a637c7f5c28fc6ad13
6bc6f1f3e3f5ff317eb6fd3f78c978b60abdfa2a
f66600fd3f2170d74714a1d7dea6e5d1560ae3cf0e3a19d80863fef329171638
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F66600FD3F2170D74714A1D7DEA6E5D1560AE3CF0E3A19D80863FEF329171638"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 03 Feb 2023 20:08:54 GMT
Date: Fri, 03 Feb 2023 14:08:54 GMT
Connection: keep-alive
functionsprecision.com/8daca518fc3be6631ea4a35e06f0c271/invoke.js
192.243.59.12200 OK 9.3 kB URL HTTP/1.1 functionsprecision.com/8daca518fc3be6631ea4a35e06f0c271/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25074), with no line terminators
Hash 78856d42cac04ccdc26f08d74f2af0ba
5a43bb5d3f5033ddee3d224cc09680e661519358
b2db16d33cb7f9577ae1ececd6eec20eb86f5e77ca91443602bffea0dda3841f
GET /8daca518fc3be6631ea4a35e06f0c271/invoke.js HTTP/1.1
Host: functionsprecision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 03 Feb 2023 14:08:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 41bcc4ece712b9ee8654a3066986847f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
functionsprecision.com/45/7b/c7/457bc751f7b6f09da1d83e9b84249eb7.js
192.243.59.12200 OK 21 kB URL HTTP/1.1 functionsprecision.com/45/7b/c7/457bc751f7b6f09da1d83e9b84249eb7.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60149), with no line terminators
Hash 44c861853b0046ad861202c784a9874b
3850a0ab72bfff88a18d1dfcb6c4b8bef48d9f3a
b54acca6b6eb73f17d61e854977e08909b7c1c0df584a6c3421ee28edc4eeaf9
GET /45/7b/c7/457bc751f7b6f09da1d83e9b84249eb7.js HTTP/1.1
Host: functionsprecision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 03 Feb 2023 14:08:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d122c4b7453e0ce0cbe1579983426e8f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
functionsprecision.com/4f/4b/94/4f4b94d70ac793043d509a84a218ec49.js
192.243.59.12200 OK 13 kB URL HTTP/1.1 functionsprecision.com/4f/4b/94/4f4b94d70ac793043d509a84a218ec49.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37161), with no line terminators
Hash 1169465d197fab8514724a6f76fa8b14
4e28e3f83a9e5a91fe58e46643490f597f85b2b8
5db6cb91920e270fad7bcabce0649ae2b1bffd8b3fb900c40c42e291a8f2a3bd
GET /4f/4b/94/4f4b94d70ac793043d509a84a218ec49.js HTTP/1.1
Host: functionsprecision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 03 Feb 2023 14:08:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1195439c1dcc51995a8a9f4dc31fe1d4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
region1.google-analytics.com/g/collect?v=2&tid=G-70BKR8JE7Z>m=45je3210&_p=474299521&cid=1464289441.1675433365&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675433365&sct=1&seg=0&dl=https%3A%2F%2Ftorrent-indir.net%2Fimg%2Funitcareupdates%2Ffiles%2Freboot%2Flogin%2Flogin.php&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-70BKR8JE7Z>m=45je3210&_p=474299521&cid=1464289441.1675433365&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675433365&sct=1&seg=0&dl=https%3A%2F%2Ftorrent-indir.net%2Fimg%2Funitcareupdates%2Ffiles%2Freboot%2Flogin%2Flogin.php&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-70BKR8JE7Z>m=45je3210&_p=474299521&cid=1464289441.1675433365&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675433365&sct=1&seg=0&dl=https%3A%2F%2Ftorrent-indir.net%2Fimg%2Funitcareupdates%2Ffiles%2Freboot%2Flogin%2Flogin.php&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://torrent-indir.net
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://torrent-indir.net
date: Fri, 03 Feb 2023 14:08:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
functionsprecision.com/45/7b/c7/457bc751f7b6f09da1d83e9b84249eb7.js
192.243.59.12200 OK 21 kB URL HTTP/1.1 functionsprecision.com/45/7b/c7/457bc751f7b6f09da1d83e9b84249eb7.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60140), with no line terminators
Hash 8c42cf2aba0c07a890b29e2be1bc1751
987bbf517ab1be3a58451d7c98aa0aa1ee540377
607438229acc977a90db963e70624a18dc4c12debabf4aa486f68781e4789bc6
GET /45/7b/c7/457bc751f7b6f09da1d83e9b84249eb7.js HTTP/1.1
Host: functionsprecision.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 03 Feb 2023 14:08:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3c0458e232d3eafa66354651631b2b41
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5fb4ecd839f7ed51e9ba9cac23c7a68e
562d72cdf0d15d346e67cb2b38957f215ef67728
5823262a8ee1332d649246f890c2e4065c27d963dec4aa6afa24cbbd50ef6746
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5823262A8EE1332D649246F890C2E4065C27D963DEC4AA6AFA24CBBD50EF6746"
Last-Modified: Thu, 02 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5658
Expires: Fri, 03 Feb 2023 15:43:12 GMT
Date: Fri, 03 Feb 2023 14:08:54 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 3f11c62617c2bee07a8ed3cf82151243
ba58aa99e6fda4e73216a5b6a382dfd4f1f5b33a
a0b39826bd54ed8244e2c90f71d51146feaba0b9100446256479344837c50228
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 03 Feb 2023 14:08:54 GMT
Last-Modified: Fri, 03 Feb 2023 13:14:37 GMT
Server: ECS (nyb/1D19)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wNe-7EB_rq8kk7p0x1uN5nkFEwh6YlXwCq9N7KqXKPfhV9ZDYnxIbw==
Age: 3257
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e70e9e5d74eea4fe2727fac986865133
0b1a570e9520def8578d434b6ea0cbf204a58098
ac8d96ba934b1a398256d1b309d27f6f028575ea4dd88678d0c83d2688bf86fb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "AC8D96BA934B1A398256D1B309D27F6F028575EA4DD88678D0C83D2688BF86FB"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16866
Expires: Fri, 03 Feb 2023 18:50:00 GMT
Date: Fri, 03 Feb 2023 14:08:54 GMT
Connection: keep-alive
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 198fd071cfbf21ccb510d90a701c85c7
01360a1b4aa3fae0aed11bdf89fffe1c0779f708
fe893e6672f334aa6649b9b08efb4de8e6ed0b623016810091c74dcc6d073e01
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://torrent-indir.net
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 14:08:55 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://torrent-indir.net
access-control-allow-credentials: true
set-cookie: uid_id2=d7383d9b-dca4-4905-9f28-53490354d842:3:1; expires=Mon, 31 Jan 2033 14:08:55 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 360fa5eecc5d7d56484eeb2b50e88c3b
b316e940a6e3f486c8b531c60fadcd9517664d12
45abc61a93895bfd016cc21d8e96f8b23d14740ea5fb6658f1418c509db20b5a
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://torrent-indir.net
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 14:08:55 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://torrent-indir.net
access-control-allow-credentials: true
set-cookie: uid_id2=47716ada-578a-462b-83fa-42677d3741f1:2:1; expires=Mon, 31 Jan 2033 14:08:55 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash fba3c0374f1534bfde6751830a1cf8fb
462cb106189f31e38d21cf0534a17ebedf9afce6
a8fd0169a5dfc361dc230d53220eff44ef57bb1deb54385eabcbb52eaa6a292d
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://torrent-indir.net
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 14:08:55 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://torrent-indir.net
access-control-allow-credentials: true
set-cookie: uid_id2=430cc873-1711-446b-9f50-174175fdc336:2:1; expires=Mon, 31 Jan 2033 14:08:55 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash ee4bdcac42d741fa1d9f3b492bb6e431
3dd7cfcaa95b2eacab3903901278b33ecbce00d9
d8795e260e37364451ffe98d129b993733f031b9f32d7a1f59f3351e04ef56c7
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://torrent-indir.net
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 14:08:55 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://torrent-indir.net
access-control-allow-credentials: true
set-cookie: uid_id2=1385eac5-447a-4236-be76-ed50ec83643e:2:1; expires=Mon, 31 Jan 2033 14:08:55 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
cdn.trafficbass.com/libs/e.js
5.79.76.5200 OK 38 kB URL HTTP/1.1 cdn.trafficbass.com/libs/e.js
IP 5.79.76.5:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash 9e242c99c54692f278882cc472a3c998
a8a9b74e60b0df69037e64956eaf2cd073c93f3b
cb9f4d6702df4c86e12365fa5aa3b80dc7c8b990a5a3008e3a8374054380ecbb
GET /libs/e.js HTTP/1.1
Host: cdn.trafficbass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 14:08:55 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 31 Oct 2022 14:23:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635fda6c-2027"
Expires: Sat, 04 Feb 2023 14:08:55 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Max-Age: 1728000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31ced9359ed0edd56a09608f0ef2fe66
62d577d3b99b0be9d38cffd8e83b0351ee6b93a6
e05a0ba35ee20d920a856974f596e817130ed78369dceaacedd2166ba7c2f732
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E05A0BA35EE20D920A856974F596E817130ED78369DCEAACEDD2166BA7C2F732"
Last-Modified: Thu, 02 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14043
Expires: Fri, 03 Feb 2023 18:02:58 GMT
Date: Fri, 03 Feb 2023 14:08:55 GMT
Connection: keep-alive
publishercounting.com/pixel/purst?dl=0&th=0&sc=0&rs=7112&rd=7112&fd=1057&bv=22.10.v.9&tmpl=70
173.233.139.164200 OK 0 B URL HTTP/1.1 publishercounting.com/pixel/purst?dl=0&th=0&sc=0&rs=7112&rd=7112&fd=1057&bv=22.10.v.9&tmpl=70
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=7112&rd=7112&fd=1057&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: publishercounting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 14:08:55 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e70e9e5d74eea4fe2727fac986865133
0b1a570e9520def8578d434b6ea0cbf204a58098
ac8d96ba934b1a398256d1b309d27f6f028575ea4dd88678d0c83d2688bf86fb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "AC8D96BA934B1A398256D1B309D27F6F028575EA4DD88678D0C83D2688BF86FB"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16865
Expires: Fri, 03 Feb 2023 18:50:00 GMT
Date: Fri, 03 Feb 2023 14:08:55 GMT
Connection: keep-alive
revolveoppress.com/pixel/purst?dl=0&th=0&sc=0&rs=7112&rd=7112&fd=1057&bv=22.10.v.9&tmpl=70
173.233.137.52200 OK 0 B URL HTTP/1.1 revolveoppress.com/pixel/purst?dl=0&th=0&sc=0&rs=7112&rd=7112&fd=1057&bv=22.10.v.9&tmpl=70
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/purst?dl=0&th=0&sc=0&rs=7112&rd=7112&fd=1057&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: revolveoppress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 14:08:55 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4d18547dfa66c8ba7adfade4132a6707
54da106e220e845086654f07368c8a7a4e6c651a
a102eef0880e04f074eca8af4c703cd3d605aee768804c1637b710a639bcf7d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A102EEF0880E04F074ECA8AF4C703CD3D605AEE768804C1637B710A639BCF7D1"
Last-Modified: Wed, 01 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7074
Expires: Fri, 03 Feb 2023 16:06:49 GMT
Date: Fri, 03 Feb 2023 14:08:55 GMT
Connection: keep-alive
z.cdn.trafficbass.com/load?z=1524588696&div=ge3eit84ie0&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=7738&hc=16&n=1675433366500&url=torrent-indir.net%2Fimg%2Funitcareupdates%2Ffiles%2Freboot%2Flogin%2Flogin.php&vc=0&zyx=3644483799
213.227.149.183204 No Content 0 B URL HTTP/2 z.cdn.trafficbass.com/load?z=1524588696&div=ge3eit84ie0&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=7738&hc=16&n=1675433366500&url=torrent-indir.net%2Fimg%2Funitcareupdates%2Ffiles%2Freboot%2Flogin%2Flogin.php&vc=0&zyx=3644483799
IP 213.227.149.183:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /load?z=1524588696&div=ge3eit84ie0&cw=1268&ch=939&sr=1280x1024&df=1&bh=1&tl=7738&hc=16&n=1675433366500&url=torrent-indir.net%2Fimg%2Funitcareupdates%2Ffiles%2Freboot%2Flogin%2Flogin.php&vc=0&zyx=3644483799 HTTP/1.1
Host: z.cdn.trafficbass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Fri, 03 Feb 2023 14:08:55 GMT
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: -1
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: AU=66910b6b79a87fea; Expires=Fri, 02 Feb 2035 22:00:07 GMT; Path=/; HttpOnly; SameSite=None; Secure
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.202.23200 OK 28 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.202.23:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 2356dd1e58bc7d96d2714e3565138957
d11d91e6298e9eb096739596d228b385b8b1d6b2
a2c9abb1d6884b8d2d51a17d454b7531c09065c974eec3bee0338ee82e14d675
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 14:08:55 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: ad12055c05026a684442fa412138d6dd
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 03 Feb 2023 14:08:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4ce%2BRarp8m9rfyplT7tbhwYk8sPGo6mM4eQ9NPz3Pel3cxTybX28%2FPfwvJiKRT9xYVTgRmeclj4RtGGo7SGySnKJXON92lLyT10kNO46IoODWS%2BJRZmRliemuR9P8OmF1zYlWM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793bbdc7dabf8868-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 24c2b213c041132253f821af5d0d856f
640d66a2af11821c7674c192df42ca6437f2ec15
8bf0641d17e8d23fa7170186909e8b3a251d73939c05557000992430d94c1159
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BF0641D17E8D23FA7170186909E8B3A251D73939C05557000992430D94C1159"
Last-Modified: Thu, 02 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9069
Expires: Fri, 03 Feb 2023 16:40:04 GMT
Date: Fri, 03 Feb 2023 14:08:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b7d989b415697cff62370f7730b25860
434aa43f2c55020ce7b770e0115429ee5abac5b9
19fcf5229e29c08dcc880cdc79a9d595798d53a409b67fcf15f3ee2d884eeb00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "19FCF5229E29C08DCC880CDC79A9D595798D53A409B67FCF15F3EE2D884EEB00"
Last-Modified: Thu, 02 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5449
Expires: Fri, 03 Feb 2023 15:39:44 GMT
Date: Fri, 03 Feb 2023 14:08:55 GMT
Connection: keep-alive
banquetunarmedgrater.com/advertisers.js
173.233.137.52200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 14:08:55 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 26f9eaaf3cb5e70f2aadfbd85616e4c4
Strict-Transport-Security: max-age=0; includeSubdomains
greedevolution.com/ntv.json?key=8daca518fc3be6631ea4a35e06f0c271&vstc=4
173.233.137.36200 OK 18 kB URL HTTP/1.1 greedevolution.com/ntv.json?key=8daca518fc3be6631ea4a35e06f0c271&vstc=4
IP 173.233.137.36:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (17521), with no line terminators
Hash e77f345355d162864c5d1758083cefba
dc362de4d3b785d4cdad2888f6ceb5d7188aa82e
c596ebe28cbc5b86c0af24dc79811e64e8e41ccd114129a82cf02eb5eef0c553
Analyzer Verdict Alert quad9 Sinkholed
GET /ntv.json?key=8daca518fc3be6631ea4a35e06f0c271&vstc=4 HTTP/1.1
Host: greedevolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://torrent-indir.net
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 14:08:55 GMT
Content-Type: application/json
Content-Length: 17557
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://torrent-indir.net
Access-Control-Allow-Origin: https://torrent-indir.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=18212102; expires=Sat, 04 Feb 2023 14:08:55 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 Feb 2023 14:08:55 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 Feb 2023 14:08:55 GMT; secure; SameSite=None
pdhtkv49=true; expires=Sat, 04 Feb 2023 14:08:55 GMT; secure; SameSite=None
uncs49=1; expires=Sat, 04 Feb 2023 14:08:55 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: df0c1baddb13383ed90bd2bae652bc26
Strict-Transport-Security: max-age=0; includeSubdomains
banquetunarmedgrater.com/advertisers.js
173.233.137.52200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 14:08:55 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6a1e5f21d67642ff366e860f5883a409
Strict-Transport-Security: max-age=0; includeSubdomains
greedevolution.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRSeDQeFaQCRggZtCRK67N6PfUeAiBCMLIJjkiDXszOzd8PN7qxmdm%2FPriwiQQqKQ6LgV1p%2FZ8cCIpR0NEhoDUKRK5%2BEIiPsjoYWiRrt5aSDJ837me8V73vf%2B3A3OyMeMnqy8Y7elkrRC%2B26576wKWOuc%2Buu33R9r%2B5ddDdlvNy66I4qZ4Yv%2B1677r3oviXYQF9oeL7n%2BZ7vrkojQj26MEMhk7tdv9716q1G3W%2B3MDL%2Fr23mwFIHfHhGnoHk08f7D%2B5DshJxdO%2BKsINUJy%2B9GWWKptpgyA%2FeiwexzmNEizQ0DsL4YN4NbaeEfHYOOj6YM4Ae7lUMEMgpcR76COKD%2BZgIhvuPJg0URIyAP4l8WEKoEpKWYPoWJD8mAONYv4Y4urOuTU63HqG0Qqek9s%2FfkPmU1E6fRRx9f1nJkXtDqyyVOrYYhQXkqITslUiyQ6TbDmR%2BCJZ%2BAMkJ4qiA5MWMtZQlZFhCiTGodZBVTzrIQgdZ4iDiJy5td0PPWwmDsNnstBhjzSZj7c4yb%2FNmqxN6yFg11hhpMgZTYzCzg8TsYCA%2FOa6%2FBpP9BNsvYLkDm06J8%2B4OhrxALghyS5BTglwS5ClBPiz2ubINW9zhymaBP4%2BNeWwWE532dum%2BTnsiJrvJGXm6Wolz%2Fs8nMBAnbodTRtt%2BJ2TNQCwvN31BW7TZFt5y6LHGig8rC0h7bsZ2u9Ln9C8kVfzoFwT0EFYdgsmnQDMfNJ%2BsNDzQ%2FqTV8bAd%2FyCMTuXAilFPWNaXrJ%2BKuM50BK4LJGkN6Zazq87IczOZur99BcGOLj34vLIvwEyBxBR4X%2F5M0FO3J9d1Tvau69yS%2B9eSVEZym1YS3khpKh779m2xlWvD167Y8Tevswqo0rs3hU2v0pjLuGfJd5cl58KsasME%2BXHNbopgI7P9y5mJs%2BTqxhura1FihLVSxyWoPLYfg8kpWYp%2Bnx3n839kkKaEyQpE2RGZG6QuwZId2OTo0q9LryaTh0uwmsCoRU%2BQOMizYmIaweJTSQIlFjUNCtj%2F1MEi37W30TM10PTW7CSHpsBQFaBqDJstTdLELFYXqNokUKa2FyijPp2ttnJfVu7rKXnl0j1YeeKKduiFwmuIIOwG4Qr1eDdsdQPa9cVK0KY%2BUjtlp%2BfzfwEAAP%2F%2FAQAA%2F%2F%2FV%2FJUtgwQAAA%3D%3D
173.233.137.36200 OK 7 B URL HTTP/1.1 greedevolution.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRSeDQeFaQCRggZtCRK67N6PfUeAiBCMLIJjkiDXszOzd8PN7qxmdm%2FPriwiQQqKQ6LgV1p%2FZ8cCIpR0NEhoDUKRK5%2BEIiPsjoYWiRrt5aSDJ837me8V73vf%2B3A3OyMeMnqy8Y7elkrRC%2B26576wKWOuc%2Buu33R9r%2B5ddDdlvNy66I4qZ4Yv%2B1677r3oviXYQF9oeL7n%2BZ7vrkojQj26MEMhk7tdv9716q1G3W%2B3MDL%2Fr23mwFIHfHhGnoHk08f7D%2B5DshJxdO%2BKsINUJy%2B9GWWKptpgyA%2FeiwexzmNEizQ0DsL4YN4NbaeEfHYOOj6YM4Ae7lUMEMgpcR76COKD%2BZgIhvuPJg0URIyAP4l8WEKoEpKWYPoWJD8mAONYv4Y4urOuTU63HqG0Qqek9s%2FfkPmU1E6fRRx9f1nJkXtDqyyVOrYYhQXkqITslUiyQ6TbDmR%2BCJZ%2BAMkJ4qiA5MWMtZQlZFhCiTGodZBVTzrIQgdZ4iDiJy5td0PPWwmDsNnstBhjzSZj7c4yb%2FNmqxN6yFg11hhpMgZTYzCzg8TsYCA%2FOa6%2FBpP9BNsvYLkDm06J8%2B4OhrxALghyS5BTglwS5ClBPiz2ubINW9zhymaBP4%2BNeWwWE532dum%2BTnsiJrvJGXm6Wolz%2Fs8nMBAnbodTRtt%2BJ2TNQCwvN31BW7TZFt5y6LHGig8rC0h7bsZ2u9Ln9C8kVfzoFwT0EFYdgsmnQDMfNJ%2BsNDzQ%2FqTV8bAd%2FyCMTuXAilFPWNaXrJ%2BKuM50BK4LJGkN6Zazq87IczOZur99BcGOLj34vLIvwEyBxBR4X%2F5M0FO3J9d1Tvau69yS%2B9eSVEZym1YS3khpKh779m2xlWvD167Y8Tevswqo0rs3hU2v0pjLuGfJd5cl58KsasME%2BXHNbopgI7P9y5mJs%2BTqxhura1FihLVSxyWoPLYfg8kpWYp%2Bnx3n839kkKaEyQpE2RGZG6QuwZId2OTo0q9LryaTh0uwmsCoRU%2BQOMizYmIaweJTSQIlFjUNCtj%2F1MEi37W30TM10PTW7CSHpsBQFaBqDJstTdLELFYXqNokUKa2FyijPp2ttnJfVu7rKXnl0j1YeeKKduiFwmuIIOwG4Qr1eDdsdQPa9cVK0KY%2BUjtlp%2BfzfwEAAP%2F%2FAQAA%2F%2F%2FV%2FJUtgwQAAA%3D%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRSeDQeFaQCRggZtCRK67N6PfUeAiBCMLIJjkiDXszOzd8PN7qxmdm%2FPriwiQQqKQ6LgV1p%2FZ8cCIpR0NEhoDUKRK5%2BEIiPsjoYWiRrt5aSDJ837me8V73vf%2B3A3OyMeMnqy8Y7elkrRC%2B26576wKWOuc%2Buu33R9r%2B5ddDdlvNy66I4qZ4Yv%2B1677r3oviXYQF9oeL7n%2BZ7vrkojQj26MEMhk7tdv9716q1G3W%2B3MDL%2Fr23mwFIHfHhGnoHk08f7D%2B5DshJxdO%2BKsINUJy%2B9GWWKptpgyA%2FeiwexzmNEizQ0DsL4YN4NbaeEfHYOOj6YM4Ae7lUMEMgpcR76COKD%2BZgIhvuPJg0URIyAP4l8WEKoEpKWYPoWJD8mAONYv4Y4urOuTU63HqG0Qqek9s%2FfkPmU1E6fRRx9f1nJkXtDqyyVOrYYhQXkqITslUiyQ6TbDmR%2BCJZ%2BAMkJ4qiA5MWMtZQlZFhCiTGodZBVTzrIQgdZ4iDiJy5td0PPWwmDsNnstBhjzSZj7c4yb%2FNmqxN6yFg11hhpMgZTYzCzg8TsYCA%2FOa6%2FBpP9BNsvYLkDm06J8%2B4OhrxALghyS5BTglwS5ClBPiz2ubINW9zhymaBP4%2BNeWwWE532dum%2BTnsiJrvJGXm6Wolz%2Fs8nMBAnbodTRtt%2BJ2TNQCwvN31BW7TZFt5y6LHGig8rC0h7bsZ2u9Ln9C8kVfzoFwT0EFYdgsmnQDMfNJ%2BsNDzQ%2FqTV8bAd%2FyCMTuXAilFPWNaXrJ%2BKuM50BK4LJGkN6Zazq87IczOZur99BcGOLj34vLIvwEyBxBR4X%2F5M0FO3J9d1Tvau69yS%2B9eSVEZym1YS3khpKh779m2xlWvD167Y8Tevswqo0rs3hU2v0pjLuGfJd5cl58KsasME%2BXHNbopgI7P9y5mJs%2BTqxhura1FihLVSxyWoPLYfg8kpWYp%2Bnx3n839kkKaEyQpE2RGZG6QuwZId2OTo0q9LryaTh0uwmsCoRU%2BQOMizYmIaweJTSQIlFjUNCtj%2F1MEi37W30TM10PTW7CSHpsBQFaBqDJstTdLELFYXqNokUKa2FyijPp2ttnJfVu7rKXnl0j1YeeKKduiFwmuIIOwG4Qr1eDdsdQPa9cVK0KY%2BUjtlp%2BfzfwEAAP%2F%2FAQAA%2F%2F%2FV%2FJUtgwQAAA%3D%3D HTTP/1.1
Host: greedevolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Cookie: u_pl=18212102; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 14:08:55 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0d34af6c8e131a47928ec8ebea6d3c15
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 604c3cbda1f304eef93aa15329e8e7ac
d9f25abc81500d2740265d4a2b11fa7e2d251d1f
5b0938197333a46575fa5d665e649f70b3268e27d0f3cbcac04065cc70acf9c5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5B0938197333A46575FA5D665E649F70B3268E27D0F3CBCAC04065CC70ACF9C5"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9982
Expires: Fri, 03 Feb 2023 16:55:18 GMT
Date: Fri, 03 Feb 2023 14:08:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 604c3cbda1f304eef93aa15329e8e7ac
d9f25abc81500d2740265d4a2b11fa7e2d251d1f
5b0938197333a46575fa5d665e649f70b3268e27d0f3cbcac04065cc70acf9c5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5B0938197333A46575FA5D665E649F70B3268E27D0F3CBCAC04065CC70ACF9C5"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9982
Expires: Fri, 03 Feb 2023 16:55:18 GMT
Date: Fri, 03 Feb 2023 14:08:56 GMT
Connection: keep-alive
greedevolution.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSuTkYP8aJiDl6kjwoy6Z6f3RkjBmOMLMbNmkT2XF1VPVNOdVdT1T%2Bze1oMaA4eRvDgL%2FR%2Bs5tFDZLcvAjSq4eQ0w6IrLh78%2BJV8Cw9GRh90O%2Bnvwf1fe%2B9D3ezU%2BIho8cb7%2BhtqRS90G167oubMua6sO76Ldf3mt5Fd1PGK52L7rh2Jn%2FF97pN7yX3LcFG%2BkLL8z3P93z3qjQi1OMLcxQyudf3m32v2Wk1%2FW4HY%2FP%2F2mYOLHXA81PyLCSfPTF8%2BACSVYij%2B1eEHaU6efnNKFM01QY5P3gvHsW6iBEt09A4COODRTe0nRHy2Rno%2BGChADrfqxUgkDPi%2FOYjiA8WNBHk%2B4%2BZBgoiRsCfQpFXEKqCpBWYvg3JjwjAONavI47urmtT0K3HKK3RGWn88zdkMSONk%2BcQR99fVnLs3tQqS6WOLcZhCTmuIAcVkuwQ6bYDWRyCpR9AcoI4KiF5OVctZQUZVlBiAmodZPUnHWShgyxxEPFjl3b7oeethkHYbvc6jLF2m7Fub4V3ebvTCz1krKY1QZpMwNQEzOwgMTsYyU%2BOmq%2FBZD%2FBDktY7sCmM%2BK8u4OclygEQWEJCkpQSIIiJSjycp8r27LlXa5sFviL2FrEdjnV6WCX7ut0IGKym5ySZ%2BqROOf%2FfBIjcez2OGW06%2FdC1g7EykrbF7RD213hrYQea636sLKEtGfmarfr%2FZz8haSOH%2F2CgB7CqkMw%2BTRo5oMW09WWBzqcdnoetuMfhNGpHFkxHgjLhpINUxE3mY7AdYkkbSDdcnbVKXl%2Bvqb%2Br19DsEeXHn5e2xdgpkRiSrwvfyYYqDvTG7ogezd0YcmD60kqI7lN6xXeTGkqzn77ttgqtOFrV%2Bzkm9dZDdTpvVvCptdozGU8sOS7y5JzYa5qwwT5cc1uimAjs8PLmYmz5NrGG1fXosQIa6WOK1B5ZD8GkzNyLvp9fpwv%2FJFDmgomKxFlj8jCIHUFluzAJkv2VhMYtewJkrMosnJqWsHyp5IESixrGpSw%2F6mDZb5r72BgGqDp7flJ5qZErkpQNYHNzk3TxCwfD1RjGijT2AuUUZ%2FWo%2F2qdl%2FOhzwjr166DyuPXdENvVB4LRGE%2FSBcpR7vh51%2BQPu%2BWA261EdqZ%2BzkfPEvAAAA%2F%2F8BAAD%2F%2FxkfjE6DBAAA
173.233.137.36200 OK 7 B URL HTTP/1.1 greedevolution.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSuTkYP8aJiDl6kjwoy6Z6f3RkjBmOMLMbNmkT2XF1VPVNOdVdT1T%2Bze1oMaA4eRvDgL%2FR%2Bs5tFDZLcvAjSq4eQ0w6IrLh78%2BJV8Cw9GRh90O%2Bnvwf1fe%2B9D3ezU%2BIho8cb7%2BhtqRS90G167oubMua6sO76Ldf3mt5Fd1PGK52L7rh2Jn%2FF97pN7yX3LcFG%2BkLL8z3P93z3qjQi1OMLcxQyudf3m32v2Wk1%2FW4HY%2FP%2F2mYOLHXA81PyLCSfPTF8%2BACSVYij%2B1eEHaU6efnNKFM01QY5P3gvHsW6iBEt09A4COODRTe0nRHy2Rno%2BGChADrfqxUgkDPi%2FOYjiA8WNBHk%2B4%2BZBgoiRsCfQpFXEKqCpBWYvg3JjwjAONavI47urmtT0K3HKK3RGWn88zdkMSONk%2BcQR99fVnLs3tQqS6WOLcZhCTmuIAcVkuwQ6bYDWRyCpR9AcoI4KiF5OVctZQUZVlBiAmodZPUnHWShgyxxEPFjl3b7oeethkHYbvc6jLF2m7Fub4V3ebvTCz1krKY1QZpMwNQEzOwgMTsYyU%2BOmq%2FBZD%2FBDktY7sCmM%2BK8u4OclygEQWEJCkpQSIIiJSjycp8r27LlXa5sFviL2FrEdjnV6WCX7ut0IGKym5ySZ%2BqROOf%2FfBIjcez2OGW06%2FdC1g7EykrbF7RD213hrYQea636sLKEtGfmarfr%2FZz8haSOH%2F2CgB7CqkMw%2BTRo5oMW09WWBzqcdnoetuMfhNGpHFkxHgjLhpINUxE3mY7AdYkkbSDdcnbVKXl%2Bvqb%2Br19DsEeXHn5e2xdgpkRiSrwvfyYYqDvTG7ogezd0YcmD60kqI7lN6xXeTGkqzn77ttgqtOFrV%2Bzkm9dZDdTpvVvCptdozGU8sOS7y5JzYa5qwwT5cc1uimAjs8PLmYmz5NrGG1fXosQIa6WOK1B5ZD8GkzNyLvp9fpwv%2FJFDmgomKxFlj8jCIHUFluzAJkv2VhMYtewJkrMosnJqWsHyp5IESixrGpSw%2F6mDZb5r72BgGqDp7flJ5qZErkpQNYHNzk3TxCwfD1RjGijT2AuUUZ%2FWo%2F2qdl%2FOhzwjr166DyuPXdENvVB4LRGE%2FSBcpR7vh51%2BQPu%2BWA261EdqZ%2BzkfPEvAAAA%2F%2F8BAAD%2F%2FxkfjE6DBAAA
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSuTkYP8aJiDl6kjwoy6Z6f3RkjBmOMLMbNmkT2XF1VPVNOdVdT1T%2Bze1oMaA4eRvDgL%2FR%2Bs5tFDZLcvAjSq4eQ0w6IrLh78%2BJV8Cw9GRh90O%2Bnvwf1fe%2B9D3ezU%2BIho8cb7%2BhtqRS90G167oubMua6sO76Ldf3mt5Fd1PGK52L7rh2Jn%2FF97pN7yX3LcFG%2BkLL8z3P93z3qjQi1OMLcxQyudf3m32v2Wk1%2FW4HY%2FP%2F2mYOLHXA81PyLCSfPTF8%2BACSVYij%2B1eEHaU6efnNKFM01QY5P3gvHsW6iBEt09A4COODRTe0nRHy2Rno%2BGChADrfqxUgkDPi%2FOYjiA8WNBHk%2B4%2BZBgoiRsCfQpFXEKqCpBWYvg3JjwjAONavI47urmtT0K3HKK3RGWn88zdkMSONk%2BcQR99fVnLs3tQqS6WOLcZhCTmuIAcVkuwQ6bYDWRyCpR9AcoI4KiF5OVctZQUZVlBiAmodZPUnHWShgyxxEPFjl3b7oeethkHYbvc6jLF2m7Fub4V3ebvTCz1krKY1QZpMwNQEzOwgMTsYyU%2BOmq%2FBZD%2FBDktY7sCmM%2BK8u4OclygEQWEJCkpQSIIiJSjycp8r27LlXa5sFviL2FrEdjnV6WCX7ut0IGKym5ySZ%2BqROOf%2FfBIjcez2OGW06%2FdC1g7EykrbF7RD213hrYQea636sLKEtGfmarfr%2FZz8haSOH%2F2CgB7CqkMw%2BTRo5oMW09WWBzqcdnoetuMfhNGpHFkxHgjLhpINUxE3mY7AdYkkbSDdcnbVKXl%2Bvqb%2Br19DsEeXHn5e2xdgpkRiSrwvfyYYqDvTG7ogezd0YcmD60kqI7lN6xXeTGkqzn77ttgqtOFrV%2Bzkm9dZDdTpvVvCptdozGU8sOS7y5JzYa5qwwT5cc1uimAjs8PLmYmz5NrGG1fXosQIa6WOK1B5ZD8GkzNyLvp9fpwv%2FJFDmgomKxFlj8jCIHUFluzAJkv2VhMYtewJkrMosnJqWsHyp5IESixrGpSw%2F6mDZb5r72BgGqDp7flJ5qZErkpQNYHNzk3TxCwfD1RjGijT2AuUUZ%2FWo%2F2qdl%2FOhzwjr166DyuPXdENvVB4LRGE%2FSBcpR7vh51%2BQPu%2BWA261EdqZ%2BzkfPEvAAAA%2F%2F8BAAD%2F%2FxkfjE6DBAAA HTTP/1.1
Host: greedevolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Cookie: u_pl=18212102; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 14:08:56 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 428a9e0a30609a9fd366851cf55a2255
Strict-Transport-Security: max-age=0; includeSubdomains
subscribestormyapprobation.com/sbar.json?key=4f4b94d70ac793043d509a84a218ec49&uuid=1385eac5-447a-4236-be76-ed50ec83643e%3A2%3A1
192.243.61.227200 OK 4.4 kB URL HTTP/1.1 subscribestormyapprobation.com/sbar.json?key=4f4b94d70ac793043d509a84a218ec49&uuid=1385eac5-447a-4236-be76-ed50ec83643e%3A2%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6196), with no line terminators
Hash cf975ecef7191e38d858987f131fd292
6950f62f3d48c848cfa5f5877ea248ca555ed13f
186a16f968c6cc4f6d6c9fd254097e5b7e09e1abc8c588603650bf0590f6073f
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=4f4b94d70ac793043d509a84a218ec49&uuid=1385eac5-447a-4236-be76-ed50ec83643e%3A2%3A1 HTTP/1.1
Host: subscribestormyapprobation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://torrent-indir.net
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 14:08:56 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://torrent-indir.net
Access-Control-Allow-Origin: https://torrent-indir.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15595048; expires=Sat, 04 Feb 2023 14:08:55 GMT; secure; SameSite=None
uid_id2=1385eac5-447a-4236-be76-ed50ec83643e:2:1; expires=Fri, 10 Feb 2023 14:08:55 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 Feb 2023 14:08:56 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 Feb 2023 14:08:56 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 04 Feb 2023 14:08:56 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 04 Feb 2023 14:08:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4c879e19ee9a25d5c738ea81ab76d74f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/si/14/d6/f0/14d6f0079ffda60cd9961f9c32e1cb1b/1674209884.png
45.133.44.10200 OK 108 kB URL HTTP/2 cdn.cloudimagesb.com/si/14/d6/f0/14d6f0079ffda60cd9961f9c32e1cb1b/1674209884.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size 108 kB (108061 bytes)
Hash f25a89906f49b309b04a788657e63775
fafed8a699a3942ca5d277b5f329e1e2377d3747
05d3612dca9ad5a805bd967d52285f06a4e8f028a3e94f4cef6031b985b9796d
GET /si/14/d6/f0/14d6f0079ffda60cd9961f9c32e1cb1b/1674209884.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 14:08:56 GMT
content-type: image/png
content-length: 108061
server: nginx/1.17.6
last-modified: Fri, 20 Jan 2023 10:18:12 GMT
etag: "63ca6a64-1a61d"
expires: Sun, 05 Feb 2023 14:08:56 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
greedevolution.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSujqOH9aLiHrzIHBVk0j0%2FyYwrLsY1ElyzcXcl5%2Bqq6plyqruaqurpSU7BBd2DhxE8%2BAudb5IN6iK7Ny%2BCTPSw7CkDIhGTmxevgmfp2YFxH%2FT76e9Bfd9776P97Jz4yOjp1rt6VypFl1s1v%2FrStky4zm1182Y18Gv%2Bpeq2TFaal6rD0pnBq4HfqvkvV98WrK%2BX637g%2B4EfVNelEZEeLs9QyPRuJ6h1%2FFqzXgtaTQzN47XNPFjqgQ%2FOyXOQfPpk78F9SDZBEt%2B7Imzf6fSVt%2BJMUacNBvzo%2FaSf6DxBvEgj4yFKjubd0HZKyOdL0MnRXAH04KBUgFBOifd7gDA5mtNEODh8xDRUEAlC%2FjTywQRCTSDpBEzfguQnBGAcm9eQxHc2tcnpziOUluiUVP79BzKfksrZ80jiH9aUHFZvaJU5qROLYVRADieQ3QnS7Bhu14PMj8Hch5CcIIkLSF7MVEs5gYwmUGIEaj1k5Sc9ZJGHLPUQ89MqbXUi31%2BNwqjRaDcZY40GY632Cm%2FxRrMd%2BchYSWsEl47A1AjM7CE1e%2BjLT09qr8NkP8P2Cljuwbop8d7bw4AXyAVBbglySpBLgtwR5IPikCtbt8UdrmwWBvNYn8dGMdauu08PteuKhOyn5%2BTZciTexb%2BeQl%2BcVtucMtoK2hFrhGJlpREI2qSNlvBXIp%2FVVwNYWUDapZna3XI%2FZ38jLePHvyKkx7DqGEw%2BA5oFoPl4te6D9sbNto%2Fd5EdhtJN9K4ZdYVlPsp4TSY3pGFwXSF0FbsfbV%2BfkhdmaOr99BcEeXn7wRWlfgpkCqSnwgfyFoKtuj6%2FrnBxc17kl96%2BlTsZyl5YrvOGoE098947YybXhG1fs6Ns3WAmU6d2bwrqrNOEy6Vry%2FZrkXJh1bZggP23YbRFuZba3lpkkS69uvbm%2BEadGWCt1MgGVJ%2FYTMDklF%2BI%2FZsf54p8O0kxgsgJx9pDMDVJPwNI92HTB3moCoxY9YbqEPCvGph4ufipJoMSipmEB%2B786XOT79ja6pgLqbs1OcmAKDFQBqkaw2YWxS83i8VBVxqEylYNQGfVZOdqvZ%2FMt3TdT8trle7DytCpakR8Jvy7CqBNGq9TnnajZCWknEKthiwZwdsrOLub%2FAQAA%2F%2F8BAAD%2F%2F%2B%2BIqeKDBAAA
173.233.137.36200 OK 7 B URL HTTP/1.1 greedevolution.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSujqOH9aLiHrzIHBVk0j0%2FyYwrLsY1ElyzcXcl5%2Bqq6plyqruaqurpSU7BBd2DhxE8%2BAudb5IN6iK7Ny%2BCTPSw7CkDIhGTmxevgmfp2YFxH%2FT76e9Bfd9776P97Jz4yOjp1rt6VypFl1s1v%2FrStky4zm1182Y18Gv%2Bpeq2TFaal6rD0pnBq4HfqvkvV98WrK%2BX637g%2B4EfVNelEZEeLs9QyPRuJ6h1%2FFqzXgtaTQzN47XNPFjqgQ%2FOyXOQfPpk78F9SDZBEt%2B7Imzf6fSVt%2BJMUacNBvzo%2FaSf6DxBvEgj4yFKjubd0HZKyOdL0MnRXAH04KBUgFBOifd7gDA5mtNEODh8xDRUEAlC%2FjTywQRCTSDpBEzfguQnBGAcm9eQxHc2tcnpziOUluiUVP79BzKfksrZ80jiH9aUHFZvaJU5qROLYVRADieQ3QnS7Bhu14PMj8Hch5CcIIkLSF7MVEs5gYwmUGIEaj1k5Sc9ZJGHLPUQ89MqbXUi31%2BNwqjRaDcZY40GY632Cm%2FxRrMd%2BchYSWsEl47A1AjM7CE1e%2BjLT09qr8NkP8P2Cljuwbop8d7bw4AXyAVBbglySpBLgtwR5IPikCtbt8UdrmwWBvNYn8dGMdauu08PteuKhOyn5%2BTZciTexb%2BeQl%2BcVtucMtoK2hFrhGJlpREI2qSNlvBXIp%2FVVwNYWUDapZna3XI%2FZ38jLePHvyKkx7DqGEw%2BA5oFoPl4te6D9sbNto%2Fd5EdhtJN9K4ZdYVlPsp4TSY3pGFwXSF0FbsfbV%2BfkhdmaOr99BcEeXn7wRWlfgpkCqSnwgfyFoKtuj6%2FrnBxc17kl96%2BlTsZyl5YrvOGoE098947YybXhG1fs6Ns3WAmU6d2bwrqrNOEy6Vry%2FZrkXJh1bZggP23YbRFuZba3lpkkS69uvbm%2BEadGWCt1MgGVJ%2FYTMDklF%2BI%2FZsf54p8O0kxgsgJx9pDMDVJPwNI92HTB3moCoxY9YbqEPCvGph4ufipJoMSipmEB%2B786XOT79ja6pgLqbs1OcmAKDFQBqkaw2YWxS83i8VBVxqEylYNQGfVZOdqvZ%2FMt3TdT8trle7DytCpakR8Jvy7CqBNGq9TnnajZCWknEKthiwZwdsrOLub%2FAQAA%2F%2F8BAAD%2F%2F%2B%2BIqeKDBAAA
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSujqOH9aLiHrzIHBVk0j0%2FyYwrLsY1ElyzcXcl5%2Bqq6plyqruaqurpSU7BBd2DhxE8%2BAudb5IN6iK7Ny%2BCTPSw7CkDIhGTmxevgmfp2YFxH%2FT76e9Bfd9776P97Jz4yOjp1rt6VypFl1s1v%2FrStky4zm1182Y18Gv%2Bpeq2TFaal6rD0pnBq4HfqvkvV98WrK%2BX637g%2B4EfVNelEZEeLs9QyPRuJ6h1%2FFqzXgtaTQzN47XNPFjqgQ%2FOyXOQfPpk78F9SDZBEt%2B7Imzf6fSVt%2BJMUacNBvzo%2FaSf6DxBvEgj4yFKjubd0HZKyOdL0MnRXAH04KBUgFBOifd7gDA5mtNEODh8xDRUEAlC%2FjTywQRCTSDpBEzfguQnBGAcm9eQxHc2tcnpziOUluiUVP79BzKfksrZ80jiH9aUHFZvaJU5qROLYVRADieQ3QnS7Bhu14PMj8Hch5CcIIkLSF7MVEs5gYwmUGIEaj1k5Sc9ZJGHLPUQ89MqbXUi31%2BNwqjRaDcZY40GY632Cm%2FxRrMd%2BchYSWsEl47A1AjM7CE1e%2BjLT09qr8NkP8P2Cljuwbop8d7bw4AXyAVBbglySpBLgtwR5IPikCtbt8UdrmwWBvNYn8dGMdauu08PteuKhOyn5%2BTZciTexb%2BeQl%2BcVtucMtoK2hFrhGJlpREI2qSNlvBXIp%2FVVwNYWUDapZna3XI%2FZ38jLePHvyKkx7DqGEw%2BA5oFoPl4te6D9sbNto%2Fd5EdhtJN9K4ZdYVlPsp4TSY3pGFwXSF0FbsfbV%2BfkhdmaOr99BcEeXn7wRWlfgpkCqSnwgfyFoKtuj6%2FrnBxc17kl96%2BlTsZyl5YrvOGoE098947YybXhG1fs6Ns3WAmU6d2bwrqrNOEy6Vry%2FZrkXJh1bZggP23YbRFuZba3lpkkS69uvbm%2BEadGWCt1MgGVJ%2FYTMDklF%2BI%2FZsf54p8O0kxgsgJx9pDMDVJPwNI92HTB3moCoxY9YbqEPCvGph4ufipJoMSipmEB%2B786XOT79ja6pgLqbs1OcmAKDFQBqkaw2YWxS83i8VBVxqEylYNQGfVZOdqvZ%2FMt3TdT8trle7DytCpakR8Jvy7CqBNGq9TnnajZCWknEKthiwZwdsrOLub%2FAQAA%2F%2F8BAAD%2F%2F%2B%2BIqeKDBAAA HTTP/1.1
Host: greedevolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Cookie: u_pl=18212102; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 14:08:56 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6e25a160f7adf11d1ae6a460506a2354
Strict-Transport-Security: max-age=0; includeSubdomains
greedevolution.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuXkYP60XFPSgIfVSQSff8JDNGDMY1ElyTuLsS8FZdVT1TTnVXU9U9PckpuKB7HMGDv9D5JtmgLrJ78yLKRA9LQNiBRXJIPHnxJAgeRXoyMPig309%2FD%2Bp973sf7mfnxENGT7fe1rtSKbrQrHruC9sy5jq37sZN1%2Feq3rK7LePFxrI7KJ3pv%2Bx7zar3ovumYD29UPN8z%2FM9312TRoR6sDBFIZO7bb%2Fa9qqNWtVvNjAw%2F69t5sBSB7x%2FTp6G5JPHug%2FuQ7Ix4ujeVWF7qU5eeiPKFE21QZ8fvRv3Yp3HiOZpaByE8dGsG9pOCPn0EnR8NGMA3T8oGSCQE%2BL85iOIj2ZjIugfXkwaKIgYAX8CeX8MocaQdAymb0HyhwRgHBubiKM7G9rkdOcCpSU6IZV%2F%2FobMJ6Ry9gzi6LtVJQfuDa2yVOrYYhAWkIMxZGeMJDtGuutA5sdg6QeQnCCOCkheTFlLOYYMx1BiCGodZOUnHWShgyxxEPFTlzbboecthUFYr7cajLF6nbFma5E3eb3RCj1krBxriDQZgqkhmNlDYvbQkx8%2FrL4Kk%2F0E2y1guQObTojzzh76vEAuCHJLkFOCXBLkKUHeLw65sjVb3OHKZoE%2Fi7VZrBcjnXb26aFOOyIm%2B8k5eapciXPlj8fRE6dui1NGm34rZPVALC7WfUEbtN4U3mLosdqSDysLSHtpyna31OfsTyRl%2FOgXBPQYVh2DySdBMx80Hy3VPNDuqNHysBt%2FL4xOZc%2BKQUdY1pWsm4q4ynQErgskaQXpjrOvzsmzU5leWbkHwU5WHm3%2Bvszfex7MFEhMgfflzwQddXt0Xefk4LrOLbm%2FmaQykru0lPBGSlNR%2BeYtsZNrw9ev2uHXr7ESKNO7N4VNr9GYy7hjyberknNh1rRhgvywbrdFsJXZ7mpm4iy5tvX62nqUGGGt1PEYtKRZ6iMn5PK%2Fz03P041%2BhTRjmKxAlJ2QmUHqMViyB5ucrDz4rLTPYTWBUfOeIKkgz4qRqQXzn0oSKDGvaVDAivkSAnHy418X2L69jY6pgKa3pkfZNwX6qgBVQ9js8ihNzPzxQFVGgTKVg0AZ9cmEtB99WbovSvfVxa6tPHVFM%2FRC4dVEELaDcIl6vB022gFt%2B2IpaFIfqZ2wsyv5fwAAAP%2F%2FAQAA%2F%2F%2Fc%2FBuWhQQAAA%3D%3D
173.233.137.36200 OK 7 B URL HTTP/1.1 greedevolution.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuXkYP60XFPSgIfVSQSff8JDNGDMY1ElyTuLsS8FZdVT1TTnVXU9U9PckpuKB7HMGDv9D5JtmgLrJ78yLKRA9LQNiBRXJIPHnxJAgeRXoyMPig309%2FD%2Bp973sf7mfnxENGT7fe1rtSKbrQrHruC9sy5jq37sZN1%2Feq3rK7LePFxrI7KJ3pv%2Bx7zar3ovumYD29UPN8z%2FM9312TRoR6sDBFIZO7bb%2Fa9qqNWtVvNjAw%2F69t5sBSB7x%2FTp6G5JPHug%2FuQ7Ix4ujeVWF7qU5eeiPKFE21QZ8fvRv3Yp3HiOZpaByE8dGsG9pOCPn0EnR8NGMA3T8oGSCQE%2BL85iOIj2ZjIugfXkwaKIgYAX8CeX8MocaQdAymb0HyhwRgHBubiKM7G9rkdOcCpSU6IZV%2F%2FobMJ6Ry9gzi6LtVJQfuDa2yVOrYYhAWkIMxZGeMJDtGuutA5sdg6QeQnCCOCkheTFlLOYYMx1BiCGodZOUnHWShgyxxEPFTlzbboecthUFYr7cajLF6nbFma5E3eb3RCj1krBxriDQZgqkhmNlDYvbQkx8%2FrL4Kk%2F0E2y1guQObTojzzh76vEAuCHJLkFOCXBLkKUHeLw65sjVb3OHKZoE%2Fi7VZrBcjnXb26aFOOyIm%2B8k5eapciXPlj8fRE6dui1NGm34rZPVALC7WfUEbtN4U3mLosdqSDysLSHtpyna31OfsTyRl%2FOgXBPQYVh2DySdBMx80Hy3VPNDuqNHysBt%2FL4xOZc%2BKQUdY1pWsm4q4ynQErgskaQXpjrOvzsmzU5leWbkHwU5WHm3%2Bvszfex7MFEhMgfflzwQddXt0Xefk4LrOLbm%2FmaQykru0lPBGSlNR%2BeYtsZNrw9ev2uHXr7ESKNO7N4VNr9GYy7hjyberknNh1rRhgvywbrdFsJXZ7mpm4iy5tvX62nqUGGGt1PEYtKRZ6iMn5PK%2Fz03P041%2BhTRjmKxAlJ2QmUHqMViyB5ucrDz4rLTPYTWBUfOeIKkgz4qRqQXzn0oSKDGvaVDAivkSAnHy418X2L69jY6pgKa3pkfZNwX6qgBVQ9js8ihNzPzxQFVGgTKVg0AZ9cmEtB99WbovSvfVxa6tPHVFM%2FRC4dVEELaDcIl6vB022gFt%2B2IpaFIfqZ2wsyv5fwAAAP%2F%2FAQAA%2F%2F%2Fc%2FBuWhQQAAA%3D%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuXkYP60XFPSgIfVSQSff8JDNGDMY1ElyTuLsS8FZdVT1TTnVXU9U9PckpuKB7HMGDv9D5JtmgLrJ78yLKRA9LQNiBRXJIPHnxJAgeRXoyMPig309%2FD%2Bp973sf7mfnxENGT7fe1rtSKbrQrHruC9sy5jq37sZN1%2Feq3rK7LePFxrI7KJ3pv%2Bx7zar3ovumYD29UPN8z%2FM9312TRoR6sDBFIZO7bb%2Fa9qqNWtVvNjAw%2F69t5sBSB7x%2FTp6G5JPHug%2FuQ7Ix4ujeVWF7qU5eeiPKFE21QZ8fvRv3Yp3HiOZpaByE8dGsG9pOCPn0EnR8NGMA3T8oGSCQE%2BL85iOIj2ZjIugfXkwaKIgYAX8CeX8MocaQdAymb0HyhwRgHBubiKM7G9rkdOcCpSU6IZV%2F%2FobMJ6Ry9gzi6LtVJQfuDa2yVOrYYhAWkIMxZGeMJDtGuutA5sdg6QeQnCCOCkheTFlLOYYMx1BiCGodZOUnHWShgyxxEPFTlzbboecthUFYr7cajLF6nbFma5E3eb3RCj1krBxriDQZgqkhmNlDYvbQkx8%2FrL4Kk%2F0E2y1guQObTojzzh76vEAuCHJLkFOCXBLkKUHeLw65sjVb3OHKZoE%2Fi7VZrBcjnXb26aFOOyIm%2B8k5eapciXPlj8fRE6dui1NGm34rZPVALC7WfUEbtN4U3mLosdqSDysLSHtpyna31OfsTyRl%2FOgXBPQYVh2DySdBMx80Hy3VPNDuqNHysBt%2FL4xOZc%2BKQUdY1pWsm4q4ynQErgskaQXpjrOvzsmzU5leWbkHwU5WHm3%2Bvszfex7MFEhMgfflzwQddXt0Xefk4LrOLbm%2FmaQykru0lPBGSlNR%2BeYtsZNrw9ev2uHXr7ESKNO7N4VNr9GYy7hjyberknNh1rRhgvywbrdFsJXZ7mpm4iy5tvX62nqUGGGt1PEYtKRZ6iMn5PK%2Fz03P041%2BhTRjmKxAlJ2QmUHqMViyB5ucrDz4rLTPYTWBUfOeIKkgz4qRqQXzn0oSKDGvaVDAivkSAnHy418X2L69jY6pgKa3pkfZNwX6qgBVQ9js8ihNzPzxQFVGgTKVg0AZ9cmEtB99WbovSvfVxa6tPHVFM%2FRC4dVEELaDcIl6vB022gFt%2B2IpaFIfqZ2wsyv5fwAAAP%2F%2FAQAA%2F%2F%2Fc%2FBuWhQQAAA%3D%3D HTTP/1.1
Host: greedevolution.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Cookie: u_pl=18212102; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 14:08:56 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cda02a921a3b4a96551d33d344bdf4a0
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/si/47/97/d2/4797d24d30d760fa18a53e15c6bbde7c/1668496161.png
45.133.44.10200 OK 113 kB URL HTTP/2 cdn.cloudimagesb.com/si/47/97/d2/4797d24d30d760fa18a53e15c6bbde7c/1668496161.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size 113 kB (112700 bytes)
Hash a85aa1de5c20ac4eb372e7f76f32ae7f
cc839c5f4d10d95e79ad9b161dff4453ace53149
d5e4a4cd44386fa562de135e43cfe7fdafe70387dd40d805873c982a25ebae83
GET /si/47/97/d2/4797d24d30d760fa18a53e15c6bbde7c/1668496161.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 14:08:56 GMT
content-type: image/png
content-length: 112700
server: nginx/1.17.6
last-modified: Tue, 15 Nov 2022 07:09:29 GMT
etag: "63733b29-1b83c"
expires: Sun, 05 Feb 2023 14:08:56 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/28/80/ff/2880ff40cd55fcd3dccbf0b5a4550082/1668496177.png
45.133.44.10200 OK 123 kB URL HTTP/2 cdn.cloudimagesb.com/si/28/80/ff/2880ff40cd55fcd3dccbf0b5a4550082/1668496177.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size 123 kB (123291 bytes)
Hash 1c26658a8e0980350d9b1ddd575fa2e1
99514e6f4091235f9ea4ba0933edd20f31c9d031
3b43b009a295edad0eb4c0617671b86f5bb68c732bd57fa090adcdb5807f99a3
GET /si/28/80/ff/2880ff40cd55fcd3dccbf0b5a4550082/1668496177.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 14:08:56 GMT
content-type: image/png
content-length: 123291
server: nginx/1.17.6
last-modified: Tue, 15 Nov 2022 07:09:43 GMT
etag: "63733b37-1e19b"
expires: Sun, 05 Feb 2023 14:08:56 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/05/ad/dd/05addd62695f348ef4439268d6563f04/1668496169.png
45.133.44.10200 OK 144 kB URL HTTP/2 cdn.cloudimagesb.com/si/05/ad/dd/05addd62695f348ef4439268d6563f04/1668496169.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (144325 bytes)
Hash d76c93ff8a660d41a613c8ef00e2d201
b62383271edfc4b32b571059bcf67c4c33680303
83d31a43474028aa1fe7244059469065fd98dfddca0b11eb04002fa45c039e26
GET /si/05/ad/dd/05addd62695f348ef4439268d6563f04/1668496169.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 14:08:56 GMT
content-type: image/png
content-length: 144325
server: nginx/1.17.6
last-modified: Tue, 15 Nov 2022 07:09:36 GMT
etag: "63733b30-233c5"
expires: Sun, 05 Feb 2023 14:08:56 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358c0cc441f7401b74509340db8b0014
19c0c7970d9a01d09daa48fd89a756d3da76a4d8
f4b0f1711cc67ff151c6ce05827d1663b2569b55a669e8bb4a1dd21b3972dfea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4B0F1711CC67FF151C6CE05827D1663B2569B55A669E8BB4A1DD21B3972DFEA"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2889
Expires: Fri, 03 Feb 2023 14:57:05 GMT
Date: Fri, 03 Feb 2023 14:08:56 GMT
Connection: keep-alive
subscribestormyapprobation.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSMWwcRRSdTUJDGoKgoECcEEWQ8GX3dtd3lwiimGBkYRwrCXJDwezM7N1wuzurmd3bsyuLSGAkRC4d5fqdHQuIUNLRIKE1FMiVDwnkwu5okKgQqdGdTzL8Yv6beX%2Bk99%2F%2Fn27nJ8RGTo9W31cbMoroFb9u1y6vyYSrwtRW7tYcu25fq63JZN67VhtMDt2%2F6th%2B3X699q5gPXWlYTu27dhObVFqEarBlSkLmT5qO%2FW2Xfcadcf3MND%2Fv5vcgqEWeP%2BEPA%2FJx890f3kCySok8eObwvQylb7xTpxHNFMafb73QdJLVJEgPoOhthAme7NqKDMm5KtzUMnerAOo%2Fs6kAwRyTKzfHQTJ3kwmgv7uqdIggkgQ8Iso%2BhVEVEHSCkzdg%2BSHBGAcK7eQxA9XlC7o%2BilLJ%2ByYXHj6N2QxJheOX0ASf7cQyUHtjoryTKrEYBCWkIMKslMhzfeRbViQxT5Y9gkkJ0jiEpIfvea4LV9Q5s95XpPOeQ13fi4Qzfk5wX1bsJY777liao2UFWRYIRJDUHMOubGQSwt5aCFPLcT8qEb9dmjbzTAIXbflMcZclzG%2FNc997nqt0EbOJtqHyNIhWDQE05tI9SZ68sFh%2FS3o%2FEeYbgnDLZiMoM9LFIKgMAQFJSgkQZERFP1yl0emYcqHPDJ54MxyY5bdcqSyzjbdVVlHJGQ7PSGXpp799fQyeuKo5oVe0PZ406as2XZtz%2BW%2B3aYtjzaclmBeG0aWkOYcqLGwMRng8Z9IJ%2FmznxHQfZhoH0w%2BB5q%2FDFqMmg0btDvyWjY2ku%2BFVpnsGTHoCMO6knUzkdSZisFViTS7gGzd2o5OyEtTTVffvAjBDq6P7394%2BZ%2FqPpgukeoSH8ufCDrR1ui2KsjObVUY8uRWmslYbtDJjO9kNBPnv3lPrBdK86WbZvj1DTYhJvDRXWGyZZpwmXQM%2BXZBci70otJMkB%2BWzJoIVnPTXch1kqfLq28vLsWpFsZIlVSg8tB8ASbH5NmtL6fb%2B8qrMaSuoPMScX5AZgGpKrB0EyY9U28UgY7OaoLUQpGXI90Izh4jOSb1S78hEgfXH%2F%2Fx0Y3Pm8ugQQkj%2FvPxDG%2BbLXS0BZrdm%2B5tX5foRyVoNITJz4%2ByVB9c%2F9WdBoLIGgWRtnaCSEcPTu018qgm%2FNAOhd0QQdgOwia1eTv02gFtO6IZ%2BNRBZsbs%2BMXBvwAAAP%2F%2FAQAA%2F%2F%2Flv3VjmQQAAA%3D%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 subscribestormyapprobation.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSMWwcRRSdTUJDGoKgoECcEEWQ8GX3dtd3lwiimGBkYRwrCXJDwezM7N1wuzurmd3bsyuLSGAkRC4d5fqdHQuIUNLRIKE1FMiVDwnkwu5okKgQqdGdTzL8Yv6beX%2Bk99%2F%2Fn27nJ8RGTo9W31cbMoroFb9u1y6vyYSrwtRW7tYcu25fq63JZN67VhtMDt2%2F6th%2B3X699q5gPXWlYTu27dhObVFqEarBlSkLmT5qO%2FW2Xfcadcf3MND%2Fv5vcgqEWeP%2BEPA%2FJx890f3kCySok8eObwvQylb7xTpxHNFMafb73QdJLVJEgPoOhthAme7NqKDMm5KtzUMnerAOo%2Fs6kAwRyTKzfHQTJ3kwmgv7uqdIggkgQ8Iso%2BhVEVEHSCkzdg%2BSHBGAcK7eQxA9XlC7o%2BilLJ%2ByYXHj6N2QxJheOX0ASf7cQyUHtjoryTKrEYBCWkIMKslMhzfeRbViQxT5Y9gkkJ0jiEpIfvea4LV9Q5s95XpPOeQ13fi4Qzfk5wX1bsJY777liao2UFWRYIRJDUHMOubGQSwt5aCFPLcT8qEb9dmjbzTAIXbflMcZclzG%2FNc997nqt0EbOJtqHyNIhWDQE05tI9SZ68sFh%2FS3o%2FEeYbgnDLZiMoM9LFIKgMAQFJSgkQZERFP1yl0emYcqHPDJ54MxyY5bdcqSyzjbdVVlHJGQ7PSGXpp799fQyeuKo5oVe0PZ406as2XZtz%2BW%2B3aYtjzaclmBeG0aWkOYcqLGwMRng8Z9IJ%2FmznxHQfZhoH0w%2BB5q%2FDFqMmg0btDvyWjY2ku%2BFVpnsGTHoCMO6knUzkdSZisFViTS7gGzd2o5OyEtTTVffvAjBDq6P7394%2BZ%2FqPpgukeoSH8ufCDrR1ui2KsjObVUY8uRWmslYbtDJjO9kNBPnv3lPrBdK86WbZvj1DTYhJvDRXWGyZZpwmXQM%2BXZBci70otJMkB%2BWzJoIVnPTXch1kqfLq28vLsWpFsZIlVSg8tB8ASbH5NmtL6fb%2B8qrMaSuoPMScX5AZgGpKrB0EyY9U28UgY7OaoLUQpGXI90Izh4jOSb1S78hEgfXH%2F%2Fx0Y3Pm8ugQQkj%2FvPxDG%2BbLXS0BZrdm%2B5tX5foRyVoNITJz4%2ByVB9c%2F9WdBoLIGgWRtnaCSEcPTu018qgm%2FNAOhd0QQdgOwia1eTv02gFtO6IZ%2BNRBZsbs%2BMXBvwAAAP%2F%2FAQAA%2F%2F%2Flv3VjmQQAAA%3D%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSMWwcRRSdTUJDGoKgoECcEEWQ8GX3dtd3lwiimGBkYRwrCXJDwezM7N1wuzurmd3bsyuLSGAkRC4d5fqdHQuIUNLRIKE1FMiVDwnkwu5okKgQqdGdTzL8Yv6beX%2Bk99%2F%2Fn27nJ8RGTo9W31cbMoroFb9u1y6vyYSrwtRW7tYcu25fq63JZN67VhtMDt2%2F6th%2B3X699q5gPXWlYTu27dhObVFqEarBlSkLmT5qO%2FW2Xfcadcf3MND%2Fv5vcgqEWeP%2BEPA%2FJx890f3kCySok8eObwvQylb7xTpxHNFMafb73QdJLVJEgPoOhthAme7NqKDMm5KtzUMnerAOo%2Fs6kAwRyTKzfHQTJ3kwmgv7uqdIggkgQ8Iso%2BhVEVEHSCkzdg%2BSHBGAcK7eQxA9XlC7o%2BilLJ%2ByYXHj6N2QxJheOX0ASf7cQyUHtjoryTKrEYBCWkIMKslMhzfeRbViQxT5Y9gkkJ0jiEpIfvea4LV9Q5s95XpPOeQ13fi4Qzfk5wX1bsJY777liao2UFWRYIRJDUHMOubGQSwt5aCFPLcT8qEb9dmjbzTAIXbflMcZclzG%2FNc997nqt0EbOJtqHyNIhWDQE05tI9SZ68sFh%2FS3o%2FEeYbgnDLZiMoM9LFIKgMAQFJSgkQZERFP1yl0emYcqHPDJ54MxyY5bdcqSyzjbdVVlHJGQ7PSGXpp799fQyeuKo5oVe0PZ406as2XZtz%2BW%2B3aYtjzaclmBeG0aWkOYcqLGwMRng8Z9IJ%2FmznxHQfZhoH0w%2BB5q%2FDFqMmg0btDvyWjY2ku%2BFVpnsGTHoCMO6knUzkdSZisFViTS7gGzd2o5OyEtTTVffvAjBDq6P7394%2BZ%2FqPpgukeoSH8ufCDrR1ui2KsjObVUY8uRWmslYbtDJjO9kNBPnv3lPrBdK86WbZvj1DTYhJvDRXWGyZZpwmXQM%2BXZBci70otJMkB%2BWzJoIVnPTXch1kqfLq28vLsWpFsZIlVSg8tB8ASbH5NmtL6fb%2B8qrMaSuoPMScX5AZgGpKrB0EyY9U28UgY7OaoLUQpGXI90Izh4jOSb1S78hEgfXH%2F%2Fx0Y3Pm8ugQQkj%2FvPxDG%2BbLXS0BZrdm%2B5tX5foRyVoNITJz4%2ByVB9c%2F9WdBoLIGgWRtnaCSEcPTu018qgm%2FNAOhd0QQdgOwia1eTv02gFtO6IZ%2BNRBZsbs%2BMXBvwAAAP%2F%2FAQAA%2F%2F%2Flv3VjmQQAAA%3D%3D HTTP/1.1
Host: subscribestormyapprobation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Cookie: u_pl=15595048; uid_id2=1385eac5-447a-4236-be76-ed50ec83643e:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 14:08:56 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 901e939afb88d886e1c6e0622eea892b
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash b8c6052ed734bf84fd58c7195ab1a5b1
ea61a9341359bea6920e5acd791ec4da1a5559b9
4797fa6aa93af3cf6f34512bcaa2541883e2028dbe4e033c44aaefb0a62ce4f3
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 03 Feb 2023 14:08:55 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 02 Feb 2023 22:25:42 GMT
Expires: Fri, 03 Feb 2023 22:25:42 GMT
ETag: "ea61a9341359bea6920e5acd791ec4da1a5559b9"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 03 Feb 2023 13:44:08 GMT
expires: Fri, 03 Feb 2023 15:44:08 GMT
cache-control: public, max-age=7200
age: 1488
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash dcd24c1e2608c898c773dc0111abe0a0
8236127f4dff61add0a73bbb45c50166aa68ebab
e6710626d21fb587f3d88913eef1db464b07a4903ed1397a4a9bd68d9171123d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 14:08:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
142.250.74.46200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1429)
Hash 2354fa28c58e16af89e7da6224aeca93
6bd3430a81730ed77c5d53f5406ddb40306ecabd
dc35ae752b7be035bd3a3bd4ae205e41afce5fa8f88e1bfe0e9524610df10f3b
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20950
date: Fri, 03 Feb 2023 14:08:56 GMT
expires: Fri, 03 Feb 2023 14:08:56 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "03884666a30c671f"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 89693a781b6fd4661b5135e995c020e0
31556087e2debc22777fa52b4d3b61f97ad3f4c2
566e15d9c91a95c23293a34abb7456037353f2abd75ed440d38ca880d3c42099
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 14:08:56 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 06:34:07 GMT
Expires: Tue, 07 Feb 2023 06:34:06 GMT
Etag: "31556087e2debc22777fa52b4d3b61f97ad3f4c2"
Cache-Control: max-age=317709,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793bbdcfa9ed1c0a-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0c15fd84f4711d994724c35236542194
c47d77fe5b373a86bd9a116bd8baac07ec746add
a210a4599baaa980674b456f020282cd470559b319be263fdcf9eaec7cff0d3b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 14:08:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de26603d2dd53bbc97ab84a98a423fc8
0ef00c310251712fe1993300278436541a835629
a751738f67caaaf0a6be71b9a542dc444fe76fa18cadbaa963090627d01e894d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A751738F67CAAAF0A6BE71B9A542DC444FE76FA18CADBAA963090627D01E894D"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4843
Expires: Fri, 03 Feb 2023 15:29:39 GMT
Date: Fri, 03 Feb 2023 14:08:56 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de26603d2dd53bbc97ab84a98a423fc8
0ef00c310251712fe1993300278436541a835629
a751738f67caaaf0a6be71b9a542dc444fe76fa18cadbaa963090627d01e894d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A751738F67CAAAF0A6BE71B9A542DC444FE76FA18CADBAA963090627D01E894D"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4843
Expires: Fri, 03 Feb 2023 15:29:39 GMT
Date: Fri, 03 Feb 2023 14:08:56 GMT
Connection: keep-alive
cdn.cloudimagesb.com/si/83/3d/e5/833de546c56c331bebb4de53b31dba05/1669388537.png
45.133.44.10200 OK 78 kB URL HTTP/2 cdn.cloudimagesb.com/si/83/3d/e5/833de546c56c331bebb4de53b31dba05/1669388537.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash b5363f9084c2365d15b9c8524ef0bad7
61bb4d49ffa7276b01447c15de4f4f9fc3da3c79
7939092319490c3a974f459a094ead8ab72bdc3915af2956c1fba6cf489d732a
GET /si/83/3d/e5/833de546c56c331bebb4de53b31dba05/1669388537.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 14:08:56 GMT
content-type: image/png
content-length: 78101
server: nginx/1.17.6
last-modified: Fri, 25 Nov 2022 15:02:26 GMT
etag: "6380d902-13115"
expires: Sun, 05 Feb 2023 14:08:56 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 14:08:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de26603d2dd53bbc97ab84a98a423fc8
0ef00c310251712fe1993300278436541a835629
a751738f67caaaf0a6be71b9a542dc444fe76fa18cadbaa963090627d01e894d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A751738F67CAAAF0A6BE71B9A542DC444FE76FA18CADBAA963090627D01E894D"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4843
Expires: Fri, 03 Feb 2023 15:29:39 GMT
Date: Fri, 03 Feb 2023 14:08:56 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 14:08:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/js/script.js
172.64.167.9200 OK 713 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/js/script.js
IP 172.64.167.9:0
Hash 0818876dc36ba415b2c4f3ab88fde7e6
70ce20e165045bb58345adad497ed75d397e3187
56c1ab5917cd546aaec0117a4e652a479057521b70c50abf1813aa19a87b1fa6
GET /sb/ssp/utility/social-media/facebook/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://torrent-indir.net
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 14:08:56 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpSBrU9eBSCw3fg%2F0AIzzpfO%2BKpF3Jf%2Bd4YjTlY2wO58xq7DCnu2Bfrk2byjHA3ORMpmc3TsPD01KQgKjpkMy5%2BVXQsxBJLgeepVbOzWu67ZeHn6chpvthPHZ7cJVK3P%2FzzMfrbQbQnQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793bbdd08f4cf3ef-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/style.css
172.64.167.9200 OK 2.0 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/style.css
IP 172.64.167.9:0
Hash 91ee83b4a5235955642ed14cccc1506f
67a5704f6806e291c6ae9293915fc6ce4462c02b
fbc20edc6361e55360b5e9221bd1fa6c541be9386ae4b75565fbc9df839808b4
GET /sb/ssp/utility/social-media/facebook/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://torrent-indir.net
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 14:08:56 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:19:14 GMT
etag: W/"6128d842-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Pc8a0FnWr2KBM6pH3zyMYn6L%2FQtThJvWm1JJSNF89Ap05pLlkCU%2BP7HfJVTJ0jnkDkskeJ9JDH6OFDw1mJeuyTxCxDYFoI4GxInWORNW8Qw8Rbs%2FCipYGn23b%2BK69MVSWU%2BbMwKNi%2BG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793bbdd08f52f3ef-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 14:08:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 14:08:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
torrenthane.net/wp-content/uploads/torrenthane-oyun-indir.png
188.114.97.1301 Moved Permanently 0 B URL HTTP/2 torrenthane.net/wp-content/uploads/torrenthane-oyun-indir.png
IP 188.114.97.1:0
GET /wp-content/uploads/torrenthane-oyun-indir.png HTTP/1.1
Host: torrenthane.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 03 Feb 2023 14:08:53 GMT
location: https://torrent-indir.net/wp-content/uploads/torrenthane-oyun-indir.png
cache-control: max-age=3600
expires: Fri, 03 Feb 2023 15:08:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jcOtUHaQ2Zfiqb2ZU8U9Lfdhvxbfu2xV7gYi%2BzDoJ7MSzAlnZKfFsnBzkCDQ9%2Be4hudjbKdVpBiSpGLrF%2FCmhr%2FlIABc9v8casGsznQJCJZHzhq8%2BRBDAZGfSsN1VMRA8Kk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793bbdc0aa0cb4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/img/close.svg
172.64.167.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/img/close.svg
IP 172.64.167.9:0
GET /sb/ssp/utility/social-media/facebook/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 14:08:56 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:13:59 GMT
etag: W/"602549b7-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 6913082
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Np8B8VVf29aoDaZTJf73z8eiXdVw8VTBcv2l%2BMLFVU6B0GhACCpSsmho4zISIOjZOzGzqSQH8UAw4%2FabzlYTBt6MpYOTQo0OKmxhuGSrm0gbOoywZ4x11G1ympsHvZwZ%2BZcibmbthwMf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793bbdd0af5ef3ef-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.106:0
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 14:08:56 GMT
date: Fri, 03 Feb 2023 14:08:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
torrenthane.net/wp-content/uploads/torrenthane-program-indir.png
188.114.97.1301 Moved Permanently 0 B URL HTTP/2 torrenthane.net/wp-content/uploads/torrenthane-program-indir.png
IP 188.114.97.1:0
GET /wp-content/uploads/torrenthane-program-indir.png HTTP/1.1
Host: torrenthane.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 03 Feb 2023 14:08:53 GMT
location: https://torrent-indir.net/wp-content/uploads/torrenthane-program-indir.png
cache-control: max-age=3600
expires: Fri, 03 Feb 2023 15:08:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0hQReiPbrWSwmXCyWC9xBAgLJepe0UEVpynR987W5suW0JYIj3QedOuZtFuaYO4XWnzUT6hsPFiMRv%2FO4%2B1aOV1bQ41KkiSKzHtaYArs6VFuCZEm2F%2FU74XLLtBYjDwfdA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793bbdc099efb4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.statcounter.com/counter/counter.js
104.20.219.77200 OK 0 B URL HTTP/2 www.statcounter.com/counter/counter.js
IP 104.20.219.77:0
GET /counter/counter.js HTTP/1.1
Host: www.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 14:08:56 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 02 Feb 2023 16:16:17 GMT
etag: W/"63dbe1d1-aa70"
expires: Fri, 03 Feb 2023 22:52:52 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 11764
server: cloudflare
cf-ray: 793bbdd01b25b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/animate.css
172.64.167.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/animate.css
IP 172.64.167.9:0
GET /sb/ssp/utility/social-media/facebook/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://torrent-indir.net
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 14:08:56 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwKooBuYv7Xcg8bIGl8kFq45bkDxqTT9xbbBMwbfOA4NzkFszsbPe%2BkE3ruu3MBOADxvae71XCKgb9JDp42TKZgek4HjeBmwtL%2FlnzqDPlKobHcB%2BB5fEPPbSRml5gvXPtjvdVODnJPi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793bbdd09f59f3ef-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
45.133.44.4200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://torrent-indir.net
Connection: keep-alive
Referer: https://torrent-indir.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 14:08:56 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 09:27:09 GMT
etag: W/"602f846d-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 03 Feb 2023 15:08:56 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2